Cheap Price Software;Knoweledge about Network’ Category

Knowledge about Network

Posted by on August 23rd, 2009

“Computer network. System or network. Is a group of computers and devices. To be connected to the network users can communicate. Exchange information. And equipment. Network interoperability, “the network is several sizes. From a small computer that connects with just a few. For use in home or in small To larger networks that connect the world of Home Network or home network. The known “LAN” (Local Area Network).

Benefits of networking.

Resource sharing refers to the use of devices such as printer sharing is only one printer. Anyone can use the network printer. Ease and low cost. Because many printers do not invest. (In addition to a different type of pin Times)
Shared files are installed when the computer system network. Using file sharing or data exchange file can quickly To any storage device. The transfer of cutting issues of capacity to storage media. Equipment except in the major hard disk storage. If the region is continuing to add full.
Communications The computer that is connected to a network system. Contact can talk to other computers. Based communications program that can use a computer at the same. Or make use of email within the network Home Network or Home Office to benefit the many.
Using the Internet together. Every computer connected to the network can access the Internet anywhere. The modem itself. Whether analog or digital current top like ADSL.

(more…)

Posted in Knoweledge about Network

4 Comments »

How to crimp RJ45

Posted by on August 23rd, 2009

UTP Connection (CAT 5) a very popular device is currently used for peripheral systems network. How to crimp UTP Connection:

How to crimp RJ45

Crimp Standard connectivity in a device such as a cable between the computer and the Switch or HUB. (T568B)
Cross-entry is to call or cross – Connection between the same type of equipment such as HUB to HUB, Switch To Swich computer or a computer we can use the computer with NoteBook. (T568A and T568B)

(more…)

Posted in Knoweledge about Network

Tags: CAT 5, Crimp T568A, Crimp T568B, How to crimp RJ45, UTP Connection

2 Comments »

Creating security for the mail server.

Posted by on August 4th, 2009

Red Hat Linux operating system for the Sendmail program is a program to provide mail server. Details of this article does not mention how to install Sendmail will be considered by the administrator to open a mail server installed Sendmail RPM-benefits of the system and then install the RPM is to use a program. up2date to update the program. And, importantly, the RPM-installed Sendmail will reduce the problem of adjustment of the work program Sendmail.

Sendmail configuration file of the program is / etc / mail, Sendmail-RPM installation will create the necessary file for it all, Sendmail’s main configuration file is / etc / mail / sendmail.cf. The administrator can use the file. / etc / mail / sendmail.mc. As a model.

Creation of the Sendmail configuration file or / etc / mail / sendmail.cf. This can be done two ways. The first method is to create a file. / etc / mail / sendmail.cf. This comes directly require significant expertise to do so. The second method is to use m4, a program called the program a macro processor to compile a macro language which installed Sendmail RPM will have a file / etc / mail / sendmail.mc. This file is a macro language that can be used as a model of Sendmail’s configuration and can be used to compile to get through m4 / etc / mail / sendmail.cf. Which can be used immediately. Compile using the command that

m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

A second advantage of how easy is to edit and more convenient than the first method of Sendmail README documents are detailed in the edit. Administrators can learn more in this file. Documents in this section will highlight only about adding security to the mail server. It constitutes a basis for administrative use Sendmail to some of the first and then will discuss the meaning of the word Relay which often found the mail server if available. Will discuss later. configuration. Important in the adjustment to allow for mail server through Relay. And conclude with the issue of anti-Denied of Services attacks that may occur with Sendmail.

What Does it mean Relay ?

Relay is to send e-mail from external mail server to a domain over other domains. Where both the sender and recipients who are not under the domain mail server service. Will constitute a relay.

In the past, the relay allows sending e-mail can easily send a ??? to be fried. As packets of protocol TCP / IP to run through other routes. Now open to mail relay server can be considered extremely dangerous. It can be used in a mail spamming to send e-mail to a tremendous amount of number of recipients. This is a waste system resources by not necessary.

Defining the rights of the relay through the mail server.

The configuration. Used in determining the rights of the relay through the mail server. Which is very flexible with configuration. Apply to these files. / etc / mail / sendmail.mc and only completed when editing must compile to / etc / mail / sendmail.cf. Prior to deployment every time.

