[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Issues

> Cool.  So where should the MX record point?  I have no clue what you did
> with qmail, maybe you could fill us in?

Let me check out the DNS records you've put in place and I'll get back to you on
this.

> > the ntp server yet?  
> Yep.

Cool.

> I've given it some thought and done some research.  The good news is that
> I can't find any 'sploits for the most recent version of bind (8.1.2) and

I assume that's the version we're running then?  I supose as long as we keep on top
of it... :)  Forgive my paranoia... bind bothers me because it's one of two hacks
I've ever actually seen done to a box in our network.  :)  As I said above, I'll
check out the zone files and get back to you on everything... including mx records
and qmail info.

> > Also... howabout limiting ssh accesible subnets?  How do you feel about
> I'm very pro to this idea.  I have a static IP via my ISP and at work so

Well... since I connect through my current employer, it'd be easy to get one... but
I started experiencing wierd stuff last time I tried to set it up... I never
troubleshot why... and I'm getting my ADSL drop soon... they don't want to allow
static IP's on those DSL connections... so we'll just open up a few networks
here... all these originate from behind a firewall... only one is accesible to
dial-up customers so it's not a big deal.  

Dan- I'm sure you could easily get a static IP from Allen/Patrick if ya mailed them
and told them why you needed one.  If you want.  Either way we'll need the static
or your network that your dialup account is on... as well as your external IP from
work.  I'll list the ranges/IP's I need open below. 

> > Aaron - what's up with Apache?  What modules are compiled in at this
> Sorry for not getting back to you sooner on that.  I have notes in my

No problem... I wasn't ready for the info sooner ;)

> notebook that I need to post.  I'll be creating a section in /~aturner/ on
> the server that has all my notes on Apache, the kernel, etc.  Both PHP and

Cool... lemme know when you get it up & it's location/filename.

> mod_perl were compiled staticly (verses DSO) into apache.  We have the
> latest version of PHP, mod_perl, and apache AFAIK.  Other non-standard

Very cool.

> modules I compiled in were usertrack, expires, and cern_meta.  We may
> never use cern_meta, but expires and usertrack should prove very useful.

I'm not familiar with any of those modules.

> Not right now.  I'm working on getting htdig as it should be.  I take care
> of named too.  I'm also trying to figure out why Apache doesn't give
> directory listings in the public_html directories.  That and I picked up

'K.  If you need ideas/help on any of that lemme know.  I am going to check out the
zone files... let ya know about that then.

> websites via mod_perl.  If people get me IP's/networks I'll stick them in
> tcp wrappers for ssh.

OK... here are the networks I need open:
199.234.236.0 255.255.255.0
199.234.238.0 255.255.255.0
199.234.239.0 255.255.255.0

And here is the static I need:
205.166.61.57 255.255.255.255

All the 199.x.x.x networks are behind a firewall at my employer.  Little danger
there... Only 199.234.236 above is accesible to dialup customers.  The other two
are for DHCP fr the workstations here.  

Please let me know where you'll be placing that file as I'll need to mod it
eventually for Al.  Thanks.

Jason