Mail delivery from a client application to the server, and from an originating server to the destination server is handled by the Simple Mail Transfer Protocol (SMTP) .
The primary purpose of SMTP is to transfer email between mail servers. However, it is critical for email clients as well. In order to send email, the client sends the message to an outgoing mail server, which in turn contacts the destination mail server for delivery. For this reason, it is necessary to specify an SMTP server when conguring an email client. Under Red Hat Linux, a user can congure an SMTP server on the local machine to handle mail delivery. However, it is also possible to congure remote SMTP servers for outgoing mail. One important point to make about the SMTP protocol is that it does not require authentication. This allows anyone on the Internet to send email to anyone else or even to large groups of people. It is this characteristic of SMTP that makes junk email or spam possible. Modern SMTP servers attempt to minimize this behavior by allowing only known hosts access to the SMTP server. Those servers that do not impose such restrictions are called open relay servers.
Red Hat Linux uses Sendmail (/usr/sbin/sendmail) as its default SMTP program. However, a
simpler mail server application called Postx (/usr/sbin/postfix) is also available.
bind dns
Introduction to DNS
When hosts on a network connect to one another via a hostname, also called a fully qualified domain name (FQDN), DNS is used to associate the names of machines to the IP address for the host. Use of DNS and FQDNs also has advantages for system administrators, allowing the flexibility to change the IP address for a host without effecting name-based queries to the machine. Conversely, administrators can shuffle which machines handle a name-based query.
DNS is normally implemented using centralized servers that are authoritative for some domains and refer to other DNS servers for other domains. When a client host requests information from a nameserver, it usually connects to port 53. The nameserver then attempts to resolve the FQDN based on its resolver library, which may contain authoritative information about the host requested or cached data from an earlier query. If the nameserver does not already have the answer in its resolver library, it queries other nameservers, called root nameservers, to determine which nameservers are authoritative for the FQDN in question. Then, with that information, it queries the authoritative nameservers to determine the IP address of the requested host. If performing a reverse lookup, the same procedure is used, except the query is made with an unknown IP address rather than a name.
Nameserver Zones
On the Internet, the FQDN of a host can be broken down into different sections. These sections are organized into a hierarchy much like a tree, with a main trunk, primary branches, secondary branches, and so forth. Consider the following FQDN:
bob.sales.example.com
When looking at how a FQDN is resolved to find the IP address that relates to a particular system, read the name from right to left, with each level of the hierarchy divided by periods (.). In this example, com defines the top level domain for this FQDN. The name example is a sub-domain under com, while sales is a sub-domain under example. The name furthest to the left, bob, identifies a specific machine.
Except for the hostname, each section is a called a zone, which defines a specific namespace. A namespace controls the naming of the sub-domains to its left. While this example only contains two sub-domains, a FQDN must contain at least one sub-domain but may include many more, depending upon how the namespace is organized.
Zones are defined on authoritative nameservers through the use of zone files, which describe the namespace of that zone, the mail servers to be used for a particular domain or sub-domain, and more. Zone files are stored on primary nameservers (also called master nameservers), which are truly authoritative and where changes are made to the files, and secondary nameservers (also called slave nameservers), which receive their zone files from the primary nameservers. Any nameserver can be a primary and secondary nameserver for different zones at the same time, and they may also be considered authoritative for multiple zones. It all depends on how the nameserver is configured.
Nameserver Types
There are four primary nameserver configuration types:
master — Stores original and authoritative zone records for a certain namespace, answering questions from other nameservers searching for answers concerning that namespace.
slave — Answers queries from other nameservers concerning namespaces for which it is considered an authority. However, slave nameservers get their namespace information from master nameservers.
caching-only — Offers name to IP resolution services but is not authoritative for any zones. Answers for all resolutions are cached in memory for a fixed period of time, which is specified by the retrieved zone record.
forwarding — Forwards requests to a specific list of nameservers for name resolution. If none of the specified nameservers can perform the resolution, the resolution fails.
A nameserver may be one or more of these types. For example, a nameserver can be a master for some zones, a slave for others, and only offer forwarding resolutions for others.
BIND as a Nameserver
BIND name performs name resolution services through the /usr/sbin/named daemon. BIND also includes an administration utility called /usr/sbin/rndc
BIND stores its configuration files in the following two places:
/etc/named.conf — The configuration file for the named daemon.
/var/named/ directory — The named working directory which stores zone, statistic, and cache files.
/etc/named.conf
The named.conf file is a collection of statements using nested options surrounded by opening and closing ellipse characters, { }. Administrators must be careful when editing named.conf to avoid syntactical errors as many seemingly minor errors will prevent the named service from starting.
Example Zone File
Seen individually, directives and resource records can be difficult to grasp. However, when placed together in a single file, they become easier to understand.
The following example shows a very basic zone file.
$ORIGIN example.com
$TTL 86400
@ IN SOA dns1.example.com. hostmaster.example.com. (
2001062501 ; serial
21600 ; refresh after 6 hours
3600 ; retry after 1 hour
604800 ; expire after 1 week
86400 ) ; minimum TTL of 1 day
IN NS dns1.example.com.
IN NS dns2.example.com.
IN MX 10 mail.example.com.
IN MX 20 mail2.example.com.
IN A 10.0.1.5
server1 IN A 10.0.1.5
server2 IN A 10.0.1.7
dns1 IN A 10.0.1.2
dns2 IN A 10.0.1.3
ftp IN CNAME server1
mail IN CNAME server1
mail2 IN CNAME server2
www IN CNAME server2
In this example, standard directives and SOA values are used. The authoritative nameservers are set as dns1.example.com and dns2.example.com, which have A records that tie them to 10.0.1.2 and 10.0.1.3, respectively.
The email servers configured with the MX records point to server1 and server2 via CNAME records. Since the server1 and server2 names do not end in a trailing period (.), the $ORIGIN domain is placed after them, expanding them to server1.example.com and server2.example.com. Through the related A resource records, their IP addresses can be determined.
FTP and Web services, available at the standard ftp.example.com and www.example.com names, are pointed at the appropriate servers using CNAME records.
When hosts on a network connect to one another via a hostname, also called a fully qualified domain name (FQDN), DNS is used to associate the names of machines to the IP address for the host. Use of DNS and FQDNs also has advantages for system administrators, allowing the flexibility to change the IP address for a host without effecting name-based queries to the machine. Conversely, administrators can shuffle which machines handle a name-based query.
DNS is normally implemented using centralized servers that are authoritative for some domains and refer to other DNS servers for other domains. When a client host requests information from a nameserver, it usually connects to port 53. The nameserver then attempts to resolve the FQDN based on its resolver library, which may contain authoritative information about the host requested or cached data from an earlier query. If the nameserver does not already have the answer in its resolver library, it queries other nameservers, called root nameservers, to determine which nameservers are authoritative for the FQDN in question. Then, with that information, it queries the authoritative nameservers to determine the IP address of the requested host. If performing a reverse lookup, the same procedure is used, except the query is made with an unknown IP address rather than a name.
