Dear All My centos machine is connected to my MS Windows machine on the net.The MS Windows machine is connected to Internet via valid IP address setting and on its secondary ip address setting it can see my centos machine on the intranet.Can you please let me know how can try for Internet connection sharing such that my centos machine can see internet with minor modifications done? Thank you in advance
Dne 8.3.2011 10:19, hadi motamedi napsal(a):
Dear All My centos machine is connected to my MS Windows machine on the net.The MS Windows machine is connected to Internet via valid IP address setting and on its secondary ip address setting it can see my centos machine on the intranet.Can you please let me know how can try for Internet connection sharing such that my centos machine can see internet with minor modifications done? Thank you in advance
Hi hadi,
this isn't centos thing, all you need is to configure network bridge on your Windows machine. You didn't send info about your windows verison so try to google something about it (http://www.google.com/#q=windows+network+bridge)
JJ
On 3/8/11, Jakub Jedelsky jakub.jedelsky@gmail.com wrote:
Dne 8.3.2011 10:19, hadi motamedi napsal(a):
Dear All My centos machine is connected to my MS Windows machine on the net.The MS Windows machine is connected to Internet via valid IP address setting and on its secondary ip address setting it can see my centos machine on the intranet.Can you please let me know how can try for Internet connection sharing such that my centos machine can see internet with minor modifications done? Thank you in advance
Hi hadi,
this isn't centos thing, all you need is to configure network bridge on your Windows machine. You didn't send info about your windows verison so try to google something about it (http://www.google.com/#q=windows+network+bridge)
JJ _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Thank you very much for your reply.I am familiar with internet connection sharing on MS Windows as I have a third XP client on the same net connected to the internet.I tried as the following on my centos: #route add -net default gw 172.18.209.1 Where this is the secondary ip address of the MS Windows host.But the centos cannot see the internet. Can you please let me know why?
On Tue, Mar 8, 2011 at 12:09 PM, hadi motamedi motamedi24@gmail.com wrote:
On 3/8/11, Jakub Jedelsky jakub.jedelsky@gmail.com wrote:
Dne 8.3.2011 10:19, hadi motamedi napsal(a):
Dear All My centos machine is connected to my MS Windows machine on the net.The MS Windows machine is connected to Internet via valid IP address setting and on its secondary ip address setting it can see my centos machine on the intranet.Can you please let me know how can try for Internet connection sharing such that my centos machine can see internet with minor modifications done? Thank you in advance
Hi hadi,
this isn't centos thing, all you need is to configure network bridge on your Windows machine. You didn't send info about your windows verison so try to google something about it (http://www.google.com/#q=windows+network+bridge)
JJ _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Thank you very much for your reply.I am familiar with internet connection sharing on MS Windows as I have a third XP client on the same net connected to the internet.I tried as the following on my centos: #route add -net default gw 172.18.209.1 Where this is the secondary ip address of the MS Windows host.But the centos cannot see the internet. Can you please let me know why? _______________________________________________
Did you add any DNS resovler IP's to /etc/resolv.conf ?
My centos machine is connected to my MS Windows machine on the net. The MS Windows machine is connected to Internet via valid IP address setting and on its secondary ip address setting it can see my centos machine on the intranet.
Connecting any windows based computer directly to the internet is a really really bad idea...
On 03/08/11 7:01 AM, compdoc wrote:
Connecting any windows based computer directly to the internet is a really really bad idea...
go away. it isn't 1998 anymore.
That may be, but the advice is still valid, windows is infinitely more vulnerable than *NIX on a direct/open connection. Most corps filter traffic to windows boxes through intermediaries to limit risk.
On Tue, Mar 8, 2011 at 8:59 PM, David Brian Chait dchait@invenda.com wrote:
On 03/08/11 7:01 AM, compdoc wrote:
Connecting any windows based computer directly to the internet is a really really bad idea...
go away. it isn't 1998 anymore.
That may be, but the advice is still valid, windows is infinitely more vulnerable than *NIX on a direct/open connection. Most corps filter traffic to windows boxes through intermediaries to limit risk.
Do you have any proof of this? OR are you making assumptions of past experiences? We have many Windows server on the net, directly with very few hassles.
Rudi Ahlers wrote:
On Tue, Mar 8, 2011 at 8:59 PM, David Brian Chait dchait@invenda.com wrote:
On 03/08/11 7:01 AM, compdoc wrote:
Connecting any windows based computer directly to the internet is a really really bad idea...
go away. it isn't 1998 anymore.
That may be, but the advice is still valid, windows is infinitely more vulnerable than *NIX on a direct/open connection. Most corps filter traffic to windows boxes through intermediaries to limit risk.
Do you have any proof of this? OR are you making assumptions of past experiences? We have many Windows server on the net, directly with very few hassles.
And I know of a major incident, the vector and targets being all Windows systems. Sorry, I literally can't speak about how I know or more details....
mark
On 03/08/11 11:41 AM, m.roth@5-cent.us wrote:
And I know of a major incident, the vector and targets being all Windows systems. Sorry, I literally can't speak about how I know or more details....
duh. theres a lot more Windows systems out there than everything else put together. of COURSE the hackers are going to target them.
And I know of a major incident, the vector and targets being all Windows systems. Sorry, I literally can't speak about how I know or more details....
I've been removing java from the computers I service. It's not used much if at all, and it's a vector.
On one workstation I monitor, the java uninstaller removed java but left behind the java program's directories. The AV still finds malicious scripts being placed in the java folder after visiting infectious websites. Placed there by an updated version of IE8.
Google Chrome , or even Firefox are the way to go for visiting those websites that no one admits to visiting...
On Tue, Mar 8, 2011 at 10:46 PM, compdoc compdoc@hotrodpc.com wrote:
Google Chrome , or even Firefox are the way to go for visiting those websites that no one admits to visiting...
Are you referring to website like http://www.microsoft.com and http://technet.microsoft.com/? ;)
On 03/08/11 10:59 AM, David Brian Chait wrote:
That may be, but the advice is still valid, windows is infinitely more vulnerable than *NIX on a direct/open connection. Most corps filter traffic to windows boxes through intermediaries to limit risk.
Corps firewall their unix servers too. All our public internet servers are in a secure DMZ isolated from both our WAN and the Internet. How is that any different?
Millions of users carry Windows laptops and use them at public access points daily. Windows since XP SP2 has had a perfectly decent firewall built in and enabled by default. Anyone sane is running an antivirus suite. Modern web browsers like Google Chrome automatically catch and block a lot of web hackery.
Unix, improperly configured, is just as vunerable. Witness the number of users around here who are running 5.2 or whatever without having ever installed patches 'because its against XYZ support policy' or something equally lame. The endless list of CERT advisories against popular daemons.
Windows since XP SP2 has had a perfectly decent firewall built in and enabled by default.
Selinux is installed by default too, and usually the first thing that's disabled when something isn't working, just as it is with windows users.
You are right about one thing: It's not 1998. It's a lot less safe now than it was then.
compdoc wrote:
Windows since XP SP2 has had a perfectly decent firewall built in and enabled by default.
Selinux is installed by default too, and usually the first thing that's disabled when something isn't working, just as it is with windows users.
You are right about one thing: It's not 1998. It's a lot less safe now than it was then.
Yup. Last time I saw a story about someone hanging an unprotected Windows box on the 'Net, late last year, I think, it was down from 12 min to 5 min before it was attacked.
mark
On 03/08/11 11:47 AM, m.roth@5-cent.us wrote:
Yup. Last time I saw a story about someone hanging an unprotected Windows box on the 'Net, late last year, I think, it was down from 12 min to 5 min before it was attacked.
