2003 01 09


                    LINUX NEWS
            http://www.Cramsession.com
           January 9, 2003 - Issue #114


TABLE OF CONTENTS

1) Sean’s Notes

2) Linux News

NT Taking a Cue From Unix?
Linux Can Do Hot Backups Of Oracle
Linux to Beat MacOS?
Some Linux Myths

3) Linux Resources

Concurrency For Grown-ups
Email Sanitizer
Free Backup Software
Slack Packaging
Red Hat Performance Tuning

4) App o’ the Week

~~~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~~~

Serebra Learning Corporation knows that it’s true: you get paid more if you have the skills. Learn at your own pace with our dynamic training programs for the skills needed to succeed in today’s IT market. The Best Way to Learn Anything, Anywhere, Anytime. Check out this month’s specials!

http://ad.brainbuzz.com/?RC153&AIY05







For information on how to advertise in this newsletter
please contact mailto:adsales@CramSession.com or visit
http://cramsession.com/marketing/default.asp

-------------------------
1) Sean's Notes
-------------------------

In days of old (or so it seems), before cable modems and ADSL,
people connected to the Internet over modems. The most popular
way to do that was to use a protocol called "PPP", or the Point
to Point Protocol. PPP encapsulates your packets over a serial
line (i.e. a telephone line) so that they can travel from you
to your ISP over the telephone company's voice network.

Setting up Linux for PPP is surprisingly easy. The main
component is "pppd", the PPP daemon. Generally, any program that
ends in 'd' is a daemon, a program that runs silently in the
background performing a task. Other examples are xinetd, sshd,
in.telnetd, ftpd, and httpd. pppd can also call external
programs to help you set up the connection, such as to dial the
modem. Some ISPs require you to log in through a text interface,
some use ppp's natural authentication mechanisms. "chat" is the
component that takes you from modem dial to the PPP protocol.

Configuration for pppd generally lives in /etc/ppp. You'll see a
few files in there already, but don't worry about them. The
first thing to do is create our chat script, which will take
care of dialing my ISP. Chat scripts, in their simplest form,
are a series of "When I get this, do that" commands. So, I
created /etc/ppp/chat-test as follows:

ABORT "NO CARRIER"
ABORT "NO DIALTONE"
ABORT "ERROR"
ABORT "NO ANSWER"
ABORT "BUSY"
"" "at"
OK "at&d0&c1"
OK "atdt5551111"
CONNECT ""

The first five lines are things to look for that will cause the
script to abort, rather than complete successfully. Since
"ABORT" is on the left, it just tells chat that if this ever
comes up, to abort. If the line is busy, I don't want PPP to try
to authenticate to nothing, do I? After that, it's your basic
modem commands. I wait for nothing, and send "at". From that, I
should get "OK", at which point I send my initialization string.
"OK" follows, I dial the modem, and I'm done when I see
"CONNECT". This implies that I'm going to rely on PPP's
authentication method, which is PAP or CHAP.

PAP and CHAP are authentication protocols (the AP part), and are
either plain passwords, or challenge-handshake (take a guess
which is which). PAP passwords pass in cleartext, CHAP in
encrypted format. Normally this is something to be concerned
about, but since the password travels over the phone line, I'm
not too concerned about which I choose. Setting them up is the
same.

/etc/ppp/pap-secrets and /etc/ppp/chap-secrets hold the
authentication tokens (ie username/passwords). Since pppd can be
both a client and a server, and you can connect to multiple
servers, all the secrets (passwords) are stored in the same
place.  The format for dialin users is simply:

username	\*	password	\*

If you knew the name of the remote server, you could put it in
place of the first star, but in most cases, this is all you'll
ever have.

So far, we've got a chat script to connect us to the ISP, and
our username/password is taken care of. All that remains is the
configuration of pppd itself.

There are several ways you can invoke pppd. We're going to set
up a peer, and direct pppd to call the peer. We could also set
up a global configuration, or even one specific to the modem.
The peer way lets us keep our ISP's configuration separate from
anything else, such as other ISPs or your PPPoE connection on
ADSL.

/etc/ppp/peers is a directory containing your peer
configurations. The configuration files for pppd are a series of
keywords followed by an option. Order doesn't matter at all. I
created a file called "test", to refer to my "test" ISP:

ttyS2 38400 crtscts
connect '/usr/sbin/chat -v -f /etc/ppp/chat-test'
noauth
user sean
defaultroute

The first line tells pppd what my modem is, and what options to
use. Here, I have ttyS2 (AKA COM3), a locked port speed of
38400, and hardware flow control (crtscts). The second line
tells pppd to use chat to do the connection, and I'm passing the
name of the script. -v is "verbose", a good idea to have set the
first few times you connect. noauth isn't what you think it
might be, it says that you aren't requiring that the remote end
authenticate itself to you. However, the remote end will almost
certainly want you to authenticate itself to it, something that
we already covered in pap-secrets.

"user sean" simply says that pppd is to present the credentials
for sean (from either pap-secrets or chap-secrets), and nothing
else. defaultroute means that pppd will install a default route
to the other end. Since it's likely that we'll be using this
line to connect to the Internet, a default route is a good
thing. If you were connecting to a remote LAN, you would likely
just set up a static route.

