Книга: Linux Network Administrator Guide, Second Edition

Сноски из книги

· #1

… or you are extremely impatient and know that the 24 hours it might take to download the software from the Internet is faster than the 72 hours it might take to wait for a CD-ROM to be delivered!

· #2

Terry Dawson can be reached at [email protected].

· #3

Philip Hazel can be reached at [email protected].

· #4

Note that while you are allowed to print out the online version, you may not run the O'Reilly book through a photocopier, much less sell any of its (hypothetical) copies.

· #5

The original spirit of which (see above) still shows on some occasions in Europe.

· #6

The shell is a command-line interface to the Unix operating system. It's similar to the DOS prompt in a Microsoft Windows environment, albeit much more powerful.

· #7

The Ethernet FAQ at http://www.faqs.org/faqs/LANs/ethernet-faq/ talks about this issue, and a wealth of detailed historical and technical information is available at Charles Spurgeon's Ethernet web site at http://wwwhost.ots.utexas.edu/ethernet/.

· #8

Alan can be reached at [email protected]

· #9

NCP is the protocol on which Novell file and print services are based.

· #10

We will come back to this topic in Chapter 12, Important Network Features.

· #11

There have been commercial Unix systems (that you have to pay lots of money for) that came with a setuid-root shell script, which allowed users to gain root privilege using a simple standard trick.

· #12

In 1988, the RTM worm brought much of the Internet to a grinding halt, partly by exploiting a gaping hole in some programs including the sendmail program. This hole has long since been fixed.

· #13

The version of the Internet Protocol most frequently used on the Internet is Version 4. A lot of effort has been expended in designing a replacement called IP Version 6. IPv6 uses a different addressing scheme and larger addresses. Linux has an implementation of IPv6, but it isn't ready to document it in this book yet. The Linux kernel support for IPv6 is good, but a large number of network applications need to be modified to support it as well. Stay tuned.

· #14

Frequently, IP addresses will be assigned to you by the provider from whom you buy your IP connectivity. However, you may also apply to the NIC directly for an IP address for your network by sending email to [email protected], or by using the form at http://www.internic.net/.

· #15

Autonomous systems are slightly more general. They may comprise more than one IP network.

· #16

The cost of a route can be thought of, in a simple case, as the number of hops required to reach the destination. Proper calculation of route costs can be a fine art in complex network designs.

· #17

IRQs 2 and 9 are the same because the IBM PC design has two cascaded interrupt processors with eight IRQs each; the secondary processor is connected to IRQ 2 of the primary one.

· #18

People should use development kernels and report bugs if they are found; this is a very useful thing to do if you have a machine you can use as a test machine. Instructions on how to report bugs are detailed in /usr/src/linux/REPORTING-BUGS in the Linux kernel source.

· #19

Remember, the IP protocol can be carried over many different types of network, and not all network types will support packet sizes as large as Ethernet.

· #20

Paul can be reached at [email protected].

· #21

Fight to clear the hacking name! Always use "cracker" when you are referring to people who are consciously trying to defeat the security of a system, and "hacker" when you are referring to people who have found a clever way of solving a problem. Hackers can be crackers, but the two should never be confused. Consult the New Hackers Dictionary (popularly found as the Jargon file) for a more complete understanding of the terms.

· #22

The enhanced parallel port adaptor patch for 2.0 kernel is available from http://www.cyberelk.demon.co.uk/parport.html.

· #23

NCSA telnet is a popular program for DOS that runs TCP/IP over Ethernet or PLIP, and supports telnet and FTP.

· #24

Niibe can be reached at [email protected].

· #25

You can reach Philip at [email protected].

· #26

David can be reached at [email protected].

· #27

Note that we are not talking about WinModem(TM) here! WinModems have very simple hardware and rely completely on the main CPU of your computer instead of dedicated hardware to do all of the hard work. If you're purchasing a modem, it is our strongest recommendation to not purchase such a modem; get a real modem. You may find Linux support for WinModems, but that makes them only a marginally more attractive solution.

· #28

The first number on each subnet is the subnetwork address, and the last number on each subnet is reserved as the broadcast address, so it's actually 62 hosts per subnet.

· #29

You need the address of an NIS server only if you use Peter Eriksson's NYS. Other NIS implementations locate their servers only at runtime by using ypbind.

· #30

Note that names in networks must not collide with hostnames from the hosts file, or else some programs may produce strange results.

· #31

Anyone remember Pink Floyd's "Echoes"?

· #32

For example, all applications based on RPC use the loopback interface to register themselves with the portmapper daemon at startup. These applications include NIS and NFS.

