Hi all
I am using Slackware 11.0 for the past 5 months and thanks to you people i've been able to solve all minor and major problems.
But here are certain queries that i need an answer to:

1)Many a times i see in this forum that people refer to rc.firewall script being there in /etc/rc.d/ folder
However i have a default installation(but updated kernel 2.6.21.1)but i don't have any such script.Is this file rc.firewall by default there(i guess not) or do we need to configure a firewall(which i haven't done yet)and then it's generated ?

2)Recently i found out that any normal user can restart the pc by pressing ctrl+alt+del.
Don't you think thats a stupid idea?
i mean only root should be able to do that and is this feature also available on other distros as well(b'coz i've never tried any other distro other than Slackware).

3)I know this question is absurd to ask here but still .... A microprocessor understands the language of 1's and 0's so why is that when we open a binary file or an exe file in a text editor i see all those other stupid symbols and not 1's and 0's ?

4)i have an active LAN but no rc.netdevice script in /etc/rc.d . i've seen this script being referred in the book "Slackware Linux Essentials"

5)I've learnt a lot of things using Slackware 11.0 from installation to kernel compilation running internet and compiling from source etc(however i still need to learn how to upgrade, write bash scripts, iptables firewall etc)

for the past 1 month my leaning curve has become less steep.i want to completely learn the ins and outs of Linux So can you tell me what next to do

Kindly throw some light

Hi

1) You have to set rc.firewall by yourself by using iptables or any other methods you might consider... There was some sort of webtool to generate your script (I think it was on AlienBob's website).

2) I think the point is that anyway he's got physical access to the PC... I think that happens in all distros although I'm not sure (few distros take you to a console login). I use runlevel 4 -graphical login- with KDM. You can configure KDM to prevent some users to shutdown/restart the PC.

3) Don't know either, but if you open a binary with khexedit you will see an interesting hexadecimal map.

4) I don't think it matters having a rc.netdevice or not. I don't have one. I do think it is just to load the module/s for your card.

5)a) Define upgrade. If you mean security updates to a default install, then check the stable changelog, go to a mirror, download your security updates and then # upgradepkg yourpackage.tgz If you want to "upgrade" to -current, well that's very different. Keep in mind that -current is the development branch.

5)b) You could start by writing something simple...
5)c) man iptables or that script generator (I can't remember the URL)

May the Source be with you!

Hi lali.b2

I have used slackware very briefly so I'm afraid I cannot answer to 1 & 4. For the rest:

2. Yes, generally it is a stupid idea, although the level of security you need depends on the role each machine plays: you treat differently to your development box than to your production server. Anyway there is a configuration file (depends on your distribution) that you can turn this feature off.

3. You are right, a CPU understands only 1s and 0s. The text editor though understands ASCII code, which is a way to represent 1s and 0s with characters. For example 'A' = 41h = 1000001.

Do

for more details. In other words, using an editor you will see your 1s and 0s in ASCII code. What you need to see the 1s and 0s is a hex editor. To a little research on that...

5. Here depends what you really want to do with linux. Development? System administration? A good book is "Running Linux" by O'Reilly. It covers basics about running linux in general and also talks about the main distributions and what are the differences between them.

Hi

This is it! The automatic Easy Firewall Generator for IPTables "Slackware adaptation"



The original was here (don't try it on Slackware): http://easyfwgen.morizot.net/gen/

In /etc/ppp are two firewall scripts written by Roaring Penguin Software Inc. which seem to be installed in that directory when the install everything method is used.

Pick the one that fits your needs the most. I have tried them both, and they work as required.

Thank you folkenfanel,nautilus and guzzi for your replies.
i am now planning do learn serious programming using c++ and also bash scripting.

Thanks again for your replies.

The issue of being able to reboot the machine with Ctrl+Alt+Delete can be resolved by opening /etc/inittab and editing the line that reads:

You can change the action to be something else, or just comment it out all together. From a security standpoint, I would have to say this is really a non-issue. Once a person has physical access to the point they can press keys on the keyboard, you are already done for.

After all, if they can get to the keyboard, they could just press the reset button on the case as well, no? Or more importantly, they could boot into single user mode and have root access, or even take the drive out and steal the data from it in the comfort of their own home at their leisure.

rc.netdevice was used to load a module for your network card if required, but with the 2.6 kernel and new technology like udev (both of which are standard on the next version of Slackware) we really don't need to concern ourselves with such things unless there is a specific reason to (I.E, it isn't working); so don't worry about that one.

5) There are quite a few bash scripting guides around on the net. Here's one that I found very useful: http://www.tldp.org/LDP/abs/html/

And for C/C++ http://www.cplusplus.com/

you are right but my question was in the context that say there are 5 terminals with only monitor key board and mouse and each of the terminal is connected to the main computer.Then even though no single person out of 5 people has access to main pc he still can reset the system much to the inconvenience of other 4 users.

Kindly correct me if i'm wrong

You could only restart the machine from the local keyboard, or in other words, the one that is physically plugged into the back of the computer.

Clients connected remotely via some form of terminal (serial, network, whatever) would not be able to restart the machine.