How To Set Up A Terminal Server In Linux Using Ubuntu 9.10 And FreeNX

FreeNX is an open source implementation of NoMachine’s NX Server. It is a bit more akin to Microsoft’s RDP protocol that the usual VNC, so while keeping bandwidth to a minimum, it maintains good visual quality and responsiveness.

How To Set Up A Terminal Server In Linux Using Ubuntu 9.10 And FreeNX
(author unknown)
Mon, 25 Jan 2010 16:42:09 GMT

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

Consider the following scenario:

• You connect a Windows Vista-based computer to a network.
• A router or other device that is configured as a Dynamic Host Configuration Protocol (DHCP) server is configured on the network.
• The router or the other device does not support the DHCP BROADCAST flag.

In this scenario, Windows Vista cannot obtain an IP address.

Consider the following scenario:

• You just bought your son a new Toshiba tablet with Vista Business pre-installed on it. You want to make sure that when the tablet goes off to school it has all critical patches applied.
• You are using pfSense as a DHCP server.
• The XP, Linux, and Windows 7 computers are able to connect to the network and get an IP address.

You would have thought DHCP problems were solved twenty years ago but here is the solution.

Windows Vista cannot obtain an IP address from certain routers or from certain non-Microsoft DHCP servers

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

Updating the DNS with DKIM information

This task was relatively easy. I copied the DKIM information in the iRedMail.tips into a trouble ticket with my web provider. About 24 hours later it was ready to test. I sent an emails to my Yahoo account, sa-test@sendmail.net, and autorespond+dkim@dk.elandsys.com. Although the email from dk.elandsys.com was the first to respond, it said it did not work. When I checked my Yahoo account the headers said the email was signed correctly with DKIM. Ironically the return email from sendmail.net ended up in my Junk Mail folder. It said that everything worked correctly. For one more test I created a Gmail account and sent an email to it, too. It said the email was signed correctly.

Local DNS, naming standards, and more Postfix problems

The next challenge was to configure Postfix to accept both local email addresses and email addresses for the exchange server under the same domain. I used PostFixAdmin to create Aliases that pointed to the Exchange server emails(e. g. myemail@mybusiness.com points to myemail@mybusiness.local). PostFix complained about the DNS records for my Exchange server so I added mybusiness.local as a relay_domain and set up a psuedo DNS so that PostFix can find the IP address for my Exchange server. In my case I decided to let my pfSense firewall act as a local DNS server to serve up the local IP addresses. At this point I can email to everyone from a local iRedMail account but I cannot get replies until I set up iRedMail as the SMTP gateway and the Exchange server as a relay domain.

PostFix domain checks get me again!

It took me a long time to figure this out. When I changed the firewall to redirect SMTP traffic to the PostFix gateway I could not get any mail. I thought I had messed up the firewall settings so I kept trying different settings. I was pretty limited with my testing tools. If I could Telnet into port 25 I could see what is happening but I could not make the connection work as long as I was located on this side of the firewall. Fortunately I found a solution on the Internet. The dnsqueries.com site provides a page, http://www.dnsqueries.com/en/smtp_test_check.php, that allows me to check my local SMTP connection using their server.  Within minutes I figured out that my email server did not like my sender’s domain. In fact it did not like anyone’s domain. This was the same type of problem I had with the Postfix recipient domain check, so I removed the sender domain check and the emails starting flowing.

What have I achieved?

• I have a gateway that checks all incoming mail for spam and viruses. Postini offers a similar service for about $1 per user per month. We use MXLogic at work.
• I have an alternate email server that allows me to send email that passes the SPF and DKIM checks. One of the reasons I investigated iRedMail was to use it for sending out a newsletter at work. Like many Internet retailers we get a chunk of our business as a result of our biweekly newsletter. In our case DKIM is another piece of the puzzle to improve our sender reputation. Since both Yahoo and Gmail require DKIM signing in order to set up feedback loops, DKIM is probably essential if you have ambitions of having a pristine email list. For those folks looking at ways to cut the umbilical cord to Microsoft this is one of several low cost, low maintenance migration alternatives to a local Exchange server.

Related posts:

1. Cleaning up an existing newsletter mailing list In December 2008 I was asked to clean up some...
2. Importing Self-signed CA Certificate into Windows 7 Yesterday I opted to create self-signed certificates for my local...
3. Notes on Installing the Network Monitoring Appliance A couple of weeks ago I installed the Network Monitoring...

Related posts brought to you by Yet Another Related Posts Plugin.

Unlike many firewalls Microsoft’s firewall typically restricts anonymous access. This typically is not a problem for most applications that run on Windows computers since the users are logged into the Active Domain. Occasionally there are applications that fail to connect to the internet despite the user being logged into the domain. Most of the time you need to open some non-standard ports to fix the problem. In this case McAfee is using standard HTTP and HTTPS ports and still failing to connect.

The solution is to create an anonymous access rule to the McAfee update site and to configure the client to not use the ISA Firewall client for these sites. One way to accomplish this  is to configure Internet explorer(Tools-Internet Options-Connections-Lan settings-Advanced) to not use the proxy. This is the way I got McAfee to update. Another way is to configure the properties for the internal network in ISA to use direct access for these sites. You can configure a GPO, too.

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

As the firewall came up the second time, it upgraded SNORT. After logging into the administrative panel again, I saw that NMAP worked. Okay, that’s a step forward. Next I tried NTOP but the screen would not come up. Thinking it might have forgotten the configuration settings, I configured NTOP. It worked. Next I installed Open-VM-Tools since I run my firewall as virtual machine. Finally I tried SNORT. I could configure it but it still had problems downloading rules. This was the problem I had previously under 1.2 so I uninstalled SNORT. Everything seems to be working so it is probably safe to forget it for a couple more months.

Related posts:

1. Windows 7 Upgrade from Windows XP Home I think I can finally say that I have finished...

Related posts brought to you by Yet Another Related Posts Plugin.