LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 12-06-2006, 09:29 AM   #1
scoff
LQ Newbie
 
Registered: Dec 2006
Posts: 3

Rep: Reputation: 0
Using PCI modem to dial-in from outside


Here's the situaton:

I work in a small office that has high-speed Internet on our LAN. One of our computers is running Suse 10.1 and has a PCI modem (Conexant CX06834-11, if it matters)that's attached to a phone line. With our boss' permission, one of my coworkers wants to dial in from home (he lives in a rural area, and Internet is expensive there) and use the local connection here for browsing and mail.

Questions follow:

1) Is this possible? (and if so, how?)
2) What kind of security concerns would I be facing? Am I wrong in assuming that this kind of thing could be a PiTA once our PIX 501 is in place?

I'm relatively new to Linux itself*, but not to computers. I usually reside in OS X, so have a bit of familiarity with Unix.


* I've tried several other distros, but only briefly: Mandrake, Ubuntu, Mepis, CentOS, Debian

Any help whatsoever would be appreciated, as I'm not really sure where to start.
 
Old 12-06-2006, 10:32 AM   #2
blackhole54
Senior Member
 
Registered: Mar 2006
Posts: 1,896

Rep: Reputation: 61
Your biggest problem would likely be your modem. I just googled for it and it appears to be a "software modem." Before you put much effort into the rest of your problem, I suggest you make sure you can get the modem to work with your Linux system. You might look at LQ's HCL (link at top of this page), check linmodems.org, and generally try googling.

I would have to do some research myself for the details of how you set it up, but basically you install some flavor of getty (if its not already installed -- the flavor you want is what I would need to check out) and modify /etc/inittab so that it allows a login through the modem.

The security issues I see are twofold. 1) Of course you want to make sure all accounts that can be accessed by this means have solid passwords. (I don't know if the appropriate getty software allows you to add a system password, or restrict accounts that can be accessed) 2) Your coworker would be logging into this machine as a local user, so you would have the security considerations you would for a local user. (Disclaimer: I am not a security expert!)

Correct me if I am wrong, but the PIX 501 wouldn't have anything to do with dial-in would it? I would think it would only come into play in determining network (including internet) access for the user, which would be treated as any other local user.

Just so you know, I have configured a system that allows login through serial, but no modem is involved. I am just using the getty program itself, but when I was researching how to do this I noticed there are other programs that are recommended if you are using a modem.
 
Old 12-06-2006, 10:53 AM   #3
scoff
LQ Newbie
 
Registered: Dec 2006
Posts: 3

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by blackhole54
Your biggest problem would likely be your modem. I just googled for it and it appears to be a "software modem." Before you put much effort into the rest of your problem, I suggest you make sure you can get the modem to work with your Linux system. You might look at LQ's HCL (link at top of this page), check linmodems.org, and generally try googling.
I've already been the linmodems route, which is how I got the modem working in the first place (it can dial out at least). Hopefully its "software modem" status isn't a problem, as it was already difficult to find a PCI modem locally that wasn't a US Robotics Winmodem.

Quote:
Originally Posted by blackhole54
I would have to do some research myself for the details of how you set it up, but basically you install some flavor of getty (if its not already installed -- the flavor you want is what I would need to check out) and modify /etc/inittab so that it allows a login through the modem.
I'll look into this getty business and report back with success or failure - hopefully the former.

Quote:
Originally Posted by blackhole54
The security issues I see are twofold. 1) Of course you want to make sure all accounts that can be accessed by this means have solid passwords. (I don't know if the appropriate getty software allows you to add a system password, or restrict accounts that can be accessed) 2) Your coworker would be logging into this machine as a local user, so you would have the security considerations you would for a local user. (Disclaimer: I am not a security expert!)
Security here is pretty lax, and I wanted to make sure adding something like this wouldn't ruin future efforts to shore it up. For the most part, we're a Windows network.

Quote:
Originally Posted by blackhole54
Correct me if I am wrong, but the PIX 501 wouldn't have anything to do with dial-in would it? I would think it would only come into play in determining network (including internet) access for the user, which would be treated as any other local user.
Yeah, I'm thinking my morning coffee hadn't quite jump-started some neurons or somesuch; I don't know what I was on when I mentioned that bit.

Quote:
Originally Posted by blackhole54
Just so you know, I have configured a system that allows login through serial, but no modem is involved. I am just using the getty program itself, but when I was researching how to do this I noticed there are other programs that are recommended if you are using a modem.
If googling more about getty doesn't lead me to these programs you're talking about, then I might be back with more questions.

Thanks a lot for your help so far!
 
Old 12-06-2006, 11:10 AM   #4
blackhole54
Senior Member
 
Registered: Mar 2006
Posts: 1,896

Rep: Reputation: 61
Quote:
Originally Posted by scoff
Security here is pretty lax, and I wanted to make sure adding something like this wouldn't ruin future efforts to shore it up.!
If at a future date you decide the dial-in causes an unacceptable risk, just remove the entry you added to /etc/inittab so it no longer answers the phone. Disconnecting the phone cord is pretty effective too.

Edit: I did just think of another security issue. Depending on how paranoid you are, you might want to make sure that nobody can dial out through your modem as a way to get to the Internet, bypassing your firewall. But in a lax environment, that probably isn't an issue.

Last edited by blackhole54; 12-06-2006 at 11:14 AM.
 
Old 12-07-2006, 02:01 PM   #5
blackhole54
Senior Member
 
Registered: Mar 2006
Posts: 1,896

Rep: Reputation: 61
After having your request rattling around in my brain for a day, I realized that what you probably wanted was a ppp (point to point protocol) connection rather than a simple login like I was describing. Since I wasn't sure whether pppd could be used for a ppp server (it can), I did some quick googling and ran across this article that describes both the straight login like I was talking about and turning that into a ppp server (jackpot!). And it looks like they talk about selecting the getty program.

I have just skimmed the article but I think it should be useful. The only possible rough sledding I see is that it describes using an external modem connecting via serial line, or an internal one that looks just like an external one to the software. I.e., they are not describing a software modem. But hopefully that is not an issue. Just be aware of the difference.

Enjoy!
 
Old 12-11-2006, 11:36 AM   #6
scoff
LQ Newbie
 
Registered: Dec 2006
Posts: 3

Original Poster
Rep: Reputation: 0
This little project was stalled late last week when a client decided that all the paths on a site needed to be bilingual. However, having resumed it today, I now have mgetty answering and prompting for authorization. All I need now is the user in question to try it out and give me results.

Thanks again!
 
  


Reply

Tags
conexant, modem, pci, suse


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Dial-In PPP dial-in server/ Cable-modem & LAN / Setting up "dannyboyOnline" dannyboy259 Linux - Networking 2 01-12-2007 12:40 AM
D-Link Dial-up Modem:: No Dial Tone AJones Linux - Networking 1 01-01-2006 06:30 AM
SUSE 9.2 detect my [B]ADSL USB-Ethernet Modem-Router [/B] as a [B]Dial up modem[/B]. myprecius Linux - Hardware 0 06-27-2005 09:21 AM
Modem to Modem connection to test dial-up webcam server dazz Linux - Newbie 2 06-01-2005 04:43 AM
found my pci modem in /cat /proc/pci... now what? bxb32001 Linux - Newbie 2 06-23-2001 11:43 PM


All times are GMT -5. The time now is 05:01 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration