Book Image

Mastering Linux Network Administration

By : Jay LaCroix
Book Image

Mastering Linux Network Administration

By: Jay LaCroix

Overview of this book

Linux is everywhere. Whether you run a home office, a small business, or manage enterprise systems, Linux can empower your network to perform at its very best. Armed with the advanced tools and best practice guidance of this practical guide, you'll be able to mold Linux networks to your will, empowering your systems and their users to take advantage of all that Linux-based networks have to offer. Understand how Linux networks function and get to grips with essential tips and tricks to manage them - whether you're already managing a networks, or even just starting out. With Debian and CentOS as its source, this book will divulge all the details you need to manage a real Linux-based network. With detailed activities and instructions based on real-world scenarios, this book will be your guide to the exciting world of Linux networking.

Related Content you might be interested in

Current Title:

Small book image
Mastering Linux Network Administration
Jay LaCroix
Nov, 2015 | 260 pages
No titles found
Table of Contents (17 chapters)
Mastering Linux Network Administration
Mastering Linux Network Administration
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Setting up Your Environment
Setting up Your Environment
Getting started
Distributions to consider
Physical machines versus virtual machines
Setting up and configuring VirtualBox
Acquiring and installing Debian 8
Acquiring and installing CentOS 7
Summary
2
Revisiting Linux Network Basics
Revisiting Linux Network Basics
Understanding the TCP/IP protocol suite
Naming the network device
Understanding Linux hostname resolution
Understanding the net-tools and iproute2 suites
Manually managing network interfaces
Managing connections with Network Manager
Summary
3
Communicating Between Nodes via SSH
Communicating Between Nodes via SSH
Using OpenSSH
Installing and configuring OpenSSH
The OpenSSH config file
Understanding and utilizing scp
Generating public keys
Keeping SSH connections alive
Exploring an alternative to SSH – utilizing Mosh (mobile shell)
Summary
4
Setting up a File Server
Setting up a File Server
File server considerations
NFS v3 versus NFS v4
Learning the basics of Samba
Mounting network shares
Automatically mounting network shares via fstab and systemd
Creating networked filesystems with SSHFS
Summary
5
Monitoring System Resources
Monitoring System Resources
Inspecting and managing processes
Understanding load average
Checking available memory
Using shell-based resource monitors
Scanning used storage
Introduction to logging
Maintaining log size with logrotate
Understanding the systemd init system
Understanding the systemd journal
Summary
6
Configuring Network Services
Configuring Network Services
Planning your IP address layout
Installing and configuring a DHCP server
Installing and configuring a DNS server
Setting up an internal NTP server
Summary
7
Hosting HTTP Content via Apache
Hosting HTTP Content via Apache
Installing Apache
Configuring Apache
Adding modules
Setting up virtual hosts
Summary
8
Understanding Advanced Networking Concepts
Understanding Advanced Networking Concepts
Dividing your network into subnets
Understanding the CIDR notation
Implementing Quality of Service
Routing TCP/IP traffic
Creating redundant DHCP and DNS servers
Summary
9
Securing Your Network
Securing Your Network
Limiting the attack surface
Securing OpenSSH
Configuring the iptables firewall
Protecting system services with fail2ban
Understanding SELinux
Configuring Apache to utilize SSL
Deploying security updates
Summary
10
Troubleshooting Network Issues
Troubleshooting Network Issues
Tracing routing issues
Troubleshooting DHCP issues
Troubleshooting DNS issues
Displaying connection statistics with netstat
Scanning your network with Nmap and Zenmap
Installing missing firmware on Debian systems
Troubleshooting issues with Network Manager
Summary
Index
Index

Securing OpenSSH

OpenSSH is a wonderful tool; it's the Linux administrator's best friend. It saves you the trouble of having to walk into the server room and attach a monitor and keyboard in order to perform work on your network. Using any computer connected to the same network, you can pretty much do anything you want to as if you were standing right in front of the machine. The problem is that an unsecured SSH implementation gives miscreants the exact same luxury. Of all the things running on your network, SSH is definitely the one you want to give some major attention to.

The first and most common security tweak for SSH is to use only Version 2 of the protocol. To determine which version your Linux installation is using, grep the /etc/ssh/sshd_config file:

cat /etc/ssh/sshd_config |grep Protocol

If the answer is 1, you should edit this file and change the line that reads Protocol 1 to Protocol 2, and restart SSH. The reason this is important is because Protocol 1 has considerably weaker...

Previous Section
End of Section 3
Next Section