6144 linux networking cookbook ™ (1st ed)

640 276 0
6144 linux networking cookbook ™ (1st ed)

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

Thông tin tài liệu

Linux Networking Cookbook Carla Schroder Beijing • Cambridge • Farnham • Kưln • Paris • Sebastopol • Taipei • Tokyo Linux Networking Cookbook™ by Carla Schroder Copyright © 2008 O’Reilly Media, Inc All rights reserved Printed in the United States of America Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472 O’Reilly books may be purchased for educational, business, or sales promotional use Online editions are also available for most titles (safari.oreilly.com) For more information, contact our corporate/institutional sales department: (800) 998-9938 or corporate@oreilly.com Editor: Mike Loukides Production Editor: Sumita Mukherji Copyeditor: Derek Di Matteo Proofreader: Sumita Mukherji Indexer: John Bickelhaupt Cover Designer: Karen Montgomery Interior Designer: David Futato Illustrator: Jessamyn Read Printing History: November 2007: First Edition Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc The Cookbook series designations, Linux Networking Cookbook, the image of a female blacksmith, and related trade dress are trademarks of O’Reilly Media, Inc Java™ is a trademark of Sun Microsystems, Inc .NET is a registered trademark of Microsoft Corporation Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks Where those designations appear in this book, and O’Reilly Media, Inc was aware of a trademark claim, the designations have been printed in caps or initial caps While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein This book uses RepKover™, a durable and flexible lay-flat binding ISBN-10: 0-596-10248-8 ISBN-13: 978-0-596-10248-7 [M] To Terry Hanson—thank you! You make it all worthwhile Table of Contents Preface xv Introduction to Linux Networking 1.0 Introduction Building a Linux Gateway on a Single-Board Computer 12 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 2.10 2.11 2.12 2.13 Introduction Getting Acquainted with the Soekris 4521 Configuring Multiple Minicom Profiles Installing Pyramid Linux on a Compact Flash Card Network Installation of Pyramid on Debian Network Installation of Pyramid on Fedora Booting Pyramid Linux Finding and Editing Pyramid Files Hardening Pyramid Getting and Installing the Latest Pyramid Build Adding Additional Software to Pyramid Linux Adding New Hardware Drivers Customizing the Pyramid Kernel Updating the Soekris comBIOS 12 14 17 17 19 21 24 26 27 28 28 32 33 34 Building a Linux Firewall 36 3.0 3.1 3.2 3.3 3.4 Introduction Assembling a Linux Firewall Box Configuring Network Interface Cards on Debian Configuring Network Interface Cards on Fedora Identifying Which NIC Is Which 36 44 45 48 50 v 3.5 Building an Internet-Connection Sharing Firewall on a Dynamic WAN IP Address 3.6 Building an Internet-Connection Sharing Firewall on a Static WAN IP Address 3.7 Displaying the Status of Your Firewall 3.8 Turning an iptables Firewall Off 3.9 Starting iptables at Boot, and Manually Bringing Your Firewall Up and Down 3.10 Testing Your Firewall 3.11 Configuring the Firewall for Remote SSH Administration 3.12 Allowing Remote SSH Through a NAT Firewall 3.13 Getting Multiple SSH Host Keys Past NAT 3.14 Running Public Services on Private IP Addresses 3.15 Setting Up a Single-Host Firewall 3.16 Setting Up a Server Firewall 3.17 Configuring iptables Logging 3.18 Writing Egress Rules 51 56 57 58 59 62 65 66 68 69 71 76 79 80 Building a Linux Wireless Access Point 82 4.0 4.1 4.2 4.3 4.4 4.5 4.6 4.7 4.8 4.9 4.10 4.11 4.12 4.13 4.14 4.15 4.16 4.17 4.18 vi | Introduction Building a Linux Wireless Access Point Bridging Wireless to Wired Setting Up Name Services Setting Static IP Addresses from the DHCP Server Configuring Linux and Windows Static DHCP Clients Adding Mail Servers to dnsmasq Making WPA2-Personal Almost As Good As WPA-Enterprise Enterprise Authentication with a RADIUS Server Configuring Your Wireless Access Point to Use FreeRADIUS Authenticating Clients to FreeRADIUS Connecting to the Internet and Firewalling Using Routing Instead of Bridging Probing Your Wireless Interface Card Changing the Pyramid Router’s Hostname Turning Off Antenna Diversity Managing dnsmasq’s DNS Cache Managing Windows’ DNS Caches Updating the Time at Boot Table of Contents 82 86 87 90 93 94 96 97 100 104 106 107 108 113 114 115 117 120 121 Building a VoIP Server with Asterisk 123 5.0 5.1 5.2 5.3 5.4 5.5 5.6 5.7 5.8 5.9 5.10 5.11 5.12 5.13 5.14 5.15 5.16 5.17 5.18 5.19 5.20 5.21 5.22 5.23 5.24 Introduction Installing Asterisk from Source Code Installing Asterisk on Debian Starting and Stopping Asterisk Testing the Asterisk Server Adding Phone Extensions to Asterisk and Making Calls Setting Up Softphones Getting Real VoIP with Free World Dialup Connecting Your Asterisk PBX to Analog Phone Lines Creating