Yup! =]

 

I've had a blog for a while, but not many people knew about it. It's got some stuff that might interest all of us linux-noobs and all sorts of other stuff. It's located on the intar-web at [/url][url=http://pth2.blogspot.com]http://pth2.blogspot.com, so check it out and tell me what you think!

 

Thanks!

How about a mac section?

 

I don't have a MAC but I have just bought an airport extreme which i am running of Windows and I thought this site may attract more visitors?

Problem Connection shareing. Everything was running fine VIA 2 NIC's and a crossover cable. Then last night i llost all net.

eth0 = internal connection

eth1 = exterior connection

I cannot get net when i activate eth0 for connection shareing. it kicks me off the net. It was working fine untill last night it hjust stopped and i didnt change any settings

Both nic cards lite up so its not a cable or hardware problem. I just dont understand this.

Any suggestions?

How about some banner ads so the user's can put ads up for Linux-Noob on their personal websites.

 

I would be happy to post a few on the sites that I manage.

 

P38

to continue.. here is a qmail + imap + ldap howto

 

[/url][url=http://www.zcentric.com/wiki/tiki-index.ph...p++Courier+IMAP]http://www.zcentric.com/wiki/tiki-index.ph...p++Courier+IMAP

 

These are way too long to post on a forum.. its much easier to format these in a wiki

OK, what with the recent grumblings over at RedHat ... and me being a "noob" ... can I still keep my RH installs, and just continue to update my kernel as per the norm, or am I going to have to blow out RH completely and switch to something else?

 

I've never been big into the RPMS and prefere compiling sources myself so thats not a big loss, but aside from that anything I should be wary of?

 

 

Thanks

If you have been following my discription of SSH, you know that you can use ssh to create an encrypted tunnel from your local machine to some other machine on the network. I have already shown a method to tunnel your pop3 traffic to get those clear text passwords off the network. I have also shown a method of redirecting your NNTP traffic through a distant machine to 1) take advantage of the distant machines access to NNTP servers that you might not have access to, and 2) encrypt and tunnel your NNTP traffic off your current network to bypass obvious firewall logs and in the case where your system administrator might not appreciate you spending time reading usenet.

 

In this discussion, I'm going to show a technique of doing a similar thing with your web browsing traffic. By using a program called Privoxy, you can redirect all of your web browsing activity across an SSH tunnel and out through a machine on another network.

 

From the Privoxy home page at: [/url]http://www.privoxy.org/ "Privoxy is a web proxy with advanced filtering capabilities for protecting privacy, modifying web page content, managing cookies, controlling access, and removing ads, banners, pop-ups and other obnoxious Internet junk. Privoxy has a very flexible configuration and can be customized to suit individual needs and tastes. Privoxy has application for both stand-alone systems and multi-user networks"

 

Using this setup, you can take advantage of Provoxy's filtering capabilities to clean up some of the crap that comes across the network and onto your browser's window. OR, you can simply turn off the filtering and take advantage of Privoxy's web proxy functionality and use it only as a means of redirecting your traffic. The choice is yours and I leave it up to you to read the detailed directions that come with Provoxy to determine how you wish to use it.

 

This configuration is as follows:

 

Install Privoxy on your remote machine. My configuration, will all the comments stripped out is as follows:

 

user-manual file:///usr/share/doc/privoxy-3.0.2/user-manual/

confdir /etc/privoxy

logdir /var/log/privoxy

actionsfile standard # Internal purpose, recommended

actionsfile default # Main actions file

actionsfile user # User customizations

filterfile default.filter

logfile privoxy.log

jarfile jarfile

trust-info-url http://www.example.com/why_we_block.html

trust-info-url http://www.example.com/what_we_allow.html

debug 1 # show each GET/POST/CONNECT request

debug 4096 # Startup banner and warnings

debug 8192 # Errors - *we highly recommended enabling this*

listen-address 127.0.0.1:8118

toggle 0

enable-remote-toggle 1

enable-edit-actions 1

buffer-limit 4096

 

The majority of these options are default. The only critical option is the "listen-address" and you notice that I have it set to listen to localhost (127.0.0.1) and listen on port 8118. A handy option, but not critical, is to set your enable-remote-toggle and enable-edit-actions so that you can change your privoxy configuration from your browser without having to edit the config files directly. More information about that is contained in the Privoxy documentation.

 

When these options are set, start privoxy on your server and turn your attention to your client machine.

 

In my case, I configured my SSH client (SecureCRT) to open a tunnel from my local machine's port 40001 to port 8118 on the remote server running privoxy. Each SSH client is different so instead of going through the steps for multiple clients, I will stick with the configuration commands as if you were using OpenSSH's command line client on your local machine.

