November 1st, 2001, 08:26 PM
Linux Web Server
My latest educational undertaking has been to set up a Linux web server using Apache. I just discovered that when you install Red Hat 7 as a web server, you don't get the graphical interface bawling, so I have been doing this in what is essentially Unix, which I have never touched before. It will be connecting to the internet through my LAN, which is already configured and ready.
With that in mind, on to my questions (Yes, more than one).
How do you configure a Linux box to participate on a network through the command terminal?
How do I lock this thing down against hackers? I need to know any firewalls I may be able to use, any special configurations in Apache I might want to know about, and any holes in Linux I need to watch out for, and how to close them.
How the hell do you save changes to a text file after editing it in Vim? Supposedly it should save the changes if you exit with :q, but it won't exit. It wants me to discard the changes by exiting with :q!. (this one has me frustrated)
What else might I need to know?
I'm also looking into some Unix books, so if you could recommend any good ones, I would appreciate it. I'm especially looking into the "For Dummies" series.
November 1st, 2001, 08:39 PM
In RedHat there is a tool called netcfg, netconf, or netconfig. I can't remember the exact name. You can use this at the command line to easily set up networking. If that doesn't work you may need to read the networking HowTo's. To save a change in vim you need to use :wq
Hope this helped at least a little.
Warfare is the Way of deception.
-Sun Tzu \"The Art of War\"
November 1st, 2001, 08:57 PM
You need to write the changes in vi before you can exit - :w to write and then :q to quit.
Networking in linux is pretty easy to setup - if you have a dhcp server on your network (and if you don't, you should!) then dhcpcd eth0 (or whatever nic your connecting to the network with) should grab an ip - assuming your using dhcpcd - i'm not sure if red hat uses it or pump, in which case it would be pump eth0 (i think). If you need to manually set the address you can do this with ifconfig (man ifconfig) or use linuxconf - whichever you find handiest.
Locking down your box is best done with iptables - if you didn't install them originally you'll need to recompile your kernel to use them - i don't think i'm the person to tell you about such complex operations as this so i'll pass you over to my good friend http://www.linuxdoc.org - do a search for iptables (and networking for that matter - i'm not the best at explaining things!)
As for books, i think its pretty hard to go wrong with anything by http://www.oreilly.com/ - they have an extensive catalogue of linux books.
November 1st, 2001, 09:08 PM
maybe i've just always used a different version of vi, but to insert text when you are in command mode you hit 'i' to insert and 'a' to append. and to save and exit i always type ':x'
is Vim a different editor than vi? if so i'm not familiar with vim, so sorry.
November 1st, 2001, 09:20 PM
November 2nd, 2001, 05:20 AM
Actually, I think you mean Bastille
November 2nd, 2001, 08:19 AM
Try WebMin for administration if you don't know *nix, it's a good interface to most of the admin stuff that you can see and modify from your browser, I'd recommend using the ssl option and limiting who can access from where as well.
Webmin can be found .. http://www.webmin.com
November 2nd, 2001, 10:28 PM
Yep thats the one!
Originally posted by ammo
Actually, I think you mean Bastille
November 3rd, 2001, 06:18 PM
I would recommend using 'pico' or 'joe' to do your text editing since you are just starting off.
Now I'm not sure whether Red Hat doesn't install a GUI if you set it up as a webserver or it just doesn't boot into it. Check for installed packages like XFree86 and verify what it did. If those exist, just modify the file /etc/inittab and change the value of the a line that will read *:3:* to *:5:*.
Moreover, if your familiarity with Linux is strictly graphic-based and Red Hat hasn't installed a GUI Server (such as XFree86), then I'd recommend installing these packages from your CDs, along with your favorite WMs. Then as you gain more experience, you can remove the GUI or change it back to boot into a text login.
November 11th, 2001, 06:40 AM
Ok, I got the Bastille part, now where do I get it? Can I get it for free, or do I have to pay for it? A free firewall would be preferable, considering I'm doing this on an extremely tight budget. I'm trying to see if I can do this without spending any money at all (besides hardware costs). So far, so good.
Also, does anybody have any experience with Securepoint Firewall Server? If so, what do you think of it?