Book Image

Mastering Linux Network Administration

By : Jay LaCroix
Book Image

Mastering Linux Network Administration

By: Jay LaCroix

Overview of this book

Linux is everywhere. Whether you run a home office, a small business, or manage enterprise systems, Linux can empower your network to perform at its very best. Armed with the advanced tools and best practice guidance of this practical guide, you'll be able to mold Linux networks to your will, empowering your systems and their users to take advantage of all that Linux-based networks have to offer. Understand how Linux networks function and get to grips with essential tips and tricks to manage them - whether you're already managing a networks, or even just starting out. With Debian and CentOS as its source, this book will divulge all the details you need to manage a real Linux-based network. With detailed activities and instructions based on real-world scenarios, this book will be your guide to the exciting world of Linux networking.

Related Content you might be interested in

Current Title:

Small book image
Mastering Linux Network Administration
Jay LaCroix
Nov, 2015 | 260 pages
No titles found
Table of Contents (17 chapters)
Mastering Linux Network Administration
Mastering Linux Network Administration
Credits
Credits
About the Author
About the Author
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Setting up Your Environment
Setting up Your Environment
Getting started
Distributions to consider
Physical machines versus virtual machines
Setting up and configuring VirtualBox
Acquiring and installing Debian 8
Acquiring and installing CentOS 7
Summary
2
Revisiting Linux Network Basics
Revisiting Linux Network Basics
Understanding the TCP/IP protocol suite
Naming the network device
Understanding Linux hostname resolution
Understanding the net-tools and iproute2 suites
Manually managing network interfaces
Managing connections with Network Manager
Summary
3
Communicating Between Nodes via SSH
Communicating Between Nodes via SSH
Using OpenSSH
Installing and configuring OpenSSH
The OpenSSH config file
Understanding and utilizing scp
Generating public keys
Keeping SSH connections alive
Exploring an alternative to SSH – utilizing Mosh (mobile shell)
Summary
4
Setting up a File Server
Setting up a File Server
File server considerations
NFS v3 versus NFS v4
Learning the basics of Samba
Mounting network shares
Automatically mounting network shares via fstab and systemd
Creating networked filesystems with SSHFS
Summary
5
Monitoring System Resources
Monitoring System Resources
Inspecting and managing processes
Understanding load average
Checking available memory
Using shell-based resource monitors
Scanning used storage
Introduction to logging
Maintaining log size with logrotate
Understanding the systemd init system
Understanding the systemd journal
Summary
6
Configuring Network Services
Configuring Network Services
Planning your IP address layout
Installing and configuring a DHCP server
Installing and configuring a DNS server
Setting up an internal NTP server
Summary
7
Hosting HTTP Content via Apache
Hosting HTTP Content via Apache
Installing Apache
Configuring Apache
Adding modules
Setting up virtual hosts
Summary
8
Understanding Advanced Networking Concepts
Understanding Advanced Networking Concepts
Dividing your network into subnets
Understanding the CIDR notation
Implementing Quality of Service
Routing TCP/IP traffic
Creating redundant DHCP and DNS servers
Summary
9
Securing Your Network
Securing Your Network
Limiting the attack surface
Securing OpenSSH
Configuring the iptables firewall
Protecting system services with fail2ban
Understanding SELinux
Configuring Apache to utilize SSL
Deploying security updates
Summary
10
Troubleshooting Network Issues
Troubleshooting Network Issues
Tracing routing issues
Troubleshooting DHCP issues
Troubleshooting DNS issues
Displaying connection statistics with netstat
Scanning your network with Nmap and Zenmap
Installing missing firmware on Debian systems
Troubleshooting issues with Network Manager
Summary
Index
Index

Limiting the attack surface

The most important rule of network security is limiting your attack surface. In a nutshell, this means that the less software you have installed and/or the less services you have running, the less it can be used against you. If that wasn't bad enough, in some cases an unpatched flaw in server software could allow a miscreant to use your server to attack someone else. By limiting the number of packages in use on your system, you're lowering the possibility of something bad happening.

This sounds simple enough, and it is, but it's important to keep in mind that this isn't just a matter of installing only what you need. Many Linux distributions ship with software that you may never need to use. This isn't just true for servers either. Even your end-user workstations could have unnecessary services running that would be a treasure trove for an attacker to use. One common example of this is having a Mail Transfer Agent (MTA) running on your system. It's surprising that...

Previous Section
End of Section 2
Next Section