Nameserver Zones
On the Internet, the FQDN of a host can be broken down into different sections. These sections are organized into a hierarchy much like a tree, with a main trunk, primary branches, secondary branches, and so forth. Consider the following FQDN:
bob.sales.example.com
When looking at how a FQDN is resolved to find the IP address that relates to a particular system, read the name from right to left, with each level of the hierarchy divided by periods (.). In this example, com defines the top level domain for this FQDN. The name example is a sub-domain under com, while sales is a sub-domain under example. The name furthest to the left, bob, identifies a specific machine.
Except for the hostname, each section is a called a zone, which defines a specific namespace. A namespace controls the naming of the sub-domains to its left. While this example only contains two sub-domains, a FQDN must contain at least one sub-domain but may include many more, depending upon how the namespace is organized.
Zones are defined on authoritative nameservers through the use of zone files, which describe the namespace of that zone, the mail servers to be used for a particular domain or sub-domain, and more. Zone files are stored on primary nameservers (also called master nameservers), which are truly authoritative and where changes are made to the files, and secondary nameservers (also called slave nameservers), which receive their zone files from the primary nameservers. Any nameserver can be a primary and secondary nameserver for different zones at the same time, and they may also be considered authoritative for multiple zones. It all depends on how the nameserver is configured.
Nameserver Types
There are four primary nameserver configuration types:
master — Stores original and authoritative zone records for a certain namespace, answering questions from other nameservers searching for answers concerning that namespace.
slave — Answers queries from other nameservers concerning namespaces for which it is considered an authority. However, slave nameservers get their namespace information from master nameservers.
caching-only — Offers name to IP resolution services but is not authoritative for any zones. Answers for all resolutions are cached in memory for a fixed period of time, which is specified by the retrieved zone record.
forwarding — Forwards requests to a specific list of nameservers for name resolution. If none of the specified nameservers can perform the resolution, the resolution fails.
A nameserver may be one or more of these types. For example, a nameserver can be a master for some zones, a slave for others, and only offer forwarding resolutions for others.
BIND as a Nameserver
BIND name performs name resolution services through the /usr/sbin/named daemon. BIND also includes an administration utility called /usr/sbin/rndc
BIND stores its configuration files in the following two places:
/etc/named.conf — The configuration file for the named daemon.
/var/named/ directory — The named working directory which stores zone, statistic, and cache files.
/etc/named.conf
The named.conf file is a collection of statements using nested options surrounded by opening and closing ellipse characters, { }. Administrators must be careful when editing named.conf to avoid syntactical errors as many seemingly minor errors will prevent the named service from starting.
Example Zone File
Seen individually, directives and resource records can be difficult to grasp. However, when placed together in a single file, they become easier to understand.
The following example shows a very basic zone file.
$ORIGIN example.com
$TTL 86400
@ IN SOA dns1.example.com. hostmaster.example.com. (
2001062501 ; serial
21600 ; refresh after 6 hours
3600 ; retry after 1 hour
604800 ; expire after 1 week
86400 ) ; minimum TTL of 1 day
IN NS dns1.example.com.
IN NS dns2.example.com.
IN MX 10 mail.example.com.
IN MX 20 mail2.example.com.
IN A 10.0.1.5
server1 IN A 10.0.1.5
server2 IN A 10.0.1.7
dns1 IN A 10.0.1.2
dns2 IN A 10.0.1.3
ftp IN CNAME server1
mail IN CNAME server1
mail2 IN CNAME server2
www IN CNAME server2
In this example, standard directives and SOA values are used. The authoritative nameservers are set as dns1.example.com and dns2.example.com, which have A records that tie them to 10.0.1.2 and 10.0.1.3, respectively.
The email servers configured with the MX records point to server1 and server2 via CNAME records. Since the server1 and server2 names do not end in a trailing period (.), the $ORIGIN domain is placed after them, expanding them to server1.example.com and server2.example.com. Through the related A resource records, their IP addresses can be determined.
FTP and Web services, available at the standard ftp.example.com and www.example.com names, are pointed at the appropriate servers using CNAME records.
linux Ethernet Interfaces
interface les is ifcfg-eth0, which controls the rst Ethernet network interface
card or NIC in the system. In a system with multiple NICs, there are multiple ifcfg-eth
Because each device has its own conguration le, an administrator can control how each interface functions individually. Below is a sample ifcfg-eth0 le for a system using a xed IP address:
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
NETWORK=10.0.1.0
NETMASK=255.255.255.0
IPADDR=10.0.1.27
USERCTL=no
The values required in an interface conguration le can change based on other values. For example, the ifcfg-eth0 le for an interface using DHCP looks quite a bit different, because IP information is provided by the DHCP server:
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
The Network Administration Tool (redhat-config-network) is an easy way to make changes to
the various network interface conguration les (see the chapter titled Network Conguration in the
Red Hat Linux Customization Guide for detailed instructions on using this tool).
However, it is also possible to edit the conguration les for a given network interface by hand.
Below is a listing of the congurable parameters in an Ethernet interface conguration is one of the following:
. none. No boot-time protocol should be used.
. bootp. The BOOTP protocol should be used.
. dhcp. The DHCP protocol should be used.
is the name of the physical device (except for dynamicallyallocated PPP devices where it is the logical name) is a name server address to be placed in
/etc/resolv.conf if the PEERDNS directive is set to yes.
card or NIC in the system. In a system with multiple NICs, there are multiple ifcfg-eth
Because each device has its own conguration le, an administrator can control how each interface functions individually. Below is a sample ifcfg-eth0 le for a system using a xed IP address:
DEVICE=eth0
BOOTPROTO=none
ONBOOT=yes
NETWORK=10.0.1.0
NETMASK=255.255.255.0
IPADDR=10.0.1.27
USERCTL=no
The values required in an interface conguration le can change based on other values. For example, the ifcfg-eth0 le for an interface using DHCP looks quite a bit different, because IP information is provided by the DHCP server:
DEVICE=eth0
BOOTPROTO=dhcp
ONBOOT=yes
The Network Administration Tool (redhat-config-network) is an easy way to make changes to
the various network interface conguration les (see the chapter titled Network Conguration in the
Red Hat Linux Customization Guide for detailed instructions on using this tool).
However, it is also possible to edit the conguration les for a given network interface by hand.
Below is a listing of the congurable parameters in an Ethernet interface conguration is one of the following:
. none. No boot-time protocol should be used.
. bootp. The BOOTP protocol should be used.
. dhcp. The DHCP protocol should be used.
is the name of the physical device (except for dynamicallyallocated PPP devices where it is the logical name) is a name server address to be placed in
/etc/resolv.conf if the PEERDNS directive is set to yes.
linux redhat Network Configuration Files
The primary network conguration les are as follows:
. /etc/hosts . The main purpose of this le is to resolve hostnames that cannot be resolved any
other way. It can also be used to resolve hostnames on small networks with no DNS server. Regardless of the type of network the computer is on, this le should contain a line specifying the IP address of the loopback device (127.0.0.1) as localhost.localdomain. For more information,
see the hosts man page.