FEATURE(‘relay_entire_domain’)Is assigned to every Hosted under the domain specified in the file. / etc / mail / relay-domains can relay to suppose that as a file. / etc / mail / relay-domains are: nectec.or.th
biotec.or.th

Mail server. configuration. This will allow the recipient under any host a *. nectec.or.th or *. biotec.or.th can relay through.
FEATURE(‘relay_hosts_only’)A similar configuration FEATURE ( ‘relay_entire_domain’) to different host name in the license file directly. / etc / mail / relay-domains such as. mail1.nectec.or.th
mail2.nectec.or.th
smtp.biotec.or.th

Mail server. configuration. This will allow recipients to identify the domain that @ mail1.nectec.or.th or or @ mail2.nectec.or.th @ smtp.biotec.or.th can relay through.
FEATURE(‘access_db’)

Using configuration. This can be very flexible to customize the Sendmail will use the file / etc / mail / access.db. In determining the rights of any host that is allowed to relay through which the practice will edit files. / etc / mail / access. Then use the command

hash -o /etc/mail/access

To create the file. / etc / mail / access.db sample file / etc / mail / access:

spam.spam.org            ERROR:”550 We don’t accept mail”
spammer.com              REJECT
192.168.122              REJECT
nectec.or.th             OK
biotec.or.th             RELAY

Left field is determined by the host or domain. The field is right for the right to determine which relay is set right.

FEATURE The following should not be used.

To prevent attacks a Denial of Service.
The configuration. Configured to reduce attacks on a Denied of Service with the recommended values:

define ( ‘confMIN_FREE_BLOCKS’,’4000 ‘).
Determine the minimum number of blocks for use in the storage order of the backup e-mail that is sent to the server.
define(‘confMAX_MESSAGE_SIZE’,’4000000′)
The size of the e-mail can be the largest. The default value is infinite set about 4MB.
define(‘confAUTO_REBUILD’,'false’)
Aliase up files created by Allan Curtis proof credentials. Should not be open to prevent the unnecessary creation aliase.
define(‘confMAX_DAEMON_CHILDREN’,’40′)
Number de Montreal Process of Sendmail that most depend on the size of the system such as Ram 40 Ram size if the system has 128MB.
define(‘confMAX_ HEADERS_LENGTH’,’32′)
Length at most in the de ??’s e-mail. Value should be 32 or 64.
define(‘confMAX_ MIME_HEADER_LENGTH’,’1024′)
Long as possible in a MIME header in the appropriate value is 1,024 or less.
define(‘confMAX_ RCPTS_PER_MESSAGE’,’100′)
Number of recipients indicated that the most that can be sent simultaneously in this set to send to the recipient has the most 100 people, depending on the administrator.

Posted in Knoweledge about Network

Tags: Creating security mail server, Define right of relay through the mail server, Relay

No Comments »

Trivial File Transfer Protocol

Posted by on August 1st, 2009

Trivial File Transfer Protocol Overviews

TFTP – Trivial File Transfer Protocol process is simple file transfers over FTP using common communication mechanism-UDP (User Datagram Protocol) protocol is working. Connectionless. This user does not need to enter codes or Password, but you can only transfer data already prepared. But no other functions such as list files, change directories.

TFTP has been developed for performance. The recipient and the sender can set the block size from 8 to 64 bytes Timeout time from 1 to 255 seconds and set the size of the file to be sent.

TFTP will not work for the complex. Therefore, programs that use a small Use less space in memory. Program into the chip can contain a type of Programmable Read-Only Memory (PROM) used to work in a small portable device or a program easier to use FTP.

Command TFTP

Relate Link : FTP Protocol
   Script FTP
   How to upload file with FTP
   UDP Protocol

Posted in Knoweledge about Network

Tags: FTP, TFTP, Trivial File Transfer Protocol

No Comments »

Config Thin Client system by Linux

Posted by on July 28th, 2009

What’s Thin Client

Thin Client is reduce the size of a computer workstation that is used to these smaller To help in the difficult management and reduced maintenance. Thus enabling the concept of the Thin Client by reducing both the size and features of this type into the computer with the appropriate use This reduces the cost to the part. While the resource is disabled, large data storage media such as hard disk from the network. Then lift the burden of processing. Storage Services for Application – Operating system software. Software application. And control are to be included on a centralized server in a network called the Server Based Computing. This concept allows several benefits:

Reduce costs of network hardware such as the school may use for your PC, a low – medium to receive donations.
Reduce complexity of system management, including checks for viruses or hard disk in the backup of each machine.
Reduce the need to perform at a network device such as a change to a repair upgrade install additional application software to users.
Channel and reduce the chance of damage due to theft. In the case of a network-Thin Client are not allowed to install or use the data storage media Removable Media category or peripherals such as floppy disks. (File copy) printer port. (Information from the document does not print). Including anti theft devices such as recording expensive. Hard disk. Because no hard disk in the machine

Protocols and services used.

