Cramsession Linux Newsletter

home

Jan 16 2003

                    LINUX NEWS
            http://www.Cramsession.com
          January 16, 2003 -- Issue #115

TABLE OF CONTENTS

1) Sean’s Notes

2) Linux News

Keeping Ahead of DNS Attacks
Yet Another Distributed Cracking Effort
Linux In Schools
Mandrake Files for Bankruptcy Protection

3) Linux Resources

Setting Up SSL Keys
Mason Book Online
Hyper-Threading Explained
Watching A Honeypot At Work
Only By Special Request

4) App o’ the Week

~~~~~~~~~~~~~~~~~~~~~~~~ ADVERTISEMENT ~~~~~~~~~~~~~~~~~~~~~~~~~

Serebra Learning Corporation knows that it’s true: you get paid more if you have the skills. Learn at your own pace with our dynamic training programs for the skills needed to succeed in today’s IT market. The Best Way to Learn Anything, Anywhere, Anytime. Check out this month’s specials!

http://ad.brainbuzz.com/?RC153&AIY17

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

For information on how to advertise in this newsletter please contact mailto:adsales@CramSession.com or visit http://cramsession.com/marketing/default.asp

1) Sean’s Notes

Last week we had a look at what it takes to get a Linux box to dial an ISP using the PPP protocol. Have a quick read-through to refresh your memory:

http://newsletters.cramsession.com/Newsletters/NewsletterArchive/Li nuxNews/january-9-2003linux.txt

This week, we’ll look at what it takes to our Linux box act as the dialin server. This isn’t the highest density solution for dialin, but it does the job.

(As an aside, I worked at an ISP in the mid-late 1990’s. We acquired another ISP whose modem racks were literally, wooden racks of external USR modems connected to Linux boxes, the plastic covers removed to avoid overheating. I really don’t recommend it!)

Let’s step back a bit and recall the way Linux handles serial devices such as modems. DOS calls them COM1, but Unix refers to them as character devices under the /dev directory:

[root@poochie ppp]# ls -l /dev/ttyS2 crw——- 1 uucp uucp 4, 66 Jan 13 20:07 /dev/ttyS2

Device names beginning with “ttyS” are your serial ports. Since they are zero indexed (ie ttyS0 is the first one), you can see that my modem is on the third COM port. Like all devices in Unix, we can read and write to it the same way we’d write to any file. But if we want to get our modem to answer the phone and establish PPP, then we’ll want someone to watch the line for us.

Watching stuff in the background is the job of a daemon. Daemons are simply programs that silently do work in the background, such as a web server. Daemons that watch serial lines and interact with the other end, however, are generally called “gettys” (the spelling is intentional).

A getty is a program that watches a serial line and makes it appear as a terminal to the system. Terminals, be they virtual ones created when you telnet in, or real ones like serial ports and your console, are the way the Unix system talks to the user. If a program doesn’t have a terminal, it has no way of getting data to and from the user!

“Sean, daemons, gettys, and terminals are wonderful, but what do they have to do speaking IP and PPP over a modem?”

I’m glad you asked.

Our getty is going to watch the modem. It’ll answer the call. If it’s a PPP user, the getty will pass control to pppd. If it’s a regular Joe, well, we can either ignore them or give them the standard login and password routine.

“mgetty” is a great getty for handling the modem. It also has support for faxes and voice modems, but that’s a topic for another day. The home page is:

http://www.leo.org/~doering/mgetty/index.html

…but it’s easiest if you grab it from your distribution or rpmfind.net.

Setting this up is almost as easy as dialing in to an ISP, but there are more files we have to get into. First, go into /etc/mgetty+sendfax/login.config. Before any other entries in there, put the following line:

/AutoPPP/ - - /usr/sbin/pppd file /etc/ppp/options.server

This tells mgetty to run pppd if the AutoPPP user tries to log in. AutoPPP is an internal name to mgetty; if it sees the PPP initialization strings from the other end, it calls the user AutoPPP. Passing “file /etc/ppp/options.server” tells pppd itself that we’ll be configuring it from /etc/ppp/options.server.

The contents of options.server are as follows:

asyncmap 0 modem crtscts lock require-pap refuse-chap proxyarp 192.168.1.1:192.168.1.2

Like last week, there is one option per line. “asyncmap 0” turns off escaping of control characters over the line. Since almost every document I’ve read tells you to put it in there, but none have a good explanation, I’m going to assume it’s a legacy thing and that we’re just turning it off. “modem” and “crtscts” turn on full flow control for the modem connection. “lock” simply locks the serial device while we’re online, so that other programs don’t take it over.

“require-pap” and “refuse-chap” are there to show you how you can prefer one form of authentication over another.

The last two lines are probably the tricky ones. The address of my dialin server is 192.168.1.1. I’d like my dialin client to have an address of 192.168.1.2. But since it’s a point-to-point link, we have to use what’s called “proxy ARPing”. Whenever someone on the LAN says “Hey! Who is 192.168.1.2?”, my gateway (.1) will respond saying “That’s me!”. The packet will then be relayed to the real .2, which is on the other end of that point-to-point link. The two addresses separated by a colon simply tells pppd to assign the local and remote addresses. Left to its own devices, pppd, will often get the addresses wrong.