. /etc/resolv.conf.This le species the IP addresses of DNS servers and the search domain.
Unless congured to do otherwise, the network initialization scripts populate this le. For more
information on this le, see the resolv.conf man page.
. /etc/sysconfig/network . Species routing and host information for all network
interfaces. For more information on this le and the directives it accepts, see Section 4.1.23
/etc/sysconfig/network.
. /etc/sysconfig/network-scripts/ifcfg
For each network interface on a Red Hat Linux system, there is a corresponding interface conguration script. Each of these les provide information specic to a particular network interface. See Section 8.2 Interface Conguration Files for more information on this type of le and the directives it accepts.
. /etc/hosts . The main purpose of this le is to resolve hostnames that cannot be resolved any
other way. It can also be used to resolve hostnames on small networks with no DNS server. Regardless of the type of network the computer is on, this le should contain a line specifying the IP address of the loopback device (127.0.0.1) as localhost.localdomain. For more information,
see the hosts man page.
. /etc/resolv.conf.This le species the IP addresses of DNS servers and the search domain.
Unless congured to do otherwise, the network initialization scripts populate this le. For more
information on this le, see the resolv.conf man page.
. /etc/sysconfig/network . Species routing and host information for all network
interfaces. For more information on this le and the directives it accepts, see Section 4.1.23
/etc/sysconfig/network.
. /etc/sysconfig/network-scripts/ifcfg
For each network interface on a Red Hat Linux system, there is a corresponding interface conguration script. Each of these les provide information specic to a particular network interface. See Section 8.2 Interface Conguration Files for more information on this type of le and the directives it accepts.
Linux Runlevel 3
When in runlevel 3, the best way to start an X session is to log in and type startx. The startx
command is a front-end to the xinit command which launches the XFree86 server and connects X clients applications to it. Because the user is already logged into the system at runlevel 3, startx does not launch a display manager or authenticate users. Refer to Section 7.5.2 Runlevel 5 for more information about display managers.
When the startx command is executed, it searches for a .xinitrc le in the user's home directory
to dene the desktop environment and possibly other X client applications to run. If no .xinitrc le
is present, it will use the system default /etc/X11/xinit/xinitrc le instead.
The default xinitrc script then looks for user-dened les and default system les, including .Xresources,
.Xmodmap, and .Xkbmap in the user's home directory and Xresources, Xmodmap, and
Xkbmap in the /etc/X11/ directory. The Xmodmap and Xkbmap les, if they exist, are used by the xmodmap utility to congure the keyboard. The Xresources les are read to assign specic preference values to applications.
After setting these options, the xinitrc script executes all scripts located in the
/etc/X11/xinit/xinitrc.d/ directory. One important script in this directory is xinput, which
congures settings such as the default language.
Next, the xinitrc script tries to execute .Xclients in the user's home directory and turns to
/etc/X11/xinit/Xclients if it cannot be found. The purpose of the Xclients le is to start
the desktop environment or, possibly, just a basic window manager. The .Xclients script in the
user's home directory starts the user-specied desktop environment in the .Xclients-default le.
If .Xclients does not exist in the user's home directory, the standard /etc/X11/init/Xclients
script attempts to start another desktop environment, trying GNOME rst and then KDE followed by twm. The user is returned to a text mode user session after logging out of X from runlevel 3.
command is a front-end to the xinit command which launches the XFree86 server and connects X clients applications to it. Because the user is already logged into the system at runlevel 3, startx does not launch a display manager or authenticate users. Refer to Section 7.5.2 Runlevel 5 for more information about display managers.
When the startx command is executed, it searches for a .xinitrc le in the user's home directory
to dene the desktop environment and possibly other X client applications to run. If no .xinitrc le
is present, it will use the system default /etc/X11/xinit/xinitrc le instead.
The default xinitrc script then looks for user-dened les and default system les, including .Xresources,
.Xmodmap, and .Xkbmap in the user's home directory and Xresources, Xmodmap, and
Xkbmap in the /etc/X11/ directory. The Xmodmap and Xkbmap les, if they exist, are used by the xmodmap utility to congure the keyboard. The Xresources les are read to assign specic preference values to applications.
After setting these options, the xinitrc script executes all scripts located in the
/etc/X11/xinit/xinitrc.d/ directory. One important script in this directory is xinput, which
congures settings such as the default language.
Next, the xinitrc script tries to execute .Xclients in the user's home directory and turns to
/etc/X11/xinit/Xclients if it cannot be found. The purpose of the Xclients le is to start
the desktop environment or, possibly, just a basic window manager. The .Xclients script in the
user's home directory starts the user-specied desktop environment in the .Xclients-default le.
If .Xclients does not exist in the user's home directory, the standard /etc/X11/init/Xclients
script attempts to start another desktop environment, trying GNOME rst and then KDE followed by twm. The user is returned to a text mode user session after logging out of X from runlevel 3.
linux ssh setup
1. On all your Windows machines download and install OpenSSH client. Download from
http://www.wm.edu/it/index.php?id=2928 The download site provides installation
instructions. This package is the client side only, which allows you to initiate a SSH
session from the machine you install it on. Size is about 5.7 MB. (filename is
sshsecureshellclient-3.2.9.exe)
2. On all your Windows machines download and install the COPSSH server for Windows.
To do this, open a browser and search Google for COPSSH. Look for the Sourceforge
download site, and select it. Your download will be from this URL:
http://sourceforge.net/project/showfiles.php?group_id=69227&package_id=127780 .
Note that SSH Servers for Windows are mostly very expensive. To get around this
expense someone developed Cygwin, a tiny Linux system that embeds in Windows and
serves COPSSH from within a Linux environment on your Windows machine. This free
COPSSH- server software allows your Windows PC to "serve" up its information to a
remote PC (Linux or Windows). The access of your Windows-machine's drives is
through the Linux folder called cygdrive.
3. On all your Ubuntu Linux machines open System > Administration > Synaptic Package
Manager. Search for ssh. Make sure openssh-client and openssh-server are both installed.
If they are not, install them.
4. Test SSH from Windows: From within your Windows machine's Start menu, select “SSH
Secure Shell Client.” Then select Secure File Transfer Client. Select Quick Connect, and
type in the name of the machine you want to connect to. Add your username, and click
Connect.
5. Test SSH from Linux: From within your Linux machine, select Places > Connect to
Server. Under Service Type, select SSH. Add the name of the Server you want to connect
to, and press Connect. This should put an icon on your desktop and in your Nautilus file
browser.
http://www.wm.edu/it/index.php?id=2928 The download site provides installation
instructions. This package is the client side only, which allows you to initiate a SSH
session from the machine you install it on. Size is about 5.7 MB. (filename is
sshsecureshellclient-3.2.9.exe)
2. On all your Windows machines download and install the COPSSH server for Windows.
To do this, open a browser and search Google for COPSSH. Look for the Sourceforge
download site, and select it. Your download will be from this URL:
http://sourceforge.net/project/showfiles.php?group_id=69227&package_id=127780 .
Note that SSH Servers for Windows are mostly very expensive. To get around this
expense someone developed Cygwin, a tiny Linux system that embeds in Windows and
serves COPSSH from within a Linux environment on your Windows machine. This free
COPSSH- server software allows your Windows PC to "serve" up its information to a
remote PC (Linux or Windows). The access of your Windows-machine's drives is
through the Linux folder called cygdrive.
3. On all your Ubuntu Linux machines open System > Administration > Synaptic Package
Manager. Search for ssh. Make sure openssh-client and openssh-server are both installed.
If they are not, install them.
4. Test SSH from Windows: From within your Windows machine's Start menu, select “SSH
Secure Shell Client.” Then select Secure File Transfer Client. Select Quick Connect, and
type in the name of the machine you want to connect to. Add your username, and click
Connect.
5. Test SSH from Linux: From within your Linux machine, select Places > Connect to
Server. Under Service Type, select SSH. Add the name of the Server you want to connect
to, and press Connect. This should put an icon on your desktop and in your Nautilus file
browser.
linux vnc setup test
1. On all your Windows machines download and install VNC free edition. Download from
http://www.realvnc.com/cgi-bin/download.cgi . Installation is self guided. This package
includes both server and viewer. Size is about 720 K. (filename is vnc-4_1_2-
x86_win32.exe)
2. On all your Ubuntu Linux machines open System > Administration > Synaptic Package
Manager. Search for VNC. Make sure that “vino,” “vnc-common,” and “xvncviewer” are
already installed. If not, install the missing ones.
3. Test VNC from Windows: Run VNC viewer from your Windows machine. You should
be able to select any Linux or Windows box by hostname and connect to it; that is, if
these boxes are running VNC server. If not, probably you have restricted remote desktop
connections. To unrestrict, right click on "My Computer" and select "Properties." Select
the remote tab. Enable remote desktop connections.
4. Test VNC from Linux: Run VNC from your Linux machine by selecting Applications >
Internet > Terminal Server Client. Under the “'general” tab, type in the hostname of the
other machine you want to connect to, and select the VNC protocol. Then type in your
name (the name you sign in with on each of your machines). Press connect. You will be
asked for a password -- in a tiny box in the upper left corner of your screen. You need not
move your cursor to this password box. Just type your password, and the password box
somehow collects it. You should connect. If not, try removing password protection – at
least during troubleshooting -- by going to System > Preferences > Remote Desktop and
un-checking password protection.
5. Firewalls frequently are the cause of failed connections. If all the above methods fail, it is
a good idea to look at your firewall settings. Assuming you are using Windows built-in
firewall, go to "Control Panel" and select "Windows Firewall." Click on the "Exceptions"
tab. Click the "Add Port" button. Add "VNC-1" and use port 5900. Then, click "Add
Port" again and add "VNC-2" at port 5800.
http://www.realvnc.com/cgi-bin/download.cgi . Installation is self guided. This package
includes both server and viewer. Size is about 720 K. (filename is vnc-4_1_2-
x86_win32.exe)
2. On all your Ubuntu Linux machines open System > Administration > Synaptic Package
Manager. Search for VNC. Make sure that “vino,” “vnc-common,” and “xvncviewer” are
already installed. If not, install the missing ones.
3. Test VNC from Windows: Run VNC viewer from your Windows machine. You should
be able to select any Linux or Windows box by hostname and connect to it; that is, if
these boxes are running VNC server. If not, probably you have restricted remote desktop
connections. To unrestrict, right click on "My Computer" and select "Properties." Select
the remote tab. Enable remote desktop connections.
4. Test VNC from Linux: Run VNC from your Linux machine by selecting Applications >
Internet > Terminal Server Client. Under the “'general” tab, type in the hostname of the
other machine you want to connect to, and select the VNC protocol. Then type in your
name (the name you sign in with on each of your machines). Press connect. You will be
asked for a password -- in a tiny box in the upper left corner of your screen. You need not
move your cursor to this password box. Just type your password, and the password box
somehow collects it. You should connect. If not, try removing password protection – at
least during troubleshooting -- by going to System > Preferences > Remote Desktop and
un-checking password protection.
5. Firewalls frequently are the cause of failed connections. If all the above methods fail, it is
a good idea to look at your firewall settings. Assuming you are using Windows built-in
firewall, go to "Control Panel" and select "Windows Firewall." Click on the "Exceptions"
tab. Click the "Add Port" button. Add "VNC-1" and use port 5900. Then, click "Add
Port" again and add "VNC-2" at port 5800.
Linux Creating an Installation Diskette
The first step in getting Red Hat's distribution of Linux onto a system, you need to find a way of starting the installation program. The usual method of doing so is to create an installation disk, although if you are installing from CD−ROM, and your system's BIOS supports it, you should be able to boot directly into the installation program from the CD.
Otherwise, to create an installation diskette, you'll need to copy the ``boot.img'' (which is simply an image of an ext2−formatted Linux boot diskette with an additional installation program) onto a floppy diskette. The ``boot.img'' file can be obtained from the /images directory of the Red Hat CD−ROM disk, or downloaded via FTP from ftp://ftp.redhat.com in the /pub/redhat/redhat−6.1/i386/images directory (assuming
you are installing Linux on an Intel box).
You can create the boot diskette either from a DOS or Windows system, or from an existing Linux or Unix system. For your destination diskette, you can use either an unformatted or a pre−formatted (for DOS)
diskette −− it makes no difference.
Under DOS: Assuming your CD−ROM is accessible as drive D:, you can type:
d:
cd \images
..\dosutils\rawrite
For the source file, enter ``boot.img''. For the destination file, enter ``a:'' (assuming the
diskette you are created is inserted into the A: drive). The ``rawrite'' program will then
copy the ``boot.img'' file onto diskette.
Under Linux/Unix: Assuming the ``boot.img'' file is located in the current directory (you may need to
mount the CD−ROM under /mnt/cdrom and find the file in /mnt/cdrom/images), you can type:
dd if=boot.img of=/dev/fd0
The ``dd'' utility will copy, as its input file ("if"), the ``boot.img'' file, onto the output file
("of") /dev/fd0 (assuming your floppy drive is accessible from /dev/fd0).
Unless your Linux or Unix system allows write permissions to the floppy device, you may
need to do this command as the superuser. (If you know the root password, type ``su'' to
become the superuser, execute the ``dd'' command, and then type ``exit'' to return to
normal user status).
