Is this possible?

[alfa147x]

So this is what we are trying to do:
Have a ubuntu machine act as a apache web server
Be able to SSH from 2 computers (one with OS 10.6 another with Vista)
and the web part of the server only be accessible from those two computers as well

Oh and all on the college's network

could i use a VPN setup somehow?

This is so we can practice working with the back-end of the server as well as work on web development... the problem with just having my own tiny network in my room is that the 2 connecting computers are in other rooms


Thanks for the help
if this is a bit confusing sorry

~Alfa

 

[Pantlegz]

putty would allow you to SSH into the ubuntu server, it's pretty self explanatory I know it works for windows not so sure about OSX. there is also a remote desktop program for Linux but I can't think of it off the top of my head, I'm sure someone will chime in with the name.

 

[Nothinman]

You could use either iptables or hosts.allow to setup who can ssh into the box. Apache also has it's own security stuff in it's config file that you could use to restrict it's access. OS X comes with the standard OpenSSH ssh stuff out of the box so no need to worry about putty there.

 

[skyking]

The only big stumbling block I can see is if you and your friends are on different class C networks, or are on separate VLANs at the college. See if they have the same class C and figure out if you can indeed get to each others computers now.

 

[alfa147x]

Originally posted by: skyking
The only big stumbling block I can see is if you and your friends are on different class C networks, or are on separate VLANs at the college. See if they have the same class C and figure out if you can indeed get to each others computers now.

Thanks for the help
but i have no idea how to do that

 

[skyking]

Originally posted by: alfa147x

Originally posted by: skyking
The only big stumbling block I can see is if you and your friends are on different class C networks, or are on separate VLANs at the college. See if they have the same class C and figure out if you can indeed get to each others computers now.

Thanks for the help
but i have no idea how to do that

you have an RFC 1918 network at the school, with addresses like this:

10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

If you are on the same class C network, the first three groups of numbers will be the same, for example:

your address =10.0.0.3
your friends = 10.0.0.5

If you are not on the same class C, it gets a bit more challenging and you'd need cooperation and routing from your school.
example:
your address = 10.0.0.3
your friends = 10.0.1.5

 

[Pantlegz]

Originally posted by: skyking

Originally posted by: alfa147x

Originally posted by: skyking
The only big stumbling block I can see is if you and your friends are on different class C networks, or are on separate VLANs at the college. See if they have the same class C and figure out if you can indeed get to each others computers now.

Thanks for the help
but i have no idea how to do that

you have an RFC 1918 network at the school, with addresses like this:

10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)

If you are on the same class C network, the first three groups of numbers will be the same, for example:

your address =10.0.0.3
your friends = 10.0.0.5

If you are not on the same class C, it gets a bit more challenging and you'd need cooperation and routing from your school.
example:
your address = 10.0.0.3
your friends = 10.0.1.5

it should work even without cooperation from the school, if it can't find it it should go to it's default gateway, and the router would forward it to his friend, as long as they're both connected to the schools network; assuming they both routers know how to get to both networks. The real question would be is SSH allowed? It wouldn't be hard for them to block port 22 or only allow certain ports...

 

[alfa147x]

well im class right now but this is what he sent me:
No. All ip addresses on campus are class A adresses not class C

Port Scan has started?

Port Scanning host: 141.165.108.1

Open TCP Port: 22 ssh
Port Scan has completed?

 

[skyking]

looks doable, that is a WAN address.

 

[alfa147x]

Originally posted by: skyking
looks doable, that is a WAN address.

I couldnt think of an IP to port scan so i just went into my network preferences and took the Routers IP and port scanned that