and how long after you connect a 'nix box before worms start port knocking on ssh trying stupid combinations of user/pass over and over? I see a couple 1000 of those a day
Mar 8 11:41:25 freescruz sshd[28012]: Failed password for daemon from 200.201.20.21 port 49462 ssh2 Mar 8 11:41:29 freescruz sshd[28026]: Failed password for adm from 200.201.20.21 port 49869 ssh2 Mar 8 11:41:32 freescruz sshd[28038]: Failed password for invalid user quark from 200.201.20.21 port 50352 ssh2 Mar 8 11:41:36 freescruz sshd[28048]: Failed password for invalid user sys from 200.201.20.21 port 50811 ssh2 Mar 8 11:41:40 freescruz sshd[28055]: Failed password for invalid user liyiduo from 200.201.20.21 port 50984 ssh2 Mar 8 11:41:44 freescruz sshd[28061]: Failed password for games from 200.201.20.21 port 51438 ssh2 Mar 8 11:41:47 freescruz sshd[28071]: Failed password for mailnull from 200.201.20.21 port 51927 ssh2 Mar 8 11:41:52 freescruz sshd[28086]: Failed password for invalid user backup from 200.201.20.21 port 52095 ssh2 Mar 8 11:41:55 freescruz sshd[28094]: Failed password for sync from 200.201.20.21 port 52604 ssh2 Mar 8 11:41:59 freescruz sshd[28103]: Failed password for shutdown from 200.201.20.21 port 53016 ssh2 Mar 8 11:42:03 freescruz sshd[28112]: Failed password for invalid user libuuid from 200.201.20.21 port 53504 ssh2 Mar 8 11:42:07 freescruz sshd[28145]: Failed password for invalid user liudongfeng from 200.201.20.21 port 53999 ssh2 Mar 8 11:42:10 freescruz sshd[28150]: Failed password for invalid user aaa from 200.201.20.21 port 54177 ssh2 Mar 8 11:42:14 freescruz sshd[28160]: Failed password for invalid user puxiaolong from 200.201.20.21 port 54585 ssh2 Mar 8 11:42:18 freescruz sshd[28167]: Failed password for invalid user yuzhakov from 200.201.20.21 port 55084 ssh2 Mar 8 11:42:22 freescruz sshd[28175]: Failed password for invalid user Debian-exim from 200.201.20.21 port 55590 ssh2 Mar 8 11:42:25 freescruz sshd[28183]: Failed password for invalid user irc from 200.201.20.21 port 55788 ssh2 Mar 8 11:42:29 freescruz sshd[28190]: Failed password for invalid user home3 from 200.201.20.21 port 56182 ssh2 Mar 8 11:42:33 freescruz sshd[28194]: Failed password for invalid user messagebus from 200.201.20.21 port 32824 ssh2 Mar 8 11:42:37 freescruz sshd[28203]: Failed password for invalid user netdump from 200.201.20.21 port 33315 ssh2
On Tue, Mar 8, 2011 at 10:01 PM, John R Pierce pierce@hogranch.com wrote:
On 03/08/11 11:47 AM, m.roth@5-cent.us wrote:
Yup. Last time I saw a story about someone hanging an unprotected Windows box on the 'Net, late last year, I think, it was down from 12 min to 5 min before it was attacked.
and how long after you connect a 'nix box before worms start port knocking on ssh trying stupid combinations of user/pass over and over? I see a couple 1000 of those a day
Mar 8 11:41:25 freescruz sshd[28012]: Failed password for daemon from 200.201.20.21 port 49462 ssh2 Mar 8 11:41:29 freescruz sshd[28026]: Failed password for adm from 200.201.20.21 port 49869 ssh2 Mar 8 11:41:32 freescruz sshd[28038]: Failed password for invalid user quark from 200.201.20.21 port 50352 ssh2 Mar 8 11:41:36 freescruz sshd[28048]: Failed password for invalid user sys from 200.201.20.21 port 50811 ssh2 Mar 8 11:41:40 freescruz sshd[28055]: Failed password for invalid user liyiduo from 200.201.20.21 port 50984 ssh2 Mar 8 11:41:44 freescruz sshd[28061]: Failed password for games from 200.201.20.21 port 51438 ssh2 Mar 8 11:41:47 freescruz sshd[28071]: Failed password for mailnull from 200.201.20.21 port 51927 ssh2 Mar 8 11:41:52 freescruz sshd[28086]: Failed password for invalid user backup from 200.201.20.21 port 52095 ssh2 Mar 8 11:41:55 freescruz sshd[28094]: Failed password for sync from 200.201.20.21 port 52604 ssh2 Mar 8 11:41:59 freescruz sshd[28103]: Failed password for shutdown from 200.201.20.21 port 53016 ssh2 Mar 8 11:42:03 freescruz sshd[28112]: Failed password for invalid user libuuid from 200.201.20.21 port 53504 ssh2 Mar 8 11:42:07 freescruz sshd[28145]: Failed password for invalid user liudongfeng from 200.201.20.21 port 53999 ssh2 Mar 8 11:42:10 freescruz sshd[28150]: Failed password for invalid user aaa from 200.201.20.21 port 54177 ssh2 Mar 8 11:42:14 freescruz sshd[28160]: Failed password for invalid user puxiaolong from 200.201.20.21 port 54585 ssh2 Mar 8 11:42:18 freescruz sshd[28167]: Failed password for invalid user yuzhakov from 200.201.20.21 port 55084 ssh2 Mar 8 11:42:22 freescruz sshd[28175]: Failed password for invalid user Debian-exim from 200.201.20.21 port 55590 ssh2 Mar 8 11:42:25 freescruz sshd[28183]: Failed password for invalid user irc from 200.201.20.21 port 55788 ssh2 Mar 8 11:42:29 freescruz sshd[28190]: Failed password for invalid user home3 from 200.201.20.21 port 56182 ssh2 Mar 8 11:42:33 freescruz sshd[28194]: Failed password for invalid user messagebus from 200.201.20.21 port 32824 ssh2 Mar 8 11:42:37 freescruz sshd[28203]: Failed password for invalid user netdump from 200.201.20.21 port 33315 ssh2
Which is why you should secure your default Linux installs :)
If memory serves me correct, the latest windows 2008 server is very secure by default and you have to jump through many hoops to unsecure it
John R Pierce wrote:
On 03/08/11 11:47 AM, m.roth@5-cent.us wrote:
Yup. Last time I saw a story about someone hanging an unprotected Windows box on the 'Net, late last year, I think, it was down from 12
min to 5
min before it was attacked.
