With an increasing number of networks and mission-critical applications running on Linux, system and network administrators must be able to do more than set up a server and rely on its default configuration. Advanced Linux Networking is designed to help you achieve a higher level of competence. It focuses on powerful techniques and features of Linux networking and provides you with the know-how you need to improve server efficiency, enhance security, and adapt to new requirements.
This book begins with a brief introduction to low-level configuration, including a guide to getting your network up and running. Part II outlines those servers and procedures most likely to be used by the computers on your local network: DHCP servers, Kerberos, Samba, time servers, and network backups, among others. Part III covers Internet servers: DNS, SMTP (sendmail, Postfix, and Exim), Apache, and FTP servers. Part IV examines network security, exploring such topics as using a chroot jail, iptables configuration, and VPNs. Wherever pertinent, the author addresses the differences between Caldera OpenLinux, Debian GNU/Linux, Mandrake, Red Hat, Slackware, SuSE, and TurboLinux.
Specific topics covered include:
Advanced Linux Networking is the single-volume tutorial and reference for Linux networking that will help you achieve expert status.
Click below for Sample Chapter(s) related to this title:
Sample Chapter 10
(NOTE: Each chapter concludes with a Summary.)
I. LOW-LEVEL CONFIGURATION.1. Kernel Network Configuration.
Starting Kernel Configuration.
Network Protocol Support.
Network Hardware Options.
Compiling and Installing a Kernel.2. TCP/IP Network Configuration.
Loading Network Drivers.
Using a DHCP Client.
Configuring a Static IP Address.
Using a PPP Link.3. Alternative Network Stacks.
Understanding Network Stacks.
NetBEUI.4. Starting Servers.
Using SysV Startup Scripts.
Using Local Startup Scripts.
Using GUI Tools.
When to Use Each Startup Method.
II. LOCAL NETWORK SERVERS.5. Configuring Other Computers via DHCP.
When to Run a DHCP Server.
Kernel and Network Interface Issues.
DHCP Configuration Files.
Assigning Dynamic Addresses.
Assigning Fixed Addresses.
Integrating with Other Protocols.6. Authenticating Users via Kerberos.
When to Run a Kerberos Server.
Understanding Kerberos Operation.
Setting Up a Kerberos Server.
Configuring a Kerberos Application Server.
Configuring a Kerberos Client.7. File and Printer Sharing via Samba.
When to Run a Samba Server.
General Samba Configuration.
Serving Files with Samba.
Serving Printers with Samba.
Samba Scripting Features.8. File Sharing via NFS.
When to Run an NFS Server.
NFS Servers Available for Linux.
Understanding the Portmapper.
Serving Files with NFS.
Username Mapping Options.9. Printer Sharing via LPD.
When to Run an LPD Server.
LPD Server Options for Linux.
Configuring a BSD LPD Server.
Configuring an LPRng Server.
Configuring a CUPS Server.10. Maintaining Consistent Time: Time Servers.
When to Run a Time Server.
Setting Up an NTP Server.
Using Samba to Serve Time.11. Pull Mail Protocols: POP and IMAP.
When to Run a Pull Mail Server.
Understanding POP and IMAP.
Configuring a POP Server.
Configuring an IMAP Server.
Using Fetchmail.12. Running a News Server.
When to Run a News Server.
Using Leafnode.13. Maintaining Remote Login Servers.
When to Run a Remote Login Server.
Configuring SSH.14. Handling GUI Access with X and VNC Servers.
When to Run a GUI Access Server.
Configuring Basic X Access.
Using an XDMCP Server.
Running a VNC Server.
A Comparison of Access Techniques.15. Providing Consistent Fonts with Font Servers.
When to Run a Font Server.
Understanding Font File Formats.
Running a Traditional Font Server.
Running an Expanded Font Server.16. Maintaining a System Remotely.
When to Run Remote System Maintenance Tools.
The Challenge of a Cross-Distribution Configuration Tool.
Running Linuxconf Remotely.
Remote Administration Security Concerns.17. Performing Network Backups.
When to Run Network Backup Servers.
Types of Network Backup Solutions.
III. INTERNET SERVERS.18. Administering a Domain via DNS.
When to Run a DNS Server.
