Using Linux with Comcast @Home

First, you really must secure your machine. From reading through my system logs and observing the number of script kiddies, I can pretty much guarantee that you'll get broken into if you have any well-known holes.

A good place to start is the Linux Security HOWTO. If you're running a single-user machine like I am, probably the most important point is to disable any services that you don't need by editing /etc/inetd.conf. Make sure that the rest are using TCP wrappers, and edit /etc/hosts.allow and /etc/hosts.deny to control access to them.

Be sure to keep your distribution up-to-date with any security patches. Monitor the appropriate updates page for your distribution. Linux Weekly News is good for security summaries. If an exploit is found, you can at least find out about it even if no fix is yet available for your distribution.

Keep good backups just in case.

Get your ethernet connection working under Linux. I can't really help you here.

At least in my area, @Home seems to provide static IP addresses. If you have a dual boot machine with Windows installed, one way to get connected is to have the install technician set up Windows for @Home and then crib the appropriate information by running winipcfg.

Alternatively, the technician will have a sheet that lists IP address, DNS servers, etc. Mine left a copy of this with me, but it turned out to be missing the gateway address. Be sure to look it over before he leaves.

The slickest way is to use a DHCP client; your distribution probably has one. The only caveat is that you need a version that is recent enough to accept the -h (hostname) switch. Under Debian, the script to start the client is in /etc/init.d/dhcpc, and it references /etc/dhcpc/config. To have the client configure eth0, this file should include lines like

OPTIONS="-h cc123456-a"
The cc123456-a should be replaced by your machine's name, as assigned by @Home. It's listed as ``DNS Name'' on the above mentioned install sheet.

Configuring things for web, netnews and email is pretty simple. For web access, a web proxy name and port should be provided on the install sheet. You can enter this information directly into Netscape. Actually, you don't really need this; everything should work fine with no proxy. DNS lookups via the @Home name servers are a bit slow on my machine though, so I'd suggest running a local name server to do caching. It's not strictly necessary though. News is provided by an NNTP server whose name should also be listed on the sheet. If you use something like Netscape for email, it's probably also straightforward. I read and send mail in Emacs, so things were a little more involved. I get mail from the @Home mail server with a POP3 client, in my case fetchmail. To send mail, I had to rewrite the From: field, otherwise I'd get occasional bounces due to DNS problems. In any case, the address
is really ugly :-). Rewriting the header in my mailer, exim, is done with a line like bcfrF
in the rewrite configuration section of /etc/exim.conf.