a Digital Receptionist Recording Custom Prompts Maintaining a Message of the Day Transferring Calls Routing Calls to Groups of Phones Parking Calls Customizing Hold Music Playing MP3 Sound Files on Asterisk Delivering Voicemail Broadcasts Conferencing with Asterisk Monitoring Conferences Getting SIP Traffic Through iptables NAT Firewalls Getting IAX Traffic Through iptables NAT Firewalls Using AsteriskNOW, “Asterisk in 30 Minutes” Installing and Removing Packages on AsteriskNOW Connecting Road Warriors and Remote Users 123 127 131 132 135 136 143 146 148 151 153 156 158 158 159 161 161 162 163 165 166 168 168 170 171 Routing with Linux 173 6.0 6.1 6.2 6.3 6.4 6.5 6.6 6.7 6.8 6.9 Introduction Calculating Subnets with ipcalc Setting a Default Gateway Setting Up a Simple Local Router Configuring Simplest Internet Connection Sharing Configuring Static Routing Across Subnets Making Static Routes Persistent Using RIP Dynamic Routing on Debian Using RIP Dynamic Routing on Fedora Using Quagga’s Command Line 173 176 178 180 183 185 186 187 191 192 Table of Contents | vii 6.10 6.11 6.12 6.13 6.14 6.15 6.16 Logging In to Quagga Daemons Remotely Running Quagga Daemons from the Command Line Monitoring RIPD Blackholing Routes with Zebra Using OSPF for Simple Dynamic Routing Adding a Bit of Security to RIP and OSPF Monitoring OSPFD 194 195 197 198 199 201 202 Secure Remote Administration with SSH 204 7.0 7.1 7.2 7.3 7.4 7.5 7.6 7.7 7.8 7.9 7.10 7.11 7.12 7.13 7.14 7.15 7.16 7.17 Introduction Starting and Stopping OpenSSH Creating Strong Passphrases Setting Up Host Keys for Simplest Authentication Generating and Copying SSH Keys Using Public-Key Authentication to Protect System Passwords Managing Multiple Identity Keys Hardening OpenSSH Changing a Passphrase Retrieving a Key Fingerprint Checking Configuration Syntax Using OpenSSH Client Configuration Files for Easier Logins Tunneling X Windows Securely over SSH Executing Commands Without Opening a Remote Shell Using Comments to Label Keys Using DenyHosts to Foil SSH Attacks Creating a DenyHosts Startup File Mounting Entire Remote Filesystems with sshfs 204 207 208 209 211 213 214 215 216 217 218 218 220 221 222 223 225 226 Using Cross-Platform Remote Graphical Desktops 228 8.0 8.1 8.2 8.3 8.4 8.5 8.6 8.7 viii | Introduction Connecting Linux to Windows via rdesktop Generating and Managing FreeNX SSH Keys Using FreeNX to Run Linux from Windows Using FreeNX to Run Linux from Solaris, Mac OS X, or Linux Managing FreeNX Users Watching Nxclient Users from the FreeNX Server Starting and Stopping the FreeNX Server Table of Contents 228 230 233 233 238 239 240 241 8.8 8.9 8.10 8.11 8.12 8.13 8.14 8.15 8.16 8.17 8.18 8.19 8.20 8.21 8.22 Configuring a Custom Desktop Creating Additional Nxclient Sessions Enabling File and Printer Sharing, and Multimedia in Nxclient Preventing Password-Saving in Nxclient Troubleshooting FreeNX Using VNC to Control Windows from Linux Using VNC to Control Windows and Linux at the Same Time Using VNC for Remote Linux-to-Linux Administration Displaying the Same Windows Desktop to Multiple Remote Users Changing the Linux VNC Server Password Customizing the Remote VNC Desktop Setting the Remote VNC Desktop Size Connecting VNC to an Existing X Session Securely Tunneling x11vnc over SSH Tunneling TightVNC Between Linux and Windows 242 244 246 246 247 248 250 252 254 256 257 258 259 261 262 Building Secure Cross-Platform Virtual Private Networks with OpenVPN 265 9.0 9.1 9.2 9.3 9.4 9.5 9.6 9.7 9.8 9.9 9.10 9.11 Introduction Setting Up a Safe OpenVPN Test Lab Starting and Testing OpenVPN Testing Encryption with Static Keys Connecting a Remote Linux Client Using Static Keys Creating Your Own PKI for OpenVPN Configuring the OpenVPN Server for Multiple Clients Configuring OpenVPN to Start at Boot Revoking Certificates Setting Up the OpenVPN Server in Bridge Mode Running OpenVPN As a Nonprivileged User Connecting Windows Clients 265 267 270 272 274 276 279 281 282 284 285 286 10 Building a Linux PPTP VPN Server 287 10.0 10.1 10.2 10.3 10.4 10.5 Introduction Installing Poptop on Debian Linux Patching the Debian Kernel for MPPE Support Installing Poptop on Fedora Linux Patching the Fedora Kernel for MPPE Support Setting Up a Standalone PPTP VPN Server 287 290 291 293 294 295 Table of Contents | ix .. .Linux Networking Cookbook Carla Schroder Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo ™ Linux Networking Cookbook by Carla Schroder Copyright... the basics xv If you don’t already have basic Linux experience, I recommend getting the Linux Cookbook (O’Reilly) The Linux Cookbook (which I authored) was designed as a companion book to this... from Linux Using VNC to Control Windows and Linux at the Same Time Using VNC for Remote Linux- to -Linux Administration Displaying the Same Windows Desktop to Multiple Remote Users Changing the Linux