and how long after you connect a 'nix box before worms start port knocking on ssh trying stupid combinations of user/pass over and over? I see a couple 1000 of those a day
Oh, sure, I see lots of them, too.... Of course, the most popular username is admin....
mark
2011/3/8 John R Pierce pierce@hogranch.com:
On 03/08/11 11:47 AM, m.roth@5-cent.us wrote:
Yup. Last time I saw a story about someone hanging an unprotected Windows box on the 'Net, late last year, I think, it was down from 12 min to 5 min before it was attacked.
and how long after you connect a 'nix box before worms start port knocking on ssh trying stupid combinations of user/pass over and over? I see a couple 1000 of those a day
disable password authentication before starting ssh :)
-- Eero
John R Pierce wrote:
On 03/08/11 10:59 AM, David Brian Chait wrote:
That may be, but the advice is still valid, windows is infinitely more vulnerable than *NIX on a direct/open connection. Most corps filter traffic to windows boxes through intermediaries to limit risk.
Corps firewall their unix servers too. All our public internet servers are in a secure DMZ isolated from both our WAN and the Internet. How is that any different?
Millions of users carry Windows laptops and use them at public access points daily. Windows since XP SP2 has had a perfectly decent firewall
<snip> *snort* And how many *millions* of Windows systems are part of botnets?
mark
On 3/8/2011 12:53 PM, John R Pierce wrote:
On 03/08/11 7:01 AM, compdoc wrote:
Connecting any windows based computer directly to the internet is a really really bad idea...
go away. it isn't 1998 anymore.
Still, consumer type NAT routers are really cheap, take little power, and would 'just work' in this scenario if you put both the windows and centos boxes behind it.
On 03/08/11 11:09 AM, Les Mikesell wrote:
On 3/8/2011 12:53 PM, John R Pierce wrote:
On 03/08/11 7:01 AM, compdoc wrote:
Connecting any windows based computer directly to the internet is a really really bad idea...
go away. it isn't 1998 anymore.
Still, consumer type NAT routers are really cheap, take little power, and would 'just work' in this scenario if you put both the windows and centos boxes behind it.
I concur. But I suspect the OPs issue is a simple network configuration issue as Windows ICS uses 192.168.0.0/24 and he rattled off some 172.16 net in his route command.
oh look, its our friend 'never read the manual' hadi again. I'm out.
On Tue, Mar 8, 2011 at 1:19 AM, hadi motamedi motamedi24@gmail.com wrote:
Dear All Can you please let me know how can try for Internet connection sharing such that my centos machine can see internet with minor modifications done?
I believe Steve Barnes has the right answer -- you need to configure CentOS to obtain an IP address from the Windows machine with DHCP.
On Tue, Mar 8, 2011 at 5:23 PM, Bart Schaefer barton.schaefer@gmail.com wrote:
On Tue, Mar 8, 2011 at 1:19 AM, hadi motamedi motamedi24@gmail.com wrote:
Dear All Can you please let me know how can try for Internet connection sharing such that my centos machine can see internet with minor modifications done?
I believe Steve Barnes has the right answer -- you need to configure CentOS to obtain an IP address from the Windows machine with DHCP. _______________________________________________
Yup,
Windows Intenet Sharing is setup on 192.168.0.1 and assigns IP on the 192.168.0.0 range so you need to configure your CentOS machine to use DHCP instead.