I dont if this would help

Routing tables

Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
default            141.165.128.1      UGSc           91        0     en0
127                localhost          UCS             0        0     lo0
localhost          localhost          UH              8   583442     lo0
141.165.128/22     link#4             UCS            23        0     en0
141.165.128.1      0:24:81:fc:d:78    UHLWI          91       48     en0   1199
vl128-084.vl128.ge 0:23:ae:38:51:84   UHLWI           0       23     en0   1198
vl128-092.vl128.ge 0:25:4b:b6:4b:6    UHLWI           0        0     en0      9
vl128-120.vl128.ge 0:22:19:f3:cf:8f   UHLWI           0       23     en0   1197
vl128-128.vl128.ge 0:24:1d:6e:7c:5    UHLWI           0      416     en0   1075
vl128-131.vl128.ge 0:24:1d:6e:96:60   UHLWI           0      384     en0   1089
vl128-134.vl128.ge 0:25:64:48:bf:95   UHLWI           0       23     en0   1198
vl128-154.vl128.ge 0:24:1d:6e:94:33   UHLWI           0       32     en0   1161
vl129-071.vl129.ge 0:26:4a:b:f7:dc    UHLWI           0        0     en0    111
vl129-144.vl129.ge 0:25:0:d6:3d:f0    UHLWI           0        0     en0    827
vl129-177.vl129.ge 0:17:fa:2d:96:84   UHLWI           0        0     en0    671
vl129-248.vl129.ge 0:1e:33:c0:d4:88   UHLWI           0      285     en0   1156
vl130-102.vl130.ge 0:25:4b:a7:f6:f0   UHLWI           0        0     en0     87
vl130-163.vl130.ge 0:24:1d:6e:95:d5   UHLWI           0       32     en0   1156
vl130-177.vl130.ge 0:24:1d:6e:93:d5   UHLWI           0        0     en0
vl130-191.vl130.ge 0:24:1d:6e:7c:5a   UHLWI           0      448     en0   1155
vl130-220.vl130.ge 0:25:0:fe:61:cb    UHLWI           0        0     en0    235
vl130-233.vl130.ge 0:24:e8:b4:61:43   UHLWI           0        0     en0    152
vl131-040.vl131.ge 0:f:1f:56:14:b2    UHLWI           0      672     en0   1155
vl131-071.vl131.ge 0:1e:33:7d:37:77   UHLWI           0      210     en0   1154
vl131-072.vl131.ge localhost          UHS             0        0     lo0
vl131-088.vl131.ge 0:22:19:e5:9e:93   UHLWI           0       23     en0   1192
vl131-116.vl131.ge 0:24:1d:6e:92:4c   UHLWI           0        0     en0    342
141.165.131.255    ff:ff:ff:ff:ff:ff  UHLWbI          0        8     en0
169.254            link#4             UCS             0        0     en0
192.168.108        link#7             UC              0        0  vmnet1

Internet6:
Destination        Gateway            Flags         Netif Expire
localhost          localhost          UH              lo0
fe80::%lo0         localhost          Uc              lo0
localhost          link#1             UHL             lo0
fe80::%en0         link#4             UC              en0
twesh-deshettys-ma 0:25:4b:c8:fa:6a   UHL             lo0
fe80::2405:28d1:6f 0:1a:92:a9:57:ad   UHLW            en0
fe80::8996:d2b2:17 0:1f:16:7c:8e:6d   UHLW            en0
fe80::9dea:30bd:94 0:1f:16:7c:2b:32   UHLW            en0
fe80::bc5c:27f9:7d 0:1e:68:82:74:b3   UHLW            en0
fe80::%en1         link#5             UC              en1
ff01::             localhost          Um              lo0
ff02::             localhost          UmC             lo0
ff02::             link#4             UmC             en0
ff02::fb           link#4             UHmLW           en0
ff02::             link#5             UmC             en1

 

[alfa147x]

Yup from another room/building my ip address is:
141.165.143.57

 

[Pantlegz]

looks like they're using public ips on the inside, technically it works, but I was always told not to do it. Either way, as long as you're able to SSH to where ever the web server is it'll work. find out if you have to turn SSH on in your version on lunix or if it's on by default. Then use putty to ssh to the server, I've never SSH'd to a server only routers so I'm not sure what sort of interface you would get but I would assume it would be CLI only. If you wanted to remote desktop, you would have to use another program... If you can't find anything I'll figure out what it's called tomorrow in class and let you know assuming thats what you want to do.

 

[alfa147x]

Originally posted by: Pantlegz1
looks like they're using public ips on the inside, technically it works, but I was always told not to do it. Either way, as long as you're able to SSH to where ever the web server is it'll work. find out if you have to turn SSH on in your version on lunix or if it's on by default. Then use putty to ssh to the server, I've never SSH'd to a server only routers so I'm not sure what sort of interface you would get but I would assume it would be CLI only. If you wanted to remote desktop, you would have to use another program... If you can't find anything I'll figure out what it's called tomorrow in class and let you know assuming thats what you want to do.