Ngày đăng: 05/10/2018, 15:29

Từ khóa liên quan

Mục lục

  • Linux Networking Cookbook

    • Table of Contents

    • Preface

      • Audience

      • Contents of This Book

      • What Is Included

      • Which Linux Distributions Are Used in the Book

      • Downloads and Feedback

      • Conventions

      • Using Code Examples

      • Comments and Questions

      • Safari® Books Online

      • Acknowledgments

    • Introduction to Linux Networking

      • 1.0 Introduction

        • Connecting to the Internet

        • Overview of Internet Service Options

        • Cable, DSL, and Dial-Up

          • Cable

          • DSL

          • Dial-up

          • Cable, DSL, and dial-up gotchas

        • Regulated Broadband Services

        • Private Networks

        • Latency, Bandwidth, and Throughput

        • Hardware Options for Your Linux Firewall/Gateway

        • High-End Enterprise Routers

        • Not-So-High-End Commercial Routers

        • Switches

          • Management port

          • Serial port

          • MDI/MDI-X (Medium Dependent Interfaces)

          • Lots of blinky lights

          • Jumbo frames

          • Port trunking

          • VLANs

          • QoS

          • Per-port access controls

          • Network Interface Cards (NICs)

        • Gigabit Ethernet Gotchas

        • Cabling

        • Wireless Networking

    • Building a Linux Gateway on a Single-Board Computer

      • 2.0 Introduction

        • Required Hardware

        • Software

        • What to Do with Old PCs?

