This is version 0.0.7 of the LASG FAQ.
1.0 General questions
1.1 What is the LASG?
1.2 Why did you create the LASG?
1.3 Why the restrictive license
on the LASG?
1.4 Why can't I get it as
HTML/text/postscript/etc.?
1.4.1 Why can't I read this with xpdf/ghostview/etc? It says the
file is encrypted.
1.5 Why is the head site https://
only?
1.6 Where can I get the LASG?
1.7 Will there be translations of
the LASG / Can I translate the LASG?
1.8 Can I contribute to the LASG?
1.9 Will the LASG continue to be
free?
2.0 Mirroring the Guide
2.1 What software do I need?
2.2 How do I mirror it?
2.3 URL requirements
2.4 Mirroring requirements
3.0 Viewing secured webpages (https://)
3.1 Netscape problems and fixes
3.2 Lynx problems and fixes
3.3 MSIE problems and fixes
It is a security guide aimed at Linux amdinistrators and users.
1.2 Why did I create the LASG?
There is currently no generic Linux security documentation apart from the Security HOWTO which isn't terribly comprehensive (it does give a good overview however). Most Linux distributions come with some security documentation but it usually doesn't amount to more then 10 pages, and is very low level (use good passwords, etc.).
1.3 Why the restrictive license on the LASG?
Because I don't want modified versions running (i.e. I want to maintain some revision sanity) around that may be incorrect (unintentionally or intentionally), it is also a document, not a piece of software, so it is subject to somewhat different laws of development/progression. If you don't like it, don't read it. For those of you complaining that you don't have access to the source, I'm somewhat baffled.
1.4 Why can't I get it as HTML/text/postscript/etc.?
Because of reasons stated in 1.3, and because generating different formats would require a lot of overhead for my time, and the output can vary significantly (in the case of HTML or txt), as well post script cannot be read easily in Windows, and HTML will end up as an ugly mess of files once I start adding illustrations and pictures. PDF is the only language that allows me to format it nicely, and have it readable under as many OS's as possible.
1.4.1 Why can't I read this with xpdf/ghostview/etc? It says the file is encrypted.
The file is currently only available as an Adobe Acrobat file, password protected against change. On many viewers that do not support this it will not be readable, and the program will complain that the file is encrypted. To read it you will need xpdf with the encryption patches, or Adobe Acrobat Reader (preferred). You can get the adobe acrobat viewer at:
http://www.adobe.com/prodindex/acrobat/readstep.html
And patches for xpdf are available from:
1.5 Why is the head site https:// only?
Practice what you preach. The mirror sites are of course not secure (however MD5 sums of the files are available), this is something I am willing to live with since I don't have enough bandwidth to distribute the LASG from my site.
A current list is also available at: https://www.seifried.org/lasg/. A mailing list is available, send an email to Majordomo@lists.seifried.org, with "subscribe lasg-announce" in the body (no quotes) and you will be automatically added.
1.7 Will there be translations of the LASG / Can I translate the LASG?
There won't be any translations for a while yet, the guide is changing to much to make it worthwhile, same goes for creating translations, please hold off until the LASG stabilizes. Of course I can't stop you, but any translations will be rendered obsolete rather quickly.
1.8 Can I contribute to the LASG?
Yes, if you know of a software product or package I haven't listed please send me a URL, I hate searching the www. As for contributions of actuall written material pleaseask first as there is quite a bit of material I have written but not included yet, so check first.
1.9 Will the LASG continue to be free?
Definately yes. There is the possibility it will be published, but as any deal I would make to publish this guide I will require that a version of the LASG also be available online in a reasonable format (PDF, etc.) free of charge for non commercial use (as it is now).
You will need rsync, available with most distributions either as a core package or a contrib package. If you do not have it please download it from: http://rsync.samba.org/. Rsync runs on any UNIX platform.
The following command line will grab the contents of the lasg directory on my server and keep the local directory (/path/to/the/lasg/) exactly in synchronization with it. Running this command from a crontab once a day (minimum) or twice a day (maximum) is ideal.
rsync -avz --delete ftp.seifried.org::lasg /path/to/the/lasg/
The url that where the LASG will reside must be in the form:
I don't really care about the domain name, domain.nu or i.have.a.smelly.smelly.sock.seifried.org (I would prefer if it were reasonably short). I do not want ftp mirrors at this time as the guide is relatively small.
You must grab the guide at least once a day, and the site hosting it must be up 24/7, and have a T1 or greater (the LASG is almost 300k and still growing). You will need to send me the IP address of the machine so that I can add it to the access list, note this doesn't need to be the same machine actually hosting it (in case you have some strange network setup).
3.0 Viewing secured webpages (https://)
3.1 Netscape problems and fixes
Netscape navigator/communicator version 4.0 and beyond will view secure web pages without any problems. Version prior to 4.0 have an older (invalid) set of certificates installed that are no longer in use by Thawte. To install the new Thawte certificates please go to this page, it descrives in detail how to install the new certificates. Netscape navigator/communicator prior to version 3.0 will probably not be able to view the site correctly, and in any case you should upgrade since there are significant problems with them.
Most Linux distributions ship with Lynx, unfortunately very few (almost none) ship with an SSL enabled version of Lynx. You will not be able to view any secure webpages until your upgrade Lynx. SSL enabled Lynx is available from ftp.replay.com as source, rpm packages and so on. Once you have installed it you will be able to view secure web sites.
Microsoft Internet Explorer version 4.0 and beyond (with the exception of the Mac version) will view secure web pages without any problems. Versions prior to 4.0 will have an older (invalid) set of certificates installed that are no longer in use by Thawte. To install the new Thawte certificates please go to this page, it descrives in detail how to install the new certificates. If you are running MSIE 4.0 for the Mac please go to this page as it will describe how to remove the old (invalid) set of certificates. Versions prior to 3.0 will probably not be able to view the site correctly, and in any case you should upgrade since there are significant problems with them.
Copyright Kurt Seifried, 1999, All rights reserved. Read this at your own risk, etc.