Otherwise, to create an installation diskette, you'll need to copy the ``boot.img'' (which is simply an image of an ext2−formatted Linux boot diskette with an additional installation program) onto a floppy diskette. The ``boot.img'' file can be obtained from the /images directory of the Red Hat CD−ROM disk, or downloaded via FTP from ftp://ftp.redhat.com in the /pub/redhat/redhat−6.1/i386/images directory (assuming
you are installing Linux on an Intel box).
You can create the boot diskette either from a DOS or Windows system, or from an existing Linux or Unix system. For your destination diskette, you can use either an unformatted or a pre−formatted (for DOS)
diskette −− it makes no difference.
Under DOS: Assuming your CD−ROM is accessible as drive D:, you can type:
d:
cd \images
..\dosutils\rawrite
For the source file, enter ``boot.img''. For the destination file, enter ``a:'' (assuming the
diskette you are created is inserted into the A: drive). The ``rawrite'' program will then
copy the ``boot.img'' file onto diskette.
Under Linux/Unix: Assuming the ``boot.img'' file is located in the current directory (you may need to
mount the CD−ROM under /mnt/cdrom and find the file in /mnt/cdrom/images), you can type:
dd if=boot.img of=/dev/fd0
The ``dd'' utility will copy, as its input file ("if"), the ``boot.img'' file, onto the output file
("of") /dev/fd0 (assuming your floppy drive is accessible from /dev/fd0).
Unless your Linux or Unix system allows write permissions to the floppy device, you may
need to do this command as the superuser. (If you know the root password, type ``su'' to
become the superuser, execute the ``dd'' command, and then type ``exit'' to return to
normal user status).
Linux DNS and Nslookup
The Domain Name Service also known as DNS allows you, the users, to translate names
like www.yahoo.com into a number like 216.32.74.52 which is needed for your computer
to communicate over the network. Networks are controlled by gremlins that only use
numbers not names. Thus DNS is very important if you are going to use the network at
all. Most of the time your ISP provides this service, especially if
you are using a modem, cable modem, DSL, etc. If you are in a large corporate setting,
your own company network will provide DNS.
The main tool you need to check that your DNS is working is nslookup which can translate
names to numbers or vice-versa:
[LocalHost]/home/joe:nslookup www.io.com
Server: flure.pair.com
Address: 209.68.1.159
Name: www.io.com
Addresses: 199.170.88.21, 199.170.88.41, 199.170.88.39
Nslookup tells us there are 3 names that go with www.io.com. Large sites like www.io.com
and www.yahoo.com often have many numbers because they maintain several servers to
handle all the requests to their very busy sites. The server ure.pair.com is our DNS
server as seen by our local DNS setup.
DNS can also translate numbers into names:
[LocalHost]/home/joe:nslookup 199.170.88.21
Server: flure.pair.com
Address: 209.68.1.159
Name: www-02.io.com
Address: 199.170.88.21
This was one of the www.io.com sites listed in the rst example. If DNS can't nd your
name, there is little chance you can connect through the internet to it:
like www.yahoo.com into a number like 216.32.74.52 which is needed for your computer
to communicate over the network. Networks are controlled by gremlins that only use
numbers not names. Thus DNS is very important if you are going to use the network at
all. Most of the time your ISP provides this service, especially if
you are using a modem, cable modem, DSL, etc. If you are in a large corporate setting,
your own company network will provide DNS.
The main tool you need to check that your DNS is working is nslookup which can translate
names to numbers or vice-versa:
[LocalHost]/home/joe:nslookup www.io.com
Server: flure.pair.com
Address: 209.68.1.159
Name: www.io.com
Addresses: 199.170.88.21, 199.170.88.41, 199.170.88.39
Nslookup tells us there are 3 names that go with www.io.com. Large sites like www.io.com
and www.yahoo.com often have many numbers because they maintain several servers to
handle all the requests to their very busy sites. The server ure.pair.com is our DNS
server as seen by our local DNS setup.
DNS can also translate numbers into names:
[LocalHost]/home/joe:nslookup 199.170.88.21
Server: flure.pair.com
Address: 209.68.1.159
Name: www-02.io.com
Address: 199.170.88.21
This was one of the www.io.com sites listed in the rst example. If DNS can't nd your
name, there is little chance you can connect through the internet to it:
ติดตั้ง MySQL ใน MS Windows
download MySQL (Windows binary) http://www.mysql.com/downloads/index.html
1. หลังจากดาวน์โหลดมาแล้วก็ให้แตกไฟล์ออก แล้วก็รันไฟล์ชื่อ Setup.exe ก็จะปรากฏหน้าต่างดังรูป ให้คลิ๊กที่ปุ่ม next
2. เลือกโฟลเดอร์ที่จะทำการติดตั้งโปรแกรม MySQL จากนั้นให้คลิ๊กที่ปุ่ม Next
3. เลือกรูปแบบที่จะทำการติดตั้ง การติดตั้งโดยทั่วไปให้เลือกที่ Typical แล้วคลิ๊กที่ปุ่ม Next
4. เมื่อเสร็จสิ้นการติดตั้งแล้วก็จะมีข้อความแจ้งให้คุณทราบดังรูป ให้คลิ๊กที่ปุ่ม Finish
5. ขั้นตอนต่อไปให้รันโปรแกรม winmysqladmin.exe ซึ่งจะอยู่ใน path เช่น c:\mysql\bin\
6. หลังจากที่รันโปรแกรม winmysqladmin.exe เป็นครั้งแรก ให้คุณใส่ username และ password ที่จะใช้สำหรับ access MySQL แล้วคลิ๊กที่ปุ่ม OK
7. ที่ Taskbar จะเห็นว่ามี icon เล็กๆ เป็นรูปสัญญาณไฟปรากฏอยู่ ซึ่งก็คือ icon ของโปรแกรม winmysqladmin นั่นเอง ถ้าเป็นสัญญาณไฟเขียวก็แสดงว่า MySQL ทำงานอยู่ ถ้าสัญญาณไฟเป็นสีแดงก็แสดงว่า MySQL หยุดทำงาน โดยเราสามารถที่จะใช้ winmysqladmin ในการเปิดปิดโปรแกรมโปรแกรม MySQL ได้
8. ถ้าต้องการให้ MySQL หยุดทำงานก็ให้คลิ๊กขวาที่สัญญาณไฟเลือก Win NT -> Stop the Service
9. ถ้าต้องการให้ MySQL ทำงานก็ให้คลิ๊กขวาที่สัญญาณไฟเลือก Win NT -> Start the Service
10. ถ้าต้องการเปิดหน้าต่างของโปรแกรม mysqladmin ให้คลิ๊กขวาที่สัญญาณไฟแล้วเลือก Show me
1. หลังจากดาวน์โหลดมาแล้วก็ให้แตกไฟล์ออก แล้วก็รันไฟล์ชื่อ Setup.exe ก็จะปรากฏหน้าต่างดังรูป ให้คลิ๊กที่ปุ่ม next
2. เลือกโฟลเดอร์ที่จะทำการติดตั้งโปรแกรม MySQL จากนั้นให้คลิ๊กที่ปุ่ม Next
3. เลือกรูปแบบที่จะทำการติดตั้ง การติดตั้งโดยทั่วไปให้เลือกที่ Typical แล้วคลิ๊กที่ปุ่ม Next
4. เมื่อเสร็จสิ้นการติดตั้งแล้วก็จะมีข้อความแจ้งให้คุณทราบดังรูป ให้คลิ๊กที่ปุ่ม Finish
5. ขั้นตอนต่อไปให้รันโปรแกรม winmysqladmin.exe ซึ่งจะอยู่ใน path เช่น c:\mysql\bin\
6. หลังจากที่รันโปรแกรม winmysqladmin.exe เป็นครั้งแรก ให้คุณใส่ username และ password ที่จะใช้สำหรับ access MySQL แล้วคลิ๊กที่ปุ่ม OK
7. ที่ Taskbar จะเห็นว่ามี icon เล็กๆ เป็นรูปสัญญาณไฟปรากฏอยู่ ซึ่งก็คือ icon ของโปรแกรม winmysqladmin นั่นเอง ถ้าเป็นสัญญาณไฟเขียวก็แสดงว่า MySQL ทำงานอยู่ ถ้าสัญญาณไฟเป็นสีแดงก็แสดงว่า MySQL หยุดทำงาน โดยเราสามารถที่จะใช้ winmysqladmin ในการเปิดปิดโปรแกรมโปรแกรม MySQL ได้
8. ถ้าต้องการให้ MySQL หยุดทำงานก็ให้คลิ๊กขวาที่สัญญาณไฟเลือก Win NT -> Stop the Service
9. ถ้าต้องการให้ MySQL ทำงานก็ให้คลิ๊กขวาที่สัญญาณไฟเลือก Win NT -> Start the Service
10. ถ้าต้องการเปิดหน้าต่างของโปรแกรม mysqladmin ให้คลิ๊กขวาที่สัญญาณไฟแล้วเลือก Show me
Linux Settings DNS
Need to create a zone in /etc/named.conf. The zone name must match the domain name.