Thanks for the help!
I'v installed openssh on the server (currently running in VMware on my laptop) so im good
Im going to test this out tomorrow

I ran into another problem our school uses RESNET something where we have to log in to before being able to connect to the network if this is going to be a command line only system how is this going to work

 

[Pantlegz]

if it's command line only, you'll need to get familiar with Linux command line. you can do everything, but if you aren't used to it, it's a pain in the ass; even if you are used to it it's a pain in the ass. I prefer the GUI but obviously CLI takes considerably less resources. I'll look around for the remote desktop program for Linux, since that sounds like that's what you're looking for.

Check out http://www.tightvnc.com/ if you're wanting a GUI interface

 

[Crusty]

Originally posted by: Pantlegz1
looks like they're using public ips on the inside, technically it works, but I was always told not to do it. Either way, as long as you're able to SSH to where ever the web server is it'll work. find out if you have to turn SSH on in your version on lunix or if it's on by default. Then use putty to ssh to the server, I've never SSH'd to a server only routers so I'm not sure what sort of interface you would get but I would assume it would be CLI only. If you wanted to remote desktop, you would have to use another program... If you can't find anything I'll figure out what it's called tomorrow in class and let you know assuming thats what you want to do.

That's how the University of Texas' network is setup as well, even wifi clients get a public Class B address. I think you're getting confused by the fact that the respective schools actually own that IP block so they can use them however they see fit.

Obviously you don't want to use someone else public IP range in your private network, which is what I think you were trying to get at.

Originally posted by: Pantlegz1
if it's command line only, you'll need to get familiar with Linux command line. you can do everything, but if you aren't used to it, it's a pain in the ass; even if you are used to it it's a pain in the ass. I prefer the GUI but obviously CLI takes considerably less resources. I'll look around for the remote desktop program for Linux, since that sounds like that's what you're looking for.

Check out http://www.tightvnc.com/ if you're wanting a GUI interface

In order to use any sort of remote desktop you're going to need to have X installed, and that's not very likely on a server. Besides, there's no reason you can't manage Linux servers completely with the CLI.

If using a GUI is absolutely necessary I would highly recommend using something extremely lightweight like twm for your window manager and then just use X Forwarding over SSH if you're connecting from another Linux machine or setup and run vncserver if you happen to be on Windows.

 

[Crusty]

Originally posted by: alfa147x

Originally posted by: Pantlegz1
looks like they're using public ips on the inside, technically it works, but I was always told not to do it. Either way, as long as you're able to SSH to where ever the web server is it'll work. find out if you have to turn SSH on in your version on lunix or if it's on by default. Then use putty to ssh to the server, I've never SSH'd to a server only routers so I'm not sure what sort of interface you would get but I would assume it would be CLI only. If you wanted to remote desktop, you would have to use another program... If you can't find anything I'll figure out what it's called tomorrow in class and let you know assuming thats what you want to do.

Thanks for the help!
I'v installed openssh on the server (currently running in VMware on my laptop) so im good
Im going to test this out tomorrow

I ran into another problem our school uses RESNET something where we have to log in to before being able to connect to the network if this is going to be a command line only system how is this going to work

If you need to use a web browser you can use lynx from the CLI. It's a command line based web browser that can do cookies/sessions.

 

[spidey07]

FYI - it's highly common for universities to use "public" address space. They were one of the first networks of the Internet and as such they own that address space, frequently multiple class Bs. The OPs is a class B.

 

[alfa147x]

Originally posted by: Crusty

Originally posted by: alfa147x

Originally posted by: Pantlegz1
looks like they're using public ips on the inside, technically it works, but I was always told not to do it. Either way, as long as you're able to SSH to where ever the web server is it'll work. find out if you have to turn SSH on in your version on lunix or if it's on by default. Then use putty to ssh to the server, I've never SSH'd to a server only routers so I'm not sure what sort of interface you would get but I would assume it would be CLI only. If you wanted to remote desktop, you would have to use another program... If you can't find anything I'll figure out what it's called tomorrow in class and let you know assuming thats what you want to do.

Thanks for the help!
I'v installed openssh on the server (currently running in VMware on my laptop) so im good
Im going to test this out tomorrow

I ran into another problem our school uses RESNET something where we have to log in to before being able to connect to the network if this is going to be a command line only system how is this going to work

If you need to use a web browser you can use lynx from the CLI. It's a command line based web browser that can do cookies/sessions.

Thanks everyone!

I really want to stick with CLI im having a blast... at times its frustrating but i like it

Ill check out that browser... Thanks!