From jep@columbus.rr.com Tue Aug 1 11:58:45 2000 Date: Wed, 26 Jul 2000 20:30:57 +0000 From: jep@columbus.rr.com Reply-To: colug@bopper.wcbe.org To: colug@bopper.wcbe.org Subject: [COLUG] Notes for Coyote Linux for tonight's COLUG meeting > MEETING NOTICE > ============== > > Central Ohio Linux Users Group > > Wednesday, July 26th., 1900 to 2100 local > > Meeting Presentation > ==================== > > The main presentation: > > Our own Jim Prior will present a Coyote Linux > system firewalling between a public and private net side. > Phil Hunter will bring along a sniffer box, and demonstrate > the ease with which passwords may be taken 'off the wire'. The notes for the above are: http://www.coyotelinux.com/ > Coyote is a distribution of Linux that is designed to > provide Internet connection sharing for a network of > computers. The entire distribution fits on and runs from a > single 1.44Mb floppy disk. Currently, Coyote is capable of > sharing Internet connections that are Ethernet, PPPoE, and > Dialup PPP based. Such connections would include cable > modems, DSL, leased lines, and standard dialups. > > Coyote Linux will run on a system with the following minimum > requirements: > > 486DX/25Mhz > 12Mb RAM > 1.44Mb Floppy > MDA or better display > 2 Ethernet Network Cards > > The system does not need a hard drive or cdrom. > > NOTE: To make life easier, PCI network cards are highly > recommended as they do not require you to know the port and > IRQ numbers during installation. I chose Coyote Linux because it would work on very minimal hardware, it knew could deal with RoadRunner, and didn't require me to know all sorts of network stuff and was free if installed from Linux. What I like about Coyote Linux: runs on cheap junk hardware from 25MHz '486 on up. only needs 8MB for my particular configuration. doesn't need any noisy/power hungry hard drives understand RoadRunner login junk (that isn't needed anymore) What I don't like about Coyote Linux: Poor documentation. Many little details could be easily documented with trivial examples. It will not run on a '386. Would have to recompile for that CPU. It might be based on older style packet filtering software. They have an easy GUI install version for money. That installation runs under Windows to create a floppy. The created floppy runs (Coyote) Linux. Months ago, our own Rick Holbert suggested: > I'd recommend only using root to mount /dev/fd0 on a > directory that your normal user account has write access to, > and running the makefloppy.sh as that normal user. > rholbert@teamamerica.com However when I did as Rick suggested, the installation would fail. I don't recall the details, only that it would not work for me. I had to run the installation as root. Their documentation is terrible for a network novice like myself. After I struggled through the installation months ago, I contributed something to the dox: > Some things about entering module information are not obvious in > v1.11 Here's what kind of input v1.11 wants to see for module > information. > > When prompted for module names, don't type the ".o" ending. > For example, for an NE2000 card, just enter "ne", not "ne.o". > > When prompted for the (beginning) I/O address, > it expects a hexadecimal number _without_ the "0x" prefix. > > When prompted for the IRQ number, > it expects a decimal number. Annotated installation: This is the installation dialogue that I ran for installing Coyote Linux to connect to RoadRunner. The installation was run under RedHat Linux 6.2. The machine that Coyote would run on was a crummy ISA only '486DX2/50 box, with only 8MB of RAM, on board video, a keyboard, a 3C509 Etherlink III ISA PnP, a genuine NE2000 (no steenking clones!) an no hard drive. Of my junk '486 boxes, I picked the one with the quietest fan. > [root@penguin /root]# umount /dev/fd0 Yup! /dev/fd0 must NOT be mounted. (I think that in older versions that it had to be mounted and already formatted.) > [root@penguin /root]# ./makefloppy.sh Also note that I'm running as root, contrary to Rick Holbert's suggestion to not do so. http://www.coyotelinux.com/faq/cache/15.html > > Coyote floppy builder script v2.0 > > Please select the type of Internet connetion that your system uses. > > 1 ) Standard Ethernet Connection > > Enter Selection: 1 > > Configuring system for Ethernet based Internet connection. > > > By default, Coyote uses the following settings for the local network > interface: > > IP Address: 192.168.0.1 > Netmask: 255.255.255.0 > Broadcast: 192.168.0.255 > Network: 192.168.0.0 > > Would you like to change these settings? [Y/N]: n It's nice to have the option to change. > > Does your Internet connection get its IP via DHCP? [y/n]: y Even I know the answer to this question. > > Install the Road Runner DEC protocol login software [y/n]: n Even though I am connecting to Road Runner, I don't have to use their stupid login junk. > > Do you want to enable the coyote DHCP server [y/n]: y Something I like about Coyote, is its ability to handle a mix of static and dynamic (DHCP) IP addresses. Its DHCP server allocates addresses starting at 192.168.0.100. Addresses from 192.168.0.2 to 192.168.0.99 inclusive are available for static