Additional sub-domains can go in the same zone, but other domains can not. For example, it is not possible to create a zone name of "example.com" then to put an "A record" of "somesite.com" in it. Instead, other domains must go in their own zone.
Here is an example zone.
zone "example.com" {
type master;
file "/var/named/joel/example.com.hosts";
};
Once you've created the zone, you need to create a zone file in /var/named. Of course, the filename must match the name you specified above. I group my zone files by username. In this case, I have a user named “joel”, so I create a directory called /var/named/joel and I create a zone file called example.com.hosts in that directory.
Usually, there will be other zone files you can copy from. Below is an example of what the
example.com.hosts file might look like.
$ttl 1800
example.com. IN SOA ns1.example.com.
admin.example.com. ( 1089054655
10800
3600
604800
1800 )
example.com. IN NS ns1.example.com.
example.com. IN NS ns2.example.com.
example.com. IN A 127.161.144.16
ns1.example.com. IN A 127.161.144.16
ns2.example.com. IN A 127.161.144.17
www.example.com. IN CNAME example.com.
mail.example.com. IN CNAME example.com.
example.com. IN MX 1 mail.example.com.
The lines that have “NS” in them show the name servers. In this case, there are two name servers doing DNS for example.com. Those are ns1.example.com and ns2.example.com.
The lines that have “A” in them are “A records”. These specify IP addresses for those domain names. So, example.com points to 127.161.144.16 (this is a fake example).
The lines that have “CNAME” in them are like shortcuts or links to A records. For example,
www.example.com is a CNAME of example.com. The A record for example.com points to
127.161.144.16, so www.example.com also points to 127.161.144.16.
Additional sub-domains can go in the same zone, but other domains can not. For example, it is not possible to create a zone name of "example.com" then to put an "A record" of "somesite.com" in it. Instead, other domains must go in their own zone.
Here is an example zone.
zone "example.com" {
type master;
file "/var/named/joel/example.com.hosts";
};
Once you've created the zone, you need to create a zone file in /var/named. Of course, the filename must match the name you specified above. I group my zone files by username. In this case, I have a user named “joel”, so I create a directory called /var/named/joel and I create a zone file called example.com.hosts in that directory.
Usually, there will be other zone files you can copy from. Below is an example of what the
example.com.hosts file might look like.
$ttl 1800
example.com. IN SOA ns1.example.com.
admin.example.com. ( 1089054655
10800
3600
604800
1800 )
example.com. IN NS ns1.example.com.
example.com. IN NS ns2.example.com.
example.com. IN A 127.161.144.16
ns1.example.com. IN A 127.161.144.16
ns2.example.com. IN A 127.161.144.17
www.example.com. IN CNAME example.com.
mail.example.com. IN CNAME example.com.
example.com. IN MX 1 mail.example.com.
The lines that have “NS” in them show the name servers. In this case, there are two name servers doing DNS for example.com. Those are ns1.example.com and ns2.example.com.
The lines that have “A” in them are “A records”. These specify IP addresses for those domain names. So, example.com points to 127.161.144.16 (this is a fake example).
The lines that have “CNAME” in them are like shortcuts or links to A records. For example,
www.example.com is a CNAME of example.com. The A record for example.com points to
127.161.144.16, so www.example.com also points to 127.161.144.16.