· #33

Note that pointopoint is not a typo. It's really spelled like this.

· #34

As a matter of caution, you should configure a PLIP or SLIP link only after you have completely set up the routing table entries for your Ethernets. With some older kernels, your network route might otherwise end up pointing at the point-to-point link.

· #35

The dummy device is called dummy0 if you have loaded it as a module rather than choosing it as an inbuilt kernel option. This is because you are able to load multiple modules and have more than one dummy device.

· #36

More correctly, using IP aliasing is known as network layer virtual hosting. It is more common in the WWW and STMP worlds to use application layer virtual hosting, in which the same IP address is used for each virtual host, but a different hostname is passed with each application layer request. Services like FTP are not capable of operating in this way, and they demand network layer virtual hosting.

· #37

RIP chooses the optimal route to a given host based on the "length" of the path. It is computed by summing up the individual metric values of each host-to-host link. By default, a hop has length 1, but this may be any positive integer less than 16. (A route length of 16 is equal to infinity. Such routes are considered unusable.) The metric parameter sets this hop cost, which is then broadcast by the routing daemon.

· #38

ssh can be obtained from ftp.cs.hut.fi in /pub/ssh.

· #39

You can tell whether a connection is outgoing from the port numbers. The port number shown for the calling host will always be a simple integer. On the host being called, a well-known service port will be in use for which netstat uses the symbolic name such as smtp, found in /etc/services.

· #40

If information weren't cached, then DNS would be as inefficient as any other method because each query would involve the root name servers.

· #41

Well, almost. A name server has to provide at least name service for localhost and reverse lookups of 127.0.0.1.

· #42

BIND 4.9 was developed by Paul Vixie, [email protected], but BIND is now maintained by the Internet Software Consortium, [email protected].

· #43

Note that you can't query your name server for the root servers if you don't have any root server hints installed. To escape this dilemma, you can either make nslookup use a different name server, or use the sample file in Example 6.10 as a starting point, and then obtain the full list of valid servers.

· #44

diplogin must be run as setuid to root, too. See the section at the end of this chapter.

· #45

Relevant RFCs are listed in the Bibiliography at the end of this book.

· #46

In fact, HDLC is a much more general protocol devised by the International Standards Organization (ISO) and is also an essential component of the X.25 specification.

· #47

If you have any general questions about PPP, ask the people on the Linux-net mailing list at vger.rutgers.edu.

· #48

Karl can be reached at [email protected].

· #49

The default network route is installed only if none is already present.

· #50

If you edit syslog.conf to redirect these log messages to a file, make sure this file isn't world readable, as chat also logs the entire chat script by default - including passwords.

· #51

More information on two dynamic host assignment mechanisms can be found at http://www.dynip.com/ and http://www.justlinux.com/dynamic_dns.html.

· #52

Using hostnames in this option has consequences for CHAP authentication. Please refer to the "Authentication with PPP" section later in this chapter.

· #53

The ipcp-accept-local and ipcp-accept-remote options instruct your pppd to accept the local and remote IP addresses being offered by the remote PPP, even if you've supplied some in your configuration. If these options are not configured, your pppd will reject any attempt to negotiate the IP addresses used.

· #54

If we wanted to have routes for other sites created when they dial in, we'd add appropriate case statements to cover those in which the… appears in the example.

· #55

"Secret" is just the PPP name for passwords. PPP secrets don't have the same length limitation as Linux login passwords.

· #56

The double quotes are not part of the secret; they merely serve to protect the whitespace within it.

· #57

This hostname is taken from the CHAP challenge.

· #58

The useradd or adduser utility, if you have it, will simplify this task.

· #59

The term firewall comes from a device used to protect people from fire. The firewall is a shield of material resistant to fire that is placed between a potential fire and the people it is protecting.

· #60

Firewall packet logging is a special feature that writes a line of information about each datagram that matches a particular firewall rule out to a special device so you can see them.

· #61

FTP active mode is somewhat nonintuitively enabled using the PORT command. FTP passive mode is enabled using the PASV command.

· #62

The ProFTPd daemon is a good example of an FTP server that doesn't, at least in older versions.

· #63

Paul can be reached at [email protected].

· #64

Take a look at /etc/protocols for protocol names and numbers.

· #65

This isn't a good thing to do if your Linux machine serves as a router. If you disable IP forwarding, it will cease to route! Do this only on a machine with a single physical network interface.

· #66

RealAudio is a trademark of the Progressive Networks Corporation.

· #67

You can contact Ambrose at [email protected].

· #68

… and perhaps even a whole book!

· #69

Written by Wietse Venema, [email protected].

