This chapter contains some tools that come in handy when the network needs investigating.
The Traceroute package contains a program which is used to display the network route that packets take to reach a specified host. This is a standard network troubleshooting tool. If you find yourself unable to connect to another system, traceroute can help pinpoint the problem.
Download (FTP): ftp://ftp.ee.lbl.gov/traceroute-1.4a12.tar.gz
Download MD5 sum: 964d599ef696efccdeebe7721cd4828d
Download size: 74 KB
Estimated disk space required: 540 KB
Estimated build time: 0.01 SBU
Install Traceroute by running the following commands:
sed -i -e 's/-o bin/-o root/' Makefile.in && ./configure --prefix=/usr && make
Now, as the root user:
make install && make install-man
sed 's/-o bin/-o root/' Makefile.in: Adjusts the Makefile so that the program is installed with user root owning the files instead of user bin (which doesn't exist on a default LFS system).
make install: Installs traceroute with SUID set to root in the /usr/sbin directory. This makes it possible for all users to execute traceroute. For absolute security, turn off the SUID bit in traceroute's file permissions with the command:
chmod -v 0755 /usr/sbin/traceroute
The risk is that if a security problem such as a buffer overflow was ever found in the Traceroute code, a regular user on your system could gain root access if the program is SUID root. Of course, removing the SUID permission also makes it impossible for users other than root to utilize traceroute, so decide what's right for your individual situation.
The goal of BLFS is to be completely FHS compliant, so if you do leave the traceroute binary SUID root, then you should move traceroute to /usr/bin with the following command:
mv -v /usr/sbin/traceroute /usr/bin
This ensures that the binary is in the path for non-root users.
Last updated on 2005-08-01 13:29:19 -0600