2 ervthseis anaforika me to arthro soy sto mag34

[Alexandros Papadopoulos]

(cc'ing th lista gia perissoteres pi8anothtes swstwn symboulwn)

On Monday 24 November 2003 08:57, you wrote:
> Agaphte Alejandre
>
> Anaforika me to arthro sou sto mag34 me thema
> Host/network security exv 2 apories, prvta apola eimai
> kainoyrios ston xvro tvn linux kai dysthxvs den gnvrizv polla.
> Etsi euelpistv oti isvs boreis na me bohtheiseis ean exeis ton
> xrono kai thn diathesh, panv apola
>
> 1) sto section soy 2.3 Firewalls
> thelhsa kai egv na akoloythsv toys kanones soy me titlo
> #### ÃÅÍÉÊÅÓ ÐÑÏÖÕËÁÎÅÉÓ #####
> ostoso parathrhsa oti otan grafeis sto shell p.x
>
> /bin/echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
>
> to icmp_echo_ignore_all tha parei thn timh '1' mexri na kanv
> reset to pc meta thn xanei.
> Prospathsa na brv kapoio arxeio poy na fortvnontai oles moy oi
> entoles sto boot kai katelhxa sto rc.local
> * Ekei toys grafoyme ?. kai ean nai ekei tha grapsv kai toys
> kanones sou me titlo
> ##### ÅÎÅÑ×ÏÌÅÍÁ ##### kai #### LOGGING #### ?

Mia xara einai to rc.local. An eisai 200% paranoikos, 8a se apasxolei to 
oti ekteleitai AFOY treksoun ola ta alla scripts, pou shmainei oti 
exeis pi8anws networking gia merika deyterolepta xwris firewall. An 
eisai pistos akolou8os tou Murphy, 8a 8eleis na shkwneis firewall prin 
energopoihseis to networking. Se ayth thn periptwsh, koitas mesa sto /
etc/rc3.d/ (an to runlevel pou xrhsimopoieis synh8ws einai to 3 - kane 
ena
# grep default /etc/inittab
gia na deis poio einai to default runlevel sou.)

Koitazontas mesa se ekeino to directory, blepeis pote shkwnetai to 
networking, kai fyteyeis ena script me mikrotero ari8mo, pou trexei ta 
firewall rules.
Px. an exeis kati san S55networking, swzeis ta rules se ena executable 
script sto /etc/init.d/ipt_firewall kai ftiaxneis ena symbolic link pou 
deixnei se ayto apo to /etc/rc3.d me:
# ln -s /etc/init.d/ipt_firewall /etc/rc3.d/S54ipt_firewall

> * uparxei dynatothta na svsv ola ta rules se ena allo script
> kai meta na borv na to "fvnazv" sto boot ? Ean nai pvs ginetai ?

Opws eipame parapanw, kai nai, aytos einai o kalyteros tropos na 
fwnazeis ta rules. Oxi ena-ena apo diaforetika merh, ola ayta kalo 
einai na ektelountai mazi, san ena script.

> 2) grafeis se kapio shmeio gia merikh apenergopoihsh tou x11
> vste na mhn borei kapios alos apo to diktyo na dei ti
> plhktrologv. xrhsimopoiontas thn entolh:
>
> startx -- -nolisten tcp
>
> tha borouses na mou peis se pio script vrisketai auth h entolh
> grammenh etsi oste na prosthesv to "-- -nolisten tcp"
> giati emena einai sto "listen"
>
> note: xrhsimopoiv ta mandrake 9.1 kai uparxei kai to ksysv.

De xreiazetai na ksereis pou einai to startx, apla na pros8eseis ena 
alias sto shell sou wste na to kaleis me th parametro --nolisten (se 
periptwsh pou den einai etsi by default - px Debian)

An exeis Mandrake, mallon xrhsimopoieis grafiko login manager, opote 
eksartatai apo POIO login manager exeis, kai pws mporeis na ton peiseis 
na stamathsei na akouei gia syndeseis. De xrhsimopoiw GDM/XDM/KDM ktl, 
opote de kserw thn apanthsh. Google, man, isws na sou pei kanenas allos 
sth lista pou kserei.

> 3) xekarfvto :) anaforika me divx, katebasa ton mplayer 1.00pre2
> kai thelv na kvdikopoihsv ton hxo me to lame, exv toys headers
> tou lame toys opoious kai antigrafv sto idio directory me to
> mplayer1.00 alla dokimazontas thn entolh
> ./configure apo ton mplayer blepv sto o/p oti den exv lameopts
> uposthrixh.

An 8ymamai kala pisw ston 14o aiwna pou ekana compile to mplayer (twra 
apolambanw to apt-get :-), eprepe na exeis egkatesthmenh olh th 
liblame, oxi apla ta headers sto directory tou mplayer. Kane prwta 
configure, make+make install th liblame, trekse kai ena #ldconfig kalou 
kakou, tsekare oti opou paei kai mpainei h lame, anaferetai sto
/etc/ld.so.conf kai ksanakane configure ton mplayer.

Kalh tyxh! :-)

-A