To use the Thin Client is a projection that a reality will require a protocol. And service network combined with many. Respectively, we can experience the work. There are steps to boot the machine until the Thin Client users can use Apple system has the following applications.

Started from a PC Thin Client start run BIOS of the machine will choose the boot device as defined by ??? set up within the BIOS. In the case of the boot to access the network will be divided into 3 characteristic is
      1. Boot with the software contained in ROM Boot LAN card LAN card on the circuit’s most Socket availability is prepared to use the memory chips installed into ROM. The internal memory, users will need to save this program for a boot device into the network.
      2. Boot protocol with PXE (Preboot Execution Environment), Build-in often comes with the motherboard BIOS version or new Flash in addition to the new LAN card.
      3. Bootable floppy disc by disc. By a simulation of the ROM Boot is the boot disc floppy disk. An easy way to test code before implementation of the ROM Boot ROM Burns into reality.
In this step the program will go above the Broadcast network protocols with BOOTP (RFC951) request to TCP / IP Configuration by DHCP / BOOTP Server.
DHCP / BOOTP Server will check the MAC Address of the Thin Client, and then send the relevant parameters of the config protocol TCP/ IP to the Client and Path and file name to use the kernel in the boot in the next step.
When the Thin Client for various parameters associated with TCP / IP protocol to a TFTP (Trivial File Transfer Protocol) to download the file specified by the DHCP Server kernel into memory. And start working with this kernel.

Structure in connected systems, Server Based Computing.

Protocols and services used

To use the Thin Client is a projection that a reality will require a protocol. And service network combined with many. Respectively, we can experience the work. There are steps to boot the machine until the Thin Client users can use Apple system has the following applications.

Started from a PC Thin Client start run BIOS of the machine will choose the boot device as defined by ??? set up within the BIOS. In the case of the boot to access the network will be divided into 3 characteristic is
1. Boot with the software contained in ROM Boot LAN card LAN card on the circuit’s most empty socket is prepared to use the memory chips installed into ROM. The internal memory, users will need to save this program for a boot device into the network.
2. Boot protocol with PXE (Preboot Execution Environment), Build-in often comes with the motherboard BIOS version or new Flash in addition to the new LAN card.
Bootable floppy disc by disc. By a simulation of the ROM Boot is the boot disc floppy disk. An easy way to test code before implementation of the ROM Boot ROM Burns into reality.
In this step the program will go above the Broadcast network protocols with BOOTP (RFC951) request to TCP / IP Configuration by DHCP / BOOTP Server.
DHCP / BOOTP Server will check the MAC Address of the Thin Client, and then send the relevant parameters of the config protocol TCP / IP to the Client and Path and file name to use the kernel in the boot in the next step.
When the Thin Client for various parameters associated with TCP / IP protocol to a TFTP (Trivial File Transfer Protocol) to download the file specified by the DHCP Server kernel into memory. And start working with this kernel.
Kernel will restart the operation. In early work within the RAM Disk and then run before init script to work as scheduled to run on various devices including the search module loads required. Modules specifically for the Power Networking
The Thin Client will Broadcast as DHCP Client again but this time will provide important information about the mount to NFS Server (Network File Service) to rely on a shared disk server after a Root File System mount. script successfully switch to the Thin Client will use Root File System from a RAM Disk Root File System from NFS mount service through making this Thin Client software can use various shared nucleus from a NFS Server. ) so administrators can set the properties of the Thin Client from a central mechanism through which this
The kernel will create a File System to other systems more completely. Then, to enter Run Level (mode of the operating system) as an administrator appointed. This makes the work of the Client into a running mode Text Mode to Graphical Mode or as needed. If you use a Text Mode operation ends with a mark Lampf and waiting for user command-command command line.
If that is the case administrator assigned to the Thin Client starts a Graphical Mode start_x script will continue running the Probe Card will display and run the software suite that serves as Xfree86 X Window protocol and then use Network X Protocol connection. into the X Server and Display Manager login to access graphics.

Config systems with Linux Thin Clients.

Thin Client System is currently in many camps. Embedded type or from the Internet is called the Network Computer is a type of software solution that runs under Windows operating systems, Linux and Solaris for the love of a free software / open source. Projection is interesting to use as well. This project called Linux Terminal Server Project that stands called LTSP.

