Book Image

Linux Networking Cookbook

By : Agnello Dsouza, Gregory Boyce
5 (1)
Book Image

Linux Networking Cookbook

5 (1)
By: Agnello Dsouza, Gregory Boyce

Overview of this book

Linux can be configured as a networked workstation, a DNS server, a mail server, a firewall, a gateway router, and many other things. These are all part of administration tasks, hence network administration is one of the main tasks of Linux system administration. By knowing how to configure system network interfaces in a reliable and optimal manner, Linux administrators can deploy and configure several network services including file, web, mail, and servers while working in large enterprise environments. Starting with a simple Linux router that passes traffic between two private networks, you will see how to enable NAT on the router in order to allow Internet access from the network, and will also enable DHCP on the network to ease configuration of client systems. You will then move on to configuring your own DNS server on your local network using bind9 and tying it into your DHCP server to allow automatic configuration of local hostnames. You will then future enable your network by setting up IPv6 via tunnel providers. Moving on, we’ll configure Samba to centralize authentication for your network services; we will also configure Linux client to leverage it for authentication, and set up a RADIUS server that uses the directory server for authentication. Toward the end, you will have a network with a number of services running on it, and will implement monitoring in order to detect problems as they occur.
Table of Contents (19 chapters)
Linux Networking Cookbook
Credits
About the Author
About the Reviewer
www.PacktPub.com
Preface
Index

Index

A

  • Active Directory requirements
    • about / Active Directory requirements
    • synchronized time / Active Directory requirements
    • ability to manage DNS records / Active Directory requirements
    • static IP address / Active Directory requirements
  • Active Directory Services (ADS) security mode / How it works…
  • aliases
    • setting up / Setting up aliases
  • Apache
    • configuring, with TLS / Configuring Apache with TLS, How it works…
    • WebDAV, configuring through / Configuring WebDAV through Apache, How to do it…
  • Apache module
    • used, for setting up PHP / Setting up PHP using an Apache module, How it works…
  • Apache modules
    • about / Apache modules
  • Arp-Scan
    • used, for detecting systems / Detecting Systems Using Arp-Scan, How to do it…
    • working / How it works…
  • authenticated access
    • granting / Granting authenticated access, How it works…
  • authentication, for outbound e-mail
    • configuring / Configuring authentication for outbound e-mail, How it works…
  • authnz_external configuration
    • about / Authnz_external configuration

B

  • Backup Domain Controller (BDC) / Introduction
  • Bayesian Filtering
    • about / Blocking spam with Greylisting
  • bind configuration
    • about / Bind configuration
    • tkey-gssapi-keytab / Bind configuration
    • dlz setting / Bind configuration
    • Zone updating / Bind configuration
    • Apparmor rules changes / Bind configuration

C

  • centralized logging
    • setting up / Setting up centralized logging
    • input methods / Input methods
    • output methods / Output methods, How it works…
  • Core Rules Set (CRS) / How it works…

D

  • defined ports
    • forwarding, OpenSSH used / Using OpenSSH to forward defined ports, How it works…
  • DHCP
    • setting up / Setting up DHCP, How it works…
    • global configuration parameters / How it works…
  • directory definition
    • about / Directory definition
    • authentication / Authentication/Authorization:
    • authorization / Authentication/Authorization:
    • basic Apache Directory configuration / Basic Apache directory configuration:
    • WebDAV, enabling / Enable WebDAV:
  • directory directive
    • about / Directory directive
  • DNS
    • configuring, for XMPP / Configuring DNS for XMPP, How it works…
  • DNS backends
    • SAMBA_INTERNAL / Using Samba-tool
    • BIND9_DLZ / Using Samba-tool
    • BIND_FLATFILE / Using Samba-tool
  • DNS records
    • setting up, for e-mail delivery / Setting up DNS records for e-mail delivery, How it works…
  • Domain Name System (DNS)
    • about / Introduction
  • dynamic DNS
    • configuring, on local network / Configuring dynamic DNS on your local network, How to do it…, How it works…

E

  • E-mail infrastructure
    • Mail Transfer Agent (MTA) / Introduction
    • Mail Delivery Agent (MDA) / Introduction
    • Mail User Agent (MUA) / Introduction
  • ejabberd
    • installing / How to do it...
    • authentication, configuring / Configuring authentication
    • listening ports, configuring / Configuring listening ports
    • access control / Access control
    • modules / Modules
  • ejabberd installation and operations guide
    • reference / Modules
  • Extra Packages for Enterprise Linux (EPEL) repository / How to do it…

F

  • FastCGI
    • used, for setting up PHP in Ngnix / Setting up PHP in NGINX with FastCGI, How to do it…
  • files
    • serving, with SMB/CIFS through Samba / Serving files with SMB/CIFS through Samba, How it works…
  • firewall
    • setting up, with iptables / Setting up a firewall with IPtables, How it works…
  • fully qualified domain name (FQDN) / How to do it…

G

  • gaim / Configuring the Pidgin client
  • global configuration parameters, DHCP
    • ddns-update-style / How it works…
    • option domain-name / How it works…
    • option domain-name-servers / How it works…
    • Max-lease-time and default-lease-time / How it works…
    • authoritative directive / How it works…
  • greylisting
    • about / Blocking spam with Greylisting

H

  • hacker tool
    • about / Detecting systems on your network with NMAP
  • hostgroups / How it works…
  • Host header / How it works…
  • hosts
    • adding, in Nagios / Adding Nagios hosts, How it works…
  • HTTP service, ejabberd
    • http_bind / HTTP Service
    • http_poll / HTTP Service
    • web_admin / HTTP Service
  • Hurricane Electric
    • about / Setting up an IPv6 tunnel via Hurricane Electric
    • IPv6 tunnel, setting up via / Setting up an IPv6 tunnel via Hurricane Electric, How to do it…

I

  • IMAP
    • configuring / Configuring IMAP, How it works…
  • Internet Assigned Numbers Authority (IANA) / How it works…
  • Internet of Things (IoT)
    • about / Introduction
  • ip6tables
    • used, for firewalling IPv6 traffic / Using ip6tables to firewall your IPv6 traffic, How it works…
  • iptables
    • about / How it works…
    • firewall, setting up with / Setting up a firewall with IPtables, How it works…
  • IPv4
    • configuring / Configuring IPv4, How to do it…
    • configuring permanently / Configuring IPv4 permanently
  • IPv6 netblock
    • routing, to local network / Route an IPv6 netblock to your local network
  • IPv6 traffic
    • firewalling, ip6tables used / Using ip6tables to firewall your IPv6 traffic, How it works…
  • IPv6 tunnel
    • setting up, via Hurricane Electric / Setting up an IPv6 tunnel via Hurricane Electric, How it works…

J

  • Jabber ID (JID) / Access control

L

  • libpurple / Configuring the Pidgin client
  • Linux box
    • joining, to domain / Joining a Linux box to the domain, How it works…
  • listening ports, ejabberd
    • configuring / Configuring listening ports
    • C2S service / C2S service
    • S2S service / S2S service
    • HTTP service / HTTP Service
  • local network
    • IPv6 netblock, routing to / Route an IPv6 netblock to your local network
  • local recursive resolver
    • setting up / Setting up a local recursive resolver, How it works…

M

  • Mail Exchanger (MX) records / Setting up DNS records for e-mail delivery
  • Mandatory Access Control (MAC)
    • about / Directory directive
  • modules, ejabberd
    • about / Modules
    • mod_muc / mod_muc
    • mod_roster / mod_roster
    • mod_announce / mod_announce
  • mod_security
    • used, for securing web applications / Securing your web applications using mod_security, How to do it…
  • Multi-Processing Modules (MPM)
    • about / Improving scaling with the Worker MPM, How to do it…, How it works…
  • Multi-User Chat (MUC) rooms / Configuring your account

N

  • Nagios
    • about / Installing Nagios
    • installing / Installing Nagios, How it works…
    • users, adding / Adding Nagios users, How to do it…
    • hosts, adding / Adding Nagios hosts, How it works…
    • services, monitoring / Monitoring services, How it works…
    • commands, defining / Defining commands, How it works…
  • Nagios Remote Plugin Executer (NRPE)
    • about / Monitoring via NRPE
    • monitoring via / Monitoring via NRPE
  • nameserver
    • setting up, for public domain / Setting up a nameserver for your public domain, How to do it..., How it works…
  • Neighbor Discovery Protocol (NDP) / How it works…
  • Network Address Translation (NAT)
    • about / Introduction
    • enabling, to outside / Enabling NAT to the outside, How it works…
  • network interface card (NIC) / How it works…
  • Network Intrusion Detection Systems (NIDS) / Installing a Snort IDS
  • networks
    • connecting / Connecting two networks, How to do it…, How it works…
  • NFS server
    • setting up / Setting up an NFS server, How it works…
    • path to share / How it works…
    • client definition / How it works…
  • NGINX
    • about / Introduction
    • configuring, with TLS / Configuring NGINX with TLS, How to do it…, How it works...
  • Ngnix
    • PHP, setting up with FastCGI / Setting up PHP in NGINX with FastCGI, How to do it…
  • NMAP
    • used, for detecting systems on network / Detecting systems on your network with NMAP, How to do it…, How it works…
  • nonitoring, via NRPE
    • about / Monitoring via NRPE
    • on target / On the target
    • on Nagios host / On the Nagios host

O

  • Off the Record (OTR) protocol / Configuring the Pidgin client
  • OpenSSH
    • installing / Installing OpenSSH, How to do it…, How it works…
    • using, as basic shell client / Using OpenSSH as a basic shell client, How to do it…, How it works…
    • using, to forward defined ports / Using OpenSSH to forward defined ports, How it works…
    • using, as SOCKS proxy / Using OpenSSH as a SOCKS proxy, How to do it…, How it works…
  • OpenVPN
    • about / Using OpenVPN
    • using / Using OpenVPN, How to do it…, How it works...
  • operating systems
    • identifying / Identifying operating systems, How it works…
  • other logging options, Snort logging
    • alert_full / Other logging options
    • csv / Other logging options
    • log_null / Other logging options
    • alert_unixsock / Other logging options

P

  • PAM (Pluggable Authentication Modules) system / How it works…
  • PHP
    • setting up, Apache module used / Setting up PHP using an Apache module, How it works…
  • physical network
    • setting up / Setting up the physical network
  • Pidgin
    • configuring / Configuring the Pidgin client
    • installling / Install pidgin
    • URL / Install pidgin
    • account, configuring / Configuring your account, How it works…
  • port forwarding
    • setting up / Setting up port forwarding, How to do it…
  • Postfix
    • configuring, for sending and receiving e-mail / How to do it…, How it works…, There's more…
    • mydomain / How it works…
    • mydestination / How it works…
    • mynetworks / How it works…
    • postmaster / There's more…
    • abuse / There's more…
    • hostmaster / There's more…
    • webmaster/www / There's more…
    • configuring, to support TLS / Configuring Postfix to support TLS
  • primary domain controller (PDC) / Configuring Samba as an Active Directory compatible directory service
  • PuTTY
    • about / How to do it…
    • reference / How to do it…

R

  • Reputation Block Lists (RBLs)
    • about / Blocking spam with Greylisting

S

  • Samba
    • configuring, as Active Directory compatible directory service / Configuring Samba as an Active Directory compatible directory service, How to do it…
    • domain name, selecting / Selecting a realm and domain name
  • Samba-tool
    • about / Using Samba-tool
    • using / Using Samba-tool
  • scp (secure copy) / How it works…
  • Secure Shell (SSH) server / Installing OpenSSH
  • services
    • identifying / Identifying services, How it works…
  • services, Nagios
    • monitoring / Monitoring services, How it works…
  • sftp (secure file transfer program) / How it works…
  • Simple Mail Transport Protocol (SMTP)
    • about / Introduction
  • slave nameservers
    • setting up / Setting up a slave nameserver, How it works…
  • smarthost
    • setting up / Setting up a smarthost
    • relays, without authentication / Relays without authentication
    • relays, with auth / Relays with Auth
  • SNMP
    • monitoring via / Monitoring via SNMP, How it works…
  • Snort
    • reference / Managing your Snort rules
  • Snort ID (SID) / How it works…
  • Snort IDS
    • installing / Installing a Snort IDS, How it works…
    • WAN Interface / WAN Interface
    • LAN interface / LAN interface
    • dedicated interface / Dedicated interface
  • Snort logging
    • managing / Managing Snort logging, How to do it...
    • fast logging, enabling / Enable fast logging
    • Tcpdump logging, enabling / Enabling Tcpdump logging
    • other logging options / Other logging options
  • Snort rules
    • managing / Managing your Snort rules, How it works…
  • spam
    • blocking, with greylisting / Blocking spam with Greylisting, How it works…
    • filtering, with SpamAssassin / Filtering spam with SpamAssassin, How it works…
  • SpamAssassin
    • about / Filtering spam with SpamAssassin
    • spam, filtering with / Filtering spam with SpamAssassin, How to do it…
    • working / How it works…
  • start of authority (SOA)
    • about / How it works…
    • fields / How it works…
  • Subject Alternate Names (SAN) / How it works…
  • submission port, options
    • smtpd_tls_security_level / How it works…
    • smtpd_sasl_auth_enable / How it works…
    • smtpd_sasl_type / How it works…
    • smtpd_sasl_path / How it works…
    • smtpd_sasl_security_options / How it works…
    • smtpd_client_restrictions / How it works…
    • smtpd_recipient_restrictions / How it works…
  • Switched Port Analyzer (SPAN) / Dedicated interface
  • system
    • setting up, to talk to nameserver / Setting up your system to talk to a nameserver, How to do it…
  • systems
    • detecting on network, NMAP used / Detecting systems on your network with NMAP, How to do it…, How it works…
    • detecting, Arp-Scan used / Detecting Systems Using Arp-Scan, How to do it…, How it works…

T

  • TCP connect scan
    • starting / TCP CONNECT scan
  • TCP ports
    • scanning / Scanning TCP ports, How it works…
  • TCP SYN scan
    • starting / TCP SYN scan
  • Trunk
    • about / How it works...

U

  • Ubuntu stock, Snort logging
    • unified2 / Ubuntu stock
    • filename snort.log / Ubuntu stock
    • limit 128 / Ubuntu stock
    • nostamp / Ubuntu stock
    • mpls_event_types / Ubuntu stock
    • vlan_event_types / Ubuntu stock
  • UDP ports
    • scanning / Scanning UDP ports, How it works…
  • Unsolicited Commercial E-mail (UCE) / Blocking spam with Greylisting
  • User Chat (MUC) rooms / Configuring your account
  • users, Nagios
    • adding / Adding Nagios users, How to do it…
    • authentication / How it works…
    • authorization / How it works…

V

  • VLAN tagging
    • about / Adding VLAN Tagging, How to do it...

W

  • Web Application Firewall (WAF) / Securing your web applications using mod_security
  • web applications
    • securing, mod_security used / Securing your web applications using mod_security, How to do it…
  • WebDAV
    • about / Configuring WebDAV through Apache
    • configuring, through Apache / Configuring WebDAV through Apache, How it works…
    • write access, granting / Granting write access
  • Windows Security IDs (SID) / How it works…
  • worker MPM
    • scaling, improving with / Improving scaling with the Worker MPM, How to do it…, How it works…

X

  • XMPP
    • about / Introduction