· #70

Usually only local hostnames obtained from lookups in /etc/hosts contain no dots.

· #71

While its name suggests it is an extreme measure, the PARANOID keyword is a good default, as it protects you against mailicious hosts pretending to be someone they are not. Not all tcpd are supplied with PARANOID compiled in; if yours is not, you need to recompile tcpd to use it.

· #72

OpenSSH was developed by the OpenBSD project and is a fine example of the benefit of free software.

· #73

Swen can be reached at [email protected]. The NIS clients are available as yp-linux.tar.gz from metalab.unc.edu in system/Network.

· #74

Peter may be reached at [email protected]. The current version of NYS is 1.2.8.

· #75

Thorsten may be reached at [email protected].

· #76

DBM is a simple database management library that uses hashing techniques to speed up search operations. There's a free DBM implementation from the GNU project called gdbm, which is part of most Linux distributions.

· #77

To enable use of the /etc/hosts.allow method, you may have to recompile the server. Please read the instructions in the README included in the distribution.

· #78

The secure portmapper is available via anonymous FTP from ftp.win.tue.nl below the /pub/security/ directory.

· #79

Rick can be reached at [email protected].

· #80

Actually, you can omit the -t nfs argument because mount sees from the colon that this specifies an NFS volume.

· #81

One doesn't say filesystem because these are not proper filesystems.

· #82

Novell and NetWare are trademarks of the Novell Corporation.

· #83

Alan can be reached at [email protected].

· #84

Greg can be reached at [email protected].

· #85

Volker can be reached at [email protected].

· #86

Ales can be reached at [email protected]. Martin can be reached at [email protected].

· #87

Information on Caldera can be found at http://www.caldera.com/.

· #88

It looks like the system administrators had been sampling some of the Virtual Brewery's wares before they chose some of those print queue names. Hopefully your print queue names are more meaningful!

· #89

Written and copyrighted by Ian Taylor, 1995.

· #90

It's also included in the 4.4BSD System Manager's Manual.

· #91

If you're just going to try out UUCP, get the number of an archive site near you. Write down the login and password - they're public to make anonymous downloads possible. In most cases, they're something like uucp/uucp or nuucp/uucp.

· #92

The only limitation is that it shouldn't be longer than seven characters, so as to not confuse UUCP implementations that run on an operating system that imposes a narrow limit on filenames. Names that are longer than seven characters are often truncated by UUCP. Some versions even limit the name to six characters.

· #93

The UUCP Mapping Project registers all UUCP hostnames worldwide and makes sure they are unique.

· #94

Older Version 2 UUCPs don't broadcast their name when being called; however, newer implementations often do, and so does Taylor UUCP.

· #95

For instance, most companies' private installations require you to dial a 0 or 9 to get a line to the outside.

· #96

The bit rate of the tty must be at least as high as the maximum transfer speed.

· #97

If the remote system runs Taylor UUCP, it will obey.

· #98

Some modems don't seem to like this and occasionally hang.

· #99

bsmtp is used to deliver mail with batched SMTP.

· #100

You may use a tilde (~) character to refer to the UUCP public directory, but only in UUCP configuration files; outside it usually translates to the user's home directory.

· #101

Note that tcpd usually has mode 700, so that you must invoke it as user root, not uucp. tcpd is discussed in more detail in Chapter 12, Important Network Features.

· #102

Gert Doering's mgetty is such a beast. It runs on a variety of platforms, including SCO Unix, AIX, SunOS, HP-UX, and Linux.

· #103

This option is not present in Version 1.04.

· #104

That is, files with names beginning with a dot. Such files aren't normally displayed by the ls command.

· #105

Read RFC-1437 if you don't believe this statement!

· #106

Guylhem can be reached at [email protected].

· #107

It is customary to append a signature or .sig to a mail message, usually containing information on the author along with a joke or a motto. It is offset from the mail message by a line containing " - " followed by a space.

· #108

This is because disk space is usually allocated in blocks of 1,024 bytes. So even a message of a few dozen bytes will eat a full kilobyte.

· #109

When trying to reach a DECnet address from an RFC-822 environment, you can use "host::user"@relay, for which relay is the name of a known Internet-DECnet relay.

· #110

Maps for sites registered with the UUCP Mapping Project are distributed through the newsgroup comp.mail.maps; other organizations may publish separate maps for their networks.

· #111

They are posted regularly in news.lists.ps-maps. Beware. They're HUGE.

· #112

The Free On-Line Dictionary of Computing can be found packaged in many Linux distributions, or online at its home page at http://wombat.doc.ic.ac.uk/foldoc/.

· #113

Other possible locations are /etc/rc.d/init.d and rc.inet2. The latter is common on systems using a BSD-style structure for system administration files in the /etc directory.

· #114

This is the new standard location of sendmail according to the Linux File System Standard. Another common location is /usr/lib/sendmail, which is likely to be used by mail programs that are not specially configured for Linux. You can define both filenames as symbolic links to Exim so that programs and scripts invoking sendmail will instead invoke Exim to do the same things.

· #115

Some user agents, however, use the SMTP protocol to pass messages to the transport agent, calling it with the -bs option.

· #116

Use kill HUP pid, for which pid is the process ID of the inetd process retrieved from a ps listing.

· #117

The system load is a standard Unix measure of the average number of processes that are queued up, waiting to run. The uptime shows load averages taken over the previous 1, 5, and 15 minutes.

· #118

This is a simplification. It is possible for directors to pass addresses to transports that deliver to remote hosts, and similarly, it is possible for routers to pass addresses to local transports that write the messsage to a file or a pipe. It is also possible for routers to pass addresses to the directors in some circumstances.

· #119

A director is skipped if the address it is about to process is one that it has previously processed in the course of generating the present address.

· #120

Please, if you choose to use a vacation program, make sure it will not reply to messages sent from mailing lists! It is very annoying to discover that someone has gone on vacation and find a vacation message for every message they've received. Mailing list administrators: this is a good example of why it is bad practice to force the Reply-To: field of mailing list messages to that of the list submission address.

· #121

The format of Usenet news messages is specified in RFC-1036, "Standard for interchange of USENET messages."

· #122

Wait a minute: 60 Megs at 9,600 bps, that's 60 million multiplied by 1,024, that is… mutter, mutter… Hey! That's 34 hours!

· #123

Some people claim that Usenet is a conspiracy by modem and hard disk vendors.

· #124

There may be a difference between the groups that exist at your site and those that your site is willing to receive. For example, the subscription list might specify comp.all, which should send all newsgroups below the comp hierarchy, but at your site you might not list several of the comp newsgroups in the active file. Articles posted to those groups will be moved to junk.

· #125

Note that this should be the crontab of news; file permissions will not be mangled.

· #126

You can obtain the C News source distribution from its home site at ftp.cs.toronto.edu /pub/c-news/c-news.tar.Z

· #127

It is not uncommon for an article posted in say, Hamburg, to go to Frankfurt via reston.ans.net in the Netherlands, or even via some site in the U.S.

· #128

As shipped with C News, compcun uses compress with the 12-bit option, since this is the lowest common denominator for most sites. You may produce a copy of the script, say compcun16, for which you use 16-bit compression. The improvement is not too impressive, though.

· #129

The article's date of arrival is kept in the middle field of the history line and given in seconds since January 1, 1970.

· #130

I don't know why this happens, but it does from time to time.

· #131

I wouldn't try this on the Internet, either.

· #132

When posting an article over NNTP, the server always adds at least one header field, NNTP-Posting-Host:. The field contains the client's hostname.

· #133

The same problem exists with the Simple Mail Transfer Protocol (SMTP), although most mail transport agents now provide mechanisms to prevent spoofing.

· #134

leafnode is available by anonymous FTP from wpxx02.toxi.uni-wuerzburg.de in the /pub/ directory.

· #135

Very small news sites should consider a caching NNTP server program like leafnode, which is available at http://wpxx02.toxi.uni-wuerzburg.de/~krasel/leafnode.html.

· #136

This is indicated by the Date: header field; the limit is usually two weeks.

· #137

Threading 1,000 articles when talking to a loaded server could easily take around five minutes, which only the most dedicated Usenet addict would find acceptable.

· #138

The name apparently stands for NetNews Read& Post Daemon.

· #139

PGP and GPG are tools designed to authenticate or encrypt messages using public key techniques. GPG is the GNU free version of PGP. GPG may be found at http://www.gnupg.org/, and PGP may be found at http://www.pgp.com/.

· #140

Things improve drastically if the NNTP server does the threading itself and lets the client retrieve the threads databases; INN does this, for instance.

· #141

This is the reason why you will get ugly error messages when invoking tin as superuser. But you shouldn't do routine work as root, anyway.

· #142

Note that C News (described in Chapter 21, C News) doesn't update this low-water mark automatically; you have to run updatemin to do so.

· #143

Their order has to agree with that of the entries in the (binary) MASTER file.

----

Оглавление книги


Генерация: 0.092. Запросов К БД/Cache: 0 / 0
поделиться
Вверх Вниз