[thelist] Stupid linux/router problem

Jon Molesa rjmolesa at consoltec.net
Thu Jul 5 19:37:54 CDT 2007


> OK, this is probably a little off-topic. But here goes anyway.

Yes but so was my post the other day.  Besides, yours at least has some
semblance of web related issues.
> 
> I've been running a personal web server through my DSL connection for
> several years. A few days ago I was hacked by some SOB's who planted a
> rootkit on the server, and kept using the back door to install a
> phishing site on my server. Yikes.
> 
> So anyway; I soon realized that the only way to get rid of this rootkit
> was to reformat my drive and reinstall Linux. I decided to go with
> Fedora Core 6.
Not a bad choice, but most of the damage could have been reduced by
changing (chmod'ing) permissions on directories.  It happen because of
some world writable directories, and XSS, also you should investigate
apache's mod_proxy and disable it.  Unless it's necessary, in which
case, you at least want to properly configure it.

But if it's been years then it was probably time for an upgrade any way.
> 
> So: traffic to this server (foo.com) is handled by a dLink router
> (address = 192.168.1.1.) I've assigned a permanent internal IP, via the
> router, to this server (192.168.1.140.) and placed it in the DMZ.
> 
> I've reinstalled Apache, of course, and fiddled with KDE's 'network
> configuration' utility.
> 
> And this is where things fall apart. At one point I guess I tried
> entering 192.168.1.140 as the IP address for foo.com in some Linux
> config file.
> 
Take a look at your network mask on the router, and have the router dole
out addy's via dhcp.  Then on your card/kde settings config the netmask
to match that of the router and do your static ip here.

Reboot the puppy.

Report back.

-- 
Jon Molesa
rjmolesa at consoltec.net
if you're bored or curious
http://rjmolesa.com



More information about the thelist mailing list