Linux Network commands
RESTART
# /etc/init.d/networking restart
SHOW ROUTING TABLE
# netstat -rn
# route –n
Add route
# route add -net 10.4.1.0/24 gw 192.168.200.247
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.200.240 0.0.0.0 255.255.255.240 U 0 0 0 eth0
10.4.1.0 192.168.200.247 255.255.255.0 UG 0 0 0 eth0
0.0.0.0 192.168.200.254 0.0.0.0 UG 0 0 0 eth0
SHOW SERVICE PORT
# netstat -tanp
# /etc/init.d/networking restart
SHOW ROUTING TABLE
# netstat -rn
# route –n
Add route
# route add -net 10.4.1.0/24 gw 192.168.200.247
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.200.240 0.0.0.0 255.255.255.240 U 0 0 0 eth0
10.4.1.0 192.168.200.247 255.255.255.0 UG 0 0 0 eth0
0.0.0.0 192.168.200.254 0.0.0.0 UG 0 0 0 eth0
SHOW SERVICE PORT
# netstat -tanp
คำสั่ง Linux for install software
rpm -ihv name.rpm Install the rpm package called name
rpm -Uhv name.rpm Upgrade the rpm package called name
rpm -e package Delete the rpm package called package
rpm -l package List the files in the package called package
rpm -ql package List the files and state the installed version of the package called package
rpm -i --force package Reinstall the rpm package called name having deleted parts of it (not
deleting using rpm -e)
tar -zxvf archive.tar.gz or
tar -zxvf archive.tgz
Decompress the files contained in the zipped and tarred archive called archive
./configure Execute the script preparing the installed files for compiling
rpm -Uhv name.rpm Upgrade the rpm package called name
rpm -e package Delete the rpm package called package
rpm -l package List the files in the package called package
rpm -ql package List the files and state the installed version of the package called package
rpm -i --force package Reinstall the rpm package called name having deleted parts of it (not
deleting using rpm -e)
tar -zxvf archive.tar.gz or
tar -zxvf archive.tgz
Decompress the files contained in the zipped and tarred archive called archive
./configure Execute the script preparing the installed files for compiling
Linux tips mounting file systems
mount -t iso9660 /dev/cdrom /mnt/cdrom
Mount the device cdrom and call it cdrom under the /mnt directory
mount -t msdos /dev/hdd/mnt/ddrive
Mount hard disk “d” as a msdos file system and call it ddrive under the /mnt directory
mount -t vfat /dev/hda1 /mnt/cdrive
Mount hard disk “a” as a VFAT file system and call it cdrive under the /mnt directory
umount /mnt/cdrom
Unmount the cdrom
Mount the device cdrom and call it cdrom under the /mnt directory
mount -t msdos /dev/hdd/mnt/ddrive
Mount hard disk “d” as a msdos file system and call it ddrive under the /mnt directory
mount -t vfat /dev/hda1 /mnt/cdrive
Mount hard disk “a” as a VFAT file system and call it cdrive under the /mnt directory
umount /mnt/cdrom
Unmount the cdrom
Linux tips Starting & Stopping
Starting & Stopping
shutdown -h now Shutdown the system now and do not reboot
halt Stop all processes - same as above
shutdown -r 5 Shutdown the system in 5 minutes and reboot
shutdown -r now Shutdown the system now and reboot
reboot Stop all processes and then reboot - same as above
startx Start the X system
shutdown -h now Shutdown the system now and do not reboot
halt Stop all processes - same as above
shutdown -r 5 Shutdown the system in 5 minutes and reboot
shutdown -r now Shutdown the system now and reboot
reboot Stop all processes and then reboot - same as above
startx Start the X system
เปรียบเทียบ คำสั่ง Linux กับ window (Files Translating Commands)
On the left, the DOS commands; on the right, their Linux counterpart.
ATTRIB: chmod
COPY: cp
DEL: rm
MOVE: mv
REN: mv
TYPE: more, less, cat
DOS Linux
============================================================
C:\GUIDO>ATTRIB +R FILE.TXT $ chmod 400 file.txt
C:\GUIDO>COPY JOE.TXT JOE.DOC $ cp joe.txt joe.doc
C:\GUIDO>COPY *.* TOTAL $ cat * > total
C:\GUIDO>COPY FRACTALS.DOC PRN $ lpr fractals.doc
C:\GUIDO>DEL TEMP $ rm temp
C:\GUIDO>DEL *.BAK $ rm *~
C:\GUIDO>MOVE PAPER.TXT TMP\ $ mv paper.txt tmp/
C:\GUIDO>REN PAPER.TXT PAPER.ASC $ mv paper.txt paper.asc
C:\GUIDO>PRINT LETTER.TXT $ lpr letter.txt
C:\GUIDO>TYPE LETTER.TXT $ more letter.txt
C:\GUIDO>TYPE LETTER.TXT $ less letter.txt
C:\GUIDO>TYPE LETTER.TXT > NUL $ cat letter.txt > /dev/null
ATTRIB: chmod
COPY: cp
DEL: rm
MOVE: mv
REN: mv
TYPE: more, less, cat
DOS Linux
============================================================
C:\GUIDO>ATTRIB +R FILE.TXT $ chmod 400 file.txt
C:\GUIDO>COPY JOE.TXT JOE.DOC $ cp joe.txt joe.doc
C:\GUIDO>COPY *.* TOTAL $ cat * > total
C:\GUIDO>COPY FRACTALS.DOC PRN $ lpr fractals.doc
C:\GUIDO>DEL TEMP $ rm temp
C:\GUIDO>DEL *.BAK $ rm *~
C:\GUIDO>MOVE PAPER.TXT TMP\ $ mv paper.txt tmp/
C:\GUIDO>REN PAPER.TXT PAPER.ASC $ mv paper.txt paper.asc
C:\GUIDO>PRINT LETTER.TXT $ lpr letter.txt
C:\GUIDO>TYPE LETTER.TXT $ more letter.txt
C:\GUIDO>TYPE LETTER.TXT $ less letter.txt
C:\GUIDO>TYPE LETTER.TXT > NUL $ cat letter.txt > /dev/null
Linux Firewalls mean
A firewall is a structure intended to keep a fire from spreading. Building have firewalls made of brick walls completely dividing sections of the building. In a car a firewall is the metal wall separating the engine and passenger compartments. Internet firewalls are intended to keep the flames of Internet hell out of your private LAN. Or, to keep the members of your LAN pure and chaste by denying them access the all the evil Internet temptations.
The first computer firewall was a non−routing Unix host with connections to two different networks. One network card connected to the Internet and the other to the private LAN. To reach the Internet from the private network, you had to logon to the firewall (Unix) server. You then used the resources of the system to access the Internet. For example, you could use X−windows to run Netscape's browser on the firewall system and have the display on your work station. With the browser running on the firewall it has access to both networks. This sort of dual homed system (a system with two network connections) is great if you can TRUST ALL of
your users. You can simple setup a Linux system and give an account accounts on it to everyone needing Internet access. With this setup, the only computer on your private network that knows anything about the outside world is the firewall. No one can download to their personal workstations. They must first download a file to the firewall and then download the file from the firewall to their workstation.
The first computer firewall was a non−routing Unix host with connections to two different networks. One network card connected to the Internet and the other to the private LAN. To reach the Internet from the private network, you had to logon to the firewall (Unix) server. You then used the resources of the system to access the Internet. For example, you could use X−windows to run Netscape's browser on the firewall system and have the display on your work station. With the browser running on the firewall it has access to both networks. This sort of dual homed system (a system with two network connections) is great if you can TRUST ALL of
your users. You can simple setup a Linux system and give an account accounts on it to everyone needing Internet access. With this setup, the only computer on your private network that knows anything about the outside world is the firewall. No one can download to their personal workstations. They must first download a file to the firewall and then download the file from the firewall to their workstation.
ubuntu ติด ตั้ง Domain Name Service (DNS)
Domain Name Service (DNS) is an Internet service that maps IP addresses and fully qualified domain names (FQDN) to one another. In this way, DNS alleviates the need to remember IP addresses. Computers that run DNS are called name servers. Ubuntu ships with BIND (Berkley Internet Naming daemon), the most common program used for maintaining a name server on Linux.
Installation
At a terminal prompt, enter the following command to install dns:
sudo apt-get install bind
Configuration
The DNS configuration files are stored in the /etc/bind directory. The primary configuration file is
/etc/bind/named.conf. The content of the default configuration file is shown below:
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind/README.Debian for information on the
// structure of BIND configuration files in Debian for BIND versions 8.2.1
// and later, *BEFORE* you customize this configuration file.
