Jump to content

linux_learner

OTW
  • Content Count

    892
  • Joined

  • Last visited

Everything posted by linux_learner

  1. it dpends on how restrictive you want it. telling me you dont want them to su, doesnt tell much. you can do that by taking it out of the bash profile, but then if they know the absolute path, they'll be able to bypass it. the su, is one you may not (and is not advisable) be able to get rid of. the best course of action is to take it out of your bash profile. by changing permissions on su, which is a file, you risk not being able to access it at all. you could chown it, but then that has its own problems. generally you dont mess with su, except by taking it out of the bash profile. since you can have the password on the root account expire after a set amount of time, and since the password is shaddowed, only someone who knows the root password can gain su/root priveledges.
  2. the linux system admin guide would be good for you to read. i do have /etc/group. it just contains the settings for each group. i think your making this harder than it is. as long as you make backups and note the permissions as they were before any changes are made, you can always fix it.
  3. /etc/... isnt a group, but a directory. a group is soft linked to various directories. much like java. the java plugin is typicaly in the /usr/... directory. this is not part of the home directory. when set on paranoid, the home user cant even veiw things outside of the home directory. typicaly the permissions for /usr/... are drwxr-xr-x (where d is directory). where a user GID might be 500 and grant you access to veiw files, just not write access. compare your user account GID to say X. X should be, or have similar group priveledges as root. X is a group, and account, you just dont log into it.
  4. if you take out, in the bash profile, the su and make it an absolute path, that also helps. as to the proposal, try it. just know the GID's like for wheel and the GID for a regular user.
  5. none. you can do that with any editor. just comment out /etc/securetty. to do this by hand all you need is an editor and an understanding of chmod.
  6. linux system administrators guide http://www.tldp.org/LDP/sag/html/
  7. the same docs apply. http://www.mandrakelinux.com/en/fdoc.php3 enjoy :D
  8. forget the cdrom and get plf sources and other sources. see easyurpmi (yes this is a web site i am refering to). you would use urpmi from the command line. its kinda like apt. urpmi <packagename> to install a package urpme <packagename> to remove a package. you can add cooker stuff, but just keep in mind, its experimental and liable to break your system. but with cooker, your likely to stay bleeding edge. you can get mdk to be just like debian, your just going to have to take the time to learn the subtle differences. i'd suggest reading the mandrake documentation section. mandrakesoft.com you can probably skip over most and skim over some other parts, but there may be some parts you may want to slow down on. also check out the linux administrators guide.
  9. for the firewall, you might wanna try firestarter or guarddog for now. arnos firewall is a good script as is ipkungfu. basically linux is linux. the same functions and rules apply. what you did in debian is done in mdk and done the same way. when you select paranoid in mdk for example, it comments everything out of /etc/securetty this means no one can login directly as root. you have to su up. very secure, but it can be quite difficult to work with. thats only one example of one setting. of course paranoid affects many other settings. as do the other levels. this is why i recomend "normal" and then tweak it yourself. dont run any services you dont need. and try to comment out /etc/securetty. those you can do yourself, with out affecting your pop3 server. any servers or services like http or pop3, i'd run in a chroot jail/sandbox. this way they are confined to that area only. if a hacker gets in, he only has access to just that area.
  10. sure. :D http://mandrakeusers.org/index.php?showtopic=13265 you'll have greater control, and understand alot more if you do it this way. enjoy :D
  11. ok. set your system to "normal". heres why. it will allow things to work for you from the start. you can then manually tweak your security settings. see my security overview in the faq section in the board. when i said gateway, i want refering to hardware. every internet connection has a default gateway. i was suggesting you check that. keep at it. keep asking questions.
  12. might wanna check your gateway. http://www.google.com/search?hl=en&client=...ke+10.1&spell=1 http://www.google.com/search?q=pop3+Cannot...n-US%3Aofficial
  13. while we know they partially support linux, this petition lets them know that there is a "responce". that there is a demand. the petition gives them a representation of that demand. 7100 sigs isnt bad. typically petitions are signed by a very small number. usually about 1%. yet, the petitions have a great impact in representing the majority. so if 7100 is about 1% of the linux users, then we're representing about 7,000,000 linux users. as to you point about starting a petition for Blizzard, Sierra, and so forth, wanna start it? someone needs to start it.
  14. my title says it all. we had a program in windows (didnt work well in windows either), but i cant find anything that will work in linux. i'm looking for software that will teach me/us to read, write and speak hebrew. if you know where to find something like this, let me know please.
  15. my wife and i signed it. 7025 and 7026
  16. some times you find a way in through the back door. my daughters elemtary teacher, IT person and principal are considering my suugestion, but it has to be approved by the district (which would be a whole lot of schools). my suggestion was gcompris and or freedu. freedu is a live cd. so it can run on just about anything. its compatible with pc architecture and mac architecture.
  17. http://www.techworld.com/opsys/news/index....age=1&pagePos=2 will it? we'll see. what do yall think?
  18. TCP/IP is an source. it was developed by arpanet, back in the early days of UNIX, before M$ DOS. it started in 1957. thats right. 1957. long before M$. http://www.davesite.com/webstation/net-history.shtml
  19. see easy urpmi. http://easyurpmi.zarb.org/ and http://myweb.tiscali.co.uk/eggnbacon/docs/...owto/tools.html
  20. darkelve kastorff and i were in irc at the time we noticed it. vir@s was also there. he runs and owns the server. we were on it in minutes. i have suggested some things to vir@s, what he does is up to him. you can pm any of use in irc, we'll eventually get to it.
  21. after doing a bit of reading, Y-windows sounds really cool. i naturally have a few questions, but from what i've read.....way cool. now i dunno about yall, but not restarting the windows server to load or unload a driver.... http://www.y-windows.org/ my questions are; will it work with kde/gnome and other de's and wm's? if so how? guess we have more reading to do.
  22. add konqueror 3.3 to the list. the nice thing is, it comes with search engines built in, and like opera you can use hot keys. you can also edit, or add, delete search engines at will.
  23. http://extragear.kde.org/apps/kiosktool.php#status
  24. i also found the yahoo servers pop.mail.yahoo.com smtp.mail.yahoo.com
×
×
  • Create New...