You are previewing Linux Networking Cookbook.
O'Reilly logo
Linux Networking Cookbook

Book Description

Over 40 recipes to help you set up and configure Linux networks

About This Book

  • Move beyond the basics of how a Linux machine works and gain a better understanding of Linux networks and their configuration

  • Impress your peers by setting up and configuring a Linux server and its various network elements like a pro

  • This is a hands-on solution guide to building, maintaining, and securing a network using Linux

  • Who This Book Is For

    This book is targeted at Linux systems administrators who have a good basic understanding and some prior experience of how a Linux machine operates, but want to better understand how various network services function, how to set them up, and how to secure them. You should be familiar with how to set up a Linux server and how to install additional software on them.

    What You Will Learn

  • Route an IPv6 netblock to your local network

  • Modify your named instance to support setting hostnames for your IPv6 addresses

  • Use SSH for remote console access

  • Configure NGINX with TLS

  • Secure XMPP with TLS

  • Leverage iptables6 to firewall your IPv6 traffic

  • Configure Samba as an Active Directory compatible directory service

  • In Detail

    Linux can be configured as a networked workstation, a DNS server, a mail server, a firewall, a gateway router, and many other things. These are all part of administration tasks, hence network administration is one of the main tasks of Linux system administration. By knowing how to configure system network interfaces in a reliable and optimal manner, Linux administrators can deploy and configure several network services including file, web, mail, and servers while working in large enterprise environments.

    Starting with a simple Linux router that passes traffic between two private networks, you will see how to enable NAT on the router in order to allow Internet access from the network, and will also enable DHCP on the network to ease configuration of client systems. You will then move on to configuring your own DNS server on your local network using bind9 and tying it into your DHCP server to allow automatic configuration of local hostnames. You will then future enable your network by setting up IPv6 via tunnel providers.

    Moving on, we’ll configure Samba to centralize authentication for your network services; we will also configure Linux client to leverage it for authentication, and set up a RADIUS server that uses the directory server for authentication.

    Toward the end, you will have a network with a number of services running on it, and will implement monitoring in order to detect problems as they occur.

    Style and approach

    This book is packed with practical recipes and a task-based approach that will walk you through building, maintaining, and securing a computer network using Linux.

    Downloading the example code for this book. You can download the example code files for all Packt books you have purchased from your account at http://www.PacktPub.com. If you purchased this book elsewhere, you can visit http://www.PacktPub.com/support and register to have the code file.

