Jump to content

magikman

Members
  • Content Count

    63
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by magikman

  1. I am currently setting up a DNS server for several domains that i own and i would like some input from you all on my configuration options, etc. The domains have been replaced by example.com example1.com and example2.com.

     

    Okay, first my options file:

    options {
    	directory "/etc/bind";
    	allow-query { localhost; };
    	allow-recursion { 127.0.0.1; };
    	listen-on { <IP of Server>; };
    	allow-transfer { none; };
    	auth-nxdomain yes;
    
    };

     

    named.conf:

    // If you are just adding zones, please do that in /etc/bind/named.conf.local
    
    include "/etc/bind/named.conf.options";
    
    // prime the server with knowledge of the root servers
    zone "." {
    	type hint;
    	file "/etc/bind/db.root";
    };
    
    // be authoritative for the localhost forward and reverse zones, and for
    // broadcast zones as per RFC 1912
    
    zone "localhost" {
    	type master;
    	file "/etc/bind/db.local";
    };
    
    zone "127.in-addr.arpa" {
    	type master;
    	file "/etc/bind/db.127";
    };
    
    zone "0.in-addr.arpa" {
    	type master;
    	file "/etc/bind/db.0";
    };
    
    zone "255.in-addr.arpa" {
    	type master;
    	file "/etc/bind/db.255";
    };
    
    // zone "com" { type delegation-only; };
    // zone "net" { type delegation-only; };
    
    // From the release notes:
    //  Because many of our users are uncomfortable receiving undelegated answers
    //  from root or top level domains, other than a few for whom that behaviour
    //  has been trusted and expected for quite some length of time, we have now
    //  introduced the "root-delegations-only" feature which applies delegation-only
    //  logic to all top level domains, and to the root domain.  An exception list
    //  should be specified, including "MUSEUM" and "DE", and any other top level
    //  domains from whom undelegated responses are expected and trusted.
    // root-delegation-only exclude { "DE"; "MUSEUM"; };
    
    include "/etc/bind/named.conf.local";

     

    named.conf.local:

    zone "example.com" {
    	type master;
    	file "example.com";
    	notify no;
    };
    
    zone "example1.com" {
    	type master;
    	file "example1.com";
    	notify no;
    };
    
    zone "example2.com" {
    	type master;
    	file "example2.com";
    	notify no;
    };

     

    example.com

    @	   IN	  SOA	 example.com.	root.example.com. ( 
    							2007032401
    							28800
    							86400	
    							2419200
    							604800 ) 
    
    	IN	  NS	  ns1.example.com.
    	IN	  MX	  10	  mail.example.com.
    
    ns1.example.com		 IN	  A	   <IP of server>

     

    example1.com

    @	   IN	  SOA	 www.example1.com.	 root.example1.com. ( 
    							2007032001; Serial
    							604800	; Refresh
    							86400		; Retry
    							2419200; Expire
    							604800 )	 ; Default TTL
    
    	IN	  NS	  ns1.example.com.
    	IN	  MX	  10	  mail.example.com.
    
    ns1.example.com		 IN	  A	   <IP of server>

     

    example2.com

    @	   IN	  SOA	 www.example2.com. root.example2.com. ( 
    							2007032001; Serial
    							604800	; Refresh
    							86400		; Retry
    							2419200; Expire
    							604800 )	 ; Default TTL
    
    	IN	  NS	  ns1.example.com.
    	IN	  MX	  10	  mail.example.com.
    
    ns1.example.com		 IN	  A	   <IP of server>

     

    As you can see the dns server will be authoritative for all three domains. I am also going to be putting up a mail server in the near future and would like to serve mail for all three domains from the one server (mail.example.com). If there is anything wrong with these definitions, or if there is something that can be done better, please let me know. :)

    • Like 1
  2. Which OS did you install last? If you installed XP last, the XP bootloader wrote over grub (linux boot loader). If this is the case, you will have to reinstall grub and configure it to boot linux and XP.

  3. I am not an expert with windows networking, but i would say child doamins for the remote locations would be a good choice. If this isn't an option due to budget constraints, I would say that you should upgrade your connection if you are going to host the PDC remotely. If this isn't an option, perhaps there is some sort of compression that you could use on the VPN link to help with the load. OpenVPN has good real-time compression support.

     

     

    Sorry for the shameless plug, but i would recommend using pfsense for your firewall rather than ipcop. pfsense has much, much more power than ipcop. www.pfsense.com check it out!

  4. Sorry it has taken me so long to respond to these posts, I have been busy and haven't had the time. I say that it is a much, much more robust firewall solution due to the MANY features available on this platform that just are not available on (a stock) smoothwall install. For instance, with pfsense you have dual-wan with auto fall over support, smoothwall (the last time I looked) can't even do this. Pfsense also has support for traffic shaping out-of-box, again, smoothwall doesn't. In addition to these features, it also has support for incoming load balancing, outgoing load balancing, CARP , etc. If you don

  5. I am a BSD person, and as such, i would like to recommend pfsense. It is based off of FreeBSD 6.X and is, in my opinion, a much, much more robust and secure firewall solution than what smoothwall will ever be. Before you say that i haven't tried smoothwall, i have. Look at both solutions before you make your decision.

  6. Just Installed Ubuntu 6.06LTS, from a downloaded ISO. was connected to the net during install and all looks good, I have used "Synaptic package manager" to add some bizzo and ticked all the repository boxes so I could get Aircrack and Kismet instaled. That much was surprisingly easy for someone who has only ever installed fedora and red hat, but never been able to do much with them, however Ubuntu has my interest and I want to do more.

    I intend to do some security checking of Wlans, my own first, I am told these two apps (Aircrack and Kismet) can crack a wpa-psk in under an hour. I have downloaded the Atheros drivers for the Cisco-CB21AG pcmcia card I intend to use but am a bit stumped as to how to get them into the notebook (IBM thinkpad R52). Following the newbie guide at aircrack-ng. I would get an error message in the terminal telling me that "make" was an unknown command, so I went back into synaptic and found "make", "makedev" and "makedepend". I installed these and now make tries to run but gives me...

     

    tsp10402@SN-GHG:~/Desktop/madwifi-0.9.2$ make

    /bin/sh: line 0: cd: /lib/modules/2.6.15-27-386/build: No such file or directoryMakefile.inc:89: *** /lib/modules/2.6.15-27-386/build is missing, please set KERNELPATH. Stop.

    tsp10402@SN-GHG:~/Desktop/madwifi-0.9.2$

     

    I assume I am missing some of the kernel files but don't know what they are or how to get them installed.

     

    Thanks for any assistance.

    G.

     

    Did you try and run ./configure before trying to run make?

  7. I install samba 3.0.23 in fedora core 4,

    I've finish configuring samba, I can access the samba server from any computer(windows xp pro) in my network,

    The problem is, i cannot access my shared folder.

    This is my smb.conf file

    [shared]

    comment = shared document

    path = /shared

    valid users = lerry

    browsable = yes

     

    I already create lerry account in my linux mechine using these command

     

    [root@Testing ~]# useradd lerry

    [root@Testing ~]# passwd lerry

    New UNIX password:(lerry)

    Retype new UNIX password:(lerry)

    passwd: all authentication tokens updated successfully.

    [root@Testing ~]# smbpasswd lerry

    New SMB password:(lerry)

    Retype new SMB password:(lerry)

    [root@Testing ~]#

     

    Then I try to access shared folder and it ask for username and password,

    I entered

    username:lerry

    password:lerry

    but still cannot access the file,

     

  8. OS Name: Microsoftr Windows VistaT Ultimate

     

    I am using it now for gaming and for every day computing. the only thing i dislike about it is that canon doesn't have a driver that is compatible with my printer right now. so, i guess i will be going back to XP until that driver is available!

  9. I just typed this out, so there will most likely be a typo or 5 in it. You will also have to update some of the driver names and paths as this file was being used on a FreeBSD system.