Once pppd has successfully brought up a connection, it runs the
/etc/ppp/ip-up script. If you wanted to set some routes,
firewall rules, or anything else, here is where you'd do it.

Finally, to make the call, log in as root, and run:

pppd call test

You can watch /var/log/messages for the status. If all goes well:

# ifconfig ppp0
ppp0  Link encap:Point-to-Point Protocol
      inet addr:10.0.9.3  P-t-P:10.0.0.2  Mask:255.255.255.255
      UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
      RX packets:4 errors:1 dropped:0 overruns:0 frame:0
      TX packets:5 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:3
      RX bytes:40 (40.0 b)  TX bytes:58 (58.0 b)

And to disconnect:

# killall ppppd

Two problems usually surface. The first is that your chat script
doesn't do its job. Checking /var/log/messages should show that.
For most ISPs, you want to get all the way to the CONNECT
message before pppd takes over. The second is, of course,
passwords. Once again, messages will show a line like:

localhost pppd\[18700]: Remote message: Authentication failure
localhost pppd\[18700]: PAP authentication failed

That, my friends, is setting up a PPP connection! Pretty easy, eh?

For those looking to test this out in a lab environment, the
following link might be helpful for simulating the ISP:

http://www.cisco.com/en/US/tech/tk713/tk507/technologies_configurat
ion_example09186a0080093c31.shtml


Long live the Penguin,

Sean
swalberg@cramsession.com


-------------------------
2) Linux News
-------------------------

--------------------------
NT Taking a Cue From Unix?
--------------------------

The shell is arguably one of the reasons Unix is so powerful
(the other being that there are no blue screens). Looks like
Microsoft is looking to build a powerful shell of its own,
based on this job posting.

http://www.jobsahead.com/search/jobdesc.html?id305


----------------------------------
Linux Can Do Hot Backups Of Oracle
----------------------------------

The thing that scares me about most backups is when it comes
to databases. Oracle has announced that it supports hot
backups under Linux, meaning you can perform a backup with
zero downtime. Outstanding work.

http://newsforge.com/newsforge/03/01/02/2244205.shtml?tid#


--------------------
Linux to Beat MacOS?
--------------------
According to these predictions, Linux will overtake MacOS as #2
desktop sometime in 2003. While I treat it with a bit of
skepticism, it's still good news!

http://zdnet.com.com/2100-1104-979064.html


----------------
Some Linux Myths
----------------

Here's one person's account of his switch to Linux, and some of
the things that he believes are myths. The comments attached to
the article are also very enlightening.

http://newsforge.com/newsforge/03/01/04/1221251.shtml?tid


-------------------------
3) Linux Resources
-------------------------

-------------------------
Concurrency For Grown-ups
-------------------------

Throwing more processors at a problem doesn't always help. This
article goes over one of the core issues, namely concurrency.
There are also several links to further reading.

http://www-106.ibm.com/developerworks/linux/library/l-sc5.html?t=gr
%2clnxw06=concur4grown


---------------
Email Sanitizer
---------------

Procmail is a wonderful tool for managing email. This piece of
software is a truly excellent sanitizer, which lets you enforce
attachment policy on your users. After using a very similar
method at another place, it significantly reduced the number of
email viruses that got through this first line of defence.

http://www.impsec.org/email-tools/procmail-security.html


--------------------
Free Backup Software
--------------------

I've never used Arkeia myself, but I thought I'd pass along
this offer of a free, single machine licence for Linux and other
operating systems. It seems to have the features one would look
for in a network backup system, so give it a whirl and let me
know how you liked it.

http://www.arkeia.com/downloadlight.html


---------------
Slack Packaging
---------------

Slackware has a refreshingly simple packaging system based on
tarballs. This article goes over the basics of managing your
packages, and how to create your own.

http://www.ilug-cal.org/node.php?id


--------------------------
Red Hat Performance Tuning
--------------------------

I'm really loving IBM's Developer Works site. Here is a tutorial
on tuning your Red Hat distribution. There is some good advice
here, including stuff on disks and kernel compilation.

http://www-105.ibm.com/developerworks/education.nsf/linux-onlinecou
rse-bytitle/381A3EFB90955B5986256C1C0078EECC?OpenDocument


-------------------------
4) App o' the Week
-------------------------

Undeleting a file in Unix is incredibly painful, if not
downright impossible. This program is a series of utilities,
some which replace standard unix commands, that can move files
to a "trash can" rather than deleting them outright. It's also
intelligent about the matter, by skipping over things like core
dumps and temporary files.

http://207.50.50.24/open_source/projects/trashcan/index.htm


-------------------------
(C) 2003 BrainBuzz.com, Inc. All Rights Reserved.
-------------------------
-------------------------

          This message is from CramSession

You are currently subscribed to the following list
   Hottest Linux News and Resources
   as: sean@ertw.com

To un-subscribe from this newsletter by e-mail,
   send a blank email message to:
   mailto:leave-linuxnews-3825955Y@list.cramsession.com

To subscribe to this newsletter and many others visit
our site at:
http://newsletters.cramsession.com/signup/default.asp

-------------------------------------------------------