LTSP is a project developed to enhance the Terminal Server for Linux Server (Discovery TRIPOLI, BUSINESS-any)-based network features that are already available on every Linux server Discovery Golf Business applications that are DHCP Server, DNS Server, TFTP Server,. NFS Server and X Server site by a group of developers that this projection. http://www.ltsp.org. Which will document Programs to download files also Mailing List Service for advice. Exchange experiences with each other.

To understand more Before starting to build this system. Should note that the picture together before the many small parts to be perfectly prepared and will be more successful operation.

Check your PC to use a Thin Client LAN cards and cards that show G-V chips used in any version. Boot Loader software and prepare for a LAN card.
Prepare a Linux server. Authors choose to use Red Hat Linux 9.0 Professional installation and config of network-ready.
Download the software that need config LTSP Linux Terminal Server as a server feature.
Installation of software modifications LTSP config files. And start the services required to use the service with DHCP, TFTP, NFS is important.
Restart PC Thin Client to test the functionality.

Prepare PC to Thin Client.

PC is used to select the Thin Client is that we should know the details of hardware, especially LAN cards. Video display card with GE Fanuc. The purposes of the Thin Client does not need a hard drive installed on a machine like the author is using a Celeron 433MHz RAM 128MB chip S3 Trio3D display and use the LAN card chip Intel EtherExpress Pro 100 (On board) chip’s data show. Results will be used in the process of downloading the version of X Server to be decided at a graphical display. The LAN card’s chip. We will have to download from the site EtherBoot http://www.rom-o-matic.net. The development of this program has created programs to help compile the program use very comfortable sheer Just choose the version of the chip side to the program website will create a program to download the image immediately.

Form to help create programs EtherBoot.

Image files that are available with many variations. For example, the ROM Boot to Burn down the LAN card will need to select a file. Zrom for image files to create a boot disk boot disc Thin Client must select a file format. Zdsk when. ago to bring this file into a file on Linux server. that the disk is used as a boot disc Thin Client already entered, type the following command. Will create a boot disc for the version we downloaded LAN card (LAN card is in the example of Intel being tested)

# cat eb-5.2.4-eepro100.zdsk > /dev/fd0

When a disc and then to bring it to a Thin Client boot without LAN cable plugs. Or make sure no one computer is running a DHCP Server in the text that appears on the display of Thin Client will let us know the number of Ethernet Address is the LAN card. The figures show a total of 12 base 16 digits eg 00:06:29:1 E: BA: 6B (MAC Address) is to be noted in step a server config.

Prepare Linux server.

I choose to use the Red Hat Linux 9.0 installation EveryThing like something that should ever have to make sure:

Config Network Interface
Package should be related to DHCP, NFS, TFTP is at least
Components of the X Window and GNOME Desktop allows seamless.
Do not open until about a firewall make sure the system works perfect.
To fabricate the supports, de Thai Should be set to Thai Language.
Do not forget to add Iosesars the test and set a password.
Should open telnet or http server in a preliminary experiment.

As an example in this article requires a server with the IP number 192.168.0.30 Hostname icute.rj45patchcord.com. And will require a number of Thin Client IP is 192.168.0.31 Hostname ws031.rj45patchcord.com.

Download the software package of LTSP.

Web site http://www.ltsp.org. LTSP is a software to download 3 format with the RPM package for Linux Red Hat, Mandrake package. Deb files for Debian and Tarball (tgz) the source code used to compile. Authors choose to use Red Hat Linux as a Terminal Server is selected download a RPM package downloads by selecting specific files to use only the fact that in this version will use 3 LTSP number 6 overall file size approximately 36 MB.
Thin Client device used for display cards differ from this will need to download the appropriate package for chips that use.

Installation package and a simple config Terminal Server.

After the file package to download all the Linux server and then use the command rpm install all packages. As an example command:

# rpm -ivh *.rpm

After installing all packages. The directories is occurring in 2 / opt / ltsp and / tftpboot / lts.
Go to / opt / ltsp / templates. Then run the script. Figure 5 ltsp_initialize the script will ask to verify the config to Figure 6 and opportunities that we choose not to have some config. This means that when A accepts all the config as suggested. The Thin Client is supported from both the Text Mode and Graphic Mode shape.

Display Run script ltsp_initialize.

Confirm Config LTSP

Select Accept or edit config.

To copy the files. / etc / dhcpd.conf.example. A new file name. / etc / dhcpd.conf. Then open this file, edit. The example in Figure 8, the config must be cost Ethernet Address of the LAN card used in the Thin Client to set the config file. Thin Client network for the next in the same config. The only section of ws031 add edit name but a host ws032 number of IP and Ethernet Address is the host. After editing the file config details in order to save the DHCP Server and then start with the command service dhcpd restart chkconfig dhcpd on and respectively.

