Start again on the newbie's networking problem. Re: Need help (of course) setting up network

Wed Apr 28 04:14:02 UTC 2004

At 06:54 4/27/2004, you wrote:
>My son tells me (we are working on this thing together) that I have an 
>ethernet card and my external modem is on a serial port. Does this count?

Indeed it does! The point is that you have separate *network interfaces* 
for internal and external traffic. My home is set up the same way, 
actually: the internal network is on an Ethernet card and the ISDN modem is 
connected to the firewall's serial port. So you're Good To Go [tm].

Have you succeeded in connecting to the Internet through your serial port? 
If so, what is the name of the port? ppp0, ppp1, what?

>However, on the security issue, I don't know that hacking into our network 
>would be the most interesting exercise, as my sons both assure me that it 
>would put any self respecting hacker to sleep and their machines are full 
>of school essays and compositions and no world shattering secrets at all.

Unfortunately this is not the point. People (mostly script kiddies with no 
real knowledge using tools someone else built) *will* attempt to hack into 
your network, but they will not be looking for your data. They will instead 
be looking to brag about how many machines the "own", and they will be 
looking to launch further attacks FROM YOUR MACHINES to hide their identity 
and origin. This is, for example, how "Denial of Service" (DoS) attacks are 
performed... hack 1,000 innocent bystanders, then use their machines to 
attack your target while *never* showing your face directly. And, of 
course, the innocent bystanders get blacklisted, banned, and sometimes 
prosecuted. As if that weren't enough, some hackers use networks to spread 
either virii or spam.

So yes... you _do_ need to secure your network. Your data is irrelevant.

>At this present time I would like to just get file tranfer between the 
>machines up and running. Maybe later worry about letting them on the net, 
>after all they can use my machine to do so.

We can do both. As you are working on this, do download the latest version 
of Shorewall and read the "Two-Interface Quick Guide." I'll help you set it 
up, and they'll be on the Net very soon.

>I tried to install swat but something is missing or in another directory, 
>because when I use the rpm install thing it tells me that it can't find 
>samba 3.

In order to be able to help you better, please provide more specific 
information or just copy-paste data directly from the screen. For example, 
please show me the output of running this command as root:

# rpm -qa | grep samba

Also, try this:

# up2date samba-swat

Up2date should be able to solve any dependencies automatically for you. 
Note that the default up2date servers provided by Red Hat are usually 
swamped and kind of slow... have you switched your up2date to a mirror 
server yet? If not, go ahead and run the command anyway... it'll work 
albeit slowly, and Alexander Dalloz wrote a quick mini-HOWTO on switching 
servers that will help you later.

>I hope it explains things like samba shares and the syntax for entering 
>these mysteries. Are they things I want to share or can they be things the 
>other machine wants to share?

Samba is primarily so that your Linux machine can share information with 
others. However, there is a program called smbclient (included in Samba, 
nothing extra to fetch or install) which can access Windows shares from 
Linux, so it really provides two-way communication.

>Should I find the relevant files and copy them so you can see where I 
>stand at the present time?
>(should I change the names to protect the innnocent?)

You're welcome to post your /etc/samba/smb.conf file (please refer to 
filenames with paths... it's easier for those of us not able to see your 
screen). I suggest you run this command (as root, indicated by the # prompt):

# cat /etc/samba/smb.conf | grep -v ^#

The "grep" command is a search. The "-v" parameter tells it *not* to return 
lines which contain the search string, and "^#" means lines that start with 
a #. The ^ represents the start of the line. So, cat the file and show only 
those lines that do *not* start with a #. That will cut out all the 
comments and make the file much easier to put in an email message. Also, 
show me this:

# ifconfig -a
# chkconfig --list

All that we are doing is not that hard... you are just starting from 
scratch. Do not worry... we'll get you straightened out.

Cheers,

-- 
Rodolfo J. Paiz
rpaiz at simpaticus.com
http://www.simpaticus.com