Monday, September 20, 2010

Setting up DNS in Ubuntu 10.04 LTS Lucid Lynx

The DNS setup is also a starignt forward job in Ubuntu 10.04 LTS. Like all other major distributions like Redhat Enterprise Linux, Ubuntu distributions also use the /etc/resolv.conf file for DNS resolving.

To cause your machine to consult with a particular server for name lookups you simply add their addresses to /etc/resolv.conf.

Open the /etc/resolv.conf file in your favoirite editor and specify the DNS server in it.
               # sudo vi /etc/resolv.conf
               
               search example.com
               nameserver 192.168.10.1
Here 192.168.10.1 is my DNS server in my example.com domain. Now if your server does not have the file resolv.conf in your /etc directory, dont worry you can simply create it and edit it as above.
       # touch /etc/resolv.conf
Similarly you can assign static lookups in your /etc/hosts file.

             # sudo vi /etc/hosts

             #
 
              192.168.10.100 test test.example.com

If you specify these host explicitely in the /etc/hosts file then the domain name rsolution will takes place fastly.
Posted by at No comments:
Labels:

Setting hostname in Ubuntu 10.04 LTS

In my last post i have described how to configure network in Ubuntu 10.04 LTS in bare metal form. Now we will check how to configure hostname in Ubuntu based distributions. First of all let me asure that the process of seting up hostname is very straight forward in Ubuntu 10.04 LTS.


You can directly query or set the hostname with the "hostname" command.
The current hostname can be viewed using:
             # sudo /bin/hostname
To set hostname you can use the command:
                     # sudo /bin/hostname demo.demoserver.in
NOTE: Need not to say that you should change the hostname from demo.demoserver.in to your requirements.
While rebooting Ubuntu based distributions will read the hostname from /etc/hostname file.
So you can open the file /etc/hostname in your favourite editor and specify the hostname there to make the change persistant.
                # sudo vi /etc/hostname

             # specify your hostname here.
              demo.demoserver.in
Posted by at No comments:
Labels:

Network Interface Configuration in Ubuntu 10.04 LTS Lucid Lynx

Normally all the users will create and configure their network while installing the Operating System Itself. However here I am post the process of configuring the network using command line in Ubuntu 10.04 LTS Lucid Lynx. You can also configure network using GUI utilities in Ubuntu 10.04 LTS such as network-admin or else your famous ifcfg command etc.

Here I am following the bare metal method and will edit the main network configuration files for providing the network information. The main network configuration file of any Ubuntu based distribution is the "/etc/network/interfaces" file. Just open the file in your favourite editor and start configuring it as follows.

Read more »
Posted by at No comments:
Labels: ,

Wednesday, August 4, 2010

Tips for secure SSH connection to remote servers

Some tips for secured SSH connection to remote servers. 


Also please go through my previous posts for detailed howto.

  • Use only SSH V2 -- V1 is vulnerable to compromise. On Linux, this is usually done by default and managed in your /etc/ssh/sshd_config file by the Protocols option.
  • Don't allow root or Administrators to log in directly. Only normal users should be allowed to log in and then if required they can escalate their privileges by using su or sudo. On Linux this is controlled, again in the sshd_config file, by the PermitRootLogin option.
  • Ensure you use suitable authentication, for example passwords or keys.
  • Try to avoid using port 22 for your SSH connections. Automated brute force attack tools are commonly used by attackers to scan port 22 and try to brute usernames and passwords. Changing the port to something else, for example 2222, is a quick and simple way of reducing this risk.
  • lternatively, if you must use port 22, you can use tools like BlockSSHD or Fail2Ban to block excessive or inappropriate login attempts.
  • Ensure you have configured suitable logging of your SSH daemon and that you review your logs for illicit login attempts. Ttools like Swatch and SEC can assist with this.
  • Only bind SSH to the addresses required. If you have multiple interfaces in your host, for example an interface on your internal network and another on an external network such as the Internet, then only bind the daemon to the interface through which you need to connect. This is controlled on Linux using the ListenAddress option.
These are some general tips and how to implement these depends on the platform you are using. Anyway I hope this helps.
Posted by at No comments:
Labels: ,

Monday, August 2, 2010

Things I do not like about Ubuntu LTS 10.04

The new Ubuntu 10.04 release is a great release and it is really a task to find things you dislike. Anyhow no operating system is perfect and this one also has some flaws. But now itself I am telling you that this is from my point of view and my dislikes may not be your dislikes!!!!
  • The new themes
Well the first thing I dislike about the Ubuntu 10.04 LTS is its new themes. These new themes do nothing but set back the looks of the previous versions. Ok, these themes must be on account of the GNOME 3.0 but the default theme selected is, according to my opinion, is a great mistake. This is also coming on the heels of the rumors of the possible inclusion of RGB support in the GTK widgets, which would have enabled real transparency in all widget sets. This did not happen (and is still not happening). My concern is that most new users will install 10.04 and have trouble getting beyond the default themes.
Read more »
Posted by at No comments:
Labels:

Thursday, July 29, 2010

Things I love about Ubuntu 10.04 LTS Lucid Lynx

The things I Love and Hate about the new Ubuntu 10.0.4 Lucid Lynx.
  • GNOME 2.30
This is the final 2.x release before the major upgrade to 3. This will be the last time you will see the GNOME 2.X in Ubuntu flavor. For me it is fantastic. GNOME 3 will be a graceful successor to GNOME 2.x. In fact, I can promise that GNOME 3 will succeed where KDE 4 failed — in being a useful desktop upgrade right out of the starting gate.

  • HAL begone
Ubuntu 10.04 has done away with HAL (Hardware Abstraction Layer) during the boot process. This means that 10-second boot time has finally arrived. Hence the 10 second booting can be achieved in a charming way. The removal of HAL also drastically speeds up resume-from-suspend times for those of you in laptop land.
Read more »
Posted by at No comments:
Labels:

Friday, June 4, 2010

The system-config-firewall

secuThe firewall rules in the kernel can be configured by using iptables since 2.4 kernel. There are number of tools for configuring the firewall like command line tool, Shorewall, and a number of other GUIs. The default firewall configuration tool in Fedora systems is called “Firewall Configuration”, which can be accessed from Systemà Administration à Firewall in GNOME or from command line via, “system-config-firewall”.

This GUI allows you to set which services are allowed to be accessed via the Internet using a very simple interface. It defines a set of trusted services to be configured. To allow access, you simply need to check the box next to the entry. Each entry lists the service name, the port and protocol, and any additional iptables modules it uses. So if you wanted to allow Samba access to the system, you would check off the box next to the Samba and Samba Client service as in figure below.
Read more »
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)