[Gllug] Secure Internet Access Linux Box

Thomas Robinson tom.robinson at ehbas.com
Thu Jun 20 14:58:21 UTC 2002


Make sure you X server is configured correctly. What system are you
running anyway? If it's Red Hat you can use Xconfigurator to set-up X.
Test out the configuration for the text mode level (runlevel 3) by
loging in and typing 'startx' at the prompt. When you are happy that X
works adjust the system so that it boots to X.

To boot into the graphical user mode automatically on boot you have to
adjust the /etc/inittab. Be careful as thick fingers on the keyboard
whilst editing this file can cause major system chaos. He's the change
you need to make

find the line:

id:3:initdefault:

change it to

id:5:initdefault:

Use an editor you are comfortable with. Most people use vi or emacs, but
pico, joe, gedit and various others maybe installed on your system.

To clean stuff up automatically you can use tmpwatch. On Red Hat this is
already set-up to clean the /tmp directory but it can be modified to
look elsewhere on the system. There is a helpful man page for that.

Hope this helps.

Regards,

Tom

> -----Original Message-----
> From: Wulf Forrester-Barker [mailto:wulf.f-b at uhl.nhs.uk]
> Sent: 04 April 2002 10:10
> To: gllug at linux.co.uk
> Subject: [Gllug] Secure Internet Access Linux Box
> 
> 
> I've been asked by the head of IT here to look into setting 
> up a secure
> Linux box for use in one of our staff rooms. So far we've 
> used a fairly
> well locked down Win98 box but there have still be problems 
> of programs
> getting installed and traces of less than desirable web searches being
> remembered, etc.
> 
> The brief is to install Linux, boot into a graphical 
> environment with a
> browser and not let the anonymous user do anything except surf the
> internet (and to tidy up all traces of their activity from the local
> machine on a regular basis).
> 
> I imagine that I can accomplish most of this by setting up a 
> guest user
> and giving them no access (certainly no read access) to pretty much
> anything except their home directory (for browser cookies, etc)... and
> then using a cron job to refresh even that every few hours. 
> I'm not sure
> about how to boot automatically into the graphical environment - how
> about an account with no password?
> 
> I'm waiting for a spare box to be dropped off in my office - I'd be
> grateful for any experiences or suggested websites that will 
> help me get
> some more understanding (rather than just muddling through).
> 
> Cheers,
> 
> Wulf
> 
> 
> 
> wulf.f-b at uhl.nhs.uk 
> 
> **********************************************************************
> DISCLAIMER:
> 
> Any opinions expressed in this email are those of the individual and
> not necessarily the Trust. This email and any files transmitted with
> it are confidential and intended solely for the use of the individual
> or entity to whom they are addressed. Any unauthorised disclosure of
> the information contained in this e-mail is strictly prohibited.
> 
> The contents of this email may contain software viruses which could
> damage your own computer system. Whilst we have taken every
> reasonable precaution to minimise this risk, we cannot accept 
> liability
> for any damage which you sustain as a result of software viruses.
> You should therefore carry out your own virus checks before opening
> the attachment.
> 
> If you have received this email in error please notify the sender or
> postmaster at uhl.nhs.uk. Please then delete this email.
> 
> University Hospital Lewisham
> Tel: 020 8333 3000
> Web: www.uhl.ac.uk 
> **********************************************************************
> 
> 
> 
> -- 
> Gllug mailing list  -  Gllug at linux.co.uk
> http://list.ftech.net/mailman/listinfo/gllug
> 


This e-mail message is meant solely for the person or organisation to whom it is adressed. The message may contain personal or confidential information, or information that is not public in nature. Ehbas Ltd accepts no responsibility for message content and possible attachments that are unlawful or of questionable decency. Further dissemination, publication or duplication of this message is strictly prohibited if the person or organisation receiving this message is not the intended recipient. In the event that you are not the intended recipient, we request you to refrain from using the content and to immediately inform the sender of the error by returning the message. Thank you for your co-operation. 


-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list