RE: [users@httpd] Networking problem?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> -----Original Message-----
> From: Joseph Lee [mailto:joe_sun_lee@xxxxxxxxx]
> Sent: Mittwoch, 29. Juni 2005 22:26
> To: users@xxxxxxxxxxxxxxxx
> Subject: RE: [users@httpd] Networking problem?
> 
> 
> 
> Do I need a SSL server certificate for the Linux
> machine, in order to run Apache web server?

You don't need a SSL cert unless you want to run an SSL virtual Host (ie, HTTPS). Don't even dream about doing this until you have fully mastered plain old HTTP first...

> Is there any way to know there is a firewall blocking
> between Linux runing Apache web server, and a Windows
> PC?

Just to be clear where the FW is; It's running on the webserver machine and is sitting in front of apache. All requests to apache (or anything else, like mail, telnet etc.) have to go through it first. It's like the doorman at a nightclub.

>From the outside (ie, the browser PC) there is no way to identify a FW. This is a security feature - FW's act silently and don't give reasons for their refusals. The only way you can guess you have a FW is if requests go into a black hole and don't give any response. If you only have two machines connected via a LAN then it's pretty obvious it must be a FW (especially if ping works), but imagine if you were attacking a machine over the internet - you wouldn't know if the lack of response was due to a FW at the target or just a network problem en route.

To identify the FW, you need to check the linux machine - I think it's called ipchains or iptables (see http://www.siliconvalleyccie.com/linux-hn/iptables-intro.htm) but maybe Linux gurus could help you more...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 


