NetworkKwikis
Here are some helpful kwikis for running or using Linux with computer networks.
Be sure to also check the ArchLUG Kwiki page for kwikis that may be specific to your distribution of Linux.
Checking your bandwidth
- http://www.2wire.com/ (ADSL: 1307.7 Kbps)
- http://www.bandwidthplace.com/speedtest/ (ADSL: 1.2 Mbps)
- http://www.pcpitstop.com/internet/Bandwidth.asp (ADSL: 1521 Kbps)
- IPv6
HOWTO : Linux+ IPv6 - HOWTO
- TrafficShapingKwikis
- Linux Network & Server Setup Guides
- Manufacturer to Network Card Cross-Reference
Monitoring Missouri Research and Education Network (MOREnet)
The Missouri Research and Education Network ( MOREnet) provides Internet connectivity, access to Internet2, technical support, videoconferencing services and training to Missouri's K-12 schools, colleges and universities, public libraries, health care, state government and other affiliates.
Real-World VPN Tunnels
- For SSH tunnels, see SSH Tunnels
- For GRE ( IPsec) tunnels, see GRE Tunnels
SPF - Sender Permitted From
- cuts spam and
- stops email address forgery
- when domain owners designate sending mail exchangers in DNS, so that
- SMTP servers can distinguish legitimate mail from spam
- by verifying sender domain against client IP
- before any message data is transmitted.
SMTP has a security hole: any connecting client can assert any sender address. This flaw has been exploited by spammers to forge mail. Close the hole, and we can easily block spammers by sender domain.
I am a system administrator. How do I implement SPF?
I am a manager. Give me the executive summary.
Port forwarding using netcat and inetd
This involves setting up a listening 'netcat' ( ArchLUG - LinuxByExample : netcat ) as the application, and uses 'inetd' ( ArchLUG - LinuxByExample : inetd ) to bind it to a specific port and then forwarding the connection onwards to the ip and/or port where you want it to go. The configuration entry for 'inetd' looks something like this:
service geofwd
{
flags = REUSE
socket_type = stream
wait = no
user = root
server = /usr/bin/nc
server_args = 192.168.124.38 1005
log_on_failure += USERID
}
If you use SSH from a GUI, you might like the following "launcher" applet for KDE, KSSH: http://kssh.sourceforge.net/. See also ArchLUG - LinuxByExample : ssh
Getting IP addresses from ifconfig
You can use 'ifconfig' to lookup IP addresses bound to your computer. If you do not want to search the output from ifconfig, use the following command to get just the IP listing:
ifconfig | awk '/inet/{print $2}' | awk -F: '{print $2}'
Whois Services
- ARIN - American Registry for Internet Numbers
- AfriNIC - African Network Information Center
- AfriNIC Whois - Not operational
- APNIC - Asia Pacific Network Information Center
- LACNIC- Latin American and Caribbean Internet Addresses Registry
- RIPE - Réseaux IP Européens
Q: How do I find the technical and/or administrative contacts for a website?
- I've tried 'nslookup' ( ArchLUG - LinuxByExample : nslookup ), but it only returns the ip of the server.
A: Use 'whois' ( ArchLUG - LinuxByExample : whois ), like this:
whois -h whois.arin.net website.you.are.looking.up
Depending on where it is located, you might have to follow that with some more whois commands to get more details.
How to setup your own DNS root server
Static route the 13 root server IPs to your own nameserver. Then you can run an unmodified copt of the legacy root zone on your own nameserver and the US government root servers can be backhoed or DDOS'd and you wouldn't even notice.
ISP's are starting to figure this out, especiallly ones with expensive longhaul connections.
Or, you can modify your nameserver to declare youtself primary for the root zone (which you've dutifully downloaded) and edit out the declarations for "." in the legacy root zone.
Or you can use the ORSC root zone. If it's good enough for two ICANN board members, it's good enough for you.
Whatever you do, for God's sake dump bind and use DJBDNS. It really is so much better it's just not funny.
User restarts for your network interfaces
Just make this little script executable and place it somewhere in everyone's path. I recommend /usr/local/bin/
#!/bin/sh kdialog --title 'Internet Restart' --yesno 'Do you want to restart your internet connection?' result=$? if [ 0 == $result ]; then kdialog --passivepopup 'Resetting Internet Connection ...' 2 & sudo /sbin/ifdown eth0 sleep 2 sudo /sbin/ifup eth0 kdialog --msgbox 'Internet Connection reset.' fi
Then, add the following to your /etc/sudoers file.
%users ALL=NOPASSWD:/sbin/ifdown eth0 %users ALL=NOPASSWD:/sbin/ifup eth0
Now, for the users, you can simply create a shortcut to the script, give it whatever icon, and they can restart the network interface any time they like.
I have found this particularly useful on a system where the NE2000 (ne2k_pci) module in the 2.6 kernel seems to "lose" the interface after inactivity.
|
|