Archive for November, 2006

Network config files in Linux

tom on November 27th, 2006

/etc/resolv.conf and /etc/resolv.conf.d/base

These were covered in another topic about networking and the resolver.

In most cases, the DNS configuration is stored within /etc/resolv.conf. To add a DNS server, you can simply add a line “namespace 123.123.123.123″ in /etc/resolv.conf (assuming you want to use 123.123.123.123 as your DNS Server):

nameserver 123.123.123.123

However, some distributions use a dynamic DNS configuration (dynamic resolv.conf). When this is the case, /etc/resolv.conf is overwritten automatically by a deamon at boot time. A comment in /etc/resolv.conf indicates:

DO NOT EDIT THIS FILE BY HAND — YOUR CHANGES WILL BE OVERWRITTEN

If you change the content of /etc/resolv.conf it will be lost next time your reboot. If this is the case, edit the file /etc/resolvconf/resolv.conf.d/base instead of /etc/resolv.conf. At boot time, the deamon will append the file /etc/resolvconf/resolv.conf.d/base to the newly generated /etc/resolv.conf and it will contain your configuration.

/etc/hosts

In /etc/hosts you can give nicknames to some IP addresses. Your network tools and applications will check this file before querying the DNS servers configured in /etc/resolv.conf. Here is a typical /etc/hosts file:

127.0.0.1 localhost
192.168.1.4 something
192.168.1.5 stuff

Thanks to this file things like “telnet something” are equivalent to “telnet 192.168.1.4″. You don’t have to remember any IP address on your network anymore.

/etc/hostname

This file contains the hostname of your computer.

/etc/network/interfaces

This is probably the most important file of all when it comes to configuring the network. It contains the list of network interfaces and their configuration. Here is an example:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

auto eth1
iface eth1 inet static

address 192.168.1.4
netmask 255.255.255.0
gateway 192.168.1.1
wireless-essid galaxy

A lot of things can be configured within /etc/network/interfaces. If you’re looking for specific settings you can have a look at the man pages:

man interfaces

The most common settings are as follow:

auto, followed by the name of an interface, indicates that Linux should connect this device at startup.

iface, followed by the name of an interface, indicates the configuration of the interface. After iface, we find the type of addressing (dhcp or static). If the type of addressing is static, then further details are required, such as address (the IP address used by the interface) and netmask. The address of the router can also be given if it acts as a default gateway by specifying gateway.

If the interface is wireless (i.e. it appears in iwconfig), you can specify the essid with wireless-essid, the type of network (for instance “managed“) with wireless-mode and the WEP key (if any) with wireless-key.

Post a comment | Comments Off

Securing Your Network by Filtering MAC Addresses

tom on November 21st, 2006

Introduction

If you live in the middle of nowhere you probably wonder why you should secure the access to your network. If you’re setting up a company network however, this probably seems obvious to you: you don’t want unwanted access to the network. Even at home, with wireless networks becoming more and more popular, you could very well be concerned by this problem. For instance, if you have a Wifi router at home which connects you to the Internet, chances are that people around you (your neighbours?) are connecting through it to access the Internet via your Internet account.

There are many ways to secure a network, and even more ways to secure a wireless network. In this article we will see how to secure the access to a router by filtering the MAC addresses.

Introduction to MAC addresses

MAC addresses are to network devices what car plates are to cars. Every device in the World which is capable to connect to an Ethernet network has a unique address called a MAC address. This address is burnt into the device itself and cannot be changed (well nothing’s impossible right?). It uniquely identifies the device and its manufacturer.

A MAC address is a sequence of numbers which looks like this:

00-14-38-13-02-35

The first three numbers uniquely identify the company which manufactures the device, and the last three numbers uniquely identify the device made by this company. Each device in the world has a unique MAC address. For instance you probably have a Bluetooth enabled phone, a PDA, a Wifi card, and an Ethernet card at home and they all have unique addresses which identify them. No other cards or devices in the World have the same MAC address.

Basically, manufacturers apply for manufacturers addresses (the first three numbers in the MAC address) and burn them into their devices and cards with a unique address (the last three numbers in the MAC address) which uniquely identify the piece of hardware. When a manufacturer runs out of unique addresses, it applies for a new manufacturers address. These addresses are uniquely assigned to manufacturers by a central organization.