Obtaining a Domain Name.
DNS Server Options for Linux.
Core DNS Configuration.
Domain Administration Options.
Running a Caching-Only Name Server.
Communicating with a DHCP Server.
Starting and Testing the Server.19. Push Mail Protocol: SMTP.
When to Run an SMTP Server.
SMTP Server Options for Linux.
Mail Domain Administration.
Understanding SMTP Transport.
SMTP Server Configuration Options.
Basic Sendmail Configuration.
Basic Exim Configuration.
Basic Postfix Configuration.
Using a Procmail Filter.20. Running Web Servers.
When to Run a Web Server.
Web Server Options for Linux.
Basic Apache Configuration.
Handling Forms and Scripts.
Handling Secure Sites.
Handling Virtual Domains.
Producing Something Worth Serving.
Analyzing Server Log Files.21. Running FTP Servers.
When to Run an FTP Server.
FTP Server Options for Linux.
Basic FTP Server Configuration.
Setting Up an Anonymous FTP Server.
IV. NETWORK SECURITY AND ROUTER FUNCTIONS.22. General System Security.
Shutting Down Unnecessary Servers.
Controlling Accounts and Passwords.
Keeping the System Up to Date.
Monitoring for Intrusion Attempts.
Keeping Abreast of Security Developments.23. Configuring a chroot Jail.
What Is a chroot Jail?
Necessary chroot Environment Files.
Configuring a Server to Operate in a chroot Jail.
Maintaining the chroot Environment.24. Advanced Router Options.
When to Use Advanced Router Configurations.
Advanced Kernel Options.
Using Routing Protocols.25. Configuring iptables.
What Is iptables?
Kernel Configuration for iptables.
Checking Your iptables Configuration.
Configuring a Firewall with iptables.
Configuring NAT with iptables.
Forwarding Ports with iptables.
Logging iptables Activity.26. Using a VPN.
When to Use a VPN.
VPN Options for Linux.
Configuring PPTP in Linux.
Configuring a Linux FreeS/WAN Server.
Potential Security Risks with a VPN.Index. 0201774232T05222002
Computer networks have changed our lives. They grew slowly, and mostly unnoticed, in the 1970s and 1980s. In the 1990s, though, something happened. Perhaps it was the availability of the World Wide Web (WWW, or Web) and graphical Web browsers, which made computer networks accessible to Grandma Dorothy and Uncle Stan. Maybe it was that the availability of network connections had reached a critical threshold. Perhaps the quality and quantity of network-enabled software passed a critical threshold. Possibly it was two or all three of these things, or something else entirely. In any event, networks became noticeable. Most importantly, the Internet became noticeable.
The Internet comprises millions of computers, many of which run servers—software packages designed to listen for and respond to data transfer requests from other computers. Because the protocols upon which the Internet was built were designed to work in a cross-platform manner, both Internet clients and the servers they use run on many different platforms. One of the most popular of these is Linux. Coupled with inexpensive x86 hardware, Linux makes a very cost-effective server platform for small and mid-sized sites. Indeed, with increasing computer performance and Linux versions working their way up the computer performance hierarchy, Linux is beginning to make inroads into the large server market. Thus, with Linux on everything from tiny network appliances to large servers, knowing how to set up and maintain a Linux server system is an important skill for networking professionals today.
Which servers, though? There are hundreds, if not thousands, of individual server programs. Most general-purpose Linux networking books focus upon a handful of popular servers—Web (HTTP) servers like Apache, login servers like Telnet and SSH, file servers like NFS and Samba, and a few others. These books present enough information to get a user up and running, but little more. They also give short shrift to servers that are less visible but that are often extremely important, like DHCP servers, time servers, and Kerberos. This book takes a different approach to Linux networking: I assume that you know at least a minimal amount about Linux and networking in general, and you want to take you skills to a higher level. Although this book does cover the “usual suspects,” it spends less time introducing the basics and more time describing advanced or unusual configurations. This book also covers some of the servers and topics that are neglected in most entry-level Linux networking books. The result is the closest thing possible to a book that’s both a general Linux networking book and an advanced Linux networking book.