Config DHCP Server LTSP

In communication between the Linux Terminal Server with Thin Client will focus on the Name Resolution is so much to ensure that the file / etc / hosts is configured correctly. Here is a list of network servers and clients must be kept full all the samples.

Config DHCP Server LTSP1

However, under the environment that may not be ready in the Domain Name Service (DNS) may affect the work of Log File Management System or syslogd program which we will set the config of the Thin Client network to send all the work will appear in the Log File and the server. To prevent such problems should edit the config program SysLogd of servers by a small laundry. Then, do not forget to restart the service.

Edit Config Syslogd

Files config that are important to the work of the Thin Client is the file / opt/ltsp/i386/etc/lts.conf. This work will define the basis of the Thin Client for each IP such as number of servers. SWAP memory size of the parameter values directing the work of the X Server.

Config for Thin Client

Once you have everything on the server side config. Should perform a restart, the server again to ensure everything will usually start at any time open systems. Follow the instructions.

   # chkconfig nfs on
   # chkconfig tftp on
   # chkconfig dhcpd on
   # reboot

The test machine boot Thin Client.

When Thin Client with a bootable floppy disc Discovery detectors prepared. Machine will stop at a prompt. To test ease of use, may use the command ifconfig, ping or telnet, or if any need to use it in graphics mode, just type the command

# /tmp/start_ws

Thin Client device to enter our page of the GNOME login screen name and password can use the Iosesars of servers. Iosesars can use Application-existing in a server. If the server can use the Internet at own will make a Thin Client using these as the Internet. For storage of each Iosesars Home Directory of Iosesars is that the GNOME Desktop own I tend to be displayed on the Home Directory is de-textiles.

For various config-Iosesars to customize your own editing. Will be stored under each of the Home Directory (Home Directory, which is space on the server) so that it will move Iosesars chest ?? on Thin Client in any environment will have to show the same track. use. Whether it’s textiles, the de (GNOME or KDE) pictures wallpapers beautiful theme or other configuration programs are included in the Proxy Server set cookies to remember your password from the site visits.

Linux Terminal Server Project is a Thin Client system that may trigger that finished. It does not use difficult. Services can help reduce the complicated to the breakup have one centralized set of the concert, the rarely-important Kleiner (Thin Client), but one thing is to accept barter and deciding this is the system. servers require a thick (Thick Server) for a high image Sitt Co. because every pro that runs from the Thin Client will be processed on the server side a majority. Including volume packet data in a high-volume network is also one thing to consider. Here is another solution built on the properties of the various benefits of the operating system called “Linux”

Posted in Knoweledge about Network

Tags: config DHCP Server LTSP, Config Thin Client system by Linux, Linux Terminal Server Project, LTSP, Terminal Client

No Comments »

Secure Copy Protocol

Posted by on July 24th, 2009

Secure Copy Protocol Overviews

Secure Copy Protocol (SCP) is method of data transmission across the network. The look is a copy of data between 2 and live a protocol similar to Secure Shell SFTP, SFTP is a different system will need to Login before it can send and receive files, but SCP will enter a password. Every time you send and receive files.

Sometimes if we want to transfer files across machines using linux for example the backup file from server 1 to server 2 or pull the file from the server down to a backup in the office we can do very easily with scp program? command scp (secure copy), on most Linux can use immediately. What not to increase but will have to Cygwin for Windows can be used prior to the regular use scp will ask for a password, but when we used to transfer or backup files, we would like to automatically set the crontab. Linux or the Windows Task Schedule in so we must skip the login process or enter the password which can be done by creating a key for the automatic login by a key 2 is a private key and public key.

How to set key step in to use scp without a login:

We will use to decide whether to use scp user? Like this in this instance I use that user name dumper.
login to a local (to get a working set that is called a local and remote access is that server) if it is possible to use the same user name on the local server or to any different after login and try pwd. We will see that in most of our home directory is / home / dumper.
Then, create private key and public key in local machine using the command

ssh-keygen-t rsa

Will have to ask about that we will file name where the key to press? Enter last name is the default value and the key storage file is created under the directory name. Ssh, if we do not create a directory. This command will create just for ourselves. After running the command above. Out file will be:
[1] private key – / home / dumper / .ssh / id_rsa.
[2] public key – / home / dumper / .ssh / id_rsa.pub
copy file id_rsa.pub to the server and rename it as authorized_keys or ftp, but may be used in this instance with scp: scp id_rsa.pub dumper@my.server.ip.addr: / home / dumper / authorized_keys. In this step will be asked for your password on the user dumper my.server.ip.addr (ip of server or domain name is optional)
login to check the server and see if the file found./ home / dumper / authorized_keys. If we are to successfully scp will find success if you do not need to copy again.
Create a directory name. ssh under our home directory (this is in the south / home / dumper), but if it is already available, then immediately move on to authorized_keys. ssh using the command mkdir. ssh mv authorized_keys. ssh.

