newbie installation question (quickie)
Paul Howarth
paul at city-fan.org
Sat Feb 5 15:41:42 UTC 2005
On Fri, 2005-02-04 at 16:43 -0500, Douglas Frank wrote:
> Anyhow I'm past that point; I rebooted and this time anaconda worked.
> Must have dropped an interrupt or something the 1st time....
>
> But now I have a new question(s) on security & networking:
>
> In my efforts to get ftp, telnet etc. working (both in & out) I've found
> myself reading about all sorts of security code delivered w/ fc3.
> Kerberos, selinux, and 1 or 2 others.
>
> Now, how is all this stuff organized? Which tools are important and
> which can I ignore?
Most people don't use kerberos. If you don't know about it already, you
almost certainly don't need it (yet).
People doing new installs of FC3 are going to be trying out selinux by
default, those that upgrade most likely are not. It gives added
protection against a range of potential vulnerabilities so unless you
know of a specific problem you're likely to encounter with selinux, I'd
give it a try. You can always turn it off if you have problems.
> Secondly, I'm having a tough time getting remote access working. In
> fact the only thing I've got working is ftp (vsftpd). Neither telnet,
> nfs or the r-commands work.
Well, telnet and the r-commands are horribly insecure and turned off by
default, so that's no great surprise. ssh is what you want to be using
instead.
> NFS clients attempting to mount can't find the portmapper. According to
> the logs, the portmapper did start...
Have you set up /etc/exports and turned on the nfs service? What does
"showmount -e" say on your server box?
> From the linux box, I can't ping a thing-- either by name or by IP.
That looks bad and would account for the lack of network services,
though you did say you'd got ftp working (another protocol that sends
passwords in plain text over the network, good for anonymous file
serving but not much else), or was that just to localhost?
What's the output of:
# ifconfig -a
That should show the configuration of all of your network interfaces.
> OK,
> is either routed or gated running? No. To cut to the chase, I did a
> full disk 'find' for either routed or gated and neither was installed.
> What package did I miss?
You're not a newbie at all really, are you? ;-)
I'd be amazed if you actually needed them. Hardly anyone does. A static
route for the LAN your network interfaces are connected to plus a
default route is sufficient for the vast majority of users. There are
router daemons available if they're really needed though.
Paul.
--
Paul Howarth <paul at city-fan.org>
More information about the fedora-list
mailing list