Debian :: Router Configuration And Certificates Warnings?
Apr 19, 2011
I've just bought a Linksys WRT610N router and I ran through various problems during the configuration, that brought some questions.Here is what I did to configure it (following the short manual that I got with the router)1. plugged the router in my modem and in my computer via ethernet cables2. entered its IP address (given on the manual) on my browser and logged in with the factory login3. changed the login passwordAfter this the problems that I have encountered are that:I set up the administration of the router to be disabled via wireless and enabled locally via https, but when saving those settings I either lost the connection (the browser telling me the server was not accessible) or asked confirm a security certificate after being (logically) redirected to the https version of the administration pageafter trying to loggin again, I wasn't able to login via https but only via http even if after logging those parameters were still as I set them (wireless administrative login disabled and local administrative login enabled only via https)
via https when getting something else than "the server is not responding or could be too busy", I was prompted the untrusted connection site, saying that"192.168.1.1 uses an invalid security certificate.The certificate is not trusted because it is self-signed.The certificate is only valid for Linksys.The certificate expired on 01/01/71 01:21. The current time is 19/04/11 22:56.(Error code:sec_error_expired_issuer_certificate)"I noticed that after loosing the connection and not being able to reach the router either with http or https, the only way I was then able to reconnect to it was to go into (I am using firefox 4 on squeeze) edit > preferences > advanced > encryption > view certificates > servers and delete the linksys certificate
I run a web server on Fedora 12, principally using Apache, MySQL, and PHP. I host a variety of sites, one of which is a family website that contains semi-sensitive personal data for several hundred extended family members, who all have access to the database-driven site.
Until now, I have been using a self-signed SSL certificate to encrypt the data as it is read and written back and forth from my database. Family members have simply had to put up with clicking past certificate warnings as they enter the site, as most browsers flag self-signed certificates as bad. It hasn't really been that much of a bother, but I'd love to do it more professionally. I have looked into buying SSL certificates, but it's a site I host for free and would rather find a cheap or free alternative if possible.
So I'm just fishing for ideas to work with. What are some alternatives to using SSL certificates for moderately strong website encryption? So far, I run only one host on the domain, but may eventually need encryption that would support multiple hosts. Or does anybody know a way to make self-signed certificates work on most popular browsers without being flagged as suspicious?
I cannot see my debian linux machine in my virgin media router>>attached devices. I can see everything else including my raspberry pi.
The box is headless but I connected up to tv temporary and did ifconfig and got the ip address. I can ssh to it and connect to minecraft server I have running on it but I would like to know why I cannot see it in the router.
So I have a router that I've gotten from my ISP, which seems to run a hardened, custom version of OpenWRT. By that I mean it's read-only and has a lot of files mostly in RAM. So putting custom firmware on it is not an option for me right now, as it's by only router. Actually, it's not just a router, it's an Actiontek modem/router combo.
So anyway, lets say I have a machine on my LAN and I want to basically SSH into a box by hostname. Now the thing is, I prefer using OpenDNS (previously OpenNIC) as my DNS, and so I don't use my router as my nameserver, though I could do that.
So how do I connect to my machine by hostname? I would prefer a solution that does not use Avahi/Zeroconf or editing the hosts file. People have said setting up a local DNS server might be okay, but I'd have to do that for every machine I'd want added to my network. Kind of almost as bad as editing a static hosts file. I use really want to use DHCP over static IP assigning, and the one on my router is not as advanced, so I can't use my hosts file. And also,
So is Zeroconf the only solution? I'm not sure how to set up Zeroconf. Do you just install Avahi?
I want a simple, almost Arch-linux solution, lean and clean, using only the most minimal software. I don't care how much configuring I'd have to do, as long as it's going to stay reliable as well.
I have just setup a debian box, and I want to be able to login to the machine remotely.Currently I have the following setup:Cable Modem -> Netgear Router (DHCP to outside world) -> Debian Box (DHCP for internal network)As I under stand it I have to set my Debian Box to use a static IP, but from there I di not know where to go.Also since my cable modem IP is dynamic, is there some way to have that the debian box get the IP address for the outside world, and e-mail it to my gmail account when it changes, or least every X hours?
I am running : Linux ics385 3.16.0-4-amd64 #1 SMP Debian 3.16.7-ckt11-1+deb8u6 (2015-11-09) x86_64 GNU/Linux
Here's the situation
1. I'm trying to configure a WLAN using a D-Link DLR655 wifi router that is connected to eth1.
2. eth0 is connected to the ISP's DHCP router and has the IP 192.168.0.24
3. I've bridged eth0 to eth1 such that eth1 has the static IP 192.168.8.1
4. I've manually configured the router and it uses the 192.168.8.1 as the WAN address with its subnet on the 192.168.10.* address space.
5. I can connect a laptop to the D-Link using wifi and ping 192.168.8.1 but I can't ssh to it or to anything beyond it from the laptop.
6. If I'm on the server (192.168.0.24) I can ssh into either 192.168.0.24 or 192.168.8.1 but not if I'm on the laptop. I conclude from this that ssh is not the problem but the laptop says ssh: connect to 192.168.8.1 port 22: connection refused.
So, am I conceptually confused or is it that I have to open ssh up to the other sub-net address spaces or something like that?
I'm building a Debian based router, I want to add to this router a mail service function. I don't want mail to be sent outside of the network, what I want is the ability for services to send mail to the Debian server and for me to then pick them up from this server via pop3 into my normal mail application. Given I'm not looking for mail to be sent outside of the network and its strictly for services to log notifications via. What of the various mail applications should I setup? i.e. just looking for SMTP + POP3 internally.
I am unable to get my intel pro/wireless 3945abg connected to my router. The firmware has been installed and at first was even able to connect, but now the access point doesn't even show up in network manager. I am currently able to connect using a USB wireless adapter, but for certain reasons, would prefer to use the former. I've looked over this page with no results.
I'm trying to TFTP router configurations to a server in the same local network without having to first make files in the server's TFTP directory . The transfer of a config file from router to server works perfectly if I make a file with touch and then chmod the file with 777. I found information that says to use the -c or --create option in the TFTP configuration file (/etc/default/tftpd-hpa) if you want TFTP to work without having to create the files first. The problem is, I have set this parameter and restarted TFTP , but it is not working.
Im currently installing debian on my old server, its a 64bit computer, so i've downloaded the amd64 for this project. But under the Basis Installation, of this cd image, im getting a debootstrap warning every time i want to continue the installation, the last warning i remember was something coreutils_6.10-6_amd64.deb (Something like that, not totaly sure), and im lost, can't find anything closely related to the subject.
I'm trying to install uzbl and was following the step by step guide on this page http://xanderboy.esdebian.org/36949/uzb ... orts-flash When i run make i get a lot of errors and warnings. Can anybody point out what I'm doing wrong?
I have enrolled some certificates from my own ca, to use to a couple of different services, like FTP, WEB, Mail etc. All these certificates comes from the same CA (my own), and I have created a root CA. But is it possible to import this root CA to the whole system, so I do not have to import the certificate or root CA to the different applications like iceweasel/firefox, chrome, icedove, filezilla etc.
I've moved a linuxbox from being my gateway (nat, etc) to behind a new gateway (a DD-wrt router). For transparency purposes, I'd like to continue using the old box services, and just have the gateway in front of it.
Here's what I did:
The newgateway is setup for class C, 192.168.0.0
This configuration works, but sometimes it doesn't and I haven't figured out why yet.
At sometimes, clients on the LAN get throughput rates with very little speed loss (using speakeasy speed test). They will run at 33M on the LAN, running through both the newgateway, and the oldbox, and get about 35M with directly connected to the cable modem.
Other times, it seems nothing can talk with anyone, and I am not sure why.
I know what I have done is a little unconventional, but it's a transitional thing, and I am not sure it is the cause of the problem, although it was the last things changed.
I'm trying to install Debian Jessie, but the installation keeps failing when installing the ca-certificates package and then asks for a media change to the disk that is already in the drive, and keeps asking even though it's already in the drive.
I'm getting some odd behavior from a new router (netgear wg614 i believe). It appears that it won't assign an IP address to any machine running linux, but it WILL assign an IP address just fine to windows machines. my laptop is running debian lenny, but it isn't just my laptop - other linux (or linux based) machines can't get an IP address from it, either (including my wii). yet my old windows desktop gets an IP address just fine, as do my friend's windows laptops. i did not have this problem with my old router. nor do i have this problem when i bring my laptop other places. i have this problem ONLY with this new router.
the workaround is to assign a static IP address to my laptop and my wii, which is fine, but... i still want to get to the bottom of it. my laptop is definitely associated with the router (iwconfig output confirms this), so it's not a problem with the card or the driver (right?). i can log into the router administration from my laptop. the router just won't give it an IP address. how can this be? considering:-the only thing that has changed is the router-the problem occurs with all non-windows machines-my laptop and wii both worked fine with my old router (and others), and the settings have not changed.so, is there something fundamentally different about how linux and windows request an IP address from a DHCP server? My knowledge of both linux and DHCP are "medium", and they don't overlap enough for me to figure this out, i guess.
I am thinking of moving the router behind a server and connecting the server directly to the internet via a modem. Are there any security issues related to doing this? or other things I should be aware of. Iptables are implemented on the server blocking access on unused ports.
I know you've probably seen this type of request numerous times, but I just can't get it right.Objective: to get to grips with Linux network routers.Problem: Cannot ping across the router.On the router itself, I can ping to clients on ether side.Server: Ubuntu 10.10NIC1: connects to home broadband router. Static IP address. Eth1 has no problem pinging outside world.NIC2: Static IP address. This NIC is configured for DHCP server and will have a home machine or two connected to it assigned IP addresses from the DHCP server.Set ip forwarding from 0 to 1
/etc/sysctl.conf net.ipv4.ip_forward=1 Static assignment of IP addresses to the 2 NIC's of router.
I have a desktop computer (Ubuntu) connected to one of the LAN ports of the Cradlepoint MBR1000 router via an Ethernet cable. I also have a Verizon mobile broadband USB modem (USB760) plugged into the USB port of the Cradlepoint router.I also have a laptop (Ubuntu) with a wireless wi-fi adapter (802.11g). The laptop also has an Ethernet card but I'm not using it. The desktop computer does not have a wi-fi adapter, only the laptop does.
With the above setup, I have Internet access to both the desktop computer as well as the laptop computer, which I am well pleased with.Is there a way I can have file sharing between the desktop and the laptop, or at least ping between them, the way I have it set up? I can't use the ad-hoc method because for that to work each computer needs a wi-fi adapter. The router is using DHCP but can also be configured manually.
I m using an adsl modem router for connecting into the internet while my operating system is windows 7,but i want to learn open source platforms like UNIX and Linux. so for this reason i install a Linux distro which is centos5. i want to ask how i can configure my modem router with centos. modem router model is Billion BIPAC 5210s.i search internet for its drivers and the only thing which i found modem driver for windows platforms and nothing esle want to know that for installing this modem with my centos i need to download its drivers or not and if the answer is yes or no how comes !
I have a CentOS server that has some problems with the network configuration. I can't find the correct settings / help on internet
The computer has 3 network connections. ETH0 is connected to a router (a FritzBox 7050 with IP address 192.168.178.1). The ETH0 card has a fixed IP-address 192.168.178.22 - gw 192.168.178.1. Firefox as well as the webserver are working fine. ETH1 is not working (and not activated) because of problems with the drivers. ETH2 should be the intranet connection. This interfacecard has IP-address 192.168.17.1 and is connected to a switch. After the switch I have 1 computer attached with IP-address 192.168.17.3 - gw 192.168.17.1 A ping from the server to this computer gives good results and a ping from the computer to the server also. trying to ping to the fritz-box or to the internet constantly fails. As far as I can search, I'm certain that the failing is caused by routing-problems on the CentOS server.
the command 'ifconfig' of the server results : eth0 Link encap:Ethernet HWaddr 00:1E:E5:D5:F1:C4 inet addr:192.168.178.22 Bcast:192.168.178.255 Mask:255.255.255.0 inet6 addr: fe80::21e:e5ff:fed5:f1c4/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
I went to see if the iPhone was connected and it wasn't listed--and she was now on my wireless network, on the Internet. For the past month, I have experienced slow Internet (the Qwest people came over three times to fix the problem, to no avail.) And, when my laptop and desktop are turned off, the modem still shows activity, as if someone was downloading large files. Qwest insists that my network is secure and no one is using my network (and my house was built in 1997, so the wiring is fairly new and I have had NO issues with Internet/phone and had Qwest service longer than I can remember).
To make a long story short, I am concerned that my router has been hacked. I live in a rural area, so there's no teenagers or weird-o's around that I know of that would do that (unlike city/suburban areas)--and my Linksys router is "lying" to me, as my nephew was ON MY NETWORK and the SSID, MAC address and IP number was not listed on the LAN device list--only my laptop/desktop are listed, and she was happily checking emails on my network. I have changed my WPA2 password three times just in case, no fix.
I've just spent the entire night trying to get my computer to share Internet with my laptop. I have DSL Internet with the modem configured to bridge mode. On the openSUSE server I have two NIC's. When setting up the DSL (pppoe) it created a dsl0 which is using the NIC eth0. So now I have dsl0, eth0, and eth1 I configured eth1 for DHCP server. When I connect with my laptop using DHCP it gets an IP address just fine. However I can't access the Internet. I think my problem is in the Kernel IP Routing Table. Here is the output from /sbin/route -n
dsl0 obtains IP from ISP eth0 is set to DHCP although that confuses me because how can the same NIC have two IP Addresses? eth1 static IP 10.30.60.1
I've been trying to understand issues that occur during a uClinux distribution build (so I can include such issues in a module I'm writing for students). My process has been to work through errors that occur due to missing packages, then remove the distribution and build it again to uncover what happens.One thing I notice is different sets of warnings within each iteration of making a new build. From the document here (URl...it states, "A typical warning involves a variable being used before its value has been set."
So my question: is there a way to verify that the issue throwing the warning has been resolved by the end of the make build?And, is running make build again an option or could this cause problems within the build directories or image?
You should be running a firewall. I would also periodically check for rootkits with rkhunter and chkrootkit. Antivirus is usually optional, but it depends on your network ... if you have Window$ machines, do use clamav or something.Hope I'm not distorting the thread but just ran rkhunter and got a lot of red warnings, especially worrying seems:
This is the command line I used to run cdrecord. Afterwards, I ran 'cdrecord -media-info' on the same disc and, as a result, I got the messages contained in the file I am adjoining. There, two consecutive warnings can be seen, which I quote:
The disk, after recording, however, is both readable by GNU/linux and another O.S. What is the meaning of those warnings and what are its possible implications? I would like to know.
When I start up my computer I always get the Akonadi message window with some errors. If I just close it, launch "akonadi configuration" and ask for a test, some of the errors have already disappeared. It looks like the first test is made too soon, before everything is running. It's not a big issue but I would like to get rid of the akonadi warnings window. Does anybody know how?