VOICE Home Page: http://www.os2voice.org
|By Michael W. Cocke © October 2002|
Part 3: In which we discuss what you do NOT want to do, and how not to do it.
This is NOT a technical step-by-step instruction manual - this is an overview, with assorted advice and some tips and pointers. You are assumed to be familiar with MPTS and TCP/IP.
Ok, you now have all the bits and bytes, er, pieces of a very small ISP in place. I bet you think you're finished. Nope. You'll need to get your system stable and crashproof.
First of all, if you've been putting all of this stuff in your startup folder, and it's worked OK so far, you've been lucky. The issue here is 'raceway', and it's pretty simple to understand. The startup folder starts everything at once in separate threads. What you've built here, on the other hand, needs to be done in a certain order or it won't work right.
Here's my startup.cmd file, with some annotations.
NET START SERVER
@if errorlevel 2 C:\IBMLAN\NETPROG\lserr.exe
call delay 3
start /min fxkernel
start /min dbserv -s:default.db
start /min portserv -s:default.db
call delay 2
start /min icgui
REM Start up Injoy Connect first, or it seems to have some problems starting at all.
start /min cron2
REM I use and recommend cron214.zip, available on hobbes. Exactly what I use
REM for is outside the scope of this document, although if you poke around catherders.com
REM for a little while, you can probably figure it out.
start /min timekeep
REM I use Timekeeper/2, available from BMT Micro, to keep the system clocks
REM all of my servers synchronized. You'll understand why when your system clock
REM starts to wander, and you wind up running reindexes on one server while the other
REM server has the files you're trying to reindex open.
start /min gateway
REM I recommend using the text mode firewall interface after you've fooled
REM with the pretty graphics for a while. Those graphics take a lot more horsepower
REM than it appears. You can use that processor power in other places, believe me.
start /min weasel
start /c /min httpd
REM I had some problems with CGI scripts when I didn't start Apache with the
REM I don't understand it, but that doesn't mean it's not a good idea.
SWAPPATH=C:\OS2\SYSTEM 20480 20480
Last, but certainly not least, let me mention system security. This is a very complex subject, but I can (and will) offer a few very basic pointers. First, when you think you have everything set up, go to the Gibson Research web site and have your shields tested and ports scanned. If you've got anything (especially NETBIOS) exposed that you don't know about, this will tell you that you have a problem. Another good idea is to periodically check the Apache mailing list, to see if any particular security issues have arisen. You may also want to remember to change your telnet and ftp passwords periodically. I haven't even scratched the surface of this subject, but I hope that at least I've reminded you that it exists.
A DNS (Domain Name Server). This is on my list of things to do someday, but I'm generally acknowledged to be a lunatic. Tell you what: download BIND from hobbes and pick up a copy of the O'Reilly book "DNS and BIND". Look through it. Now tell me, with a straight face, that you really want to set up a DNS. Unless you do this stuff for a living (like I do), you really don't want to get involved with BIND. Even if you DO do this for a living, you probably want to avoid this.
If you are associated with any of the companies or people who produce any of
the software that I've mentioned and disagree with my views, please feel free to
email me. This document is based on personal
experience - what I said happened, happened. I have detailed what worked for me
and, in some cases, what didn't. I'm always willing to learn, and usually willing
to help debug (my time is limited).
Mike's Notebook - http://www.catherders.com/mwcexp.shtml web site contains an assortment of frequently updated articles and tips for OS/2 users.
[Previous Page] [Newsletter Index] [Next Page]
VOICE Home Page: http://www.os2voice.org