Book Image

Linux Networking Cookbook

By : Agnello Dsouza, Gregory Boyce
5 (1)
Book Image

Linux Networking Cookbook

5 (1)
By: Agnello Dsouza, Gregory Boyce

Overview of this book

Linux can be configured as a networked workstation, a DNS server, a mail server, a firewall, a gateway router, and many other things. These are all part of administration tasks, hence network administration is one of the main tasks of Linux system administration. By knowing how to configure system network interfaces in a reliable and optimal manner, Linux administrators can deploy and configure several network services including file, web, mail, and servers while working in large enterprise environments. Starting with a simple Linux router that passes traffic between two private networks, you will see how to enable NAT on the router in order to allow Internet access from the network, and will also enable DHCP on the network to ease configuration of client systems. You will then move on to configuring your own DNS server on your local network using bind9 and tying it into your DHCP server to allow automatic configuration of local hostnames. You will then future enable your network by setting up IPv6 via tunnel providers. Moving on, we’ll configure Samba to centralize authentication for your network services; we will also configure Linux client to leverage it for authentication, and set up a RADIUS server that uses the directory server for authentication. Toward the end, you will have a network with a number of services running on it, and will implement monitoring in order to detect problems as they occur.
Table of Contents (19 chapters)
Linux Networking Cookbook
About the Author
About the Reviewer

Securing your web applications using mod_security

Now that you're able to execute the PHP code, you're also ready for people to attempt to exploit your PHP code. While PHP code can certainly be secure, it often appeals to new developers who have not yet learned secure coding practices. In a situation like this, it can be helpful to have some additional protection in the form of a Web Application Firewall.

Mod_Security is an open source Web Application Firewall (WAF) for Apache. It is able to interpret full HTTP requests and responses in order to detect and block attempts at performing various HTTP attacks like SQL injection, cross site scripting and others.

How to do it…

The first thing you need to do is to install and enable the module in detection mode:

Installing on Ubuntu 14.04:

  1. Install the package:

    sudo apt-get install libapache2-mod-security2
  2. Setup the mod_security configuration file:

    sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf
  3. Restart the service...