Book Image

Mastering Linux Network Administration

By : Jay LaCroix
Book Image

Mastering Linux Network Administration

By: Jay LaCroix

Overview of this book

Linux is everywhere. Whether you run a home office, a small business, or manage enterprise systems, Linux can empower your network to perform at its very best. Armed with the advanced tools and best practice guidance of this practical guide, you'll be able to mold Linux networks to your will, empowering your systems and their users to take advantage of all that Linux-based networks have to offer. Understand how Linux networks function and get to grips with essential tips and tricks to manage them - whether you're already managing a networks, or even just starting out. With Debian and CentOS as its source, this book will divulge all the details you need to manage a real Linux-based network. With detailed activities and instructions based on real-world scenarios, this book will be your guide to the exciting world of Linux networking.

Related Content you might be interested in

Current Title:

Small book image
Mastering Linux Network Administration
Jay LaCroix
Nov, 2015 | 260 pages
No titles found
Table of Contents (17 chapters)
Mastering Linux Network Administration
Mastering Linux Network Administration
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Setting up Your Environment
Setting up Your Environment
Getting started
Distributions to consider
Physical machines versus virtual machines
Setting up and configuring VirtualBox
Acquiring and installing Debian 8
Acquiring and installing CentOS 7
Summary
2
Revisiting Linux Network Basics
Revisiting Linux Network Basics
Understanding the TCP/IP protocol suite
Naming the network device
Understanding Linux hostname resolution
Understanding the net-tools and iproute2 suites
Manually managing network interfaces
Managing connections with Network Manager
Summary
3
Communicating Between Nodes via SSH
Communicating Between Nodes via SSH
Using OpenSSH
Installing and configuring OpenSSH
The OpenSSH config file
Understanding and utilizing scp
Generating public keys
Keeping SSH connections alive
Exploring an alternative to SSH – utilizing Mosh (mobile shell)
Summary
4
Setting up a File Server
Setting up a File Server
File server considerations
NFS v3 versus NFS v4
Learning the basics of Samba
Mounting network shares
Automatically mounting network shares via fstab and systemd
Creating networked filesystems with SSHFS
Summary
5
Monitoring System Resources
Monitoring System Resources
Inspecting and managing processes
Understanding load average
Checking available memory
Using shell-based resource monitors
Scanning used storage
Introduction to logging
Maintaining log size with logrotate
Understanding the systemd init system
Understanding the systemd journal
Summary
6
Configuring Network Services
Configuring Network Services
Planning your IP address layout
Installing and configuring a DHCP server
Installing and configuring a DNS server
Setting up an internal NTP server
Summary
7
Hosting HTTP Content via Apache
Hosting HTTP Content via Apache
Installing Apache
Configuring Apache
Adding modules
Setting up virtual hosts
Summary
8
Understanding Advanced Networking Concepts
Understanding Advanced Networking Concepts
Dividing your network into subnets
Understanding the CIDR notation
Implementing Quality of Service
Routing TCP/IP traffic
Creating redundant DHCP and DNS servers
Summary
9
Securing Your Network
Securing Your Network
Limiting the attack surface
Securing OpenSSH
Configuring the iptables firewall
Protecting system services with fail2ban
Understanding SELinux
Configuring Apache to utilize SSL
Deploying security updates
Summary
10
Troubleshooting Network Issues
Troubleshooting Network Issues
Tracing routing issues
Troubleshooting DHCP issues
Troubleshooting DNS issues
Displaying connection statistics with netstat
Scanning your network with Nmap and Zenmap
Installing missing firmware on Debian systems
Troubleshooting issues with Network Manager
Summary
Index
Index

Protecting system services with fail2ban

A firewall is a great thing to have but it doesn't do much to protect services that are allowed. A firewall only goes as far as to allow or disallow access. But once access is allowed to a service, its security depends on its configuration and whether or not there are any security vulnerabilities. A service worth installing is fail2ban, which is a neat little tool that runs in the background and watches your logs for anything out of the ordinary, such as multiple failures to access a service. The most popular use of fail2ban is to protect SSH from those attempting to brute force it. In a lot of ways, fail2ban is the successor to denyhosts, which pretty much did the same thing. But fail2ban is able to protect more services than just SSH, another example being Apache.

When fail2ban sees that a source is attempting to access a service and is failing, it will set up a firewall rule on the fly to block that service from your server. To begin, install the...

Previous Section
End of Section 5
Next Section