    Table of Contents

    1. Linux Networking Cookbook
      1. Table of Contents
      2. Linux Networking Cookbook
      3. Credits
      4. About the Author
      5. About the Reviewer
      6. www.PacktPub.com
        1. eBooks, discount offers, and more
          1. Why Subscribe?
      7. Preface
        1. What this book covers
        2. What you need for this book
        3. Who this book is for
        4. Conventions
        5. Reader feedback
        6. Customer support
          1. Errata
          2. Piracy
          3. Questions
      8. 1. Configuring a Router
        1. Introduction
        2. Setting up the physical network
          1. How to do it…
          2. How it works…
        3. Configuring IPv4
          1. How to do it…
          2. How it works…
        4. Configuring IPv4 permanently
          1. How to do it…
          2. How it works…
        5. Connecting two networks
          1. How to do it…
          2. How it works…
        6. Enabling NAT to the outside
          1. How to do it…
          2. How it works…
        7. Setting up DHCP
          1. How to do it…
          2. How it works…
        8. Setting up a firewall with IPtables
          1. How to do it…
          2. How it works…
        9. Setting up port forwarding
          1. How to do it…
          2. How it works…
        10. Adding VLAN Tagging
          1. How to do it...
          2. How it works...
      9. 2. Configuring DNS
        1. Introduction
        2. Setting up your system to talk to a nameserver
          1. How to do it…
          2. How it works…
        3. Setting up a local recursive resolver
          1. How to do it…
          2. How it works…
          3. There's more…
        4. Configuring dynamic DNS on your local network
          1. How to do it…
          2. How it works…
        5. Setting up a nameserver for your public domain
          1. How to do it...
          2. How it works…
        6. Setting up a slave nameserver
          1. How to do it…
          2. How it works…
      10. 3. Configuring IPv6
        1. Introduction
        2. Setting up an IPv6 tunnel via Hurricane Electric
          1. How to do it…
          2. How it works…
        3. Using ip6tables to firewall your IPv6 traffic
          1. How to do it…
          2. How it works…
        4. Route an IPv6 netblock to your local network
          1. How to do it...
          2. How it works…
      11. 4. Remote Access
        1. Introduction
        2. Installing OpenSSH
          1. How to do it…
          2. How it works…
        3. Using OpenSSH as a basic shell client
          1. How to do it…
          2. How it works…
        4. Using OpenSSH to forward defined ports
          1. How to do it…
          2. How it works…
        5. Using OpenSSH as a SOCKS proxy
          1. How to do it…
          2. How it works…
        6. Using OpenVPN
          1. How to do it…
          2. How it works...
      12. 5. Web Servers
        1. Introduction
        2. Configuring Apache with TLS
          1. How to do it…
          2. How it works…
        3. Improving scaling with the Worker MPM
          1. How to do it…
          2. How it works…
        4. Setting up PHP using an Apache module
          1. How to do it…
          2. How it works…
        5. Securing your web applications using mod_security
          1. How to do it…
          2. How it works…
        6. Configuring NGINX with TLS
          1. How to do it…
          2. How it works...
        7. Setting up PHP in NGINX with FastCGI
          1. How to do it…
          2. How it works…
      13. 6. Directory Services
        1. Introduction
        2. Configuring Samba as an Active Directory compatible directory service
          1. How to do it…
          2. How it works…
            1. Active Directory requirements
            2. Selecting a realm and domain name
            3. Using Samba-tool
            4. Bind configuration
        3. Joining a Linux box to the domain
          1. How to do it…
          2. How it works…
      14. 7. Setting up File Storage
        1. Introduction
        2. Serving files with SMB/CIFS through Samba
          1. How to do it…
          2. How it works…
        3. Granting authenticated access
          1. How to do it…
          2. How it works…
        4. Setting up an NFS server
          1. How to do it…
          2. How it works…
          3. There's more…
        5. Configuring WebDAV through Apache
          1. How to do it…
          2. How it works…
            1. Apache modules
            2. Directory directive
            3. Authnz_external configuration
            4. Directory definition
              1. Authentication/Authorization:
              2. Basic Apache directory configuration:
              3. Enable WebDAV:
            5. Granting write access
      15. 8. Setting up E-mail
        1. Introduction
        2. Configuring Postfix to send and receive e-mail
          1. How to do it…
          2. How it works…
          3. There's more…
            1. Setting up aliases
            2. Setting up a smarthost
              1. Relays without authentication
              2. Relays with Auth
        3. Setting up DNS records for e-mail delivery
          1. How to do it…
          2. How it works…
        4. Configuring IMAP
          1. How to do it...
          2. How it works…
        5. Configuring authentication for outbound e-mail
          1. How to do it…
          2. How it works…
        6. Configuring Postfix to support TLS
          1. How to do it…
          2. How it works…
        7. Blocking spam with Greylisting
          1. How to do it…
          2. How it works…
        8. Filtering spam with SpamAssassin
          1. How to do it…
          2. How it works…
      16. 9. Configuring XMPP
        1. Introduction
        2. Installing ejabberd
          1. How to do it...
          2. How it works…
            1. Configuring authentication
            2. Configuring listening ports
              1. C2S service
              2. S2S service
              3. HTTP Service
            3. Access control
            4. Modules
              1. mod_muc
              2. mod_roster
              3. mod_announce
        3. Configuring DNS for XMPP
          1. How to do it…
          2. How it works…
        4. Configuring the Pidgin client
          1. How to do it…
            1. Install pidgin
            2. Configuring your account
          2. How it works…
      17. 10. Monitoring Your Network
        1. Introduction
        2. Installing Nagios
          1. How to do it…
          2. How it works…
        3. Adding Nagios users
          1. How to do it…
          2. How it works…
        4. Adding Nagios hosts
          1. How to do it…
          2. How it works…
        5. Monitoring services
          1. How to do it…
          2. How it works…
        6. Defining commands
          1. How to do it…
          2. How it works…
        7. Monitoring via NRPE
          1. How to do it…
          2. How it works…
            1. On the target
            2. On the Nagios host
        8. Monitoring via SNMP
          1. How to do it...
          2. How it works…
      18. 11. Mapping Your Network
        1. Introduction
        2. Detecting systems on your network with NMAP
          1. How to do it…
          2. How it works…
        3. Detecting Systems Using Arp-Scan
          1. How to do it…
          2. How it works…
        4. Scanning TCP ports
          1. How to do it…
            1. TCP CONNECT scan
            2. TCP SYN scan
          2. How it works…
        5. Scanning UDP ports
          1. How to do it…
          2. How it works…
        6. Identifying services
          1. How to do it…
          2. How it works…
        7. Identifying operating systems
          1. How to do it...
          2. How it works…
      19. 12. Watching Your Network
        1. Introduction
        2. Setting up centralized logging
          1. Input methods
          2. Output methods
          3. How to do it…
          4. How it works…
        3. Installing a Snort IDS
          1. How to do it…
          2. How it works…
            1. WAN Interface
            2. LAN interface
            3. Dedicated interface
        4. Managing your Snort rules
          1. How to do it...
          2. How it works…
        5. Managing Snort logging
          1. How to do it...
          2. How it works…
            1. Ubuntu stock
            2. Enable fast logging
            3. Enabling Tcpdump logging
            4. Other logging options
      20. Index