l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
August 18: A professional photographer's view of Linux
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2005 Aug 20 15:35

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox-tech] DNS issues, security, apache
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox-tech] DNS issues, security, apache



Hey all,

Thanks for the help. Yeah, the box is in a remote
location so if I can't SSH in, I'm kinda screwed. I
knew better than to turn off sshd (that's one of the
ones I left running) even before, but yeah, I had
killed network, so that screwed me over anyway.

Fortunately I was able to physically get to it
yesterday, log in at the console, and restore remote
access by re-enabling the services I'd shut off. It
seems to be letting me in remotely just fine now.

I made a note of your clarification about the
resolv.conf file, and so I edited it as suggested.
That seems to have done the trick. Thank you.

Another question. For some reason, httpd has stopped.
When I type 

/root>service httpd restart

Stopping httpd:            [FAILED]
Starting httpd: (98)Address already in use: make_sock:
could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs
                                                      
    [FAILED]

What's this about? Why is it trying to listen on
0.0.0.0 instead of my actual IP?

Oddly enough, while the box is "up" now, it responds
only "intermittently." Sometimes it responds to pings,
HTTP requests, and SSH attempts; at other times I get
nothing on all three. I'm scratching my head.

I've made a note of the daemon list Mark has provided
and your notes on SCP. Thank you.

I do have an iptables firewall up, but it's configured
to allow SSH, HTTP, FTP, and Sendmail through. Those
are the exceptions I selected. 

I've been using the "setup" configuration tool
available at Fedora Core's command prompt to turn
services on/off and configure the firewall - is there
really a reason I need to go into rc.d and mess with
things in there directly?

Thanks again,
Matt

--- vox-tech-request@lists.lugod.org wrote:

> Send vox-tech mailing list submissions to
> 	vox-tech@lists.lugod.org
> 
> To subscribe or unsubscribe via the World Wide Web,
> visit
> 	http://lists.lugod.org/mailman/listinfo/vox-tech
> or, via email, send a message with subject or body
> 'help' to
> 	vox-tech-request@lists.lugod.org
> 
> You can reach the person managing the list at
> 	vox-tech-owner@lists.lugod.org
> 
> When replying, please edit your Subject line so it
> is more specific
> than "Re: Contents of vox-tech digest..."
> 
> 
> Today's Topics:
> 
>    1. re: DNS and security (Cylar Z)
>    2. Re: re: DNS and security (Rick Moen)
>    3. Re: DNS and security (Rick Moen)
>    4. Re: re: DNS and security (Mark K. Kim)
> 
> 
>
----------------------------------------------------------------------
> 
> Message: 1
> Date: Fri, 19 Aug 2005 21:54:31 -0700 (PDT)
> From: Cylar Z <cylarz@yahoo.com>
> Subject: [vox-tech] re: DNS and security
> To: vox-tech@lists.lugod.org
> Message-ID:
> <20050820045431.3449.qmail@web52803.mail.yahoo.com>
> Content-Type: text/plain; charset=iso-8859-1
> 
> Didn't you already post this on Thursday?
> 
> In response, I had already posted on Friday a set of
> follow-up questions that I needed answered. Let's
> recap:
> 
> 1. DNS. How will editing resolv.conf solve my DNS
> issue? My understanding is that that file is the
> configuration file for the named daemon. I'm not
> running named. Shouldn't need to. A previous install
> (Xandros/Debian) ran fine without it. It shouldn't
> be
> required, since my registrar handles incoming DNS,
> and
> outgoing lookups (websurfing) should be handled by
> my
> ISP's nameservers. What I need to know is how to
> tell
> my server where those nameservers are.
> 
> 2. FTP. Not running an anoymous server. Just need to
> upload files for my webpages. Is there a more secure
> method I can use (please specify how, don't just say
> "yes, there is")?
> 
> 3. Daemons. Where can I find a comprehensive guide
> (including non-free books) to what service does
> what?
> I don't mean a one-line description, I mean
> someplace
> that will really explain it to me in depth. Or, can
> someone at least identify the generic ones ESSENTIAL
> to my system? Remember, I use ssh to connect and am
> running http server. That's all my box does. What
> daemons are necessary besides cron, sshd and httpd? 
> 
> Thank you in advance.
> 
> Matt
> 
> > 
> > Message: 1
> > Date: Thu, 18 Aug 2005 14:56:40 -0700
> > From: Rick Moen <rick@linuxmafia.com>
> > Subject: Re: [vox-tech] DNS and security
> > To: Cylar Z <cylarz@yahoo.com>
> > Cc: vox-tech@lists.lugod.org
> > Message-ID:
> <20050818215640.GS25979@linuxmafia.com>
> > Content-Type: text/plain; charset=us-ascii
> > 
> > Quoting Cylar Z (cylarz@yahoo.com):
> > 
> > > I'm a fairly new Linux admin, running Fedora
> Core
> > from
> > > Redhat. 
> > 
> > Hi, Matt.  For a good overview, please see Linux
> > Journal editor Don
> > Marti's overview, which I just saw him mention on
> a
> > different Linux
> > mailing list: 
> >
> http://zgp.org/~dmarti/blosxom/tips/new-server.html
> > 
> > > 1. Outgoing DNS isn't working properly on my
> > server.  The box will
> > > respond properly to incoming http requests (and
> > even allowed me to
> > > host 2 virtual domains, which also respond
> > properly). However, it does
> > > NOT surf the web from the console or ping by
> > domain name. It WILL ping
> > > by IP so I know the issue is DNS and not my
> actual
> > connection per se.
> > > How do I put in the DNS info in Fedora Core? I
> > tried logging on as
> > > root, typing "setup" and entering the IP's in
> the
> > designated spaces,
> > > but no luck. Is there another way?
> > 
> > The IP-address locations of the DNS servers your
> box
> > will be consulting
> > are always recorded in /etc/resolv.conf, the
> > configuration file of your
> > host's DNS resolver library (i.e., of the DNS
> client
> > software your box
> > uses to deal with DNS questions that must be
> > referred to a DNS daemon
> > running somewhere).
> > 
> > Here's my own server's /etc/resolv.conf:
> > 
> >   search linuxmafia.com deirdre.org
> >   nameserver 198.144.192.2
> >   nameserver 198.144.192.4
> >   nameserver 198.144.195.186
> > 


"Our nation has defended itself and served the freedom of all mankind. I'm proud to lead such an amazing country and I'm proud to lead it forward."   - President George W Bush, November 3 2004

God give wisdom to our leaders. God bless America.


		
____________________________________________________
Start your day with Yahoo! - make it your home page 
http://www.yahoo.com/r/hs 
 
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.