Linux Help

Linux Help

[Kev]

Hi,

I'm new to Linux, so i'm paling to install a gateway, with the following,

1. Firewall
2. DNS
3. DHCP
4. SMTP (relay only)
5. Email Virus Scaning
6. Gray Listing (email)
7. NAT
8 Web Cashing
9. Web Based Configuration tool for all above.

can any one tell me the best Linux version to use, (RedHat, Debian, etc)
and the software i can use, like DNS = BIND, some thing simple to use...

the Box will be a P2 with 256MB ram but if i can get it to work on a P1
166Mhz that would be great....

thanks
Kev
------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Linux Help

[Jens Knoell]

Hi Kev

I won't recommend any specific distro, as that's pretty much a religious 
decision ;)

But...

Kev wrote:

>Hi,
>
>I'm new to Linux, so i'm paling to install a gateway, with the following,
>
>1. Firewall
>  
>
that's built into the Linux kernel, no matter what distro.

>2. DNS
>  
>
I'd go with Bind. There are others, but they've even been worse than 
Bind IMO. However, make sure it's configured as restrictive as possible 
- DNS has some protocol specific security issues.

>3. DHCP
>  
>
No idea

>4. SMTP (relay only)
>  
>
QMail or Sendmail should both do the job just fine. If you are only 
relaying anyway, you could however just set up SpamAssassin.

>5. Email Virus Scaning
>  
>
AMaViS

>6. Gray Listing (email)
>  
>
Errr... what?

>7. NAT
>  
>
Comes with the Linux kernel, it's more or less built into the firewall code.

>8 Web Cashing
>  
>
Squid

>9. Web Based Configuration tool for all above.
>  
>
Webmin (comes with most distros, AFAIK)

>the Box will be a P2 with 256MB ram but if i can get it to work on a P1
>166Mhz that would be great....
>  
>
Should work fine on a P1/166. Depends on how complex your firewall rules 
are, and the amout of mail you want to process. Mail Virus Scanning is 
rather CPU intensive.


Hope this helps
Jen

Re[2]: Linux Help

[Kev]

wow, thanks for the comple info....

>--> >6. Gray Listing (email)
>--> Errr... what?

Greylisting (www.greylisting.org) is a new technique to slow the spread of spam, The
technique simply delays the mail 300 seconds and forced the original
mail server to attempt redelivery.  Spammers will generally never
attempt redelivery so their mail messages will not get through.  Once
the greylisting process is complete future email messages from the
usernames/ip will immediately be delivered to the destination.




On Mon, 19 Jul 2004 11:46:13 -0600
Jens Knoell <jens@surefoot.com> wrote:

>--> Hi Kev
>--> 
>--> I won't recommend any specific distro, as that's pretty much a religious 
>--> decision ;)
>--> 
>--> But...
>--> 
>--> Kev wrote:
>--> 
>--> >Hi,
>--> >
>--> >I'm new to Linux, so i'm paling to install a gateway, with the following,
>--> >
>--> >1. Firewall
>--> >  
>--> >
>--> that's built into the Linux kernel, no matter what distro.
>--> 
>--> >2. DNS
>--> >  
>--> >
>--> I'd go with Bind. There are others, but they've even been worse than 
>--> Bind IMO. However, make sure it's configured as restrictive as possible 
>--> - DNS has some protocol specific security issues.
>--> 
>--> >3. DHCP
>--> >  
>--> >
>--> No idea
>--> 
>--> >4. SMTP (relay only)
>--> >  
>--> >
>--> QMail or Sendmail should both do the job just fine. If you are only 
>--> relaying anyway, you could however just set up SpamAssassin.
>--> 
>--> >5. Email Virus Scaning
>--> >  
>--> >
>--> AMaViS
>--> 
>--> >6. Gray Listing (email)
>--> >  
>--> >
>--> Errr... what?
>--> 
>--> >7. NAT
>--> >  
>--> >
>--> Comes with the Linux kernel, it's more or less built into the firewall code.
>--> 
>--> >8 Web Cashing
>--> >  
>--> >
>--> Squid
>--> 
>--> >9. Web Based Configuration tool for all above.
>--> >  
>--> >
>--> Webmin (comes with most distros, AFAIK)
>--> 
>--> >the Box will be a P2 with 256MB ram but if i can get it to work on a P1
>--> >166Mhz that would be great....
>--> >  
>--> >
>--> Should work fine on a P1/166. Depends on how complex your firewall rules 
>--> are, and the amout of mail you want to process. Mail Virus Scanning is 
>--> rather CPU intensive.
>--> 
>--> 
>--> Hope this helps
>--> Jen
>--> -
>--> To unsubscribe from this list: send the line "unsubscribe linux-admin" in
>--> the body of a message to majordomo@vger.kernel.org
>--> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>--> 