 

The SSH command line to open a tunnel from your local machine to a remote machine and redirect traffic from local port 40001 to remote port 8118 is:

 

ssh -L40001:remote.example.com:8118 remote.example.com

 

Note: this configuration would open a local terminal from the remote machine and the connection would stay up until you closed the connection. Read the previous SSH Tips-and-Tricks for suggestions on how to put this connection into the background.

 

Once the above connection is established, open your broswer window, go to the configuration, and find the section for configuring a proxy

 

In Firefox it is: Tools -> Options -> Connection Settings

Set the option for "Manual Proxy Configuration" and an entry for HTTP Proxy and SSL Proxy that looks like "localhost" and port "40001". Privoxy will not proxy FTP or Gopher so leave those options alone. Then restart your broswer.

 

The above Privoxy configuration has Privoxy logging its activity to /var/log/privoxy/privoxy.log on your server. I suggest opening a terminal on your server, perhaps the one that holds the connection for your SSH tunnel, and run a "tail -f /var/log/privoxy/privoxy.log" in that window. As you browse, you will see activity in that logfile on your connections. This is a good test to make sure that your configuration is working. Another test is to type [url=http://p.p/]http://p.p/ into your browser address bar. If you are using Privoxy, a Privoxy status window will appear that you can also use to modify your Privoxy configuration.

 

Note: The /var/log/privoxy/privoxy.log contains a list of every url you visit. If you are concerned about privacy, and I assume you are because you have read to this point, you probably want to clear that logfile every few minutes. You might want to use a simple crontab entry that runs "> /var/log/privoxy/privoxy.log" regularly. Another solution might be to "ln -s /dev/null /var/log/privoxy/privoxy.log" and send all the output directly to null.

 

Have fun.

 

P38

OpenVPN is a SSL based, cross platform VPN package that I recently downloaded and installed on my network. I am very impressed with it. It works equally well Linux to Linux, Linux to Windows, Windows to Linux, and Windows to Windows. Two basic configurations exist. The VPN connection can be setup to bridge the client onto the remote network or the VPN can be configured as a simple route based connection. For various reasons, I avoided the bridge and went with the routable connection. The configuration is straight-forward and except for a issue that I had with my firewall on my Linux box, it worked almost out-of-the-box.

 

I have configured my Windows XP laptop to connect to my Linux server and I am able to, using a basic NAT firewall configuration on my Linux server, redirect all my traffic from my laptop through my Linux server and out to the world.

 

Linux Journal has a good writeup on OpenVPN along with some basic configuration notes. [/url]http://www.linuxjournal.com/node/7949/print

 

The main web page for OpenVPN is at http://openvpn.sourceforge.net/

 

I would be interested in hearing from everyone on their thoughts on the package. Especially if you have any configuration tricks and/or handy suggestions.

 

P38

 

My configuration files follow:

 

#On the linux server:

dev tun

proto udp

ifconfig 10.0.0.2 10.0.0.1

secret key.txt

ping 10

verb 3

mute 10

 

#On the XP laptop:

ip-win32 manual

remote 12.47.129.150

dev tun

proto udp

ifconfig 10.0.0.1 10.0.0.2

secret key.txt

redirect-gateway

verb 3

ping 10

mute 3

ping-restart 120

 

Note: While testing, you probably want to turn off the "redirect-gateway" option on the client machine. This option will remove your existing gateway and replace it with one that directs all traffic out the vpn connection. If you are not prepared for it, it can cause you problems with several things especially DNS. When the connection is dropped or you take it down, the gateway setting is set back to its previous values.

 

You also have a new network connection that is created during the install process on the XP box. The "ip-win32 manual" tells the OpenVPN software that you have set static values in the network connection settings.

 

Other links:

 

OpenVPN win32 GUI tool: http://www.nilings.se/openvpn/index.html

OpenVPN and the SSL VPN Revolution: http://www.sans.org/rr/whitepapers/vpns/1459.php

OpenVPN HOWTO: [url=http://openvpn.sourceforge.net/howto.html]http://openvpn.sourceforge.net/howto.html

Here is another howto on my wiki about setting up qmail to use ldap to store its users

 

[/url][url=http://www.zcentric.com/wiki/tiki-index.php?page=Qmail++Ldap]http://www.zcentric.com/wiki/tiki-index.php?page=Qmail++Ldap

With my new PC, which antivirus is best?

 

I have no budget (everlasting supply of money :P ) I will be using Win XP Pro.

 

My current choice is Symantec's Norton Internet Security 2002.

 

Please help me choose :)