The getty knows how to answer the call and invoke pppd. pppd knows how to authenticate and route to the remote end. All that’s left is tying the getty to the actual serial line. That’s a job for init, which is controlled from /etc/inittab:

Add the following line in inittab, it doesn’t matter where (I usually put it under the other getty lines).

di:3:respawn:/sbin/mgetty modem -D modem

(I’m also assuming you’ve made a symbolic link from /dev/modem to your actual modem device, ie ln -s /dev/ttyS2 /dev/modem)

Save, and run “init q” to start up the new service.

If you were wondering what the heck I’m talking about in the past few lines, you can get more information on init from at:

http://newsletters.cramsession.com/Newsletters/NewsletterArchive/Li nuxNews/august-8-2002linux.txt

Don’t forget to put your passwords into /etc/ppp/pap-secrets, just like you did for dialin.

That’s that for providing dial-in access!

Long live the Penguin,

Sean swalberg@cramsession.com

2) Linux News

Keeping Ahead of DNS Attacks

A while ago, many of the Internet root servers were taken down in a denial of service attack. Because of the incredible resiliency of the DNS, you probably didn’t even notice. However, as one of the inventors of the system writes in this article, the system isn’t infallible.

http://zdnet.com.com/2100-1107-979650.html

Yet Another Distributed Cracking Effort

The Neo project is another distributed computing effort such as SETI@home or distributed.net. The difference is that one of the goals of the project is to break the Microsoft XBox key, which would allow people to dig deeper inside the gaming console, and perhaps develop Open Sourced tools to assist game developers.

http://theneoproject.com/

Linux In Schools

This is a look at a K-12 school that has started to use Linux in the classroom rather than Windows. The article actually shows some of the educational software, along with some of the decisions that were made during the project.

http://www.linuxjournal.com/article.php?sidc49

Mandrake Files for Bankruptcy Protection

While this doesn’t mean the company is going under, it does show a serious problem with cash flow. I wish the best to Mandrake, who started out as a Pentium clone of Red Hat, but quickly turned into a leader in the Linux desktop.

http://newsforge.com/newsforge/03/01/15/1927220.shtml?tid=3

3) Linux Resources

Setting Up SSL Keys

Generating an SSL key for your secure web server isn’t necessarily hard, but if you do something wrong, you will likely delay the receipt of your key from your certificate authority (CA), or worse yet, get back an unusable key. Here’s the procedure to generate a key, send it off to the CA, and install it into the web server. If you’re just playing around and don’t want to fork out the cash for a key, it’s got instructions on how to do the free, self-signed version.

http://www.redhat.com/docs/manuals/linux/RHL-7.3-Manual/custom-guid e/s1-installation-securing.html

Mason Book Online

“Mason is a powerful text templating tool for embedding Perl in text. It offers many features to help you create dynamic web sites from re-usable components.” It’s a powerful engine, well worth a look if you’re building a high-end web site. The O’Reilly book on the software is now online, for free.

http://www.masonbook.com/

Hyper-Threading Explained

Newer CPUs from Intel support something called “Hyperthreading”, which makes a single processor look like a dual processor (the first time you run “top” on one of those babies, it’ll surprise you). Linux takes full advantage of this feature. This article gives the skinny on the technology, and the improvements in the 2.5 kernel that make even better use of the added power.

http://www-106.ibm.com/developerworks/linux/library/l-htl/?ca=dgr-l nxw06HyperThread

Watching A Honeypot At Work

Honeypots are specially configured computers that are designed to get broken into, but allow the administrator to watch the attacker and to prevent them from doing damage to other systems. This article takes a detailed look at a breakin on a honeypot, and some insight into the mind of the cracker.

http://online.securityfocus.com/infocus/1656

Only By Special Request

I had a missive from a reader simply reading “MS BLOWZ BIG FAT HOARY CHUNKZ”. Not to let down a reader, especially one as bright and articulate as this one, I put the term into Google, which didn’t really help much. So, I cleaned up the spelling a bit, and ended up finding a really good dictionary that you can use with your favourite password cracker to audit your user’s passwords.

http://home.freeuk.com/gc/xword/main_dictionary

4) App o’ the Week

Unix and VMS old timers will recognize the old text games “Hack” and “Rogue”. They’re extremely entertaining, but the “graphics” leave something to be desired. (For those that have never heard of it, these games use a standard text screen to draw the map, a wall might be a ’#’, a monster a ‘X’, and so forth). Hack has been redone using OpenGL, bringing a whole new dimension to this classic.

http://glhack.sourceforge.net/

(C) 2003 BrainBuzz.com, Inc. All Rights Reserved.

      This message is from CramSession

You are currently subscribed to the following list Hottest Linux News and Resources as: sean@ertw.com

To un-subscribe from this newsletter by e-mail, send a blank email message to: mailto:leave-linuxnews-3825955Y@list.cramsession.com

To subscribe to this newsletter and many others visit our site at: http://newsletters.cramsession.com/signup/default.asp

github.com/swalberg
twitter.com/seanwalberg