Book Image

Linux for Networking Professionals

By : Rob VandenBrink

1 (1)

Book Image

Linux for Networking Professionals

1 (1)

By: Rob VandenBrink

Overview of this book

As Linux continues to gain prominence, there has been a rise in network services being deployed on Linux for cost and flexibility reasons. If you are a networking professional or an infrastructure engineer involved with networks, extensive knowledge of Linux networking is a must. This book will guide you in building a strong foundation of Linux networking concepts. The book begins by covering various major distributions, how to pick the right distro, and basic Linux network configurations. You'll then move on to Linux network diagnostics, setting up a Linux firewall, and using Linux as a host for network services. You'll discover a wide range of network services, why they're important, and how to configure them in an enterprise environment. Finally, as you work with the example builds in this Linux book, you'll learn to configure various services to defend against common attacks. As you advance to the final chapters, you’ll be well on your way towards building the underpinnings for an all-Linux datacenter. By the end of this book, you'll be able to not only configure common Linux network services confidently, but also use tried-and-tested methodologies for future Linux installations.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Download the example code files

Conventions used

Share Your Thoughts

Section 1: Linux Basics

Section 1: Linux Basics

Free Chapter

Chapter 1: Welcome to the Linux Family

Chapter 1: Welcome to the Linux Family

Why Linux is a good fit for a networking team

Mainstream data center Linux

Specialty Linux distributions

Picking a Linux distribution for your organization

Further reading

Chapter 2: Basic Linux Network Configuration and Operations – Working with Local Interfaces

Chapter 2: Basic Linux Network Configuration and Operations – Working with Local Interfaces

Technical requirements

Working with your network settings – two sets of commands

Displaying interface IP information

IPv4 addresses and subnet masks

Assigning an IP address to an interface

Further reading

Section 2: Linux as a Network Node and Troubleshooting Platform

Section 2: Linux as a Network Node and Troubleshooting Platform

Chapter 3: Using Linux and Linux Tools for Network Diagnostics

Chapter 3: Using Linux and Linux Tools for Network Diagnostics

Technical requirements

Network basics – the OSI model

Layer 2 – relating IP and MAC addresses using ARP

Layer 4 – how TCP and UDP ports work

Local port enumeration – what am I connected to? What am I listening for?

Remote port enumeration using native tools

Remote port and service enumeration – nmap

Wireless diagnostic operations

Further reading

Chapter 4: The Linux Firewall

Chapter 4: The Linux Firewall

Technical requirements

Configuring iptables

Configuring nftables

Further reading

Chapter 5: Linux Security Standards with Real-Life Examples

Chapter 5: Linux Security Standards with Real-Life Examples

Technical requirements

Why do I need to secure my Linux hosts?

Cloud-specific security considerations

Commonly encountered industry-specific security standards

The Center for Internet Security critical controls

The Center for Internet Security benchmarks

SELinux and AppArmor

Further reading

Section 3: Linux Network Services

Section 3: Linux Network Services

Chapter 6: DNS Services on Linux

Chapter 6: DNS Services on Linux

Technical requirements

Two main DNS server implementations

Common DNS implementations

DNS troubleshooting and reconnaissance

Further reading

Chapter 7: DHCP Services on Linux

Chapter 7: DHCP Services on Linux

How does DHCP work?

Securing your DHCP services

Installing and configuring a DHCP server

Further reading

Chapter 8: Certificate Services on Linux

Chapter 8: Certificate Services on Linux

Technical requirements

What are certificates?

Acquiring a certificate

Using a certificate – web server example

Building a private Certificate Authority

Securing your Certificate Authority infrastructure

Certificate Transparency

Certificate automation and the ACME protocol

OpenSSL cheat sheet

Further reading

Chapter 9: RADIUS Services for Linux

Chapter 9: RADIUS Services for Linux

Technical requirements

RADIUS basics – what is RADIUS and how does it work?

Implementing RADIUS with local Linux authentication

RADIUS with LDAP/LDAPS backend authentication

Unlang – the unlanguage

RADIUS use-case scenarios

Using Google Authenticator for MFA with RADIUS

Further reading

Chapter 10: Load Balancer Services for Linux

Chapter 10: Load Balancer Services for Linux

Technical requirements

Introduction to load balancing

Load balancing algorithms

Server and service health checks

Datacenter load balancer design considerations

Building a HAProxy NAT/proxy load balancer

A final note on load balancer security

Further reading

Chapter 11: Packet Capture and Analysis in Linux

Chapter 11: Packet Capture and Analysis in Linux

Technical requirements

Introduction to packet capturing – the right places to look

Performance considerations when capturing

Capturing tools

Filtering captured traffic

Troubleshooting an application – capturing a VoIP telephone call

Further reading

Chapter 12: Network Monitoring Using Linux

Chapter 12: Network Monitoring Using Linux

Technical requirements

Logging using Syslog

The Dshield project

Collecting NetFlow data on Linux

Further reading

Chapter 13: Intrusion Prevention Systems on Linux

Chapter 13: Intrusion Prevention Systems on Linux

Technical requirements

What is an IPS?

Architecture options – where does an IPS fit in your data center?

IPS evasion techniques

Classic/network-based IPS solutions – Snort and Suricata

Suricata IPS example

Constructing an IPS rule

Passive traffic monitoring

Zeek example – collecting network metadata

Further reading

Chapter 14: Honeypot Services on Linux

Chapter 14: Honeypot Services on Linux

Technical requirements

Honeypot overview – what is a honeypot, and why do I want one?

Deployment scenarios and architecture – where do I put a honeypot?

Risks of deploying honeypots

Example honeypots

Distributed/community honeypot – the Internet Storm Center's DShield Honeypot Project

Further reading

Assessments

Chapter 2 – Basic Linux Network Configuration and Operations – Working with Local Interfaces

Chapter 3 – Using Linux and Linux Tools for Network Diagnostics

Chapter 4 – The Linux Firewall

Chapter 5 – Linux Security Standards with Real-Life Examples

Chapter 6 – DNS Services on Linux

Chapter 7 – DHCP Services on Linux

Chapter 8 – Certificate Services on Linux

Chapter 9 – RADIUS Services for Linux

Chapter 10 – Load Balancer Services for Linux

Chapter 11 – Packet Capture and Analysis in Linux

Chapter 12 – Network Monitoring Using Linux

Chapter 13 – Intrusion Prevention Systems on Linux

Chapter 14 – Honeypot Services on Linux

Other Books You May Enjoy

Other Books You May Enjoy

Packt is searching for authors like you

Share Your Thoughts

Customer Reviews

1 (1)

5 star

0

4 star

0

3 star

0

2 star

0

1 star

100%

Chapter 12 – Network Monitoring Using Linux

Write access for SNMP allows you to monitor (read) device or host parameters, as well as set (write) those same parameters. So, with read-write access, you could change the interface speed or duplex, reboot or shut down a device, or download a configuration. There is a nmap script that makes such a configuration download simple: snmp-ios-config.nse.
Syslog is most often sent in clear text over 514/udp. There is an option to encrypt this traffic using IPSEC, but it is not widely implemented. The risks are that sensitive information is sent using syslog, and as it's clear text, anyone in a position to read it can either collect that information for later use or modify it as it is sent.
For instance, it's fairly common to have an administrator put their password in the userid field, which means that the password is possibly compromised at that point. The next step that person usually takes is to try again, correctly...