IPs. > Some areas require you to specify a hostname when obtaining and DHCP address. > This hostname would have been given to you when you originally signed got > your Internet access installed. To date, the @home network is the only ISP > that I know of that sets clients up in this fashion. If you have been > supplied with a hostname for your computer, enter it here... otherwise > simply press enter. > > Enter your DHCP hostname: I just hit return. > > You now need to specify the module name and parameters for your network cards. Their documentation is terrible about helping you figure out what modules you need. I figured which modules I needed from sticking the cards in my RH box and seeing what kind of stuff linuxconf liked for them. > > If you are using PCI or EISA cards, leave the IO and IRQ lines blank. > > Enter the module name for your Internet network card: 3c509 They don't tell you to NOT enter the .o part of the module name. An example would have helped. > Enter IO address (Leave blank for PCI cards): > Enter IRQ (Leave blank for PCI cards): It is not at all obvious that you should not enter the parameters for a 3c509. Months ago, it took much experimentation to figure this out. Now their documentation at http://www.coyotelinux.com/faq/cache/28.html does say not to enter parameters for 3c509 module. > > Enter the module name for you local network card: ne > Enter IO address (Leave blank for PCI cards): 340 Which format should I enter the IO address? 0x340? 340? decimal? Again, they don't give a clue. Poor dox. A simple example would have helped much. This took much experimentation to figure out, especially with the 3c509 not wanting any parameters. > Enter IRQ (Leave blank for PCI cards): 9 Again, no clue as to what format they want number in. > Checking module deps for (3c509,ne)... > Module 3c509 dep = > Module ne dep = 8390 > Copying module: drivers/8390.o > Copying module: drivers/3c509.o > Copying module: drivers/ne.o > > If you connect to services that require an ident response from your computer > you will need to install an ident daemon. Coyote currently offers the > oidentd daemon for this purpose. > > Do you want to install the oidentd package? [Y/N]: n I have no idea what this stuff is. > > Coyote offers a package for creating VPN tunnels with other Coyote gateways > or with other computers that are running VPNd v1.1.0. If you would like > to use this package, you should read the documentation located at: > http://www.coyotelinux.com/docs/vpnd.htm > > Would you like to add VPNd? [Y/N]: n > Building package: config > Building package: dhcpd > Building package: etc > Building package: local > Building package: log > Building package: modules > Building package: oidentd > Building package: ppp > Building package: root > Building package: rrlogind > Building package: telnetd > Building package: vpnd > > Make sure that you have a floppy in the first floppy drive > in this system and press enter to continue... > > Formatting /dev/fd0 This is probably why it doesn't want the floppy to be mounted. This probably also requires this package to be run as root. > Double-sided, 80 tracks, 18 sec/track. Total capacity 1440 kB. > Formatting ... done > Verifying ... done It counts the tracks while formatting. > /sbin/mkdosfs 2.2 (06 Jul 1999) > /dev/fd0H1440 has 2 heads and 18 sectors per track, > logical sector size is 512, > using 0xf0 media descriptor, with 2880 sectors; > file system has 2 12-bit FATs and 1 sector per cluster. > FAT size is 9 sectors, and provides 2847 clusters. > Root directory contains 224 slots. > Volume ID is 397f3480, volume label coyote . > Installing boot loader... > Copying files... > Copying SYSLINUX.DPY > Copying config.lrp > Copying dhcpd.lrp > Copying etc.lrp > Copying linux > Copying local.lrp > Copying log.lrp > Copying modules.lrp > Copying root.lrp > Copying syslinux.cfg > Done. > [root@penguin coyote]# ********************************************************************* * * * Disconnect power to the RoadRunner cable modem for five minutes. * * * ********************************************************************* Disconnect from the cable modem, the vulnerable machine that was directly connected to RoadRunner. Connect the vulnerable machine to the Coyote box, and connect the Coyote box to the cable modem. Put the newly created floppy in the Coyote box. Reboot everything. You don't have to change the network configuration of the (previously) vulnerable machine. Coyote Linux insists on being able to write to the floppy disk. If your floppy disk is write protected, Coyote will not work. With a stripped down PC, hopefully the power consumption would be so low that the fan could be disconnected, making the box completely quiet. Unfortunately, my box turns off the power supply when I disconnect or stall its fan. ************************************************************************ Inquiring minds want to know: How fast can Coyote pass traffic with a 25MHz CPU versus a 50MHz CPU? How robust is Coyote to attack? Phil will have fun beating on it to find out. Jim Prior - COLUG mailing list tag line: ======================================= Want to know more: http://bopper.wcbe.org/~COLUG/index_list.html