     

    Section "ServerLayout"
    		Identifier			 "Dual Head"
    		Screen		   0   "Screen0"	 0 0
    		Screen		   1   "Screen1"	 RightOf "Screen0"
    		InputDevice		"Mouse0"	   "CorePointer"
    		InputDevice		"Keyboard0"  "CoreKeyboard"
    		Option				"OffTime"	  "10"
    		Option				"Xinerama"   "false"
    		Option				"Clone"		"on"
    EndSection
    
    Section "Files"
    		RgbPath			 "/usr/X11R6/lib/X11/rgb"
    		ModulePath		"/usr/X11R6/lib/modules"
    		FontPath			"/usr/X11R6/lib/X11/fonts/misc/"
    		FontPath			"/usr/X11R6/lib/X11/fonts/TTF/"
    		FontPath			"/usr/X11R6/lib/X11/fonts/Typel/"
    		FontPath			"/usr/X11R6/lib/X11/fonts/CID/"
    		FontPath			"/usr/X11R6/lib/X11/fonts/75dpi/"
    		FontPath			"/usr/X11R6/lib/X11/fonts/100dpi/"
    EndSection
    
    Section "Module"
    		Load				  "dbe"
    		Load				  "extmod"
    		Load				  "glx"
    		Load				  "record"
    		Load				  "xtrap"
    		Load				  "freetype"
    		Load				  "type1"
    EndSection
    
    Section "InputDevice"
    		Identifier		   "Keyboard0"
    		Driver			   "kbd"
    EndSection
    
    Section "InputDevice"
    	   Identifier		   "Mouse0"
    	   Driver			   "mouse"
    	   Option			   "Protocol" "auto"
    	   Option			   "ZAxisMapping" "4 5"
    	   Option			   "Device" "/dev/sysmouse"
    EndSection
    
    Section "Monitor"
    	   Identifier		   "Monitor0"
    	   VendorName	  "Sony"
    	   ModelName		"SDM-S81"
    	   Option			   "DPMS"
    EndSection
    
    Section "Device"
    	   Identifier		   "Card0"
    	   Driver			   "nvidia"
    	   VendorName	 "nVidia Corp."
    	   BoardName	   "MX4000 Plus"
    	   BusID			   "PCI:1:0:0"
    	   Screen			  0
    	   Option			   "RenderAccel" "true"
    	   Option			   "AllowGLXWithComposite" "true"
    EndSection
    
    Section "Device"
    	   Identifier		   "Card1"
    	   Driver			   "nvidia"
    	   VendorName	 "nVidia Corp."
    	   BoardName	   "MX4000 Plus"
    	   BusID			   "PCI:1:0:0"
    	   Screen			  1
    	   Option			   "RenderAccel" "true"
    	   Option			   "AllowGLXWithComposite" "true"
    	   Option			   "TwinView"
    EndSection
    
    Section "Screen"
    	   Identifier		   "Screen0"
    	   Device			  "Card0"
    	   Monitor			 "Monitor0"
    	   DefaultDepth	 24
    
    	   SubSection		"Display"
    							   Viewport 0 0
    							   Depth	 24
    							   Modes	"1280x1024"
    	   EndSubSection
    EndSection
    
    Section "Screen"
    	  Identifier			"Screen1"
    	  Device			   "Card1"
    	  Monitor			  "Monitor0"
    	  DefaultDepth	  24
    
    	  SubSection		 "Display"
    							   Viewport 0 0
    							   Depth	 24
    							   Modes	"1280x1024"
    	  EndSubsection
    EndSubsection

  10. What's going on?!?! I hope that everyone has had a good summer. I have been absent for quite some time now. I hope you all have been keeping things going on IRC? I have been taking a break with that... I am now single again, so i have been out whoring around. :P Any way... enjoy the rest of your summer. Peace.