Try to check that the file view. / home / dumper / .ssh / authorized_keys
logout from the local server is trying to scp a file will not view this time to ask password.

Relate Link : Secure Shell SFTP TelNet PuTTY TCP Wrapper

Posted in Knoweledge about Network

Tags: How to set key step in to use scp without a login, SCP Protocol, Secure Copy Protocol, Secure Shell, SFTP, SSH

No Comments »

Secure File Transfer Protocol

Posted by on July 20th, 2009

Secure File Transfer Protocol Overviews

Secure File Transfer Protocol (SFTP) protocol that is used instead of FTP as a part of which will be sftpserv SSH is a program running on the server side. Waiting to receive a phone call from a client through the command sftp on linux operating system and Windows operating system is a program that will be used for contact and transfer of movie data with the server via SSH as SSH Secure Shell Client and SecureFX.

How to Config SFTP Server on Windows

Go to the website to download the Binary Installer Release SSHWindows then be installed on the Windows Client and install all the Server Components.

Example Setup SSH servers will need to set up these servers before Start.

Address of / home by default is located at C: \ Documents and Settings. To change the Registry values must be changed to HKEY_LOCAL_MACHINE \ SOFTWARE \ Cygnus Solutions \ Cygwin \ mounts. v2 \ / home the value of compared with the native / home (everyone who is to login using sftp. Come under this).
Right-click My Computer select Manage then go to Computer Management (Local) / Local Users and Groups / Users to create new user for the Login to sftp.
Open Command Prompt window and then command.
cd “C: \ Program Files \ OpenSSH \ bin” in the event that installed the Drive C, then use the command:
mkgroup-l>> .. \ etc \ group.
And
mkpasswd-l-u [username]>> .. \ etc \ passwd.
Where [username] instead of a user to add in the 2 if you wish to add multiple user command is a command to 2 times per 1 user.
To the group and passwd file in the folder C: \ Program Files \ OpenSSH \ etc. The passwd file can be opened with Notepad.
Will notice that the information in the data file is that each user has added to Article 3 of the opposite end of each data message to be estimated. / home / username where username is the name of the folder after the user login, which is changed by each user name that we can change the folder name is different to the rest or just / home user, any people will come. at home.

Set Windows Firewall to accept TCP port 22 to pass.

Go to Control Panel / Windows Firewall tab, click Advanced.
Click the Settings button in the Network Connection Settings.
Click on Add …
The field Description of service: Enter Secure FTP Server.
The field Name of IP Address: Enter the name of the servers or IP.
The box External Port number for this service: Enter 22.
The box Internal Port number for this service: Enter 22.
Click the box TCP.
Click on OK.
Click on OK.
Click on OK.

Start Services name OpenSSH Server.

Relate Link : Secure Shell Protocol Script FTP FTP PuTTY TCP Wrapper TelNet

Posted in Knoweledge about Network

Tags: How to Config SFTP Server on Windows, Secure File Transfer Protocol, SFTP Protocol, SSH Protocol

No Comments »

TCP Wrapper

Posted by on July 17th, 2009

TCP Wrapper Overviews

TCP Wrapper is a security tool. That allows administrators to control which IP Address that can access the specified port. If your system does not need to open an access from the outside. The best way is to use TCP Wrapper.

Administrators should start by default. “Nobody can sign” added the line “all: all” in hosts.deny then allowed. Access to the host to the hosts.allow.

Features one checkbox TCP Wrapper is can execute script to execute the program before it will be important such as telnet or ftp can do anything with cause, such as multiple script can record your IP Address and damain. name of trying to connect to your machine. Can send email to notify you if you try to connect is not expected or even run the finger back to the IP Address of the created links. It’s clear that this powerful tool. Lets you decide who can and can not access your system.

Operation of TCP Wrapper

A small program running in the background report and will forward the host name and services to use the wrappers will not share information. Or discussion between a customer (client) and server applications, and there is no overhead (header) data For example, could describe the data or to the other, except wait for the report. Can restrict (filter) used to like to host any service.