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Re[2]: Linux Help

[Adam Lang]

You do realize that on the site you just linked, they have a big link on the
left named "implementations"?  You could have answered your own question. ;)

----- Original Message ----- 
From: "Kev" <savage-garden@hanikamail.com>
To: "Jens Knoell" <jens@surefoot.com>
Cc: <linux-admin@vger.kernel.org>
Sent: Monday, July 19, 2004 1:53 PM
Subject: Re[2]: Linux Help


> wow, thanks for the comple info....
>
> >--> >6. Gray Listing (email)
> >--> Errr... what?
>
> Greylisting (www.greylisting.org) is a new technique to slow the spread of
spam, The
> technique simply delays the mail 300 seconds and forced the original
> mail server to attempt redelivery.  Spammers will generally never
> attempt redelivery so their mail messages will not get through.  Once
> the greylisting process is complete future email messages from the
> usernames/ip will immediately be delivered to the destination.

Re[4]: Linux Help

[Kev]

>--> You do realize that on the site you just linked, they have a big link on the
>--> left named "implementations"?  You could have answered your own question. ;)

hehehe.... i know 

i was just saying what i will be running on the server, i was asking if
i can run all that on a P1/166Mhz


On Mon, 19 Jul 2004 14:02:24 -0400
"Adam Lang" <aalang@rutgersinsurance.com> wrote:

>--> You do realize that on the site you just linked, they have a big link on the
>--> left named "implementations"?  You could have answered your own question. ;)
>--> 
>--> ----- Original Message ----- 
>--> From: "Kev" <savage-garden@hanikamail.com>
>--> To: "Jens Knoell" <jens@surefoot.com>
>--> Cc: <linux-admin@vger.kernel.org>
>--> Sent: Monday, July 19, 2004 1:53 PM
>--> Subject: Re[2]: Linux Help
>--> 
>--> 
>--> > wow, thanks for the comple info....
>--> >
>--> > >--> >6. Gray Listing (email)
>--> > >--> Errr... what?
>--> >
>--> > Greylisting (www.greylisting.org) is a new technique to slow the spread of
>--> spam, The
>--> > technique simply delays the mail 300 seconds and forced the original
>--> > mail server to attempt redelivery.  Spammers will generally never
>--> > attempt redelivery so their mail messages will not get through.  Once
>--> > the greylisting process is complete future email messages from the
>--> > usernames/ip will immediately be delivered to the destination.
>--> 
>--> -
>--> To unsubscribe from this list: send the line "unsubscribe linux-admin" in
>--> the body of a message to majordomo@vger.kernel.org
>--> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>--> 

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Re[4]: Linux Help

[Glynn Clements]

Kev wrote:

> i was just saying what i will be running on the server, i was asking if
> i can run all that on a P1/166Mhz

It depends upon the amount of network traffic.

Networking daemons (and the IP filtering code) only consume CPU time
when they're actually doing something, and the amount of CPU time used
is roughly proportional to the amount of work they have to do.

Try it. If the load average is consistently high, you need a faster
CPU. If the hard disk is always busy, you need more RAM. If the box is
mostly idle but it still seems too slow, you need a faster Internet
connection.

