User manual REDHAT LINUX 7.1 PSERIES INSTALLATION GUIDE

[. . . ] Red Hat Linux 7. 1 The Official Red Hat Linux pSeries Installation Guide ISBN: N/A Red Hat, Inc. 2600 Meridian Parkway Durham, NC 27713 USA +1 919 547 0012 (Voice) +1 919 547 0024 (FAX) 888 733 4281 (Voice) P. O. Box 13588 Research Triangle Park, NC 27709 USA © 2001 Red Hat, Inc. rhl-ig-pseries(EN)-7. 1-Print-RHI (2001-03-14T12:41-0500) Copyright © 2001 by Red Hat, Inc. [. . . ] By default, access to the following resources are not allowed: · · · · Ports lower than 1023 -- the standard reserved ports, used by most system services, such as FTP, SSH, telnet, and HTTP The NFS server port (2049) The local X Window System display for remote X clients The X Font server port (by default, xfs does not listen on the network, it is disabled in the font server) If you want to allow resources such as RealAudioTM, while still blocking access to normal system services, choose Medium. You can select Customize to allow specific services through the firewall. No Firewall No firewall provides complete access to your system and does no security checking. Security checking is the disabling of access to certain services. It is recommended that this only be selected if you are running on a trusted network (not the Internet), or if you plan to do more detailed firewall configuration later. Choose Customize to add trusted devices or to allow additional incoming services. Trusted Devices Selecting any of the Trusted Devices allows access to your system for all traffic from that device; it is excluded from the firewall rules. For example, if you are running a local network, but are connected to the Internet via a PPP dialup, you can check eth0 and any traffic coming from your local network will be allowed. Selecting eth0 as trusted means all traffic over the Ethernet is allowed, put the ppp0 interface is still firewalled. If you want to restrict traffic on an interface, leave it unchecked. It is not recommended that you make any device that is connected to public networks, such as the Internet, a Trusted Device. Allow Incoming Enabling these options allow the specified services to pass through the firewall. Note, during a workstation-class installation, the majority of these services are not installed on the system. 54 Chapter 4:Installing Red Hat Linux DHCP If you allow incoming DHCP queries and replies, you allow any network interface that uses DHCP to determine its IP address. If DHCP is not enabled, your computer can no longer get an IP address. SSH Secure SHell (SSH) is a suite of tools for logging into and executing commands on a remote machine. If you plan to use SSH tools to access your machine through a firewall, enable this option. You need to have the openssh-server package installed in order to access your machine remotely, using SSH tools. Telnet Telnet is a protocol for logging into remote machines. Telnet communications are unencrypted, and provide no security from network snooping. Allowing incoming Telnet access is not recommended. If you do want to allow inbound Telnet access, you will need to install the telnet-server package. WWW (HTTP) The HTTP protocol is used by Apache (and by other Web servers) to serve Web pages. If you plan on making your Web server publicly available, enable this option. This option is not required for viewing pages locally or for developing Web pages. You will need to install the apache package if you want to serve Web pages. Mail (SMTP) If you want to allow incoming mail delivery through your firewall, so that remote hosts can connect directly to your machine to deliver mail, enable this option. You do not need to enable this if you collect your mail from your ISP's server using POP3 or IMAP, or if you use a tool such as fetchmail. Note that an improperly configured SMTP server can allow remote machines to use your server to send spam. FTP The FTP protocol is used to transfer files between machines on a network. [. . . ] 15 recursion ( See recursion ) Red Hat FAQ . . . . . . . . . . . 93 110 Index Red Hat Linux. . . . . . S 93 50 42 57 selecting packages . . . . . . . . . . . . 61 server cross-reference table . . . . . . . . . . . . [. . . ]