      • 2.1 Getting Acquainted with the Soekris 4521

        • Problem

        • Solution

        • Discussion

        • See Also

      • 2.2 Configuring Multiple Minicom Profiles

        • Problem

        • Solution

        • Discussion

        • See Also

      • 2.3 Installing Pyramid Linux on a Compact Flash Card

        • Problem

        • Solution

        • Discussion

        • See Also

      • 2.4 Network Installation of Pyramid on Debian

        • Problem

        • Solution

        • Discussion

        • See Also

      • 2.5 Network Installation of Pyramid on Fedora

        • Problem

        • Solution

        • Discussion

        • See Also

      • 2.6 Booting Pyramid Linux

        • Problem

        • Solution

        • Discussion

        • See Also

      • 2.7 Finding and Editing Pyramid Files

        • Problem

        • Solution

        • Discussion

        • See Also

      • 2.8 Hardening Pyramid

        • Problem

        • Solution

        • Discussion

        • See Also

      • 2.9 Getting and Installing the Latest Pyramid Build

        • Problem

        • Solution

        • Discussion

        • See Also

      • 2.10 Adding Additional Software to Pyramid Linux

        • Problem

        • Solution

        • Discussion

        • See Also

      • 2.11 Adding New Hardware Drivers

        • Problem

        • Solution

        • Discussion

        • See Also

      • 2.12 Customizing the Pyramid Kernel

        • Problem

        • Solution

        • Discussion

        • See Also

      • 2.13 Updating the Soekris comBIOS

        • Problem

        • Solution

        • Discussion

        • See Also

    • Building a Linux Firewall

      • 3.0 Introduction

        • Separating Private and Public

        • Windows Security

        • Iptables and NAT, SNAT, and DNAT

        • iptables and TCP/IP Headers

        • When Is a Firewall Needed?

        • iptables Overview

        • iptables Policies and Rules

        • Tables Overview

        • Specialized Linux Firewall and Routing Distributions

        • Important Disclaimer

      • 3.1 Assembling a Linux Firewall Box

        • Problem

        • Solution

        • Discussion

          • Cabling

          • Network interfaces

        • See Also

      • 3.2 Configuring Network Interface Cards on Debian

        • Problem

        • Solution

        • Discussion

          • Configuration definitions

        • See Also

      • 3.3 Configuring Network Interface Cards on Fedora

        • Problem

        • Solution

        • Discussion

        • See Also

      • 3.4 Identifying Which NIC Is Which

        • Problem

        • Solution

        • Discussion

        • See Also

      • 3.5 Building an Internet-Connection Sharing Firewall on a Dynamic WAN IP Address

        • Problem

        • Solution

        • Discussion

        • See Also

      • 3.6 Building an Internet-Connection Sharing Firewall on a Static WAN IP Address

        • Problem

        • Solution

        • Discussion

        • See Also

      • 3.7 Displaying the Status of Your Firewall

        • Problem

        • Solution

        • Discussion

        • See Also

      • 3.8 Turning an iptables Firewall Off

        • Problem

        • Solution

        • Discussion

        • See Also

      • 3.9 Starting iptables at Boot, and Manually Bringing Your Firewall Up and Down

        • Problem

        • Solution

        • Discussion

        • See Also

      • 3.10 Testing Your Firewall

        • Problem

        • Solution

        • Discussion

          • Application-level security

        • See Also

      • 3.11 Configuring the Firewall for Remote SSH Administration

        • Problem

        • Solution

        • Discussion

        • See Also

      • 3.12 Allowing Remote SSH Through a NAT Firewall

        • Problem

        • Solution

        • Discussion

        • See Also

      • 3.13 Getting Multiple SSH Host Keys Past NAT

        • Problem

        • Solution

        • Discussion

        • See Also

      • 3.14 Running Public Services on Private IP Addresses

        • Problem

        • Solution

        • Discussion

        • See Also

      • 3.15 Setting Up a Single-Host Firewall

        • Problem

        • Solution

        • Discussion

        • See Also

      • 3.16 Setting Up a Server Firewall

        • Problem

        • Solution

        • Discussion

        • See Also

      • 3.17 Configuring iptables Logging

        • Problem

        • Solution

        • See Also

      • 3.18 Writing Egress Rules

        • Problem

        • Solution

        • Discussion

        • See Also

    • Building a Linux Wireless Access Point

      • 4.0 Introduction

        • Security

        • See Also

      • 4.1 Building a Linux Wireless Access Point

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.2 Bridging Wireless to Wired

