Book description
This soup-to-nuts collection of recipes covers everything you need to know to perform your job as a Linux network administrator, whether you're new to the job or have years of experience. With Linux Networking Cookbook, you'll dive straight into the gnarly hands-on work of building and maintaining a computer network.
Running a network doesn't mean you have all the answers. Networking is a complex subject with reams of reference material that's difficult to keep straight, much less remember. If you want a book that lays out the steps for specific tasks, that clearly explains the commands and configurations, and does not tax your patience with endless ramblings and meanderings into theory and obscure RFCs, this is the book for you.
You will find recipes for:
- Building a gateway, firewall, and wireless access point on a Linux network
- Building a VoIP server with Asterisk
- Secure remote administration with SSH
- Building secure VPNs with OpenVPN, and a Linux PPTP VPN server
- Single sign-on with Samba for mixed Linux/Windows LANs
- Centralized network directory with OpenLDAP
- Network monitoring with Nagios or MRTG
- Getting acquainted with IPv6
- Setting up hands-free networks installations of new systems
- Linux system administration via serial console
Publisher resources
Table of contents
- Dedication
- A Note Regarding Supplemental Files
- Preface
- 1. Introduction to Linux Networking
-
2. Building a Linux Gateway on a Single-Board Computer
- 2.0. Introduction
- 2.1. Getting Acquainted with the Soekris 4521
- 2.2. Configuring Multiple Minicom Profiles
- 2.3. Installing Pyramid Linux on a Compact Flash Card
- 2.4. Network Installation of Pyramid on Debian
- 2.5. Network Installation of Pyramid on Fedora
- 2.6. Booting Pyramid Linux
- 2.7. Finding and Editing Pyramid Files
- 2.8. Hardening Pyramid
- 2.9. Getting and Installing the Latest Pyramid Build
- 2.10. Adding Additional Software to Pyramid Linux
- 2.11. Adding New Hardware Drivers
- 2.12. Customizing the Pyramid Kernel
- 2.13. Updating the Soekris comBIOS
-
3. Building a Linux Firewall
- 3.0. Introduction
- 3.1. Assembling a Linux Firewall Box Problem
- 3.2. Configuring Network Interface Cards on Debian
- 3.3. Configuring Network Interface Cards on Fedora
- 3.4. Identifying Which NIC Is Which
- 3.5. Building an Internet-Connection Sharing Firewall on a Dynamic WAN IP Address
- 3.6. Building an Internet-Connection Sharing Firewall on a Static WAN IP Address
- 3.7. Displaying the Status of Your Firewall
- 3.8. Turning an iptables Firewall Off
- 3.9. Starting iptables at Boot, and Manually Bringing Your Firewall Up and Down
- 3.10. Testing Your Firewall
- 3.11. Configuring the Firewall for Remote SSH Administration
- 3.12. Allowing Remote SSH Through a NAT Firewall
- 3.13. Getting Multiple SSH Host Keys Past NAT
- 3.14. Running Public Services on Private IP Addresses
- 3.15. Setting Up a Single-Host Firewall
- 3.16. Setting Up a Server Firewall
- 3.17. Configuring iptables Logging
- 3.18. Writing Egress Rules
-
4. Building a Linux Wireless Access Point
- 4.0. Introduction
- 4.1. Building a Linux Wireless Access Point
- 4.2. Bridging Wireless to Wired
- 4.3. Setting Up Name Services
- 4.4. Setting Static IP Addresses from the DHCP Server
- 4.5. Configuring Linux and Windows Static DHCP Clients
- 4.6. Adding Mail Servers to dnsmasq
- 4.7. Making WPA2-Personal Almost As Good As WPA-Enterprise
- 4.8. Enterprise Authentication with a RADIUS Server
- 4.9. Configuring Your Wireless Access Point to Use FreeRADIUS
- 4.10. Authenticating Clients to FreeRADIUS
- 4.11. Connecting to the Internet and Firewalling
- 4.12. Using Routing Instead of Bridging
- 4.13. Probing Your Wireless Interface Card
- 4.14. Changing the Pyramid Router’s Hostname
- 4.15. Turning Off Antenna Diversity
- 4.16. Managing dnsmasq’s DNS Cache
- 4.17. Managing Windows’ DNS Caches
- 4.18. Updating the Time at Boot
-
5. Building a VoIP Server with Asterisk
- 5.0. Introduction
- 5.1. Installing Asterisk from Source Code
- 5.2. Installing Asterisk on Debian
- 5.3. Starting and Stopping Asterisk
- 5.4. Testing the Asterisk Server
- 5.5. Adding Phone Extensions to Asterisk and Making Calls
- 5.6. Setting Up Softphones
- 5.7. Getting Real VoIP with Free World Dialup
- 5.8. Connecting Your Asterisk PBX to Analog Phone Lines
- 5.9. Creating a Digital Receptionist
- 5.10. Recording Custom Prompts
- 5.11. Maintaining a Message of the Day
- 5.12. Transferring Calls
- 5.13. Routing Calls to Groups of Phones
- 5.14. Parking Calls
- 5.15. Customizing Hold Music
- 5.16. Playing MP3 Sound Files on Asterisk
- 5.17. Delivering Voicemail Broadcasts
- 5.18. Conferencing with Asterisk
- 5.19. Monitoring Conferences
- 5.20. Getting SIP Traffic Through iptables NAT Firewalls
- 5.21. Getting IAX Traffic Through iptables NAT Firewalls
- 5.22. Using AsteriskNOW, “Asterisk in 30 Minutes”
- 5.23. Installing and Removing Packages on AsteriskNOW
- 5.24. Connecting Road Warriors and Remote Users
-
6. Routing with Linux
- 6.0. Introduction
- 6.1. Calculating Subnets with ipcalc
- 6.2. Setting a Default Gateway
- 6.3. Setting Up a Simple Local Router
- 6.4. Configuring Simplest Internet Connection Sharing
- 6.5. Configuring Static Routing Across Subnets
- 6.6. Making Static Routes Persistent
- 6.7. Using RIP Dynamic Routing on Debian
- 6.8. Using RIP Dynamic Routing on Fedora
- 6.9. Using Quagga’s Command Line
- 6.10. Logging In to Quagga Daemons Remotely
- 6.11. Running Quagga Daemons from the Command Line
- 6.12. Monitoring RIPD
- 6.13. Blackholing Routes with Zebra
- 6.14. Using OSPF for Simple Dynamic Routing
- 6.15. Adding a Bit of Security to RIP and OSPF
- 6.16. Monitoring OSPFD
-
7. Secure Remote Administration with SSH
- 7.0. Introduction
- 7.1. Starting and Stopping OpenSSH
- 7.2. Creating Strong Passphrases
- 7.3. Setting Up Host Keys for Simplest Authentication
- 7.4. Generating and Copying SSH Keys
- 7.5. Using Public-Key Authentication to Protect System Passwords
- 7.6. Managing Multiple Identity Keys
- 7.7. Hardening OpenSSH
- 7.8. Changing a Passphrase
- 7.9. Retrieving a Key Fingerprint
- 7.10. Checking Configuration Syntax
- 7.11. Using OpenSSH Client Configuration Files for Easier Logins
- 7.12. Tunneling X Windows Securely over SSH
- 7.13. Executing Commands Without Opening a Remote Shell
- 7.14. Using Comments to Label Keys
- 7.15. Using DenyHosts to Foil SSH Attacks
- 7.16. Creating a DenyHosts Startup File
- 7.17. Mounting Entire Remote Filesystems with sshfs
-
8. Using Cross-Platform Remote Graphical Desktops
- 8.0. Introduction
- 8.1. Connecting Linux to Windows via rdesktop
- 8.2. Generating and Managing FreeNX SSH Keys
- 8.3. Using FreeNX to Run Linux from Windows
- 8.4. Using FreeNX to Run Linux from Solaris, Mac OS X, or Linux
- 8.5. Managing FreeNX Users
- 8.6. Watching Nxclient Users from the FreeNX Server
- 8.7. Starting and Stopping the FreeNX Serve
- 8.8. Configuring a Custom Desktop
- 8.9. Creating Additional Nxclient Sessions
- 8.10. Enabling File and Printer Sharing, and Multimedia in Nxclient
- 8.11. Preventing Password-Saving in Nxclient
- 8.12. Troubleshooting FreeNX
- 8.13. Using VNC to Control Windows from Linux
- 8.14. Using VNC to Control Windows and Linux at the Same Time
- 8.15. Using VNC for Remote Linux -to-Linux Administration
- 8.16. Displaying the Same Windows Desktop to Multiple Remote Users
- 8.17. Changing the Linux VNC Server Password
- 8.18. Customizing the Remote VNC Desktop
- 8.19. Setting the Remote VNC Desktop Size
- 8.20. Connecting VNC to an Existing X Session
- 8.21. Securely Tunneling x11vnc over SSH
- 8.22. Tunneling TightVNC Between Linux and Windows
-
9. Building Secure Cross-Platform Virtual Private Networks with
OpenVPN
- 9.0. Introduction
- 9.1. Setting Up a Safe OpenVPN Test Lab
- 9.2. Starting and Testing OpenVPN
- 9.3. Testing Encryption with Static Keys
- 9.4. Connecting a Remote Linux Client Using Static Keys