To be sure, you won’t learn everything there is to know about complex packages like Apache or Samba in this book. The relevant chapters provide quick introductions to these tools, a summary of some popular techniques you won’t find covered in other introductory Linux networking books, and pointers to additional resources. This book’s approach is to be a general-purpose Linux networking book for people who are not novices.
This book is designed to be an advanced tutorial and reference for those with some Linux networking experience, or at least some Linux and some networking experience. The first few chapters cover low-level configuration, including such factors as getting the network up and running to begin with; but I assume you’re already familiar with Linux, or at least UNIX, and with basic networking terminology. If you’re not familiar with these things, an introductory Linux system administration book, such as Marcel Gagnè’s Linux System Administration: A User’s Guide (Addison-Wesley, 2002) or Vicki Stanfield’s and my Linux System Administration (Sybex, 2001) should help fill in the gaps.
If you want to learn a bit more about big servers like Apache or Samba but don’t want to buy dedicated books for them, or if you want to learn about the small but potentially important servers like xntpd or xfs, then this is the book for you. This book also covers miscellaneous networking topics, like how to start and stop servers, backing up a network, running a server in a chroot jail, and using iptables. Knowing these topics will help fill out your networking knowledge base and make you better able to adapt to new requirements and generally improve the networks you administer.
In writing this book, I imagined the audience to be administrators of small- or mid-sized networks. Your network might be dominated by Linux, UNIX, Windows, MacOS, or something even more exotic, but of course you’ve got at least one Linux system. Most chapters describe the basic principles upon which a tool is built and then describe how to use the tool. You should therefore be able to learn a lot about the tools by reading this book, but you can also use this book as a quick reference. I aim for this to be the book you would choose if you could have just one Linux networking book.
One of the challenges of administering Linux is that Linux isn’t a single OS. Instead, it’s a collection of OSs, all built around the same kernel. Each of these variant OSs is known as a distribution. A distribution consists of a Linux kernel; a distribution-specific installation program; a wide assortment of support tools, user programs, and so on; and a set of default startup and configuration scripts. Different distributions frequently use different versions of the Linux kernel and of support programs. Indeed, they sometimes ship with different programs entirely to fill particular roles, such as sendmail, Exim, or Postfix for a mail server. For these reasons, Linux distributions can vary substantially in overall feel, and in many administrative details.
Many books on Linux fail to address the variability among Linux distributions. They intentionally focus on just one distribution, or provide coverage of others in a cursory manner. One of the goals of this book, though, is to explicitly cover several of the most popular Linux distributions. Specifically, I cover Caldera OpenLinux 3.1, Debian GNU/Linux 2.2, Mandrake 8.1, Red Hat 7.2, Slackware 7.0, SuSE 7.3, and TurboLinux 7.0. To be sure, I can’t cover every detail for each of these OSs, but I point out where they differ in important ways, such as where each places network startup scripts and what FTP servers each includes. Some chapters—notably those on server startup tools, LPD print servers, SMTP mail servers, and FTP servers—cover multiple servers in order to be applicable to the default configurations for each of these seven major Linux distributions.
This book is broken down into four parts of from four to thirteen chapters. The structure represents the assumption that your network includes some servers that are used primarily by local users and others that are exposed to the Internet at large, but of course some servers can do double duty, so the placement of some servers may not reflect the configuration on your network. The book’s four parts are as follows:
I’d like to thank my editor, Karen Gettman, for her careful work shepherding this book through the production process. She was helped in this task by Emily Frey, the project coordinator, who received my chapters and generally saw that things went smoothly. No technical book can reach print without the assistance of technical experts, who help ensure that what the author writes resembles reality as closely as possible. This book’s reviewers were Karel Baloun, Amy Fong, Howard Lee Harkness, Harold Hauck, Eric H. Herrin II, David King, Rob Kolstad, Matthew Miller, Ian Redfern, and Alexy Zinin. If any errors remain after the text ran their gauntlet, those errors are, of course, my own. Even aside from his help in technical reviewing, I’d like to thank David King for many helpful discussions about Linux networking. Finally, I’d like to thank my agent, Neil Salkind at Studio B, who helped get this book off the ground, with help from Michael Slaughter at Addison-Wesley.
Click below to download the Index file related to this title: