Book Image

Linux for Networking Professionals

By : Rob VandenBrink
1 (1)
Book Image

Linux for Networking Professionals

1 (1)
By: Rob VandenBrink

Overview of this book

As Linux continues to gain prominence, there has been a rise in network services being deployed on Linux for cost and flexibility reasons. If you are a networking professional or an infrastructure engineer involved with networks, extensive knowledge of Linux networking is a must. This book will guide you in building a strong foundation of Linux networking concepts. The book begins by covering various major distributions, how to pick the right distro, and basic Linux network configurations. You'll then move on to Linux network diagnostics, setting up a Linux firewall, and using Linux as a host for network services. You'll discover a wide range of network services, why they're important, and how to configure them in an enterprise environment. Finally, as you work with the example builds in this Linux book, you'll learn to configure various services to defend against common attacks. As you advance to the final chapters, you’ll be well on your way towards building the underpinnings for an all-Linux datacenter. By the end of this book, you'll be able to not only configure common Linux network services confidently, but also use tried-and-tested methodologies for future Linux installations.

Related Content you might be interested in

Current Title:

Small book image
Linux for Networking Professionals
Rob VandenBrink
Nov, 2021 | 528 pages
Small book image
Linux Administration Cookbook
Adam K Dean
Dec, 2018 | 826 pages
Small book image
CompTIA Linux+ Certification Guide
Philip Inshanally
Sep, 2018 | 590 pages
Small book image
Linux for System Administrators
Viorel Rudareanu | Daniil Baturin
Sep, 2023 | 294 pages
Table of Contents (20 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Download the example code files
Conventions used
Get in touch
Share Your Thoughts
1
Section 1: Linux Basics
Section 1: Linux Basics
Free Chapter
2
Chapter 1: Welcome to the Linux Family
Chapter 1: Welcome to the Linux Family
Why Linux is a good fit for a networking team
Mainstream data center Linux
Specialty Linux distributions
Virtualization
Picking a Linux distribution for your organization
Summary
Further reading
3
Chapter 2: Basic Linux Network Configuration and Operations – Working with Local Interfaces
Chapter 2: Basic Linux Network Configuration and Operations – Working with Local Interfaces
Technical requirements
Working with your network settings – two sets of commands
Displaying interface IP information
IPv4 addresses and subnet masks
Assigning an IP address to an interface
Summary
Questions
Further reading
4
Section 2: Linux as a Network Node and Troubleshooting Platform
Section 2: Linux as a Network Node and Troubleshooting Platform
5
Chapter 3: Using Linux and Linux Tools for Network Diagnostics
Chapter 3: Using Linux and Linux Tools for Network Diagnostics
Technical requirements
Network basics – the OSI model
Layer 2 – relating IP and MAC addresses using ARP
Layer 4 – how TCP and UDP ports work
Local port enumeration – what am I connected to? What am I listening for?
Remote port enumeration using native tools
Remote port and service enumeration – nmap
Wireless diagnostic operations
Summary
Questions
Further reading
6
Chapter 4: The Linux Firewall
Chapter 4: The Linux Firewall
Technical requirements
Configuring iptables
Configuring nftables
Summary
Questions
Further reading
7
Chapter 5: Linux Security Standards with Real-Life Examples
Chapter 5: Linux Security Standards with Real-Life Examples
Technical requirements
Why do I need to secure my Linux hosts?
Cloud-specific security considerations
Commonly encountered industry-specific security standards
The Center for Internet Security critical controls
The Center for Internet Security benchmarks
SELinux and AppArmor
Summary
Questions
Further reading
8
Section 3: Linux Network Services
Section 3: Linux Network Services
9
Chapter 6: DNS Services on Linux
Chapter 6: DNS Services on Linux
Technical requirements
What is DNS?
Two main DNS server implementations
Common DNS implementations
DNS troubleshooting and reconnaissance
DoH
DoT
Summary
Questions
Further reading
10
Chapter 7: DHCP Services on Linux
Chapter 7: DHCP Services on Linux
How does DHCP work?
Securing your DHCP services