Example

We do not need Internet access to all internal and external version of IP, finger to the server IP 192.168.1.10 addition we will be able to finger (which is helpful in the shade. Unauthorized access to servers rather because we know of is the first user to log on to our server but the password to gain and lose if unknown user before that user is to guess what we have before they can find a password. the next step) from a file. / etc / inetd.conf. Fingerd program that will see the server was replaced with / usr / sbin / tcpd, which means will need to use fingerd tcpd (wrapper) to the App. Which will be around to see if that There are several programs. To be called by tcpd to use the command below is run in.fingerd address on file. / etc / inetd.conf finger stream tcp nowait nobody / usr / sbin / tcpd in.fingerd-w.
Given file. Or not to use service that tcpd is called the two files is

/ etc / hosts.allow.
/ etc / hosts.deny.

How to config TCP Wrapper

Edit / etc / hosts.deny. Not all the hosts used by finger.
#
# hosts.deny    This file describes the names of the hosts which are
#               *not* allowed to use the local INET services, as decided
#               by the ‘/usr/sbin/tcpd’ server.
#
# Version:      @(#)/etc/hosts.deny     1.00    05/28/93
#
# Author:       Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org
#
#
in.fingerd:ALL
# End of hosts.deny.
Edit the file / etc / hosts.allow to IP 192.168.1.10 to the finger server we have.
#
# hosts.allow   This file describes the names of the hosts which are
#               allowed to use the local INET services, as decided by
#               the ‘/usr/sbin/tcpd’ server.
#
# Version:      @(#)/etc/hosts.allow    1.00    05/28/93
#
# Author:       Fred N. van Kempen, <waltje@uwalt.nl.mugnet.org
#
#
in.fingerd:192.168.1.10
# End of hosts.allow.
restart inetd to editing with a command.
But from the tests to use slackware 3.4 command that is different from the inetd pid id must be used before by
ps -ax|grep inetd
Be answered, such as
938   ?   S    0:0   /usr/sbin/inetd
Then to use the command
kill -HUP 938
Try using the IP 192.168.1.10 finger to the server that we set. Suppose that name. test.rj45patchcord.com.
finger @test.rj45patchcord.com
Should have answered that someone has logged on? No one login.
Try using the IP 192.168.1.10 finger other than to see this machine that will not receive a response from the finger.

When you can prevent the finger from the outside. Or allow any host can then use finger to prevent the use of other services such as telnet ftp or other do likewise. You may enter a value.
ALL:ALL
In the file / etc / hosts.deny ??? then have to use any services from the host? Use it to open files in / etc / hosts.allow later is a good way. Format command in the file. / etc / hosts.deny and / etc / hosts.allow is
service : hosts
Format that can enter, such as
ALL: ALL.
ALL: 192.168.1, LOCAL # 192.168.1 refers to the use of this subnet.

Relate Link : Secure Shell TelNet PuTTY Protect Port Scan

Posted in Knoweledge about Network

Tags: How to config TCP Wrapper, Protect port Scanning, TCP Wrapper

No Comments »

PuTTY

Posted by on July 15th, 2009

PuTTY Overviews

PuTTY is a free program for TelNet and SSH, including service. Other protocols such as SSH PSFTP PSCP is available on Win32 and UNIX Platforms.

tunneling VNC through Putty

VNC Remote Control program is a very good one, will include two parts. As part of a Server and the Client Server will act on information management and keyboard and mouse from side to act on the Client Services section of the GUI, which may be used together. the main GUI of the system (such as all versions of Windows operating system) or may be opening a special GUI. (Such as the UNIX operating system and Linux to be more open XWindows terminal for this one) for the Client will receive the keyboard and press the mouse management. When people use the window of VNCViewer to submit to the server. And a set of instructions received from the Server to make a drawing on VNCViewer features to users of VNC is engaging is the Server and VNC Viewer on almost every flat form from any Windows version. Unix and Linux to every flat form can be used to cross out (such as opening a Linux server to run on XP and View), also suitable for use over XTerminal for Linux and Unix Especially on the network may be a break at any time where the Internet is indeed XTerminal to carry on the servers where VNCServer will clothe Terminal so we can close the window VNCViewer at any time. to reopen at another machine that the world may be different. By the software. The run will not feel the effects.

But VNC is a serious flaw is that the information sent back to the server that client is not encrypted. Of any type. Be sent in a manner that is easy to capture and analyze. This is to take the path of data sent to the VNC come through in the form of Secure shell of tunnelling.