  11. I thought that it would be fun for us all to have an uptime-league, so i have created one. All you have to do is go to uptime-project, create an account, join the Linux-Noob team and download the proper client for your platform - linux only please. Then install the client and edit the /etc/yasuc.conf to reflect the proper values for the account that you created. It might also be a good idea to use cron to update the time. While you are there go into your profile and get an uptime image and place it in your signature for the linux-noob forums.

     

     

    Please, no jokes about my uptime. I just installed this yesterday. :D

  12. I run several computers with linux on them....

     

     

    Main server:

    Supermicro X6DAE-G

    2 x 2.8GHz Xeons with EMT-64 support

    3ware 7506-8 RAID controller with 1.6TB of space

    1GB of Crucial PC2700 ECC

    80GB WD system drive

    running Slackware 10.1 Kernel version 2.4.29

     

    This computer:

    Asus Pundit

    1.8GHz intel P4

    512MB Crucial PC2700

    160GB WD

    Slackware 10.1 Kernel 2.6.11.9

     

    Another desktop:

    VPR Matrix (Bestbuy brand)

    2.3GHz P4

    512MB of RAM

    running Slackware 10.1 Kernel version 2.6.11.10

     

    Router/Firewall:

    Soyo Li-7000

    533MHz Celeron

    512MB Crucial PC133

    running Smoothwall Express 2.0 Kernel version 2.4.29

     

    Gamming computer:

    Asus P4P800 Deluxe

    P4 3.0GHz 800MHz FSB

    1GB Crucial PC3200

    30GB WD Raptor

    160GB removable drive

    DVD-RW Sony DRU-500

    DVD-RW Sony DRU-530

     

    Play/test computers:

    Dell GX110

    DellGX115

    GX110 has 1Ghz PIII with 256MB of PC100

    GX115 has 1GHz PIII with 384MB of PC133

     

    MS Server 2003 Test:

    ABIT IT7-MAX2 v. 2

    Intel 3.02GHz P4 (533)

    1GB Crucial PC2700

    200GB WD

     

     

    Most of these computers (with the exeption of the Linux server) are using Sony LCD displays.

    The two Linux desktops are hooked to a Sony SDM-S81, and the two windows machines are hooked to a Sony SDM-HS93/H. :o

  13. I've written a silly little script that starts an xterm session. I'd like this script to be run as soon as I log in. Where do I add the script to make this possible?

     

     

    In Slackware you would add the command used to start the session in /etc/rc.d/rc.local.

  14. commands:

     

    su -

     

    mkdir /mnt/thumb && mount /dev/sda1 /mnt/thumb

     

     

    that should make the directory /mnt/thumb and then mount the device to the directory there. You can 'cd' to that directory using "cd /mnt/thumb" and use 'ls' to list the contents of this device. If you would like the device to show on your desktop or whatever you can create a link to that device.

  15. Okay, I am trying to learn iptables. I have just built a new server that will be running samba, ssh, proftpd, and possibly apache in the near future. What i would like to do is close off all unneeded ports and only allow ports needed for my listed programs. I have been reading around on different sites about the iptables, but I would have to admit that i am a bit confused about the whole thing.

     

     

    Okay, so, if i wanted to block all ports except 20-21 what would i have to do?

     

    iptables -A -INPUT -i eth0 -sport 20:21 -j ACCEPT ??

     

    iptables -A INPUT -i eth0 -sport 1:19 -j DROP ??

     

     

    Lead me in the right direction!! please

    • Like 1
  16. It has been a while since i have burnt a .cue and .bin file in linux, but when i did i used cdrdao. It looks to me as if you don't have that installed (or possibly you just need to pick the right driver?). If you find that you do have it installed you can burn the files via command line like this:

     

    cdrdao scanbus (this will get the device ID):

     

    then issue this command (replace the device ID with yours):

     

    cdrdao write -v 2 --speed 12 --device 0,5,0 --eject whatever.cue

     

     

    If you don't have it installed you can get it here

     

    http://sourceforge.net/project/showfiles.p...package_id=2116

×
×
  • Create New...