-- 
Glynn Clements <glynn.clements@virgin.net>

Re[6]: Linux Help

[Kev]

Hi guys...

i'm going to do the follwing as a 1st step,

i got a Debian 3 (woody) basic 1 CD and i'm going to have postfix as the
SMTP relay.... the BOX is a Cyrix 233Mhz with 64MB ram, (Compaq Presario)
4GB HDD with 2 Lan Cards

i'm going to install Webmin 1.5, and also DHCP for Debian that comes
with Debian (on the web site) 

do you gusy thing i can do this with a basic Debian instalation or
should i download all other CD's from the site ? now the commands like
setup on Redhat dont work, how come ? do i need to install any thing
else ?

leter on i'm going to install a 2nd HDD and Squid and BIND and some AV
for the email relay, and the RAM to 256MB.

if any one can give me the basic how to do this, or a link to some sites
(Linux for Dummies :-)

i know i sound really dumb, well i really dont know much about linux
sorry !!! 






On Tue, 20 Jul 2004 00:07:44 +0100
Glynn Clements <glynn.clements@virgin.net> wrote:

>--> 
>--> Kev wrote:
>--> 
>--> > i was just saying what i will be running on the server, i was asking if
>--> > i can run all that on a P1/166Mhz
>--> 
>--> It depends upon the amount of network traffic.
>--> 
>--> Networking daemons (and the IP filtering code) only consume CPU time
>--> when they're actually doing something, and the amount of CPU time used
>--> is roughly proportional to the amount of work they have to do.
>--> 
>--> Try it. If the load average is consistently high, you need a faster
>--> CPU. If the hard disk is always busy, you need more RAM. If the box is
>--> mostly idle but it still seems too slow, you need a faster Internet
>--> connection.
>--> 
>--> -- 
>--> Glynn Clements <glynn.clements@virgin.net>
>--> 

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.linux-learn.org/faqs

Re: Re[6]: Linux Help

[Sascha Retzki]

Am Di, 2004-07-20 um 17.20 schrieb Kev:
> Hi guys...
> 
> i'm going to do the follwing as a 1st step,
> 
> i got a Debian 3 (woody) basic 1 CD and i'm going to have postfix as the
> SMTP relay.... the BOX is a Cyrix 233Mhz with 64MB ram, (Compaq Presario)
> 4GB HDD with 2 Lan Cards
> 
> i'm going to install Webmin 1.5, and also DHCP for Debian that comes
> with Debian (on the web site) 
> 
> do you gusy thing i can do this with a basic Debian instalation or
> should i download all other CD's from the site ? 

I think so, firewall, dns, dhcp, smtp, squid should really be there.

> now the commands like
> setup on Redhat dont work, how come ? do i need to install any thing
> else ?
> 

RedHat may use scripts to "help" you that just work on Red Hat. tldp.org
and similar offer the "everywhere-working" Documents :)

> leter on i'm going to install a 2nd HDD and Squid and BIND and some AV
> for the email relay, and the RAM to 256MB.
> 
> if any one can give me the basic how to do this, or a link to some sites
> (Linux for Dummies :-)
> 

tldp.org :) .. or google.com/linux

> i know i sound really dumb, well i really dont know much about linux
> sorry !!! 
> 
> 
> 

Everybody is new sometimes. Nice that you ask for documentation-sites ;)

> 
> 
> 
> On Tue, 20 Jul 2004 00:07:44 +0100
> Glynn Clements <glynn.clements@virgin.net> wrote:
> 
> >--> 
> >--> Kev wrote:
> >--> 
> >--> > i was just saying what i will be running on the server, i was asking if
> >--> > i can run all that on a P1/166Mhz
> >--> 
> >--> It depends upon the amount of network traffic.
> >--> 
> >--> Networking daemons (and the IP filtering code) only consume CPU time
> >--> when they're actually doing something, and the amount of CPU time used
> >--> is roughly proportional to the amount of work they have to do.
> >--> 
> >--> Try it. If the load average is consistently high, you need a faster
> >--> CPU. If the hard disk is always busy, you need more RAM. If the box is
> >--> mostly idle but it still seems too slow, you need a faster Internet
> >--> connection.
> >--> 
> >--> -- 
> >--> Glynn Clements <glynn.clements@virgin.net>
> >--> 
> 
> ------- 
> Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
> PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
> http://www.orbitsl.net
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-admin" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 
> 

Re: Linux Help

[chuck gelm]

Uh, I like bottom posting and removing unnecessary lines.
Kev wrote:
> I have installed Debina with out my LAN cards (Realtec) i did add the
> cards after the Denian installation, now i cant seem to get Debian to
> detect them :(

What did you do and how did it fail?

