Thank you for your kindness and the detailed help. He did write down his logins, but I am not sure what box is what so I have to figure out how to get to the firewall to log in. I just wish I had paid more attention. I assumed I would have time to learn this from him at a later date :( I have LOTS of reading ahead of me. Thank you again for the help. I truly apprecaite it. I need all the help I can get. MB
On 3/6/07, Daniel T. Staal <[EMAIL PROTECTED]> wrote: > > On Mon, March 5, 2007 5:45 pm, mrs borhtej said: > > I sent this to openbsd misc but someone suggested this list.... I realize > > I may get flamed or ignored here, but I need help. > > We occasionally ignore people, but we make an effort not to flame them. > That's the difference between us and [EMAIL PROTECTED] ;) > > > I hope someone will have the compassion to point me in the right > > direction. My husband passed away, and left this great LAN setup using > > OpenBSD. I LOVE using OpenBSD, but I thought we would have more time > > together for him to teach me, like he wanted to. Unfortunately, I didn't > > have him show me what's what while he was still able, and I have only > > used this OS as a desktop user. I CANNOT go back to Windows. He unplugged > > his mail and webservers before he passed away, and I need to know how in > > the world do I figure out what's what with this LAN? Even if I sign in as > > him I do not know what to look at to figure this stuff out. I am > > determined to teach myself this stuff, just like he did. I will be > > moving soon and I don't even know what files to configure with the new > > IPs once I get moved. I have a basic understanding of UNIX and VI. I > > know I can figure this stuff out but I just have to know where to start. > > Can anyone give me a clue? I have watched him do this stuff for years, > > and I know I can learn it, but I just do not know where to start. Please > > be nice... :( > > Let this be a lesson to all of us: _Document your networks!_ > > Ok, so let's start at the top. You want to know how your LAN is set up. > That breaks down to knowing three things: > 1) What services are set up. > 2) What machines the services are running on. > 3) How those services are configured. > > I'm going to assume you have root-level access to all the machines. If > not, tell us and we can tell you how to get it. (With access to the > machines, you _can_ get it.) > > We know that mail and web were set up, but are on machines not running. > Since he was running OpenBSD, I'll assume he's running a firewall/packet > filter. Two other common services are also going to be helpful, assuming > he set them up: DNS and DHCP. These are all places where _every_ machine > is going to need to connect to do something or other. > > I would start by going to the firewall and running 'pfctl -s all', and > piping that to a file. You are going to want to refer to that file: It > lists _every_ machine on your lan that is visible from the external > internet, by service, probably in two/three sections: The 'nat' section > (assuming you are doing nat), the 'rules' section, and if there are any > active connections at the time you run it in the 'state' section. > > Cross-compare this to the /etc/pf.conf file from that same machine: It > will have the same nat and rules, but using different wording. Between > the two of these you will be able to work out how the network looks to the > outside, and which machines _those_ services are running on. Check to see > if your husband used names or IP addresses to refer to things on the local > network, and see what is on what machines. Something to look for in this > is to see if any proxyies are set up: they would be redirects of external > connections to the firewall itself, most likely. > > Something else to run on every machine at some point is the command 'ps > -aux'. This will list every process running on that machine, as well as > what user it is running as. (I'd recommend reading the documentation > pages on most of them. Most home servers don't have too long of a list, > and this is a good place to see what _is_ running.) > > Ok, my next stop would be the DNS machine, assuming you have one. It's > not needed, but it makes setup and reconfig a bit easier. Find the > machine that has 'named' running on it, and look in /var/named/etc/ for > the config files. Read through them, and see if your husband left any > clues to what ran on what in what he named things. If he was nice, he > probably has service aliases set up: mail.*, www.*, etc. That will help > immensely, as they are direct pieces of info that you need. > > Hopefully, at this point, you have a an idea of the general _outside_ > setup of this network, and a scetchy view of how the _inside_ network is > set up to support that. NAT would _very_ good: then you only need to > change the external IP address of the firewall, and (possibly) the lines > that refer to it in the pf.conf. You also have a list of what is running > where, and with that and some (ok, _lots_) of reading, you can figure out > where config files are and how things are configured. > > Ok, that's a start at least. Let's see if anyone else can tell me where > I'm being stupid. ;) > > Daniel T. Staal > > --------------------------------------------------------------- > This email copyright the author. Unless otherwise noted, you > are expressly allowed to retransmit, quote, or otherwise use > the contents for non-commercial purposes. This copyright will > expire 5 years after the author's death, or in 30 years, > whichever is longer, unless such a period is in excess of > local copyright law. > --------------------------------------------------------------- > > _______________________________________________ > Openbsd-newbies mailing list > [email protected] > http://mailman.theapt.org/listinfo/openbsd-newbies > _______________________________________________ Openbsd-newbies mailing list [email protected] http://mailman.theapt.org/listinfo/openbsd-newbies