Installing and configuring a DHCP server
Summary
Questions
Further reading
11
Chapter 8: Certificate Services on Linux
Chapter 8: Certificate Services on Linux
Technical requirements
What are certificates?
Acquiring a certificate
Using a certificate – web server example
Building a private Certificate Authority
Securing your Certificate Authority infrastructure
Certificate Transparency
Certificate automation and the ACME protocol
OpenSSL cheat sheet
Summary
Questions
Further reading
12
Chapter 9: RADIUS Services for Linux
Chapter 9: RADIUS Services for Linux
Technical requirements
RADIUS basics – what is RADIUS and how does it work?
Implementing RADIUS with local Linux authentication
RADIUS with LDAP/LDAPS backend authentication
Unlang – the unlanguage
RADIUS use-case scenarios
Using Google Authenticator for MFA with RADIUS
Summary
Questions
Further reading
13
Chapter 10: Load Balancer Services for Linux
Chapter 10: Load Balancer Services for Linux
Technical requirements
Introduction to load balancing
Load balancing algorithms
Server and service health checks
Datacenter load balancer design considerations
Building a HAProxy NAT/proxy load balancer
A final note on load balancer security
Summary
Questions
Further reading
14
Chapter 11: Packet Capture and Analysis in Linux
Chapter 11: Packet Capture and Analysis in Linux
Technical requirements
Introduction to packet capturing – the right places to look
Performance considerations when capturing
Capturing tools
Filtering captured traffic
Troubleshooting an application – capturing a VoIP telephone call
Summary
Questions
Further reading
15
Chapter 12: Network Monitoring Using Linux
Chapter 12: Network Monitoring Using Linux
Technical requirements
Logging using Syslog
The Dshield project
Collecting NetFlow data on Linux
Summary
Questions
Further reading
16
Chapter 13: Intrusion Prevention Systems on Linux
Chapter 13: Intrusion Prevention Systems on Linux
Technical requirements
What is an IPS?
Architecture options – where does an IPS fit in your data center?
IPS evasion techniques
Classic/network-based IPS solutions – Snort and Suricata
Suricata IPS example
Constructing an IPS rule
Passive traffic monitoring
Zeek example – collecting network metadata
Summary
Questions
Further reading
17
Chapter 14: Honeypot Services on Linux
Chapter 14: Honeypot Services on Linux
Technical requirements
Honeypot overview – what is a honeypot, and why do I want one?
Deployment scenarios and architecture – where do I put a honeypot?
Risks of deploying honeypots
Example honeypots
Distributed/community honeypot – the Internet Storm Center's DShield Honeypot Project
Summary
Questions
Further reading
18
Assessments
Assessments
Chapter 2 – Basic Linux Network Configuration and Operations – Working with Local Interfaces
Chapter 3 – Using Linux and Linux Tools for Network Diagnostics
Chapter 4 – The Linux Firewall
Chapter 5 – Linux Security Standards with Real-Life Examples
Chapter 6 – DNS Services on Linux
Chapter 7 – DHCP Services on Linux
Chapter 8 – Certificate Services on Linux
Chapter 9 – RADIUS Services for Linux
Chapter 10 – Load Balancer Services for Linux
Chapter 11 – Packet Capture and Analysis in Linux
Chapter 12 – Network Monitoring Using Linux
Chapter 13 – Intrusion Prevention Systems on Linux
Chapter 14 – Honeypot Services on Linux
Why subscribe?
19
Other Books You May Enjoy
Other Books You May Enjoy
Packt is searching for authors like you
Share Your Thoughts

Mainstream data center Linux

As we've discussed, Linux is not a monolithic "thing," but rather a varied or even splintered ecosystem of different distributions. Each Linux distribution is based on the same GNU/Linux kernel, but they are packaged into groups with different goals and philosophies, making for a wide variety of choices when an organization wants to start standardizing on their server and workstation platforms.

The main distributions that we commonly see in modern data centers are Red Hat, SUSE, and Ubuntu, with FreeBSD Unix being another alternative (albeit much less popular now than in the past). This is not to say that other distributions don't crop up on desktops or data centers, but these are the ones you'll see most often. These all have both desktop and server versions – the server versions often being more "stripped down," with their office productivity, media tools, and, often, the GUI removed.

Red Hat

Red Hat has recently been acquired by IBM (in 2019), but still maintains Fedora as one of its main projects. Fedora has both server and desktop versions, and remains freely available. The commercial version of Fedora is Red Hat Enterprise Linux (RHEL). RHEL is commercially licensed and has a formal support channel.

CentOS started as a free, community-supported version of Linux that was functionally compatible with the Red Hat Enterprise version. This made it very popular for server implementations in many organizations. In January 2014, Red Hat pulled CentOS into its fold, becoming a formal sponsor of the distro. In late 2020, it was announced that CentOS would no longer be maintained as a RHEL-compatible distribution but would rather "fit" somewhere between Fedora and RHEL – not so new as to be "bleeding edge," but not as stable as RHEL either. As part of this change, CentOS was renamed CentOS Stream.

Finally, Fedora is the distro that has the latest features and code, where new features get tried and tested. The CentOS Stream distro is more stable but is still "upstream" of RHEL. RHEL is a stable, fully tested operating system with formal support offerings.

Oracle/Scientific Linux

Oracle/Scientific Linux is also seen in many data centers (and in Oracle's cloud offerings). Oracle Linux is based on Red Hat, and they advertise their product as being fully compatible with RHEL. Oracle Linux is free to download and use, but support from Oracle is subscription-based.

SUSE

OpenSUSE is the community distribution that SUSE Linux is based on, similar to how RedHat Enterprise Linux is based on Fedora.

SUSE Linux Enterprise Server (commonly called SLES) was, in the early days of Linux, the mainly European competitor for the US-based Red Hat distribution. Those days are in the past, however, and SUSE Linux is (almost) as likely to be found in Indiana as it is in Italy in modern data centers.

Similar to the relationship between RedHat and CentOS, SUSE maintains both a desktop and a server version. In addition, they also maintain a "high-performance" version of the OS, which comes with optimizations and tools pre-installed for parallel computing. OpenSUSE occupies an "upstream" position to SLES, where changes can be introduced in a distro that is somewhat more "forgiving" to changes that might not always work out the first time. The OpenSUSE Tumbleweed distro has the newest features and versions, where as OpenSUSE Leap is closer in versioning and stability to the SLE versions of the operating system. It is no accident that this model is similar to the RedHat family of distros.

Ubuntu

Ubuntu Linux is maintained by Canonical and is free to download, with no separate commercial or "upstream" options. It is based on Debian and has a unique release cycle. New versions of both the server and desktop versions are released every 6 months. A Long-Term Support (LTS) version is released every 2 years, with support for LTS versions of both the server and desktop running for 5 years from the release date. As with the other larger players, support is subscription-based, though free support from the community is a viable option as well.

As you would expect, the server version of Ubuntu is focused more on the core OS, network, and data center services. The GUI is often de-selected during the installation of the server version. The desktop version, however, has several packages installed for office productivity, media creation, and conversion, as well as some simple games.

BSD/FreeBSD/OpenBSD

As we mentioned previously, the BSD "tree" of the family is derived from Unix rather than from the Linux kernel, but there is lots of shared code, especially once you look at the packages that aren't part of the kernel.

FreeBSD and OpenBSD were historically viewed as "more secure" than the earlier versions of Linux. Because of this, many firewalls and network appliances were built based on the BSD OS family, and remain on this OS to this day. One of the more "visible" BSD variants is Apple's commercial operating system OS X (now macOS). This is based on Darwin, which is, in turn, a fork of BSD.

As time marched on, however, Linux has grown to have most of the same security capabilities as BSD, until BSD perhaps had the more secure default setting than most Linux alternatives.

Linux now has security modules available that significantly increase its security posture. SELinux and AppArmor are the two main options that are available. SELinux grew out of the Red Hat distros and is fully implemented for SUSE, Debian, and Ubuntu as well. AppArmor is typically viewed as a simpler-to-implement option, with many (but not all) of the same features. AppArmor is available on Ubuntu, SUSE, and most other distros (with the notable exception of RHEL). Both options take a policy-based approach to significantly increase the overall security posture of the OS they are installed on.

With the evolution of Linux to be more security focused, in particular with SELinux or AppArmor available (and recommended) for most modern Linux distributions, the "more secure" argument of BSD versus Linux is now mainly a historic perception rather than fact.

Previous Section
End of Section 3
Next Section