In Linux, you can see the MAC address of your network devices by typing “ifconfig -a”. The MAC address corresponds to the entry called “HWaddr”.

ifconfig -a

You can also see the mac addresses of nearby computers. When you ping a computer, IP (Internet Protocol) sends something called an ARP Request, which basically asks the computer you’re pinging to return his MAC address. Linux keeps a record of recently received MAC addresses which you can access by typing:

arp -a

You can also find out which is the manufacturer of a device by using this website: http://www.coffer.com/mac_find/
For instance, in the MAC address 00-14-38-13-02-35, the manufacturer’s address is 00-14-38 which corresponds to “Hewlett Packard”.

Filtering MAC Addresses

Most routers and Wifi Access Points allow to filter MAC addresses. If you’re ready to buy a router or an access point, make sure it provides this functionality. The way it works is extremely simple, the router keeps a table of allowed MAC addresses, which you can configure (generally through the router’s web interface). When a device or a computer tries to connect to the router to access the Internet or the network, the router checks its MAC address and sees if it is present in its table. If it’s the case it allows the connection, otherwise it refuses it.

Some routers even allow advanced configuration based on MAC address. For instance if you know the MAC address on your child’s computer you may configure the router to forbid him to access porn sites. Similarly you may assign priorities depending on MAC addresses, to make sure your PDA can connect to the Internet effectively even when the computers are busy wasting the bandwidth downloading things via Peer to Peer. The limit to what you can do depends on what level of configuration your router offers.

Warning

It is possible to change the MAC address of a network interface. In fact it has become quite easy. By listening on the network, somebody can intercept ARP calls and change his MAC address to one that is allowed by your router. Most people are not aware of MAC addresses and if people are connecting through your Wifi access point it’s probably simply because its essid appeared on their Windows box. Keep in mind though, that it is possible and easy for somebody to change his MAC address and that you can’t rely on filtering MAC addresses to effectively secure your network.

If you’re using a wireless network, consider using WPA encryption and make sure you’re access point doesn’t broadcast its essid. If you’re using a traditional cabled network simply make sure you close your door when you leave home!

Post a comment | Comments Off

How to Setup a Home Network Using Static Addresses

tom on November 21st, 2006

If you have more than one computer at home, you’ll probably want to set up a network so that they can communicate. This way you’ll be able to share your Internet connection and to transfer files and services between your different computers. Most home networks have two functions: They connect the computers together on the same network and they connect that network to the Internet. The most popular technology to set up home network is called Ethernet and it uses a communication protocol called IP (which stands for “Internet Protocol”). All modern computers now have ethernet or wifi cards and it has become very easy to connect them to the network.

Connectivity

You’ll need some way of connecting your computers together. If you only have two computers and you’re not connected to the Internet, you can simply plug an ethernet crossed cable between them and that’ll do the trick. If you’re using Wifi, you can set up your computers to use ad-hoc and they’ll be “connected” through the air. However in most cases, you’ll want to connect them to a network with 2 or more computers and have the Internet shared on that network. For this, you’ll need a router.

Most routers now support both cable and wifi connections and they also have the ability to share an Internet connection on the network. The best router on the market for personal use is the Linksys WRT54G. Of course if you already have a router, there’s no reason to buy a new one. Plug your computers on the router with straight ethernet cables, plug your Internet connection cable in the router, and make sure both your router and your wifi enabled computers agree on a same name for the wifi network (This is called “essid”).

The Theory

IP Addresses and Netmasks

In order to communicate, computers must be on the same network and be assigned different IP addresses. A typical IP address looks like this 192.168.1.34 and is composed of a series a 4 numbers separated by dots. An IP address contains two pieces of information:
- The network’s identification
- The computer’s identification on that network

The netmask defines which part of the IP address identifies the network, and which part identifies the computer. A typical netmask looks like this: 255.255.255.0. To understand exactly how the netmask works we would have to translate it into binary and do some binary calculations… it’s a bit complex and we’ll look at that in a different article when we’ll address subnetting. For the moment, simply consider that 255 means “network” and 0 means “computer”. A netmask of 255.255.255.0 means that the first three 3 numbers of the IP addresses identify the network and the last one identifies the computer.

