Personal      Links/Resources       
homesite map

Home
Command-Line
Encarta
Exchg and Outlook
PDAs
Windows Tips
NT Tips
Win2000 and XP Tips
Registry
FrontPg Extensions
DataBase
Router Info
IE tips and tools
Linux
Wireless
Home Owner Protection
Keep Spam in check
Windows XP tips
Win Processes

Back to the Norris Home Page

 

A nice site for downloading all of the ISO images for various Linux flavors.

Run Microsoft Office on Linux with CrossOver Office.

The Wine project allows Windows programs to run on top on Linux.

The LinuxHardware.org site is dedicated to harware information for Linux users.

Open Office is a office suite for the Linux world.

SourceForge has a variety of open source software available.

Lindows is working on a Linux OS that will run Windows apps.

rdesktop is a program that will allow Linux clients to run a Terminal services session inside an Xwindow.

Linux Journal is a nice resource and has an excellent comparison of the various Linux distributions.

Webmin is an excellent Linux admin tool that is administered through a web browser.

Check out the top 50 security tools on the insecurity web site... many are Linux based.

Linuxsecurity.com is a nice Linux security site.

Slow downloading.... purchase a cheap CD of Linux here

Nice Linux Site with current news

BUILD A FLOPPY-BASED ROUTER/FIREWALL WITH FREESCO
Freesco is an open source router/firewall solution with small hardware
requirements and minimal administrative overhead. It's perfect for your
small IT budget. Here's how to get it up and running.
 

TUTORIAL
 --Secure Installation and Configuration of Apache 1.3.x Web Server
(14 May 2003)
This article provides step-by-step instructions for installing and
configuring the Apache 1.3.x Web server.  Advice includes enabling only
necessary modules, chrooting the server and configuring the software so
that its version number is hidden.
http://www.securityfocus.com/infocus/1694  
 

Terminal Server On Linux?

The client is aptly named "rdesktop". The developer is a fellow in Australia named Matt Chapman.

Usage: rdesktop [options] server
-u: user name
-d: domain
-s: shell
-c: working directory
-p: password (autologon)
-n: client hostname
-k: keyboard layout (hex)
-g: desktop geometry (WxH)
-f: full-screen mode
-b: force bitmap updates
-e: disable encryption (French TS)
-m: do not send motion events
-l: do not request license
 

The -l option is interesting, in that it doesn't request a license from the terminal server itself. With the use of some scripting, you could have the Red Hat box boot up, logon and start the rdesktop client all without the user doing anything. Once the client is started in full screen mode you really can't tell that your aren't on a Windows machine; even Ctrl-Alt-Del works. It really is a slick client and could potentially save you quite a bit of money.

If you run rdesktop, you will, at a minimum, save on one Windows license. Potentially more if you also used Sun's StarOffice. In either case, rdesktop is a pretty good implementation of the terminal server client and if you are using Linux, it will give you a way to connect to your MS server. You can download it here:
http://www.w2knews.com/rd/rd.cfm?id=020214TB-rdesktop

Download RedHat RPM's :

FreshRpms   or their RedHat Linux rpms are here.

RPMfind.net has a nice site for locating RH programs

RedHat Mirror sites can be found here

Improve your Linux security: Stop unnecessary services

 
Although the default installation scripts that come with various Linux distribution CDs make it easy to install Linux, they also add a vast number of services to your system, which, at best, you’ll probably never use, or at worst, leave ports open to external break-ins. The more services that are running, the more ports that will be left open to intruders. So to protect your system, it’s best to turn off any unnecessary services.

Find which services are running
Before you can decide which services are unnecessary, you need to know which services are running. To find out, run netstat.
 



First, open a terminal window and use su  to switch to root. Then enter the command # netstat –tap > listening.services, followed by the command # less listening.services.

These commands will display a list of all services that are currently running with a State of LISTEN. Also listed are the PIDs of the services and the names of the programs that started the services.

In general, if you can’t identify a service that is listed, you probably don’t need it. If it is not obvious from the netstat output what a service is, use the ps, find, grep, or locate command to find more information about the program or its specific PID. Also check /etc/services for an unfamiliar service name or port number.

System services are started by init scripts which are found in /etc/init.d/ (or for some distributions, including Red Hat, in /etc/rc.d/init.d/). Use ls on this directory to get a listing of these scripts.

Decide which services to turn off
Since I plan to use my Linux system as a stand-alone desktop with access to the Internet, I should first check to see if any of the services listed in Table A are active.
Table A
 

Commonly installed services that should not be run over the Internet
Service Recommendations
NFS (Network File System) and related services: nfsd, lockd, mountd, statd, portmapper, etc. NFS is the standard UNIX service for sharing files across a network. It should be used only for sharing files over LANs, not the Internet. NFS should never be turned on in a standalone system.
r* services: rsh, rlogin, rexec, rcp etc. These will be listed in netstat output without the r (rlogin will be listed as login). If needed, use ssh instead.
telnet server Use sshd instead.
ftp server Use only with a dedicated ftp server that can be monitored and secured. For other file exchange, use scp or http.
BIND (named), DNS Server package This service is required only for systems acting as authoritative name servers for a domain. They should be restricted or placed behind a firewall when used over the Internet.
Mail Transport Agent: sendmail, exim, postfix, qmail Such services are not needed on standalone computers that will be using an ISP’s POP server instead of directly receiving mail from Internet hosts. For receiving mail directly from other hosts on your LAN, enable these services only after firewall and access polices are in place. 


For example, netstat reported that the services login and shell as currently running. As I note in Table 1, these are actually rlogin and rsh and should be turned off. The telnet and ftp daemons listed are servers that accept incoming connections to the machine. Again, because this is a stand-alone system, I should turn these services off. I can always use an ftp or telnet client when I need to download files or telnet over the Internet. The netstat command also reported that the http server is running, which is required by some distributions to access online documentation. If I intend to keep this service running, I will need to check that it is not accessible from outside the system.

A print server also is running. Print servers can hold ports open if printing is done over a network. Since my printer is physically attached to the machine, it’s safe to keep the printer daemon running. I will also keep /X,  the portable network-transparent window system that collects and distributes user input for client programs. If my system were to be used as a dedicated server, /X would be unnecessary and would be turned off.

Turn off the unnecessary services
Once you have decided which services are unnecessary, you can begin turning them off. It’s a good idea to turn off one service, and then run your system for a while without the service to see if it is OK. If so, then stop another service and repeat the process until all unnecessary services are no longer running.

Users logged on as root can turn off a service by entering the path name for the service script followed by the stop option. For example, to turn off nfs, enter: # /etc/init.d/nfs stop.

Note that Red Hat versions of Linux may use the path: /etc/rc.d/init.d instead.

Even though you’ve turned off a service, it may not be turned off permanently. For example, a service may be reenabled upon system reboot. So be sure to run netstat after the next reboot, and after every system or package upgrade or new install.