scrounge.org

Using Linux with a Cable Modem

This procedure actually describes configuring Linux to work with any Ethernet method of connecting to the Internet, but right now, using a cable modem is the most common method. It has been tested on the Albany, NY Road Runner system. It should also be applicable to other broad-band systems. Also, these examples assume that you are using Red Hat version 5.2, or newer and have linuxconf installed.

First, of course, you must have Linux installed and you should be reasonably familiar with basic commands and concepts. Then you must have your Ethernet adapter configured and recognized by Linux.

Is your nic properly recognized and are you configured using DHCP? Type ifconfig and see if eth0 appears and has a civilized IP address. Type cat /etc/resolv.conf   Does it show a valid nameserver (DNS)? If not, try re-booting and check ifconfig and cat /etc/resolv.conf again. If they now show reasonable values, try pinging a valid domain on the Internet. ping yahoo.com (Press Ctrl-C to stop ping.)

PING yahoo.com (204.71.200.243): 56 data bytes
64 bytes from 204.71.200.243: icmp_seq=0 ttl=247 time=90.6 ms
64 bytes from 204.71.200.243: icmp_seq=1 ttl=247 time=89.5 ms
64 bytes from 204.71.200.243: icmp_seq=2 ttl=247 time=90.0 ms
64 bytes from 204.71.200.243: icmp_seq=3 ttl=247 time=89.8 ms
64 bytes from 204.71.200.243: icmp_seq=4 ttl=247 time=88.1 ms

--- yahoo.com ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 88.1/89.6/90.6 ms

Then try browsing by using the lynx text mode browser. lynx http://www.yahoo.com

Screen shot showing the lynx text mode browser.

Use the Up and Down arrow keys to jump from link to link. Right arrow to follow a link, Left arrow to go back. Space bar to go to the next screen, "B" to go back, "G" to enter a new URL, "Q" to quit lynx.

If lynx works, then you should be all connected.

You can check most services' status from your own machine using either the regular client or telnet. For example, if you want to see if you are running any sort of web server you can use lynx http://localhost or telnet localhost 80 to see if the connection is refused. If it is not refused, then there is a program accepting connections. telnet localhost 25 is a good way to see if you have a mail server running.

/etc/services contains a list of common services along with their port assignments.

Problems? If by chance you can't get connected, then you might try manually filling in some more configuration settings. Boot a Win 95 machine, run Winipcfg and copy the information down. Then re-boot Linux and start linuxconf and go to Config/Networking/Client tasks/Name Server Specification (DNS). and enter the DNS address. Then to Config/Networking/Client tasks/Routing and Gateway/Defaults and enter the gateway address. Then go back and check ifconfig, etc. And maybe re-boot.

You might also get some speed improvement by editing your /etc/resolv.conf file and checking to see that it contains the correct DNS entry, and remove any lines that starts with "search."

If you are using a cable modem service that is different than Albany, NY Road Runner, then you might have further configuration issues. Go to the CableModemHelp.com Linux page for more information.

Configuring for safety

Now you need to go through and check some things that probably were installed by default, but need close attention. In particular, most distributions of Linux install various kinds of servers that, while useful, are a security risk to you and may violate your ISPs terms of service.

Sendmail

Sendmail is about the worst thing that you can have running, because spammers can use it to relay spam and you will be blamed. To check to see if it is running, type ps ax | grep sendmail. If you see something like this
  416  ?  S    0:00 sendmail
  727  p0 S    0:00 grep sendmail

then it means that sendmail is running. (If you just see one line listing 727 p0 S 0:00 grep sendmail (with a different number) then this is OK--you are just seeing the results of your query. Sendmail is not running.) 416 ? S 0:00 sendmail is the part that indicates that sendmail is a running process, with a process ID of 416.

First we must kill the sendmail process. There are several ways to do this. The most generic is to type kill pid, where pid, is the number you saw when you typed ps ax | grep sendmail. Using the above example, I would type kill 416. But 416 is only used for an example. You must use the pid number that you got when you used the ps ax command.

You can also use Linuxconf to start or stop Sendmail. Start linuxconf and go to Control/Control Service Activity:

Linuxconf screen shot showing how to enable/disable run-level services.

The left column means "Enabled." Scroll down to the "Sendmail" entry and change it from "Enabled" to "Disabled." Then Accept and Quit.

Now you have to make a decision. If you plan on using text mode programs like mail or elm to send email or want to use lynx's email capabilities, then you must keep sendmail installed. And you must ensure that sendmail doesn't run by itself each time that you re-boot. But if you don't plan on using them, then you might want to consider uninstalling sendmail.

If you do want to uninstall sendmail, then follow this procedure: First type rpm -qa |grep sendmail to double check on the appropriate filename. Then rpm -e sendmail. Finally, repeat rpm -qa |grep sendmail to see if it was indeed uninstalled.

FTP and Telnet

You also have to be careful if you are running an FTP server. Running FTP may be against your ISP's terms of service. Running an anonymous FTP server most certainly is.

The most common FTP server is wu-ftp. To check to see if it is installed, type rpm -qi wu-ftpd.

You probably should also consider disabling Telnet. In case you didn't know, the Telnet service is what allows anybody to log into your machine (assuming that they know a valid user ID and password.) This is extremely valuable when you know what you are doing, but it might be prudent to close this door to the world until you have a better handle on security issues.

We use a different method to manage these programs. Edit /etc/inetd.conf and scroll until you see these lines:

# These are standard services.
#
ftp     stream  tcp     nowait  root    /usr/sbin/tcpd  in.ftpd -l -a
telnet  stream  tcp     nowait  root    /usr/sbin/tcpd  in.telnetd
#gopher stream  tcp     nowait  root    /usr/sbin/tcpd  gn

In this example, ftp and telet are enabled, and gopher is disabled. To disable the ftp server, add a "#" (comment) character at the beginning of the line that starts with ftp. Same thing for telnet. Save the file, and then type kill -HUP inetd. This causes the system to re-read the inetd.conf configuration file and will only run the processes that are un-commented (i.e., don't start with a "#" character.)

You should also look through the rest of the inetd.conf file and disable any other processes that you don't need to have running. Likely candidates that are might be enabled by default and could be disabled are gopher, pop-3, pop-3, finger, netstat, systat and maybe auth. (Auth is needed to connect to IRC (Internet Relay Chat). If you won't be using IRC, then you probably don't need auth.)

You can check to see what "services" you actually have running by going to the Cablemodemhelp.com Portscan page, which will "scan" your machine and report the services you have running. (Well, actually the ports that are open, which is a good indication.) Of course, read the rest of Cablemodemhelp.com for a lot of excellent advice.

If you do want to run an FTP server but disable anonymous access, then edit etc/ftpusers and add "anonymous" at the end. (ftpusers actually lists users who are disallowed.) Check this by trying to connect anonymously to your machine to see if you are disallowed. (Don't forget to kill -HUP inetd to restart the FTP server after editing ftpusers.)

Also note that there is an serious security problems with older versions of wu-ftp (including the version that was shipped with Red Hat 5.2). You should download and install a a newer, fixed version. (Which is simple: Download the rpm file. Then rpm -Uvh file_you_just_downloaded.rpm.)

Apache Web Server

The Apache web server is usually installed and enabled by default. You may, or may not want to have this running. Again, use the Cablemodemhelp.com Portscan page to check to see if http is running. (A web server is the http process and usually runs on port 80.)

It is valuable to be able to stop, stop and restart Apache. I created these two scripts (as root) and put them in my /root/bin directory:

killapache

#!/bin/sh
echo "Stops Apache"
/etc/rc.d/init.d/httpd stop
echo ""
tail /var/log/httpd/error_log
echo "Apache has been terminated"

This script stops Apache and lists the last 10 lines of the Apache error log, so you can see if the operation completed without error. If Apache has been stopped, just type httpd to start it.

cycleapache

#!/bin/sh
echo "Starts/stops Apache"
/etc/rc.d/init.d/httpd restart
echo ""
tail /var/log/httpd/error_log
echo "Apache has ben cycled"

This script restarts Apache. This is helpful after you have made some changes in one of Apache's configuration files and want Apache to stop and restart using your new configuration changes. The Apache configuration files are usually located in /etc/httpd/conf.

By putting these scripts in /root/bin, you ensure that root is the only user that can run them. Also, make sure to chmod 700 them to make them executable. (700 only gives access to the file's owner, presumably root. Type ls -l to check on permission and ownership.)

Note that running killapache only stops Apache until your next re-boot. To disable Apache from running past a re-boot, start linuxconf and go to Control/Control Service Activity:

Linuxconf screen shot showing how to enable/disable run-level services.

Scroll down to the "httpd" entry and change it from "Enabled" to "Disabled."

Using Apache

If you do want to use Apache as a web server, then note that it defaults to storing the web pages in /home/httpd/html. If you (or anybody else on the Internet) accesses your computer's IP address, the web browser will see index.html that is contained in /home/httpd/html. When Apache was installed, it installed a dummy "It Worked!" index.html file. The general idea is that you replace this file with your own HTML content. You can just change to /home/httpd/html and start writing your web content using the editor of your choice. Every time you do a "file/save," then your newly updated words will be viewable by the world.

This server shouldn't be used by the general public. Particularily, you don't want it to be indexed by major search engines like Yahoo or Excite. To prevent search engines from indexing your web server, create a robots.txt file and place it in your /home/httpd/html directory.

User-agent: *
Disallow: /

Also, the Apache documentation was installed in /home/httpd/html/manual. If you are clever, then you will realize that accessing your_IP_address/manual/ will display the documentation.

Remember that running a server might be against your ISP's terms of service, or they might require permission first. Check your ISP's terms of service agreement before running any server.

Finishing Up

At this point, you are barely secure. What we have dealt with was just getting you going and calling your attention to common programs that might get you in trouble with your ISP. But we haven't discussed any of the other many security issues. Here is information on security issues.

You might also want to check the Firewalling and Proxy Server HOWTO, and the Linux IP Masquerade mini HOWTO.

Thanks to Peter Curran for his assistance with this page.

Also see Making Ethernet Adaptors Work With Linux and Use IPWatch to monitor your network connection.


Back to the scrounge.org home page.