Rheorical:

  How does hardware detection fall into administration?
  I would have posted this topic on linux-newbie.

> On Tue, 20 Jul 2004 18:42:44 +0200
> Sascha Retzki <lantis@iqranet.info> wrote:

>>--> Am Di, 2004-07-20 um 18.27 schrieb Kev:
>>--> > how can you make Debian Detect hardware after the installation ?
>>--> 
>>--> This question is ( among many other debian-specific questions ) covered
>>--> by their documentations, but ok :)

>>--> "detect" hardware .. hm .. first of, /etc/modules is a
>>--> one-modulename-per-line file is loaded at boottime, so this is the place
>>--> where you put the module-names in ( without the path or the .o ). The
>>--> detection is imho manually done with debian. Tip is to use modprobe
>>--> instead of isnmod to load dependencies of modules, use lspci -v to find
>>--> out all pci/Isa/... adapters and chipnames in your computer ... . Linux
>>--> module-names are named after chipsetname, not that what the vendor tries
>>--> to tell you on the cage ;) ... .

modprobe 8139too

HTH, Chuck

Re: Linux Help

[joy]

Sascha Retzki wrote:

>Am Di, 2004-07-20 um 17.20 schrieb Kev:
>  
>
>>Hi guys...
>>
>>i'm going to do the follwing as a 1st step,
>>
>>i got a Debian 3 (woody) basic 1 CD and i'm going to have postfix as the
>>SMTP relay.... the BOX is a Cyrix 233Mhz with 64MB ram, (Compaq Presario)
>>4GB HDD with 2 Lan Cards
>>
>>i'm going to install Webmin 1.5, and also DHCP for Debian that comes
>>with Debian (on the web site) 
>>
>>do you gusy thing i can do this with a basic Debian instalation or
>>should i download all other CD's from the site ? 
>>    
>>
>
>I think so, firewall, dns, dhcp, smtp, squid should really be there.
>
>  
>
How about Courier for the smtp part?
As Kev said a web based config would be nice and courier  comes with
courier  webadmin - nice thing to get your setup up and running.
and it some graylisting facilities as well

Joy.M.M

Re[2]: Linux Help

[Kev]

Hiii guys................


i'm having pro with LAN cards on my Debian BOX, i did the installation 2-3 times but still fail to up the network but i can see form "lspci -v" that the card was detect,

Realtek 8139 both card;s are the same.... maybe a conflict ?

plz help



On Wed, 21 Jul 2004 08:39:21 +0530
joy <gracecott@sancharnet.in> wrote:

> Sascha Retzki wrote:
> 
> >Am Di, 2004-07-20 um 17.20 schrieb Kev:
> >  
> >
> >>Hi guys...
> >>
> >>i'm going to do the follwing as a 1st step,
> >>
> >>i got a Debian 3 (woody) basic 1 CD and i'm going to have postfix as the
> >>SMTP relay.... the BOX is a Cyrix 233Mhz with 64MB ram, (Compaq Presario)
> >>4GB HDD with 2 Lan Cards
> >>
> >>i'm going to install Webmin 1.5, and also DHCP for Debian that comes
> >>with Debian (on the web site) 
> >>
> >>do you gusy thing i can do this with a basic Debian instalation or
> >>should i download all other CD's from the site ? 
> >>    
> >>
> >
> >I think so, firewall, dns, dhcp, smtp, squid should really be there.
> >
> >  
> >
> How about Courier for the smtp part?
> As Kev said a web based config would be nice and courier  comes with
> courier  webadmin - nice thing to get your setup up and running.
> and it some graylisting facilities as well
> 
> Joy.M.M
> -
> To unsubscribe from this list: send the line "unsubscribe linux-admin" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 