> Thanks,
> Joe
> 
> --- Joseph Lee <joe_sun_lee@xxxxxxxxx> wrote:
> 
> > 
> > 
> > --- Boyle Owen <Owen.Boyle@xxxxxxx> wrote:
> > 
> > > > -----Original Message-----
> > > > From: Joseph Lee [mailto:joe_sun_lee@xxxxxxxxx]
> > > > Sent: Mittwoch, 29. Juni 2005 17:12
> > > > To: users@xxxxxxxxxxxxxxxx;
> > info@xxxxxxxxxxxxxxxx
> > > > Subject: Re: [users@httpd] Networking problem?
> > > > 
> > > > 
> > > > Thank you, all, for trying to help me.
> > > > 
> > > > I tried http://(ipaddress)/example.html on my
> > > Windows
> > > > PC, but still could not get example.html from my
> > > Linux
> > > > machine running Apache web server.
> > > > 
> > > > I also did:
> > > > 
> > > > - modified /etc/hosts on the Linux machine to
> > have
> > > the
> > > > entry for my Windows PC
> > > 
> > > The problem is the other way around - the windows
> > PC
> > > needs to be able to resolve the machine name of
> > the
> > > Linux machine (see Hosts file).
> > 
> > I modified /WINDOWS/system32/drivers/etc/hosts, and
> > added an entry for my Linux machine.
> > 
> > > 
> > > > 
> > > > - ping from Linux to Windows using hostname
> > > without a
> > > > problem
> > > 
> > > Ping from Windows to Linux? If this don't work,
> > > http://(ipaddress)/example.html never will from
> > PC.
> > 
> > I can ping from Windows to Linux by using hostname
> > and
> > IP address. Both of them worked.
> > 
> > > 
> > > > 
> > > > - checked /etc/resolv.conf on Linux, it has a
> > > valid
> > > > DNS nameserver
> > > > 
> > > > - deleted "service http" entry in
> > /etc/xinetd.conf
> > > in
> > > > Linux
> > > > 
> > > > but still not working.
> > > > 
> > > > On the Linux machine, I could do
> > > > file://hostname/example.html
> > > > 
> > > > but I could not do
> > > > http://hostname/example.html
> > > > it says "Not Found.  The requested URL
> > > /example.html
> > > > was not found on this server. Apache/2.0.54
> > (Unix)
> > > > Server at (hostname) Port 80"
> > > 
> > > Excellent! The webserver is working and you can
> > > access it!
> > > 
> > > It's just that it can't find the file. Try plain
> > > old:  http://hostname/ (which will deliver your
> > > DirectoryIndex file (you do have one, don't you?)
> > Do
> > > you understand the relationship between URL and
> > > DocumentRoot? If you do, then request a file that
> > > you are sure exists in the docroot.
> > 
> > Ahh! I copied ~/example.html to
> > /usr/local/apache2/htdocs, and now I can run
> > http://(hostname)/example.html on Linux! That's
> > great.
> > One problem solved.
> > 
> > However, when I tried to do the same thing from
> > Windows , it just kept processing....
> > 
> > I also tried from my Windows to do
> > telnet (linux hostanme)
> > and
> > telnet (linux hostanme) 80
> > But it just kept processing....
> > 
> > I think it may be the firewall that blocked port 80
> > between PC and Linux, but let ping go thru.
> > 
> > Thanks,
> > Joe
> > 
> > > 
> > > Rgds,
> > > Owen Boyle
> > > Disclaimer: Any disclaimer attached to this
> > message
> > > may be ignored. 
> > > 
> > > 
> > > > 
> > > > Thank you again.
> > > > Joe
> > > > 
> > > > --- Dan Trainor <info@xxxxxxxxxxxxxxxx> wrote:
> > > > 
> > > > > Joseph Lee wrote:
> > > > > > Hi,
> > > > > > 
> > > > > > I am trying to run Apache web server on my
> > > Redhat
> > > > > > Linux machine. I just installed and
> > configured
> > > > > Apache
> > > > > > httpd-2.0.54, and entered "http://localhost";
> > > on my
> > > > > > browser (Mozilla). I was able to see "If you
> > > can
> > > > > see
> > > > > > this, it means the installation ... was
> > > > > successful."
> > > > > > 
> > > > > > However, when I went to another machine (a
> > > PC),
> > > > > and
> > > > > > entered http://(myhostname)/example.html, I
> > > could
> > > > > not
> > > > > > display the file on the PC. It just kept
> > > > > > processing....
> > > > > > 
> > > > > > I have modified /etc/xinetd.conf to include
> > > > > "service
> > > > > > http", and modified /etc/hosts.allow to add
> > > "http
> > > > > > myPCIPaddress", but it did not help.
> > > > > > 
> > > > > > I think it's networking problem, but I don't
> > > know
> > > > > what
> > > > > > else to do. (I can ping from PC to Linux).
> > > > > > 
> > > > > > Any help would be highly appreciated.
> > > > > > 
> > > > > > Thanks,
> > > > > > Joe
> > > > > > 
> > > > > 
> > > > > (yourhostname) does not exist in DNS,
> > > apparently. 
> > > > > If he's on a Windows
> > > > > machine, he needs to edit lmhosts and "fake"
> > it.
> > >  If
> > > > > he's in Linux, you
> > > > > can modify /etc/hosts and designate that
> > > shorthand
> > > > > hostname to an IP,
> > > > > which would work.
> > > > > 
> > > > > Either that, or modify an existing local DNS
> > > server,
> > > > > if you're really
> > > > > serious about it ;)
> > > > > 
> > > > > Thanks
> > > > > -dant
> > > > > 
> > > > >
> > > >
> > >
> >
> ---------------------------------------------------------------------
> > > > > The official User-To-User support forum of the
> > > > > Apache HTTP Server Project.
> > > > > See
> > <URL:http://httpd.apache.org/userslist.html>
> > > for
> > > > > more info.
> > > > > To unsubscribe, e-mail:
> > > > > users-unsubscribe@xxxxxxxxxxxxxxxx
> > > > >    "   from the digest:
> > > > > users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> > > > > For additional commands, e-mail:
> > > > > users-help@xxxxxxxxxxxxxxxx
> > > > > 
> > > > > 
> > > > 
> > 
> === message truncated ===
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around 
> http://mail.yahoo.com 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> 
>
 
 
This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux