Difference between revisions of "Workstation configuration"

From IridiaWiki
Jump to navigationJump to search
 
(83 intermediate revisions by 13 users not shown)
Line 43: Line 43:
   
 
=== Wi-Fi network configuration ===
 
=== Wi-Fi network configuration ===
All IRIDIA lab is covered by a wireless network. To join it you should get the password from the system administrator. Relevant configuration data are:
+
At IRIDIA lab there are two wireless networks. To join any of them you should get the password from the system administrator. Relevant configuration data are:
   
 
{| border="1" cellpadding="2" cellspacing="0"
 
{| border="1" cellpadding="2" cellspacing="0"
Line 49: Line 49:
 
! Description !! Value
 
! Description !! Value
 
|-
 
|-
|| Network name || dorigoextreme
+
|| Network name || Hashmal
 
|-
 
|-
 
|| Radio mode || 802.11b/g Compatible
 
|| Radio mode || 802.11b/g Compatible
 
|-
 
|-
|| Channel || 1
+
|| Channel || 4
  +
|-
  +
|| Wireless Security Mode || 128bit WEP/WPA/WPA2
  +
|-
  +
|| DNS Server || 164.15.59.200
  +
|}
  +
  +
  +
{| border="1" cellpadding="2" cellspacing="0"
  +
|-
  +
! Description !! Value
  +
|-
  +
|| Network name || sbot
  +
|-
  +
|| Radio mode || 802.11b/g Compatible
  +
|-
  +
|| Channel || 6
 
|-
 
|-
 
|| Wireless Security Mode || 128bit WEP
 
|| Wireless Security Mode || 128bit WEP
Line 59: Line 75:
 
|| DNS Server || 164.15.59.200
 
|| DNS Server || 164.15.59.200
 
|-
 
|-
|| Distributed IPs || 10.0.2.2-200
+
|| Distributed IPs || IPs are provided through DHCP from iridia.ulb.ac.be
 
|}
 
|}
   
Line 96: Line 112:
 
Now simply add a symbolic link in the runlevel 2 to this script by typing (as root) :
 
Now simply add a symbolic link in the runlevel 2 to this script by typing (as root) :
   
''# ln -s /etc/rc2.d/S12iptables /etc/init.d/iptables''
+
''# ln -s /etc/init.d/iptables /etc/rc2.d/S12iptables''
   
   
Line 110: Line 126:
 
[http://lea-linux.org/reseau/iptables.html Setting up a firewall using iptables (in french)]
 
[http://lea-linux.org/reseau/iptables.html Setting up a firewall using iptables (in french)]
   
  +
== Printer configuration ==
   
   
  +
All three printers at IRIDIA (see table "General Information") can be installed as "network printers" on your operating system ([https://help.ubuntu.com/8.10/printing/C/printing.html#network Ubuntu 8.10], [http://docs.info.apple.com/article.html?path=Mac/10.5/en/8670.html Mac OS X], [http://www.wellesley.edu/Computing/WinXP/printing.html Windows XP]). On *nix-like systems (should work also Mac OS X but if you have problems read next paragraph), the most convenient option is to install the printers using the '''LPD/LPR printing protocol''' and the drivers provided in the table below. These drivers also support some additional (hardware) features installed on the printers as listed in the table "Installable Options". On Windows XP, please install the driver '''before''' setting up a network printer. If asked to specify a "QUEUE", leave it in blank or use the value "raw_queue". The paper size should be set to A4, otherwise printers may get blocked. If you have difficulties, please contact the printers administrator (currently [http://iridia.ulb.ac.be/~mathews/ Nithin Mathews]).
== Printer configuration ==
 
  +
  +
On some Mac (e.g. MacBook with Mac Os X 10.5.6) you could have problems printing in duplex mode (double side) with the Ricoh printers (Gutenberg should be fine). When you add the two printers the system will use the default postscript drivers that do not support duplex mode. Installing the suggested unix drivers does not help. The best solution is to go to the links listed under "Windows / Mac" in the table "Driver" and download the installer and install the proper driver.
  +
  +
'''General Information'''
   
 
{| border="1" cellpadding="2" cellspacing="0"
 
{| border="1" cellpadding="2" cellspacing="0"
Line 126: Line 147:
 
gutenberg.ulb.ac.be
 
gutenberg.ulb.ac.be
 
|
 
|
HP4100
+
HP4100 PS
 
|
 
|
 
Office C.5.106A
 
Office C.5.106A
Line 135: Line 156:
 
meucci.ulb.ac.be
 
meucci.ulb.ac.be
 
|
 
|
Ricoh Aficio 1027
+
Ricoh Aficio MP 3350
 
|
 
|
 
Office C.5.106A
 
Office C.5.106A
 
|-
 
|-
 
|
 
|
  +
Sabin
EPSON_Stylus_Photo_1290
 
 
|
 
|
tinbergen.ulb.ac.be
+
sabin.ulb.ac.be
 
|
 
|
  +
Ricoh Aficio mp161 spf
EPSON Stylus Photo 1290
 
 
|
 
|
  +
Storage room
Office C.5.102A
 
 
|-
 
|-
 
|}
 
|}
   
'''Linux Install'''
 
   
# Install CUPS (Debian: apt-get install cup-sys).
 
# Run cups daemon
 
# Point printer at localhost:631
 
# Click on Printers tab. Click the button 'Add printer'
 
Use following configuration options
 
* Location and description: Ping Pong Room - Meucci OR Gutenberg
 
* Device: LPD/LPR Host or Printer
 
* Device URL: lpd://gutenberg.ulb.ac.be:515/lp OR lpd://meucci.ulb.ac.be:515/lp
 
* Model/Driver: Raw Queue
 
   
'''Windows XP Install'''
 
   
  +
'''Drivers'''
# Goto Printers->Add New Printer
 
  +
# Select Network Printer
 
  +
{| border="1" cellpadding="2" cellspacing="0"
# Enter URL http://gutenberg.ulb.ac.be OR http://meucci.ulb.ac.be
 
  +
|-
<br>
 
  +
! Name
<br>
 
  +
! *nix
  +
! Windows / Mac
  +
|-
  +
|
  +
Gutenberg
  +
|
  +
[[:File:HP_LaserJet_4100_Series.ppd.tar.gz|HP_LaserJet_4100_Series.ppd.tar.gz]]
  +
|
  +
[http://h20564.www2.hp.com/hpsc/swd/public/readIndex?sp4ts.oid=29118 HP LaserJet 4100 Printer series]
  +
|-
  +
|
  +
Meucci
  +
|
  +
[[:File:Ricoh-Aficio_MP_3350-Postscript-Ricoh.ppd.tar.gz|Ricoh-Aficio_MP_3350-Postscript-Ricoh.ppd.tar.gz]]
  +
|
  +
[http://support.ricoh.com/bb/html/dr_ut_e/re/model/mp33/mp33en.htm PCL 6 Driver]
  +
|-
  +
|
  +
Sabin
  +
|
  +
[[:File:Ricoh-Aficio_MP_161_PXL.ppd.tar.gz|Ricoh-Aficio_MP_161_PXL.ppd.tar.gz]]
  +
|
  +
[http://support.ricoh.com/bb/html/dr_ut_e/re/model/mp161/mp161en.htm PCL 6 Driver]
  +
|-
  +
|}
  +
  +
  +
'''Installable Options'''
  +
  +
{| border="1" cellpadding="2" cellspacing="0"
  +
|-
  +
! Name
  +
! Options
  +
|-
  +
|
  +
Gutenberg
  +
|
  +
* Tray 3: Installed
  +
* Duplex Unit: Installed
  +
* Printer Hard Disk: Ram Disk
  +
* Total Memory: 32 - 63MB
  +
|-
  +
|
  +
Meucci
  +
|
  +
* Bypass Tray: Installed
  +
* Optional Tray: Lower Paper Trays
  +
* Upper Internal Tray: Installed
  +
* Finisher: SR790
  +
* Duplex Unit: Installed
  +
|-
  +
|
  +
Sabin
  +
|
  +
* Lower Paper Tray: Installed
  +
|-
  +
|}
  +
  +
  +
  +
'''Ubuntu 9.10 Instructions'''
  +
  +
* System->Administration->Printing
  +
* New
  +
* Network Printer URL: socket://meucci.ulb.ac.be:9100
  +
  +
  +
'''Windows XP Instructions'''
  +
  +
* Download Drivers based on model number from http://www.ricoh-support.com
  +
** Expand into folder somewhere (e.g. on Desktop)
  +
* Control Panel -> Printers -> Add New Printer
  +
* Local Printer -> Create new TCP/IP port
  +
** Make sure outgoing network ports SNMP (161) and 9100 are open
  +
** Port IP: meucci.ulb.ac.be Port Name: meucci
  +
* Select Have Disk in Printer Driver Screen
  +
** Navigate to Expanded folder downloaded with drivers
  +
** Select OEM.. file. (Only one to show up)
   
 
== The IRIDIA and the ULB network ==
 
== The IRIDIA and the ULB network ==
Line 183: Line 271:
 
|-
 
|-
 
|
 
|
SMTP
+
Iridia SMTP
 
|
 
|
smtp.ulb.ac.be
+
iridia.ulb.ac.be
 
|-
 
|-
 
|
 
|
Line 196: Line 284:
 
|
 
|
 
iridia.ulb.ac.be
 
iridia.ulb.ac.be
  +
|-
  +
|
  +
ULB SMTP
  +
|
  +
smtp.ulb.ac.be
 
|-
 
|-
 
|
 
|
Line 208: Line 301:
 
|}
 
|}
   
The SMTP server does not require authentication. The POP and IMAP services of ULB accept unsecure connections (no SSL). The POP and IMAP servers of Iridia require secure connections (with SSL).
+
The SMTP servers do not require authentication, but use TSL for security. The POP and IMAP services of ULB accept unsecure connections (no SSL). The POP and IMAP servers of Iridia require secure connections (with SSL).
   
 
There are also web interfaces available to read the email if you can not connect to the above servers via POP or IMAP:
 
There are also web interfaces available to read the email if you can not connect to the above servers via POP or IMAP:
Line 227: Line 320:
 
[https://iridia.ulb.ac.be/squirrelmail/ https://iridia.ulb.ac.be/squirrelmail/]
 
[https://iridia.ulb.ac.be/squirrelmail/ https://iridia.ulb.ac.be/squirrelmail/]
 
|}
 
|}
 
   
 
== See also ==
 
== See also ==
Line 239: Line 331:
   
   
=== Mac OS X Software for doing research ===
+
=== Mac OS X Software to setup your research environment ===
 
Here you can find a list of softwares that you might want to check out:
 
Here you can find a list of softwares that you might want to check out:
   
* LaTeX
+
* LaTeX & BibTeX
[http://www.tug.org/mactex/ MacTeX.dmg package - Easy-to-Install Package, which contains a complete and up to date TeX system from Gerben Weirda's gwTeX redistribution]
+
[http://www.tug.org/mactex/ MacTeX.dmg package] - Easy-to-Install Package, which contains a complete and up to date TeX system from Gerben Weirda's gwTeX redistribution;
 
Free
 
Free
   
  +
[http://macromates.com/ Textmate] - editor (and much more); Commercial
[http://www.uoregon.edu/~koch/texshop/ TexShop - graphical front-end for TeX]
 
Free, GPL
 
   
  +
[http://www2.ing.unipi.it/~d9615/homepage/texniscope.html TeXniscope] - DVI/PDF previewer
[http://bibdesk.sourceforge.net/ BibDesk - graphical BibTeX-bibliography manager]
 
  +
(synchronization with external editors (e.g. Emacs) both for DVI/PDF files); Free, sources available
Free, BSD-license
 
 
[http://ktd.club.fr/programmation/latexit_en.php LaTeXiT - small utility to quickly typeset LaTeX equation obtaining PDF images]
 
Free
 
   
   
 
* Statistical analysis
 
* Statistical analysis
[http://mirrors.dotsrc.org/cran/bin/macosx/ R.app - Cocoa-based GUI for Mac OS X that was introduced in R 2.0]
+
[http://mirrors.dotsrc.org/cran/bin/macosx/ R.app] - Cocoa-based GUI for R; Free, GPL
Free, GPL
 
   
   
 
* Secure Shell
 
* Secure Shell
  +
[http://code.google.com/p/macfuse/ MacFUSE] - a FUSE-Compliant File System Implementation Mechanism;
[http://rsug.itd.umich.edu/software/fugu/ Fugu - Mac OS X SFTP, SCP and SSH Frontend]
 
Free, BSD-license
+
Free, BSD-licence
   
  +
[http://www.macfusionapp.org/ MacFusion] - a GUI for MacFUSE;
[http://projects.tynsoe.org/en/stm/index.php SSH Tunnel Manager - front-end for the ssh command when used to open tunnels between two hosts]
 
Free
+
Free, APSL-licence
   
   
 
* Version Control System
 
* Version Control System
  +
[http://media.clickablebliss.com/screencasts/intro_to_subversion_small.mov (QuickTime movie with introduction to Subversion)]
[http://metissian.com/projects/macosx/subversion/ Subversion Client with SSL and JavaHL Bindings - Binary Package]
 
Free
 
[http://landau.ulb.ac.be/~mmanfrin/media/mov/intro_to_subversion.mov (QuickTime movie with introduction to Subversion)]
 
   
  +
[http://www.lachoseinteractive.net/en/community/subversion/svnx/ svnX] - a GUI for Subversion; Free, GPL
   
  +
[http://www.versionsapp.com/ Versions] - Mac Subversion client; Commercial
* System utilities
 
[http://www.end.com/BSP/ BSP - customize the Spotlight search results with your own categories]
 
Creative Commons, Attribution-NonCommercial-ShareAlike 2.5
 
 
[http://www.cs.haifa.ac.il/%7Eshuly/unison/ Unison - cross platform file synchronization software - Binary Package]
 
Free, GPL
 
 
 
===Setting up OS X as a Scientific Programming Environment===
 
[http://www.atmos.washington.edu/~salathe/osx_unix/ Great little article in setting up a scientific programming environment on OS X]
 
 
[http://www.macresearch.org/a_few_tips_for_linux_switchers A few tips for Linux switchers]
 
 
   
 
===Project management on Mac OS X===
 
===Project management on Mac OS X===
 
[http://www.merlin2.net/ Merlin 2]
 
[http://www.merlin2.net/ Merlin 2]
 
Commercial
 
Commercial
  +
([http://www.macresearch.org/review_merlin_2 Review of the program by MacResearch.org])
   
  +
== Iridia Calendar ==
  +
* To add the calendar to your google calendar do it in: [http://iridia.ulb.ac.be/Calendars http://iridia.ulb.ac.be/Calendars] (Press the + Google button on the bottom right corner)
   
  +
* To import using ical use the following links:
===Performance Optimization on Mac OS X===
 
  +
** [https://www.google.com/calendar/ical/km87al7a1mb596h2l07mknom48%40group.calendar.google.com/public/basic.ics Iridia Seminars]
[http://landau.ulb.ac.be/~mmanfrin/media/pdf/Optimization_Tutorial.pdf WWDC 2004 - Optimization Tutorial]
 
  +
** [https://www.google.com/calendar/ical/26s3f312i7lhc2jpmvhtg4kqls%40group.calendar.google.com/public/basic.ics Robotics]
 
  +
** [https://www.google.com/calendar/ical/3aqjlr91cmusi761hounf7a7ac%40group.calendar.google.com/public/basic.ics Optimisation]
[http://landau.ulb.ac.be/~mmanfrin/media/pdf/409.pdf WWDC 2005 - Performance Analysis of Your Memory Code]
 
  +
** [https://www.google.com/calendar/ical/ait7l5qcsv24f9jmshvl2g0urc%40group.calendar.google.com/public/basic.ics Seminar Room]

Latest revision as of 16:32, 27 February 2015

Network configuration

You should get a static IP from the system administrator. Your hostname will be the name of a famous scientist and the domain is ulb.ac.be. Other relevant addresses are:

Description IP address

Gateway

164.15.10.254

DNS1

164.15.59.200

You might also need to add the following data, althoug many systems set it automatically:

Description Value

Network

164.15.10.0

Netmask

255.255.255.0

Broadcast

164.15.10.255


Wi-Fi network configuration

At IRIDIA lab there are two wireless networks. To join any of them you should get the password from the system administrator. Relevant configuration data are:

Description Value
Network name Hashmal
Radio mode 802.11b/g Compatible
Channel 4
Wireless Security Mode 128bit WEP/WPA/WPA2
DNS Server 164.15.59.200


Description Value
Network name sbot
Radio mode 802.11b/g Compatible
Channel 6
Wireless Security Mode 128bit WEP
DNS Server 164.15.59.200
Distributed IPs IPs are provided through DHCP from iridia.ulb.ac.be

Firewall configuration

Since the computers are available through direct connections from internet you should protect your machine with a firewall. Linux provides an integrated mechanism for accepting or rejecting incoming packets.

If you want to setup a good firewall quickly, you may use the following link : Firewall script generator


How to generate the firewall script ?


Usually, the interface to internet is eth0. You can check your available interfaces by typing (as root) :

# ifconfig -a

Most of the time, you wish to have an access to the computer, but you still want it to be secure. The best is to disable any inbound service except SSH. The SSH connections are encrypted so that you can safely access to the computer even if someone is tcpdumping your connection.

For the moment, I don't know how to use the Fireparse format. If you know about it just use it. Otherwise you'll have to take a look at the logs (/var/log/syslog) to monitor the possible network problems or attacks.

Now that you have all the necessary informations, you can generate the firewall script. Name this script iptables, give it execution rights (chmod u+x iptables) and put it under the directory /etc/init.d/.

Be aware that the script loads some iptables modules in your kernel. If you have recompiled your kernel then you should ensure that the necessary modules are present. If you have statically linked the code to the kernel then you should remove the modprobe commands in the firewall's script.

Now simply add a symbolic link in the runlevel 2 to this script by typing (as root) :

# ln -s /etc/init.d/iptables /etc/rc2.d/S12iptables


You should adapt the number 12 to your needs. The firewall must be run as early as possible. For example if telnet services are run before it, an attack is still possible. Be careful about this.

If you want to understand more deeply iptables, you can check the following URLs :

Iptables official website

Iptables tutorial and explanations

Setting up a firewall using iptables (in french)

Printer configuration

All three printers at IRIDIA (see table "General Information") can be installed as "network printers" on your operating system (Ubuntu 8.10, Mac OS X, Windows XP). On *nix-like systems (should work also Mac OS X but if you have problems read next paragraph), the most convenient option is to install the printers using the LPD/LPR printing protocol and the drivers provided in the table below. These drivers also support some additional (hardware) features installed on the printers as listed in the table "Installable Options". On Windows XP, please install the driver before setting up a network printer. If asked to specify a "QUEUE", leave it in blank or use the value "raw_queue". The paper size should be set to A4, otherwise printers may get blocked. If you have difficulties, please contact the printers administrator (currently Nithin Mathews).

On some Mac (e.g. MacBook with Mac Os X 10.5.6) you could have problems printing in duplex mode (double side) with the Ricoh printers (Gutenberg should be fine). When you add the two printers the system will use the default postscript drivers that do not support duplex mode. Installing the suggested unix drivers does not help. The best solution is to go to the links listed under "Windows / Mac" in the table "Driver" and download the installer and install the proper driver.