- 9.5. Creating Your Own PKI for OpenVPN
- 9.6. Configuring the OpenVPN Server for Multiple Clients
- 9.7. Configuring OpenVPN to Start at Boot
- 9.8. Revoking Certificates
- 9.9. Setting Up the OpenVPN Server in Bridge Mode
- 9.10. Running OpenVPN As a Nonprivileged User
- 9.11. Connecting Windows Clients
-
10. Building a Linux PPTP VPN Server
- 10.0. Introduction
- 10.1. Installing Poptop on Debian Linux
- 10.2. Patching the Debian Kernel for MPPE Support
- 10.3. Installing Poptop on Fedora Linux
- 10.4. Patching the Fedora Kernel for MPPE Support
- 10.5. Setting Up a Standalone PPTP VPN Server
- 10.6. Adding Your Poptop Server to Active Directory
- 10.7. Connecting Linux Clients to a PPTP Server
- 10.8. Getting PPTP Through an iptables Firewall
- 10.9. Monitoring Your PPTP Server
- 10.10. Troubleshooting PPTP
-
11. Single Sign-on with Samba for Mixed Linux/Windows LANs
- 11.0. Introduction
- 11.1. Verifying That All the Pieces Are in Place
- 11.2. Compiling Samba from Source Code
- 11.3. Starting and Stopping Samba
- 11.4. Using Samba As a Primary Domain Controller
- 11.5. Migrating to a Samba Primary Domain Controller from an NT4 PDC
- 11.6. Joining Linux to an Active Directory Domain
- 11.7. Connecting Windows 95/98/ME to a Samba Domain
- 11.8. Connecting Windows NT4 to a Samba Domain
- 11.9. Connecting Windows NT/2000 to a Samba Domain
- 11.10. Connecting Windows XP to a Samba Domain
- 11.11. Connecting Linux Clients to a Samba Domain with Command-Line Programs
- 11.12. Connecting Linux Clients to a Samba Domain with Graphical Programs
-
12. Centralized Network Directory with OpenLDAP
- 12.0. Introduction
- 12.1. Installing OpenLDAP on Debian
- 12.2. Installing OpenLDAP on Fedora
- 12.3. Configuring and Testing the OpenLDAP Server
- 12.4. Creating a New Database on Fedora
- 12.5. Adding More Users to Your Directory
- 12.6. Correcting Directory Entries
- 12.7. Connecting to a Remote OpenLDAP Server
- 12.8. Finding Things in Your OpenLDAP Directory
- 12.9. Indexing Your Database
- 12.10. Managing Your Directory with Graphical Interfaces
- 12.11. Configuring the Berkeley DB
- 12.12. Configuring OpenLDAP Logging
- 12.13. Backing Up and Restoring Your Directory
- 12.14. Refining Access Controls
- 12.15. Changing Passwords
-
13. Network Monitoring with Nagios
- 13.0. Introduction
- 13.1. Installing Nagios from Sources
- 13.2. Configuring Apache for Nagios
- 13.3. Organizing Nagios’ Configuration Files Sanely
- 13.4. Configuring Nagios to Monitor Localhost
- 13.5. Configuring CGI Permissions for Full Nagios Web Access
- 13.6. Starting Nagios at Boot
- 13.7. Adding More Nagios Users
- 13.8. Speed Up Nagios with check_icmp
- 13.9. Monitoring SSHD
- 13.10. Monitoring a Web Server
- 13.11. Monitoring a Mail Server
- 13.12. Using Servicegroups to Group Related Services
- 13.13. Monitoring Name Services
- 13.14. Setting Up Secure Remote Nagios Administration with OpenSSH
- 13.15. Setting Up Secure Remote Nagios Administration with OpenSSL
-
14. Network Monitoring with MRTG
- 14.0. Introduction
- 14.1. Installing MRTG
- 14.2. Configuring SNMP on Debian
- 14.3. Configuring SNMP on Fedora
- 14.4. Configuring Your HTTP Service for MRTG
- 14.5. Configuring and Starting MRTG on Debian
- 14.6. Configuring and Starting MRTG on Fedora
- 14.7. Monitoring Active CPU Load
- 14.8. Monitoring CPU User and Idle Times
- 14.9. Monitoring Physical Memory
- 14.10. Monitoring Swap Space and Memory
- 14.11. Monitoring Disk Usage
- 14.12. Monitoring TCP Connections
- 14.13. Finding and Testing MIBs and OIDs
- 14.14. Testing Remote SNMP Queries
- 14.15. Monitoring Remote Hosts
- 14.16. Creating Multiple MRTG Index Pages
- 14.17. Running MRTG As a Daemon
-
15. Getting Acquainted with IPv6
- 15.0. Introduction
- 15.1. Testing Your Linux System for IPv6 Support
- 15.2. Pinging Link Local IPv6 Hosts
- 15.3. Setting Unique Local Unicast Addresses on Interfaces
- 15.4. Using SSH with IPv6
- 15.5. Copying Files over IPv6 with scp
