[lug] network settings

Wed Sep 20 18:21:06 MDT 2000

see below...

--
PC Drew

Thus spake KRITZBERG DAVID OWEN on Wednesday, September 20, 2000, 6:01:49 PM:

KDO> I really want to thank people on this list for getting me started on 
KDO> this problem. I'm pretty inexperienced with Linux. I used what I read and
KDO> may have narrowed the problem but I haven't solved it. I'm hoping someone
KDO> can help me again. I have Linux Mandrake 7.1 installed pretty
KDO> successfully except that I can't get on the internet. I looked at
KDO> some settings:

KDO> [root at kritzberg /root]# netstat -nr
KDO> Kernel IP routing table
KDO> Destination     Gateway         Genmask         Flags   MSS Window  irtt
KDO> Iface
KDO> 128.138.146.175 0.0.0.0         255.255.255.255 UH        0 0          0
KDO> eth0
KDO> 128.138.0.0     0.0.0.0         255.255.0.0     U         0 0          0
KDO> eth0
KDO> 127.0.0.0       0.0.0.0         255.0.0.0       U         0 0          0
KDO> lo
KDO> 0.0.0.0         128.138.146.1   0.0.0.0         UG        0 0          0
KDO> eth0

Did you verify with ITS that you're supposed to be using a Class B
subnet mask?  If your default gateway is 128.138.146.1, you should be
using a class C subnet mask...255.255.255.0

KDO> [root at kritzberg /root]# cat /etc/resolv.conf
KDO> domain colorado.edu
KDO> search colorado.edu
KDO> nameserver 128.138.240.1
KDO> nameserver 128.138.130.30
KDO> nameserver 128.138.129.76

looks fine...if you type "nslookup", do you get something like this:

[gypsy:~] > nslookup
Default Server:  boulder.Colorado.EDU
Address:  128.138.240.1
>

If you don't get that, then there is definitely something wrong with
your network setup.

KDO> I can ping colorado.edu but it really just pings 128.138.146.175--the
KDO> IP I have taken for the linux box. I have used this IP successfully
KDO> before on a Win98 machine.

KDO> It doesn't make a difference (given my current settings) whether or
KDO> not the  gateway 128.138.146.1 is allowed to route IP
KDO> packets... I don't know if that provides extra information.

I don't know what you mean by "allowed to route IP packets"...if it's
your default gateway, then it MUST route IP packets or you'll never
get off your ethernet segment.

KDO> I can ping a machine by IP address that is not connected to my hub,
KDO> though on the same part of campus, but I can't ping it by name. For
KDO> example I can ping 128.138.146.156 but not miquelon.colorado.edu, the
KDO> same machine.

You've gotta ask ITS to put your IP address in DNS for you.

Also, on a security note:

Since you've posted your actual IP addresses to the list (and now
they've been sent to a lot of people and accessible via the archive on
the web) you may be more likely to be attacked.  I ran a portscan on
your box, and here's what I got:

Port: 21        -->     ftp
Port: 23        -->     telnet
Port: 25        -->     smtp
Port: 110       -->     pop-3
Port: 111       -->     sunrpc
Port: 113       -->     auth

if I were you, I'd comment out all of those ports in /etc/inetd.conf
and shut off your smtp server.  If you need to connect remotely to
this box, I'd recommend installing SSH as an alternative to telnet and
ftp.  I know this sounds like a pain, and you don't have to listen to
me, but those are my recommendations.

If you need help doing this or understanding why I'm recommending
this, feel free to email me or the list and I'll be happy to answer
your questions (as will other people, I'm sure).