Best of Technical Support
Changing Red Hat's Firewall Level
I'm not able to change the security level on either
Red Hat 7.2 or 9. It is always high on both versions
and on all three computers on which I have installed these
distributions. I have installed all recent
attempts since the first install of 7.2 without
Firewall. Firewall still installs and is at High. No
one else has had this problem when I read over
installs of 7.2. What am I doing so wrong?
—
Jeff Douglass
jdouglas25@yahoo.com
If you want to change graphically using env, you can click on
Start Here from the desktop, then System Settings and then Security
Level. If you are not running as root, enter root's password and you
can change security levels. I believe something similar is offered
during the installation of Red Hat.
—
Usman S. Ansari
uansari@yahoo.com
The firewall portion of Red Hat's installer is a bit confusing. Most importantly, in the Customize section the Trusted Devices options truly are trusted, allowing any and all traffic on them. When I first looked at that I assumed if I wanted to allow incoming SSH on eth0, I would click SSH on Allow incoming as well as selecting eth0 under trusted—not the case. This gives blanket permissions on all ports on the selected trusted device.
I'm not sure what went wrong during the installation, but you can change
the configuration afterward by running lokkit to reconfigure the firewall.
There also is a GUI-based utility
that does the same thing called redhat-config-securitylevel. Run
/etc/init.d/iptables restart after making changes.
—
Timothy Hamlin
thamlin@nmt.edu
Bear in mind that it is not a good idea to operate a
system with a relaxed or disabled security, especially
if linked to the Internet. You should learn to
configure the firewall to let through the traffic
you need but no more.
—
Felipe Barousse Boué
fbarousse@piensa.com
Mouse Pointer in VNC?
How can I change the mouse pointer to a big white
cursor when displayed through a VNC viewer?
—
Marcos Machado
pimentamac@hotmail.com
Currently there are several flavors of VNC-based utilities, with many
enhancements and differences among each them. A method you can try is
to change the mouse configuration of your account locally (including the
cursor or pointer size) with a tool like gnome-mouse-properties. Then,
later on when you establish a remote session through VNC, you will get a
larger cursor, again, depending on the VNC client and server you are
using.
—
Felipe Barousse Boué
fbarousse@piensa.com
Distributing One POP Account to Multiple Users
We have registered a domain and one POP3 e-mail account with our registrar. Unfortunately, our DSL ISP (Earthlink) does not permit us to have SMTP port 25 open to send and receive mail directly. All outbound e-mail must be sent to our ISP's servers, and then they relay them onwards.
We have a small network consisting of six users. All users must see the same e-mail, thus one POP3 mail account for all. I have Postfix configured to send our outbound e-mail via the ISP without any problems. I have been playing with fetchmail to retrieve our inbound e-mail from our remote POP3 account but have not had any luck getting the e-mail distributed to our local users on our network. fetchmail polls and downloads the mail no problem, but when it hits our Postfix server it says:
X-Fetchmail-Warning: recipient address myaddress@earthlink.net didn't match any local name
I have tried to configure aliases using Webmin with
success. I guess the problem is with multidrop
distribution.
—
Walter
trance_fool@hotmail.com
Keep things simple. Either get several mail accounts on your ISP's
servers—one per user and configure their workstations to log in to
their POP accounts at the ISP's server, or arrange for
open SMTP and POP or IMAP ports to your server. That way, it
will be much easier for you to manage your e-mail without adding
complexity to an already difficult-to-manage service (e-mail). You don't
want to complicate your life when you have to filter spam, viruses and
all that crap while having a home-crafted solution as you are
describing in your post.
—
Felipe Barousse Boué
fbarousse@piensa.com
You don't need to use fetchmail multidrop if you want all six users to get copies of the same mail from the POP account. Just make an “all” alias in /etc/aliases, which you can do with Webmin, then configure fetchmail to deliver to “all” via SMTP:
poll pop.example.net: user joe there has password secr3t is all here
Postfix will do the rest.
—
Don Marti
dmarti@ssc.com
Adding a Nonstandard Kernel Module
I wanted to update my kernel to include a module
that isn't provided by default. First, I thought
I'd try building the kernel identical to what Red Hat
provided. I've built Linux (a few years
ago) without a problem, but when I tried to build
the Red Hat configuration, copied from the configs
subdirectory, it failed during the make modules
step. The errors don't make sense to me. There's
about 1,200 lines of errors generated.
Why doesn't it compile right out of the box?
—
Chris Carlson
cwcarlson@cox.net
First, you do not have to compile the kernel
to add a new module. You simply can compile with
the header files from the running kernel, and it
should work fine. As far as your problem with kernel
compilation is concerned, I think you are missing the make
oldconfig step, which would read the config file you
mention. By the way, did you remember to rename it
to .config?
—
Usman S. Ansari
uansari@yahoo.com
ADSL under Knoppix?
What is the easiest way to install an ADSL Internet connection
using Knoppix?
—
Andrew Catchpole
krubby@hotmail.com
That really depends on the kind of ADSL modem you have and on the actual
settings of your ISP's service. This page may be of help:
www.rhapsodyk.net/adsl/HOWTO and this one too:
christophe.delord.free.fr/en/adsl/debian.html.
—
Felipe Barousse Boué
fbarousse@piensa.com
Upgrading from Red Hat to SuSE?
I have tried to upgrade Red Hat 9 to SuSE 9.0 without
success. Can this be done? Or does one need to
reinstall the system?
—
L W Randerson
luthrw@att.net
You are trying to upgrade a system installed from one
vendor of Linux distribution to another vendor. It is
impossible that this will work. Many times upgrades
from the same vendor have problems.
I suggest that you start from scratch: repartition and
make new filesystems. If you have enough disk space,
you can have both SuSE and Red Hat installed at same
time on different partitions.
—
Usman S. Ansari
uansari@yahoo.com
Perhaps it would be possible with a lot (a whole lot) of hacking, but
generally, you don't want to upgrade across different
distributions. Red Hat to Red Hat should work, and SuSE to SuSE, but
the layouts are different, and it would be terrifically complicated.
Back up all the user files you have, and do a fresh install rather than
attempt an update.
—
Timothy Hamlin
thamlin@nmt.edu