Step process is set text terminal Putty is a very popular program. In the form of tunnelling VNC port through SSH to VNCserver by running on a Linux operating system (or other), but VNCViewer run on machines using Windows operating systems. That most users tend to use Linux or UNIX is a Riomt. General and work on a Windows operating system. Set procedures are as follow:

Open up the PuTTY Configuration window, select Connection / SSH / Tunnels.Fill Port Tunnelling through SSH to do down here, we want to tunnel through the Port of VNC, SSH, VNC uses port number 5900 to the port by 5900 to match the terminal, the 5901 match, 0. , terminals 1 to this order on Here we installing vncserver on Linux. In the case of operating system Linux and the UNIX VNCserver Xterminal will open up on new server and make connections with VNCserver (for people unfamiliar with VNCserver on Linux, we can set. the GUI is anything they wish. I like solving this case file ~ Iosesars / .vnc / xstartup. Called the line twm & a / bin / bash / bin / startkde & that it will load KDE replaces the twm) from the above example. I enter a value to the port tunnel is 5,901 (of which we are at present used by PuTTY), which is the destination. thanwa.cpe.mut.ac.th on port 5901 as a thanwa.cpe.mut.ac.th. I use a machine running the server). When I click Add it to:
After that I choose. Connecttion / SSH. To open the compression mode to allow the compression before sending data over SSH.This step is not necessary for the operation. You can skip process. If you choose to compress Will see that use VNC as a whole will be put down later. (Because data transmission is less As a result of compression).
Back to Session for convenience. I that we should set the fee for it. We enter the domain or IP of destination (run VNCServer) mode and select a contact SSH (port 22) by clicking the radio button SSH Session from the name then click Save.
Time we will use When we open PuTTy session we just kept loading. Then log in as normal text terminal ???? which we must continue to connect in SSH text terminal mode on this all the time we use VNCViewer (If we are locked out while the screen text terminal VNCViewer work will continue. incomplete. Until we close VNCViewe.
Then we run VNCViewer but when we enter the IP VNCserver we enter localhost or 127.0.0.1 instead of the value number, terminal ports is governed by the tunnel as we set in the Source port. This is a 5901 match localhost: 1.
If VNCserver worked on the servers correctly. We will see the screen password. Print it to the original.
VNCviewer started work here I have to set the Xterminal 1 (running on the console is 0) if you just run the KDE VNCserver run prior to running VNCViewer little You will see the screen while KDE is installed to monitor and work with.

Relate Link : Secure Shell Protocol TelNet

Posted in Knoweledge about Network

Tags: Putty, SSH, SSH Protocol, tunneling VNC through Putty., VNCViewer

No Comments »

Secure Shell Protocol

Posted by on July 13th, 2009

Secure Shell Protocol Overviews

Secure Shell or SSH is a protocol for computer networks. Designed to log into another computer. And work. SSH is designed on a replacement for rlogin, TELNET and rsh for security reasons because SSH uses encryption methods to transmit information between devices.
Standard SSH port of SSH is port 22 also is the basis of other communications such as SFTP or SCP.

SSH Protocol History

1995 – ssh1 been invented by University of Tatu Ylonen. Technology Helsinki (HUT), Finland
1996 – ssh2 be designed and become a Internet Standard by IETF.
1999 – OpenSSH is open source.

Why use Secure Shell.

Because the old system such as a remote access telnet, rlogin, rsh no measures to secure your information. Information can be stolen easily.

Picture shows the telnet to the server data can be stolen easily.

Picture shows a server using ssh to note that the password is encrypted.

Picture shows the data transfer using Secure Shell.

How to Config Server on Linux

You can be correct / etc / ssh / sshd_config.

Display Config Server on Linux

Details of initial config option to delete a page # and edit these details:

Port 22: Port number used to contact
ListenAddress 192.168.1.1: Specified IP interface of the server.
HostKey /etc/ssh/ssh_host_key: path to store the private key host.
ServerKeyBits 1024: Length of the key.
LoginGraceTime 600: Time to Login
KeyRegenerationInterval 3600: Time to create a new key.
PermitRootLogin no: Allow username root?
IgnoreRhosts yes: Not allow rhosts.
StrictModes yes: Check permission of each user.
PrintMotd yes: To the text msg of the day?
RhostsAuthentication no: Open Rhosts Authentication?
RhostsRSAAuthentication no: Used RSA Authentication for Rhost ?
RSAAuthentication yes: Used RSA Authentication ?
PasswordAuthentication yes: To use Password Authentication?
PermitEmptyPasswords no: Allow login without entering password?
Subsystem sftp /usr/libexec/openssh/sftp-server: Enabling SFTP (default).