diff --git a/Manuals/Tcpi-ug/Configurations/Dialup/intro.docbook b/Manuals/Tcpi-ug/Configurations/Dialup/intro.docbook index 6c3a7b8..1a327c5 100644 --- a/Manuals/Tcpi-ug/Configurations/Dialup/intro.docbook +++ b/Manuals/Tcpi-ug/Configurations/Dialup/intro.docbook @@ -1,4 +1,4 @@ - + Introduction @@ -6,206 +6,19 @@ This chapter describes two computers configuration, one acting as server and other as client. The server computer will be configured to provide internet services and the client to make - use of internet services provided by the server computer. The - connection medium both client and server computer use is the - telelphone line (i.e., the same medium you use to realize - phone calls). In this configuration, both client and server - computers use special devices named Modems to - transmit data in form of sound across the telephone line. The - configuration described in this chapter could be a good choise - when the only communication medium you have access to is the - telephone system. - - - - Even this configuration tries to reduce the lack of - communication, there are limitations around it that we cannot - take off, yet. The following list shows what these limitations - are: - - - - - - Only one connection (of 15 minutes) is possible at a time. - - - - - More than 3 consecutive connections from the same phone number - in a time range of 60 minutes means that that number is - attacking the ISP to provoke a Denying of - Service (DoS) attacks. In such cases, the phone number - originating the phone call will be denyed from realizing - further phone calls onto the ISP in the next 15 minutes. If - after 15 mintes, 3 new consecutive connections are detected - from the same phone number than before, the delay time will be - duplicated on each consecutive interval (e.g., 15*1 for the - first time, 15*2 for the second time, 15*3 for the third time, - and so on). - - - - - In order to achieve an acceptable degree of efficiency when - controlling consecutive connections from the same phone - number, it is required that both the client's phone number and - connection time be registered somehow in the server (e.g., Is - it on pppd's log file?). Without such information it would be - very difficult to achieve any prevention against DoS attacks - originated from incoming calls. - - - - - - - The ISP is isolated from Internet, so it is not possible to - provide Internet access through the ISP. For example, don't - ever think you will be able to send international e-mail to - Gmail or Yahoo, nor visit web sites like Google or Wikipedia. - I really would like to provide such accesses, but without a - link to Internet I don't have where to send your requests. - - - - - The information generated inside the ISP is jailed to it. This - way, it will be available to people registered inside the ISP - only (e.g., through the web interface). - - - - - The implementation of services that required persistent - connections (e.g., chats) will not - be considered as a practical offer. Instead, only - asynchronous services (e.g., - e-mail) will be supported. This - restriction is required to reduce the connection effective - times. For example, consider an environment where you connect - the ISP to send/receive e-mails only and then quickly - disconnect from ISP to release the line for others to use. - There is no need for you to be connected at the same time - someone else sends you an e-mail, this in order for you to - receive it. E-mail messages sent to you will be available in - your mailbox the next time you establish a point-to-point - connection with the ISP and use your mail client to send and - receive new messages. Likewise, you don't need to be connected - to the ISP in order to write your e-mail messages. You can - write your messages off-line and then establish connection to - send it whe it be ready. - - - - - Your user profile will be automatically removed from the ISP - when no effective point-to-point connection be established by - you in a period greater than 7 days since the last effective - point-to-point connection you established to the ISP. When - your user profile is removed, you will need to get registered - again (i.e., create a new user profile) using the web - interface provided by the ISP. - - - - When a user receive messages, the user's e-mail client must be - configure to move the e-mail messages from server to client. - This is forced in the ISP computer by denying user's from - accessing the IMAP service. Only POP service will be - available. This restriction is required to save disk space on - ISP computer. - - - - - - I'm very sorry about these limitations, but this is the best I - can offer with one PC, one modem, and one single telephone - line. If you think this configuration can be improved somehow, - please send me an e-mail to - al@projects.centos.org. Notice that, in order - for you to be able to send e-mails to this address you need to - do it using the Mail Transfer Agent provided in the server - computer. I don't answer phone calls personally, the phone is - very busy answering point-to-point connections ;). - - - - - The projects.centos.org mentioned in - this chapter must not be confused with the real infrastructure - provided by &TCP; on Internet. The domain name mentioned in - this chapter is not available on Internet and was created to - illustrate the real infrastructure inside an isolated - environment. - - - - - In order for you to share information with others, it is - required that both you and the person you want to share - information with, have an e-mail address registered inside - ISP. This registration process is realized through a secured - web interface accessable through an encrypted connection. The - web interface provided should permit everyone to update or - delete their personal profiles. All actions realized through - this web interface must be simple enough to be achieved in - less than 15 minutes (the time you have before the - point-to-point connection be closed by the ISP). - - - - Inside the ISP, user information is stored inside an LDAP - server. The web application manipulates LDAP records and all - related files inside the operating system that make possible a - user to establish a point-to-point connection to the ISP, as - well as registering, updating or deleting its profile inside - the ISP. Care should be taken to prevent one user to - modify/delete profiles from other users. The user's profile - administration is individual to each user using the user's - identity as reference. The user's identity is determined by a - username (e.g., the e-mail address) and a password. The LDAP - server will be available for everyone to consult from their - mail clients. Inside the web application, verifications must - be included to avoid duplicated values, invalid characters and - similar stuff. + use of those internet services provided by the server + computer. The connection medium both client and server + computer use is the telelphone line (i.e., the same medium you + use to realize phone calls). In this configuration, both + client and server computers use special devices named + Modems to transmit data in form of sound across + the telephone line. - Inside the ISP, all related subsystems (e.g., Postix, - Cyrus-Imapd and Saslauthd) must retrive user information from - LDAP server. Likewise, the mailbox administration must be - automated based on the users in the LDAP server. The web - application must be able to be aware of all files related - inside the infrastructure in a way that administration tasks - can be automated and presented friendly to end users (this - will required the web application to run some program that - needs root privileges =:-|). The whole process would be as - follows: - - - - - Establish a point-to-point connection to ISP, as described in - . - - - - - Register a new user profile through the web application - provided by the ISP. - - - - - Configure your workstation using the information provided as - result of a successful registration in order to start using - the services provided by the ISP you recently get registered - in. + The configuration described in this chapter is a good choise + when the only communication medium you have access to is a + telephone network. - - - +