In our example we used the IP address 192.168.1.34 with a netmask of 255.255.255.0. This basically means that our computer is number 34 on the network 192.168.1.xxx. If our netmask was 255.255.0.0 then, our computer would be 1.34 on the network 192.168.xxx.xxx.

Remember that two computers can only communicate if they are placed on the same network. For instance, if computer A’s IP address is 192.168.0.23 and computer B’s IP address is 192.168.1.34. With a netmask of 255.255.0.0 they can communicate because they are both on the same network: 192.168.xxx.xxx. However, if their netmask is 255.255.255.0, then they won’t see each other, since A is on network 192.168.0.xxx and B is on network 192.168.1.xxx.

The most common values for netmasks are:
- 255.0.0.0. The networks which use this netmask are called “Class A Networks”.
- 255.255.0.0. The networks which use this netmask are called “Class B Networks”, typically used by ISPs.
- 255.255.255.0 The networks which use this netmask are called “Class C Networks”, typically used by small companies or home networks.

The numbers in a IP address usually range from 1 to 254, so you can basically have 254 computers on a Class C network. For instance, with a netmask of 255.255.255.0 (Class C) and a network address of 192.168.1.xxx you can assign IP addresses from 192.168.1.1 to 192.168.1.254.

In this article we’ll use a Class C network. It should be enough for you unless you have more than 254 computers at home (which is highly unlikely… right?). Our netmask will therefore be 255.255.255.0 and we’ll choose 192.168.1.xxx as our network address.

Routers and Gateways

The basic purpose of a router is to connect networks together. Your Internet access can be considered as an external network which your home network connects to via the router. If this is the case, your router acts a central piece of communication between your computers on the home network but also between your computers and the Internet. Each computer is then connected both to the network and indirectly to the Internet through the router. This means that any request sent by a computer will have to go through the router before going to another computer or to the Internet. As far as the computers are aware, the router acts as a gateway… a default destination to which all requests are sent to be routed to different places.

In this example we’ll use 192.168.1.1 as the IP address for the router. This will therefore be the gateway address set on every computer in our network.

DNS

When you type “google.com” in your navigator, your computer asks a DNS Server (DNS stands for Domain Name Service) to resolve the domain name “google.com” and to return its IP address. The DNS server has a database of domain names and their corresponding IP addresses. If a DNS server doesn’t know about a domain name, it asks another DNS Server. Thanks to these DNS Servers you don’t have to know Google’s IP address by heart to connect to it, and you can simply type its domain name “google.com”. Of course your computer needs to know at least the IP address of one DNS server, so it can know where to ask when a domain name is typed.

In this article we’ll assume your DNS Server IP address is 212.27.32.177. Make sure you know your own DNS Server IP address. In most cases, you can get this information from your Internet Service Provider.

Our network

In this article we’ll consider a sample network made of a router, an Internet access, two laptops and a desktop. To make things things simpler we gave names to our computers and routers:
- The desktop computer is called “Sun” and is plugged to the router via an Ethernet cable.
- The two laptops are called “Pluto” and “Jupiter” and they are connected via Wifi to the essid “galaxy”.
- The router is plugged to “Sun” via an Ethernet cable. It is also plugged to the Internet access cable and it is connected via Wifi to the essid “galaxy”.

We use a “Class C” network with a netmask of 255.255.255.0. Our network address is 192.168.1.xxx and we assign the following IP addresses:

- The router: 192.168.1.1
- Sun: 192.168.1.2
- Jupiter: 192.168.1.3
- Pluto: 192.168.1.4

The schema below illustrates the configuration of the network we’re using in this article:
Network Schema

Let’s do it!

Setting Sun’s IP address

On Sun, we’re using the ethernet card to connect to the router. In most Linux distribution the ethernet card interface is called “eth0″. In order to change its IP address, as root, we type:

ifconfig eth0 192.168.1.2 up

We can then verify that eth0 is using 192.168.1.2 with a netmask of 255.255.255.0 by typing “ifconfig”:

ifconfig

Setting up the Router

By default routers usually come with a default IP address of 192.168.0.1 and a default netmask of 255.255.255.0. In our example we want the router to use 192.168.1.1 so we’ll have to change its IP address. First we’ll need to change our own IP address in order for us to be on the same network as the router… let’s say 192.168.0.2:

ifconfig eth0 192.168.0.2 up

Once this is done, we can connect to the router through its web interface (most routers provide a Web server to allow the user to configure them). Let’s enter http://192.168.0.1 in our web browser. If your ask a password, have a look at the documentation that came with your router. If you own a Linksys WRT54G, the default login is blank and the default password is “admin”. Once you’re in the router’s web interface, go through the configuration and change its IP address to 192.168.1.1. You can then change back your IP address to be on 192.168.1.xxx so you can see the router again:

ifconfig eth0 192.168.1.2 up

We can now connect to the router via the web browser by connecting to http://192.168.1.1. Go through the router’s configuration and set it up according to your needs. Make sure you’re using the right configuration for your Internet access (in most cases the router acts as a DHCP client on the ISP network. You can get the information from your ISP). Make sure your Wifi settings are fine and that your essid is set (in our case it’s “galaxy”). And choose “static” addressing for your home network.

Connecting the laptops via WIFI

In most Linux distributions, the wifi card interface is eth1. However, some distribution use other interfaces such as wlan0 or even ra0. To make sure, you can use the “iwconfig” command, which lists your wireless interfaces:

iwconfig

For our WIFI connection to work, we need to specify its mode and its essid. There are two basic modes for WIFI networks: Ad-Hoc and Managed. In this article we’re using a router and our network is typically managed, our router acts as Wireless Access Point.To set up the mode we type:

iwconfig eth1 mode managed

We can then set up the essid by typing:

iwconfig eth1 essid galaxy

Finally, we check that everything is fine by typing:

iwconfig

We do this on both laptops.

Then, we simply need to assign them an IP address. On Jupiter we type:

ifconfig eth1 192.168.1.3 up

And on Pluto:

ifconfig eth1 192.168.1.4 up

Setting up the default gateway

On each computer (Pluto, Jupiter and Sun) we need to set the router as the default gateway. We want all our requests to go to the router, so we’re using 192.168.1.1 as our default gateway:

route add default gw 192.168.1.1

Once this is done on each computer, they should be able to see each other. We make them ping each other to make sure the network works well.

If a problem occurs, you can see the routing table for a computer by typing:

route

Setting up the DNS

On each computer we need to set up the address of the DNS Server : 212.27.32.177. For this we edit the file /etc/resolv.conf. The file should contain the following:

nameserver 212.27.32.177

To make sure this works, we can query the DNS server for a particular domain name, for instance:

nslookup google.com

Conclusion

That’s it. Your network should work fine now. Of course every network is different and things might not work as expected. If you encounter any problem, please use the forum to ask questions. Good luck.

Post a comment | Comments Off

All About Linux: Ifconfig Analyzed and clarified

tom on November 21st, 2006

“ifconfig–the ubiquitous command bundled with any Unix/Linux OS is used to setup any/all the network interfaces such as ethernet, wireless, modem and so on that are connected to your computer. ifconfig command provides a wealth of knowledge to any person who takes the time to look at its output. Commonly, the ifconfig command is used for the following tasks:

“1) Configuring an interface–be it ethernet card, wireless card, loop back interface or any other. For example, in its simplest form, to set up the IP address of your ethernet card, you pass the necessary options to the ifconfig command as follows…”

Read the Full Story

Post a comment | Comments Off

Custom apache 1.3.37 with mod_perl

tom on November 2nd, 2006

NOTE: This is a work in progress and is not considered complete. It may be entirely wrong. It is a discovery for me.
I’ve recently had the need to create a dedicated server that would handle all of my intense CGI script requests.

Since I’ve never custom built an apache config before, especially without PHP (I’m a PHP addict, LAMP), it has been rough.

The following is a simple guide on how to do this… If you have any issues feel free to register and post comments.

You should be in a folder where you want to download the source file tars to. I used /home/username

The first step was to download mod_perl.

Read the rest of this entry »

Post a comment | Comments Off

My linux web server is really slow

tom on November 1st, 2006

Recently I noticed one of my new dedicated servers serving pages being somewhat sluggish.

Being that this was a brand new generic production server, it may not have been optimized. So I decided to dive in and take a look at the resolver…

Read the rest of this entry »

Post a comment | Comments Off