[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Question on a Web page
Tom,
The normal configuration you should try to have is
to have as *few* systems connected to the net as possible.
(Esp. any windows machines. This minimizes security concerns).
Ideally you only have one or two machines connected to the net.
Preferably Linux machines. On those machines you want two
packages: Squid and Samba. Squid is a Proxy server that interfaces
to the net, provides security and caching of net pages to allow
faster access for things that rarely change (such as images).
Properly configured "internal" machines (the whole 198.168.x.y
and related IP addresses discussion over the last few weeks)
can go through the Squid proxy server (provided your browsers
are configured correctly) to access anything on the net.
Samba is the "glue" between file systems on Windows and non-Windows
machines. Using it you can can access Windows Disks from either
(local) Linux or other (remote) Linux machines. If you want to
go Linux <-> Linux one normally uses Network File System (NFS)
protocols which simply allow you to connect the Linux file systems
together. But you could also use Samba as well. Samba is reasonably
good about allowing you security control over access to the
file systems. I *suspect* that using a combination of NFS & Samba
and by paying careful attention to the configuration files you
could mount perfectly secure "local" disks onto the server
connected to the net and then allow remote TASS users to
"connect" to the internal disks under a reasonably secure
(password controlled) system of access. I.e. your "remote"
disks would effectively look like their "local" disks.
I *strongly* suggest that if you consider implementing
this that you do it using a satellite access system.
Remote TASS users who are probably downloading large
quantities of data can deal with satellite delays.
While your other forms of access will not impacted
if multiple people decide to download large amounts of
data. It *is* possible for a single machine to have
multiple IP addresses -- including combinations of
static and dynamic IP addresses.
Setting up a satellite link isn't difficult. It took me
much longer to run the cable from my roof inside the house
than it did to get the satellite pointed properly. And of
course there are professional installation people who handle
this kind of thing now.
Properly configured Email servers on the same machine would
allow you to pass Windows email through the email server to
foreign machines.
In short:
You need one machine as a "gateway";
Probably want an alternate machine as a backup "gateway".
Gateway machines should pay strong attention to security.
Gateway machines should perhaps have multiple paths to
the Internet.
All other machines are "internal" only.
You use a combination of "sharing" drives under Windows or Linux
to make drives available locally to make it easy to access data
on various machines from other machines.
You use Samba and/or NFS to share the data to remote machines.
Almost all versions of Linux now come with both Samba and Squid
though their operation may need to be enabled and wrestling with
the configuration files may be required.
If you like we could setup some experiments in this area.
Re:
> current ip address for tass-survey.dyndns.org is 66.32.223.142
At the current time both of these addresses (the symbolic and the
numeric) will work with "ping". So that implies that I can reach
the machine. A "traceroute" yields a 14 step trace that ends up
someplace in Chicago so there is a good chance that I'm reaching
whomever your ISP is (it is not uncommon now for traceroutes to
be blocked someplace close to the tail end of the trace). However
both FTP and TELNET as well as an SMTP (email) fail to produce
responses. I presume this is due to security configurations on
your end of the pipe (or perhaps the machine is *very* busy).
For example, if these protocols are enabled for telnet it goes something
like:
In the below "> text" is what you type and ": text" is an example of
what you should get back...
TO TEST TELNET:
> telnet server.aeiveos.com
: Linux Mandrake release 7.2 (Odyssey) for i586
: Kernel 2.2.17-21mdk on an i686
: login:
(use ctrl-Z [under windows] or ctrl-D [under linux] to end this)
TO TEST SMTP (able to receive email):
> telnet server.aeiveos.com 25
: Trying 206.124.156.155...
: Connected to server.aeiveos.com.
: Escape character is '^]'.
: 220 server.aeiveos.com ESMTP Sendmail 8.10.0/8.10.0; Sun, 26 Dec 2004 18:37:27 -0800
(again ctrl-Z or ctrl-D -- depending on telet versions you may need
to use ctrl-] to get a telnet prompt and then type "close" to end
the session.
server.aeiveos.com has FTP disabled so you cannot test "FTP server.aeiveos.com".
Tests for external Samba and/or NFS and Squid are of similar nature (though under
normal circumstances external Squid access of much use).
Just my 2 cents.
Robert
On Sun, 26 Dec 2004 droege@snapmail.us wrote:
> Some of you are bored with your Christmas goodies by now and are turning
> to the internet for amusement. I will do my best by posing a simple
> question for one of you.
>
> Mike has a dynamic ip which was wrong for the last day or so. I have now
> updated it manually, so you should be able to get at mike at
> tass-survey.dyndns.org This is information only and not really relavent
> to the problem below.
>
> On mike in /home/tom/html is index.html for my web site. It used to be a
> simple two page test site. About a week ago I updated all the information
> in /home/tom/html with new site info and a new index.html.
>
> In spite of this, the old site persists. So when I go to a dial up
> connection on another computer I get the old site. (I can't get to this
> from my linux machines since the tass-survey.dyndns.org ip address gets my
> modem.)
>
> How do I reset the world (or where ever the old web sit has taken up
> residence) so that the new web site can be seen?
>
> OK, I normaly try to send such questions to limited set of people, but my
> limited set seems to be down to one who knows more about this than I do,
> but probably not enough more.
>
> current ip address for tass-survey.dyndns.org is 66.32.223.142
>
> Tom Droege
>