General Information

Name URL Model Location

Gutenberg

gutenberg.ulb.ac.be

HP4100 PS

Office C.5.106A

Meucci

meucci.ulb.ac.be

Ricoh Aficio MP 3350

Office C.5.106A

Sabin

sabin.ulb.ac.be

Ricoh Aficio mp161 spf

Storage room



Drivers

Name *nix Windows / Mac

Gutenberg

HP_LaserJet_4100_Series.ppd.tar.gz

HP LaserJet 4100 Printer series

Meucci

Ricoh-Aficio_MP_3350-Postscript-Ricoh.ppd.tar.gz

PCL 6 Driver

Sabin

Ricoh-Aficio_MP_161_PXL.ppd.tar.gz

PCL 6 Driver


Installable Options

Name Options

Gutenberg

  • Tray 3: Installed
  • Duplex Unit: Installed
  • Printer Hard Disk: Ram Disk
  • Total Memory: 32 - 63MB

Meucci

  • Bypass Tray: Installed
  • Optional Tray: Lower Paper Trays
  • Upper Internal Tray: Installed
  • Finisher: SR790
  • Duplex Unit: Installed

Sabin

  • Lower Paper Tray: Installed


Ubuntu 9.10 Instructions

  • System->Administration->Printing
  • New
  • Network Printer URL: socket://meucci.ulb.ac.be:9100


Windows XP Instructions

  • Download Drivers based on model number from http://www.ricoh-support.com
    • Expand into folder somewhere (e.g. on Desktop)
  • Control Panel -> Printers -> Add New Printer
  • Local Printer -> Create new TCP/IP port
    • Make sure outgoing network ports SNMP (161) and 9100 are open
    • Port IP: meucci.ulb.ac.be Port Name: meucci
  • Select Have Disk in Printer Driver Screen
    • Navigate to Expanded folder downloaded with drivers
    • Select OEM.. file. (Only one to show up)

The IRIDIA and the ULB network

The IRIDIA system administrator can create an account on the local subnet for you, however, if you want to have access to some of the computer services of the university, you'll need an account on the university network as well. Ask the secretary for the forms and the process.


Mail configuration

Assuming that you have an account on both the local and the university network the mail settings are as follows:

Service URL

Iridia SMTP

iridia.ulb.ac.be

Iridia POP

iridia.ulb.ac.be

Iridia IMAP

iridia.ulb.ac.be

ULB SMTP

smtp.ulb.ac.be

ULB POP

pop.ulb.ac.be

ULB IMAP

pop.ulb.ac.be

The SMTP servers do not require authentication, but use TSL for security. The POP and IMAP services of ULB accept unsecure connections (no SSL). The POP and IMAP servers of Iridia require secure connections (with SSL).

There are also web interfaces available to read the email if you can not connect to the above servers via POP or IMAP:

SERVER URL

ULB

https://wwwdev.ulb.ac.be/webmail2/webmail.php

IRIDIA

https://iridia.ulb.ac.be/squirrelmail/

See also

Software HOWTOs


For Mac OS X users

In order to help Mac OS X users staying updated for what concerne security issues with their systems we suggest to subscribe to the following mailing list:

Security-announce -- product security notifications and announcements from Apple


Mac OS X Software to setup your research environment

Here you can find a list of softwares that you might want to check out:

  • LaTeX & BibTeX

MacTeX.dmg package - Easy-to-Install Package, which contains a complete and up to date TeX system from Gerben Weirda's gwTeX redistribution; Free

Textmate - editor (and much more); Commercial

TeXniscope - DVI/PDF previewer (synchronization with external editors (e.g. Emacs) both for DVI/PDF files); Free, sources available


  • Statistical analysis

R.app - Cocoa-based GUI for R; Free, GPL


  • Secure Shell

MacFUSE - a FUSE-Compliant File System Implementation Mechanism; Free, BSD-licence

MacFusion - a GUI for MacFUSE; Free, APSL-licence


  • Version Control System

(QuickTime movie with introduction to Subversion)

svnX - a GUI for Subversion; Free, GPL

Versions - Mac Subversion client; Commercial

Project management on Mac OS X

Merlin 2 Commercial (Review of the program by MacResearch.org)

Iridia Calendar