//
include "/etc/bind/named.conf.options";
// reduce log verbosity on issues outside our control
logging {
category lame-servers { null; };
category cname { null; };
};
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
// add local zone definitions here
include "/etc/bind/named.conf.local";
The include line specifies the filename which contains the DNS options. The directory line in the
options file tells DNS where to look for files. All files BIND uses will be relative to this directory.
The file named /etc/bind/db.root describes the root name servers in the world. The servers change over time, so the /etc/bind/db.root file must be maintained now and then.
The zone section defines a master server, and it is stored in a file mentioned against file tag. Every zone file contains 3 resource records (RRs): an SOA RR, an NS RR and a PTR RR. SOA is short of Start of Authority. The "@" is a special notation meaning the origin. NS is the Name Server RR. PTR is Domain Name Pointer. To start the DNS server, run the following command from a terminal prompt:
sudo /etc/init.d/bind start
Installation
At a terminal prompt, enter the following command to install dns:
sudo apt-get install bind
Configuration
The DNS configuration files are stored in the /etc/bind directory. The primary configuration file is
/etc/bind/named.conf. The content of the default configuration file is shown below:
// This is the primary configuration file for the BIND DNS server named.
//
// Please read /usr/share/doc/bind/README.Debian for information on the
// structure of BIND configuration files in Debian for BIND versions 8.2.1
// and later, *BEFORE* you customize this configuration file.
//
include "/etc/bind/named.conf.options";
// reduce log verbosity on issues outside our control
logging {
category lame-servers { null; };
category cname { null; };
};
// prime the server with knowledge of the root servers
zone "." {
type hint;
file "/etc/bind/db.root";
};
// be authoritative for the localhost forward and reverse zones, and for
// broadcast zones as per RFC 1912
zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
// add local zone definitions here
include "/etc/bind/named.conf.local";
The include line specifies the filename which contains the DNS options. The directory line in the
options file tells DNS where to look for files. All files BIND uses will be relative to this directory.
The file named /etc/bind/db.root describes the root name servers in the world. The servers change over time, so the /etc/bind/db.root file must be maintained now and then.
The zone section defines a master server, and it is stored in a file mentioned against file tag. Every zone file contains 3 resource records (RRs): an SOA RR, an NS RR and a PTR RR. SOA is short of Start of Authority. The "@" is a special notation meaning the origin. NS is the Name Server RR. PTR is Domain Name Pointer. To start the DNS server, run the following command from a terminal prompt:
sudo /etc/init.d/bind start
Setup Linux ipchains
# Firewall configuration
# Manual customization of this file is not recommended.
# Note: ifup-post will punch the current nameservers through the
# firewall; such entries will *not* be listed here.
:input ACCEPT
:forward ACCEPT
:output ACCEPT
-A input -s 0/0 -d 0/0 -i lo -j ACCEPT
-A forward -s 192.168.1.0/24 -d 0/0 -j MASQ
# Manual customization of this file is not recommended.
# Note: ifup-post will punch the current nameservers through the
# firewall; such entries will *not* be listed here.
:input ACCEPT
:forward ACCEPT
:output ACCEPT
-A input -s 0/0 -d 0/0 -i lo -j ACCEPT
-A forward -s 192.168.1.0/24 -d 0/0 -j MASQ
Linux password file edit
/etc/passwd
The file has one line per username, and is divided into seven colon-delimited fields:
1. Username.
2. Password, in an encrypted form.
3. Numeric user id.
4. Numeric group id.
5. Full name or other description of account. This is called gecos.
6. The user's home directory.
7. The user's login shell (program to run at login).
The file has one line per username, and is divided into seven colon-delimited fields:
1. Username.
2. Password, in an encrypted form.
3. Numeric user id.
4. Numeric group id.
5. Full name or other description of account. This is called gecos.
6. The user's home directory.
7. The user's login shell (program to run at login).
Linux Runtime level management
exit Terminates the shell.
halt Stop the system.
init Process control initialization.
initscript Script that executes inittab commands.
logout Log the user off the system.
poweroff Brings the system down.
reboot Reboot the system.
runlevel List the current and previous runlevel.
setsid Run a program in a new session.
shutdown If your system has many users, use the command "shutdown -h +time message", where time is the time in minutes until the system is halted, and message is a short explanation of why the system is shutting down.
# shutdown -h +10 'We will install a new disk. System should be back on-line in three
hours.'
telinit By requesting run level 1 a system can be taken to single user mode.
halt Stop the system.
init Process control initialization.
initscript Script that executes inittab commands.
logout Log the user off the system.
poweroff Brings the system down.
reboot Reboot the system.
runlevel List the current and previous runlevel.
setsid Run a program in a new session.
shutdown If your system has many users, use the command "shutdown -h +time message", where time is the time in minutes until the system is halted, and message is a short explanation of why the system is shutting down.
# shutdown -h +10 'We will install a new disk. System should be back on-line in three
hours.'
telinit By requesting run level 1 a system can be taken to single user mode.
Linux command: MC(midnight commander)
Description
The Midnight Commander is a directory browser/file manager for Unix-like operating systems
The screen of the Midnight Commander is divided into four parts. Almost all of the screen space is taken up by two directory panels. By default, the second bottommost line of the screen is the shell command line, and the bottom line shows the function key labels. The topmost line is the menu bar line. The menu bar line may not be visible, but appears if you click the topmost line with the mouse or press the F9 key.
The Midnight Commander provides a view of two directories at the same time. One of the panels is the current panel (a selection bar is in the current panel). Almost all operations take place on the current panel. Some file operations like Rename and Copy by default use the directory of the unselected panel as a destination (don't worry, they always ask you for confirmation first). For more information, see the sections on the directory panels the left and right menus and the file menu.
You can execute system commands from the Midnight Commander by simply typing them. Everything you type will appear on the shell command line, and when you press Enter the Midnight Commander will execute the command line you typed; read the shell command line and input line keys sections to learn more about the command line.
The Midnight Commander is a directory browser/file manager for Unix-like operating systems
The screen of the Midnight Commander is divided into four parts. Almost all of the screen space is taken up by two directory panels. By default, the second bottommost line of the screen is the shell command line, and the bottom line shows the function key labels. The topmost line is the menu bar line. The menu bar line may not be visible, but appears if you click the topmost line with the mouse or press the F9 key.
The Midnight Commander provides a view of two directories at the same time. One of the panels is the current panel (a selection bar is in the current panel). Almost all operations take place on the current panel. Some file operations like Rename and Copy by default use the directory of the unselected panel as a destination (don't worry, they always ask you for confirmation first). For more information, see the sections on the directory panels the left and right menus and the file menu.
You can execute system commands from the Midnight Commander by simply typing them. Everything you type will appear on the shell command line, and when you press Enter the Midnight Commander will execute the command line you typed; read the shell command line and input line keys sections to learn more about the command line.
Subscribe to:
Posts (Atom)