Book Image

Linux for Networking Professionals

By : Rob VandenBrink
1 (1)
Book Image

Linux for Networking Professionals

1 (1)
By: Rob VandenBrink

Overview of this book

As Linux continues to gain prominence, there has been a rise in network services being deployed on Linux for cost and flexibility reasons. If you are a networking professional or an infrastructure engineer involved with networks, extensive knowledge of Linux networking is a must. This book will guide you in building a strong foundation of Linux networking concepts. The book begins by covering various major distributions, how to pick the right distro, and basic Linux network configurations. You'll then move on to Linux network diagnostics, setting up a Linux firewall, and using Linux as a host for network services. You'll discover a wide range of network services, why they're important, and how to configure them in an enterprise environment. Finally, as you work with the example builds in this Linux book, you'll learn to configure various services to defend against common attacks. As you advance to the final chapters, you’ll be well on your way towards building the underpinnings for an all-Linux datacenter. By the end of this book, you'll be able to not only configure common Linux network services confidently, but also use tried-and-tested methodologies for future Linux installations.
Table of Contents (20 chapters)
1
Section 1: Linux Basics
4
Section 2: Linux as a Network Node and Troubleshooting Platform
8
Section 3: Linux Network Services

Securing your DHCP services

The interesting thing about DHCP is that in almost all cases, securing the service is done on the network switches rather than on the DHCP server itself. For the most part, the DHCP server receives anonymous requests and then replies appropriately – there aren't a lot of opportunities to secure our service without adding a lot of complexity (using signatures and PKI, which we'll get to), or by maintaining a list of authorized MAC addresses (which adds a whole lot of complexity). Both of these approaches very much run counter to the whole point of having a DHCP service, which is to "automagically" do the network configuration of workstations, phones, and other network-attached devices without adding too much complexity or administrative overhead.

So how can we secure our service? Let's look at a few attack scenarios, and then add the most common defenses against them.

Rogue DHCP server

First, let's look at the...