------- 
Web Hosting at cheep price, stating at $1 per moth with your own domain, .COM, .NET, .LK, .ORG etc..
PHP, CGI, Perl, MySQL, Cpanel 9, POP3, POP3s, SMTP, IMAP, FTP,
http://www.orbitsl.net

Re: Re[4]: Linux Help

[Jeff Largent]

Glynn,
  I'll let you correct me if I'm wrong, but isn't ip filtering also a
memory requirement?  I'm thinks specifically of connection tracking. 

Jeff

On Mon, 2004-07-19 at 19:07, Glynn Clements wrote:
> Kev wrote:
> 
> > i was just saying what i will be running on the server, i was asking if
> > i can run all that on a P1/166Mhz
> 
> It depends upon the amount of network traffic.
> 
> Networking daemons (and the IP filtering code) only consume CPU time
> when they're actually doing something, and the amount of CPU time used
> is roughly proportional to the amount of work they have to do.
> 
> Try it. If the load average is consistently high, you need a faster
> CPU. If the hard disk is always busy, you need more RAM. If the box is
> mostly idle but it still seems too slow, you need a faster Internet
> connection.

Re: Re[4]: Linux Help

[Glynn Clements]

Jeff Largent wrote:

>   I'll let you correct me if I'm wrong, but isn't ip filtering also a
> memory requirement?  I'm thinks specifically of connection tracking. 

All of them have memory requirements. Connection tracking is probably
going to be the least significant of those, although, unlike
user-space daemons, it requires physical RAM rather than swap. Even
so, connection tracking needs an extra few bytes per connection,
whereas a daemon which forks for each connection may require a few
hundred Kb or more per connection.

-- 
Glynn Clements <glynn.clements@virgin.net>

Re: Re[4]: Linux Help

[Jeff Largent]

Glynn,
   Thats good to know, for some reason I have always been under the
impression that connection tracking could have a significant memory
requirement.


Jeff

On Wed, 2004-07-21 at 15:02, Glynn Clements wrote:
> Jeff Largent wrote:
> 
> >   I'll let you correct me if I'm wrong, but isn't ip filtering also a
> > memory requirement?  I'm thinks specifically of connection tracking. 
> 
> All of them have memory requirements. Connection tracking is probably
> going to be the least significant of those, although, unlike
> user-space daemons, it requires physical RAM rather than swap. Even
> so, connection tracking needs an extra few bytes per connection,
> whereas a daemon which forks for each connection may require a few
> hundred Kb or more per connection.

Re: Re[4]: Linux Help

[Glynn Clements]

Jeff Largent wrote:

> > >   I'll let you correct me if I'm wrong, but isn't ip filtering also a
> > > memory requirement?  I'm thinks specifically of connection tracking. 
> > 
> > All of them have memory requirements. Connection tracking is probably
> > going to be the least significant of those, although, unlike
> > user-space daemons, it requires physical RAM rather than swap. Even
> > so, connection tracking needs an extra few bytes per connection,
> > whereas a daemon which forks for each connection may require a few
> > hundred Kb or more per connection.
> 
>    Thats good to know, for some reason I have always been under the
> impression that connection tracking could have a significant memory
> requirement.

It's potentially significant for a *router* which may be tracking a
substantial number of connections with minimal RAM.

Bear in mind that a basic router (or a router with only stateless
filtering) requires zero bytes per connection: routers deal with
packets rather than connections, and once a packet has been sent, it
(and any memory associated with it) is gone for good.

In that sense, even a few bytes per connection is an increase by a
factor of infinity over zero bytes per connection.

But, unless you're talking about a router which might have to track
tens of thousands of outstanding connections, or one which has very
little RAM, then it probably isn't significant.

-- 
Glynn Clements <glynn.clements@virgin.net>