- 15.6. Autoconfiguration with IPv6
- 15.7. Calculating IPv6 Addresses
- 15.8. Using IPv6 over the Internet
-
16. Setting Up Hands-Free Network Installations of New Systems
- 16.0. Introduction
- 16.1. Creating Network Installation Boot Media for Fedora Linux
- 16.2. Network Installation of Fedora Using Network Boot Media
- 16.3. Setting Up an HTTP-Based Fedora Installation Server
- 16.4. Setting Up an FTP-Based Fedora Installation Server
- 16.5. Creating a Customized Fedora Linux Installation
- 16.6. Using a Kickstart File for a Hands-off Fedora Linux Installation
- 16.7. Fedora Network Installation via PXE Netboot
- 16.8. Network Installation of a Debian System
- 16.9. Building a Complete Debian Mirror with apt-mirror
- 16.10. Building a Partial Debian Mirror with apt-proxy
- 16.11. Configuring Client PCs to Use Your Local Debian Mirror
- 16.12. Setting Up a Debian PXE Netboot Server
- 16.13. Installing New Systems from Your Local Debian Mirror
- 16.14. Automating Debian Installations with Preseed Files
-
17. Linux Server Administration via Serial Console
- 17.0. Introduction
- 17.1. Preparing a Server for Serial Console Administration
- 17.2. Configuring a Headless Server with LILO
- 17.3. Configuring a Headless Server with GRUB
- 17.4. Booting to Text Mode on Debian
- 17.5. Setting Up the Serial Console
- 17.6. Configuring Your Server for Dial-in Administration
- 17.7. Dialing In to the Server
- 17.8. Adding Security
- 17.9. Configuring Logging
- 17.10. Uploading Files to the Server
-
18. Running a Linux Dial-Up Server
- 18.0. Introduction
- 18.1. Configuring a Single Dial-Up Account with WvDial
- 18.2. Configuring Multiple Accounts in WvDial
- 18.3. Configuring Dial-Up Permissions for Nonroot Users
- 18.4. Creating WvDial Accounts for Nonroot Users
- 18.5. Sharing a Dial-Up Internet Account
- 18.6. Setting Up Dial-on-Demand
- 18.7. Scheduling Dial-Up Availability with cron
- 18.8. Dialing over Voicemail Stutter Tones
- 18.9. Overriding Call Waiting
- 18.10. Leaving the Password Out of the Configuration File
- 18.11. Creating a Separate pppd Logfile
-
19. Troubleshooting Networks
- 19.0. Introduction
- 19.1. Building a Network Diagnostic and Repair Laptop
- 19.2. Testing Connectivity with ping Problem
- 19.3. Profiling Your Network with FPing and Nmap
- 19.4. Finding Duplicate IP Addresses with arping
- 19.5. Testing HTTP Throughput and Latency with httping
- 19.6. Using traceroute, tcptraceroute, and mtr to Pinpoint Network Problems
- 19.7. Using tcpdump to Capture and Analyze Traffic
- 19.8. Capturing TCP Flags with tcpdump
- 19.9. Measuring Throughput, Jitter, and Packet Loss with iperf
- 19.10. Using ngrep for Advanced Packet Sniffing
- 19.11. Using ntop for Colorful and Quick Network Monitoring
- 19.12. Troubleshooting DNS Servers
- 19.13. Troubleshooting DNS Clients
- 19.14. Troubleshooting SMTP Servers
- 19.15. Troubleshooting a POP3, POP3s, or IMAP Server
- 19.16. Creating SSL Keys for Your Syslog-ng Server on Debian
- 19.17. Creating SSL Keys for Your Syslog-ng Server on Fedora
- 19.18. Setting Up stunnel for Syslog-ng
- 19.19. Building a Syslog Server
- A. Essential References
- B. Glossary of Networking Terms
- C. Linux Kernel Building Reference
- About the Author
- Colophon
- Copyright
Product information
- Title: Linux Networking Cookbook
- Author(s):
- Release date: November 2007
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9780596102487
You might also like
book
Linux Networking Cookbook
Over 40 recipes to help you set up and configure Linux networks About This Book Move …
book
Linux Security Cookbook
Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good …
book
Linux Administration Cookbook
Over 100 recipes to get up and running with the modern Linux administration ecosystem Key Features …
book
Advanced Linux Networking
With an increasing number of networks and mission-critical applications running on Linux, system and network administrators …