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.3 Setting Up Name Services

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.4 Setting Static IP Addresses from the DHCP Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.5 Configuring Linux and Windows Static DHCP Clients

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.6 Adding Mail Servers to dnsmasq

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.7 Making WPA2-Personal Almost As Good As WPA-Enterprise

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.8 Enterprise Authentication with a RADIUS Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.9 Configuring Your Wireless Access Point to Use FreeRADIUS

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.10 Authenticating Clients to FreeRADIUS

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.11 Connecting to the Internet and Firewalling

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.12 Using Routing Instead of Bridging

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.13 Probing Your Wireless Interface Card

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.14 Changing the Pyramid Router’s Hostname

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.15 Turning Off Antenna Diversity

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.16 Managing dnsmasq’s DNS Cache

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.17 Managing Windows’ DNS Caches

        • Problem

        • Solution

        • Discussion

        • See Also

      • 4.18 Updating the Time at Boot

        • Problem

        • Solution

        • Discussion

        • See Also

    • Building a VoIP Server with Asterisk

      • 5.0 Introduction

        • Test-lab Hardware and Software

        • Production Hardware and Software

        • Call Quality

        • Digium, Asterisk, and the Zapata Telephony Project

        • Asterisk Implementations

        • Using Asterisk

        • See Also

      • 5.1 Installing Asterisk from Source Code

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.2 Installing Asterisk on Debian

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.3 Starting and Stopping Asterisk

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.4 Testing the Asterisk Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.5 Adding Phone Extensions to Asterisk and Making Calls

        • Problem

        • Solution

        • Discussion

          • sip.conf

          • Dialplans

        • See Also

      • 5.6 Setting Up Softphones

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.7 Getting Real VoIP with Free World Dialup

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.8 Connecting Your Asterisk PBX to Analog Phone Lines

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.9 Creating a Digital Receptionist

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.10 Recording Custom Prompts

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.11 Maintaining a Message of the Day

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.12 Transferring Calls

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.13 Routing Calls to Groups of Phones

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.14 Parking Calls

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.15 Customizing Hold Music

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.16 Playing MP3 Sound Files on Asterisk

        • Problem

        • Solution

        • See Also

      • 5.17 Delivering Voicemail Broadcasts

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.18 Conferencing with Asterisk

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.19 Monitoring Conferences

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.20 Getting SIP Traffic Through iptables NAT Firewalls

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.21 Getting IAX Traffic Through iptables NAT Firewalls

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.22 Using AsteriskNOW, “Asterisk in 30 Minutes”

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.23 Installing and Removing Packages on AsteriskNOW

        • Problem

        • Solution

        • Discussion

        • See Also

      • 5.24 Connecting Road Warriors and Remote Users

        • Problem

        • Solution

        • Discussion

        • See Also

    • Routing with Linux

      • 6.0 Introduction

        • Exterior Protocols

        • Linux Routing and Networking Commands

      • 6.1 Calculating Subnets with ipcalc

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.2 Setting a Default Gateway

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.3 Setting Up a Simple Local Router

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.4 Configuring Simplest Internet Connection Sharing

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.5 Configuring Static Routing Across Subnets

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.6 Making Static Routes Persistent

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.7 Using RIP Dynamic Routing on Debian

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.8 Using RIP Dynamic Routing on Fedora

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.9 Using Quagga’s Command Line

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.10 Logging In to Quagga Daemons Remotely

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.11 Running Quagga Daemons from the Command Line

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.12 Monitoring RIPD

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.13 Blackholing Routes with Zebra

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.14 Using OSPF for Simple Dynamic Routing

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.15 Adding a Bit of Security to RIP and OSPF

        • Problem

        • Solution

        • Discussion

        • See Also

      • 6.16 Monitoring OSPFD

        • Problem

        • Solution

        • Discussion

        • See Also

    • Secure Remote Administration with SSH

      • 7.0 Introduction

        • OpenSSH

        • SSH Tunneling

        • OpenSSH Components

        • Using OpenSSH

          • Key types

      • 7.1 Starting and Stopping OpenSSH

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.2 Creating Strong Passphrases

        • Problem

        • Solution

        • Discussion

      • 7.3 Setting Up Host Keys for Simplest Authentication

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.4 Generating and Copying SSH Keys

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.5 Using Public-Key Authentication to Protect System Passwords

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.6 Managing Multiple Identity Keys

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.7 Hardening OpenSSH

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.8 Changing a Passphrase

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.9 Retrieving a Key Fingerprint

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.10 Checking Configuration Syntax

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.11 Using OpenSSH Client Configuration Files for Easier Logins

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.12 Tunneling X Windows Securely over SSH

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.13 Executing Commands Without Opening a Remote Shell

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.14 Using Comments to Label Keys

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.15 Using DenyHosts to Foil SSH Attacks

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.16 Creating a DenyHosts Startup File

        • Problem

        • Solution

        • Discussion

        • See Also

      • 7.17 Mounting Entire Remote Filesystems with sshfs

        • Problem

        • Solution

        • Discussion

        • See Also

    • Using Cross-Platform Remote Graphical Desktops

      • 8.0 Introduction

        • rdesktop

        • FreeNX

        • VNC

        • Built-in Remote Desktop Sharing in KDE and Gnome

      • 8.1 Connecting Linux to Windows via rdesktop

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.2 Generating and Managing FreeNX SSH Keys

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.3 Using FreeNX to Run Linux from Windows

        • Problem

        • Solution

          • Set up the server

          • Get the client

          • Set up the connection

        • Discussion

        • See Also

      • 8.4 Using FreeNX to Run Linux from Solaris, Mac OS X, or Linux

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.5 Managing FreeNX Users

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.6 Watching Nxclient Users from the FreeNX Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.7 Starting and Stopping the FreeNX Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.8 Configuring a Custom Desktop

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.9 Creating Additional Nxclient Sessions

        • Problem

        • Solution

        • Discussion

        • See Also

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.10 Enabling File and Printer Sharing, and Multimedia in Nxclient

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.11 Preventing Password-Saving in Nxclient

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.12 Troubleshooting FreeNX

        • Problem

        • Solution

        • See Also

      • 8.13 Using VNC to Control Windows from Linux

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.14 Using VNC to Control Windows and Linux at the Same Time

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.15 Using VNC for Remote Linux-to-Linux Administration

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.16 Displaying the Same Windows Desktop to Multiple Remote Users

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.17 Changing the Linux VNC Server Password

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.18 Customizing the Remote VNC Desktop

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.19 Setting the Remote VNC Desktop Size

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.20 Connecting VNC to an Existing X Session

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.21 Securely Tunneling x11vnc over SSH

        • Problem

        • Solution

        • Discussion

        • See Also

      • 8.22 Tunneling TightVNC Between Linux and Windows

        • Problem

        • Solution

        • Discussion

        • See Also

    • Building Secure Cross- Platform Virtual Private Networks with OpenVPN

      • 9.0 Introduction

        • What About IPSec?

        • OpenVPN

      • 9.1 Setting Up a Safe OpenVPN Test Lab

        • Problem

        • Solution

        • Discussion

        • See Also

      • 9.2 Starting and Testing OpenVPN

        • Problem

        • Solution

        • Discussion

        • See Also

      • 9.3 Testing Encryption with Static Keys

        • Problem

        • Solution

        • Discussion

        • See Also

      • 9.4 Connecting a Remote Linux Client Using Static Keys

        • Problem

        • Solution

        • Discussion

        • See Also

      • 9.5 Creating Your Own PKI for OpenVPN

        • Problem

        • Solution

        • Discussion

        • See Also

      • 9.6 Configuring the OpenVPN Server for Multiple Clients

        • Problem

        • Solution

        • Discussion

        • See Also

      • 9.7 Configuring OpenVPN to Start at Boot

        • Problem

        • Solution

        • Discussion

        • See Also

      • 9.8 Revoking Certificates

        • Problem

        • Solution

        • Discussion

        • See Also

      • 9.9 Setting Up the OpenVPN Server in Bridge Mode

        • Problem

        • Solution

        • Discussion

        • See Also

      • 9.10 Running OpenVPN As a Nonprivileged User

        • Problem

        • Solution

        • Discussion

        • See Also

      • 9.11 Connecting Windows Clients

        • Problem

        • Solution

        • Discussion

        • See Also

    • Building a Linux PPTP VPN Server

      • 10.0 Introduction

        • Windows Client Necessary Updates

        • PPTP Security

        • IPSec VPN

        • Linux Requirements

        • Is PPTP Really Easier?

        • See Also

      • 10.1 Installing Poptop on Debian Linux

        • Problem

        • Solution

        • Discussion

        • See Also

      • 10.2 Patching the Debian Kernel for MPPE Support

        • Problem

        • Solution

        • Discussion

        • See Also

      • 10.3 Installing Poptop on Fedora Linux

        • Problem

        • Solution

        • Discussion

        • See Also

      • 10.4 Patching the Fedora Kernel for MPPE Support

        • Problem

        • Solution

        • Discussion

        • See Also

      • 10.5 Setting Up a Standalone PPTP VPN Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 10.6 Adding Your Poptop Server to Active Directory

        • Problem

        • Solution

        • Discussion

        • See Also

      • 10.7 Connecting Linux Clients to a PPTP Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 10.8 Getting PPTP Through an iptables Firewall

        • Problem

        • Solution

        • Discussion

        • See Also

      • 10.9 Monitoring Your PPTP Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 10.10 Troubleshooting PPTP

        • Problem

        • Solution

        • Discussion

        • See Also

    • Single Sign-on with Samba for Mixed Linux/Windows LANs

      • 11.0 Introduction

        • Replacing an NT4 Domain Controller

        • Hardware Requirements

      • 11.1 Verifying That All the Pieces Are in Place

        • Problem

        • Solution

        • Discussion

        • See Also

      • 11.2 Compiling Samba from Source Code

        • Problem

        • Solution

        • Discussion

        • See Also

      • 11.3 Starting and Stopping Samba

        • Problem

        • Solution

        • Discussion

        • See Also

      • 11.4 Using Samba As a Primary Domain Controller

        • Problem

        • Solution

        • Discussion

        • See Also

      • 11.5 Migrating to a Samba Primary Domain Controller from an NT4 PDC

        • Problem

        • Solution

        • Discussion

        • See Also

      • 11.6 Joining Linux to an Active Directory Domain

        • Problem

        • Solution

        • Discussion

        • See Also

      • 11.7 Connecting Windows 95/98/ME to a Samba Domain

        • Problem

        • Solution

        • Discussion

        • See Also

      • 11.8 Connecting Windows NT4 to a Samba Domain

        • Problem

        • Solution

        • Discussion

        • See Also

      • 11.9 Connecting Windows NT/2000 to a Samba Domain

        • Problem

        • Solution

        • Discussion

        • See Also

      • 11.10 Connecting Windows XP to a Samba Domain

        • Problem

        • Solution

        • Discussion

        • See Also

      • 11.11 Connecting Linux Clients to a Samba Domain with Command-Line Programs

        • Problem

        • Solution

        • Discussion

        • See Also

      • 11.12 Connecting Linux Clients to a Samba Domain with Graphical Programs

        • Problem

        • Solution

        • Discussion

          • Konqueror

          • Nautilus

          • Smb4k

          • LinNeighborhood

        • See Also

    • Centralized Network Directory with OpenLDAP

      • 12.0 Introduction

        • LDAP Directory Structure

        • Schemas, objectClasses, and Attributes

        • The “Secret” RootDSE

        • Deciding How Deep Your Directory Is

      • 12.1 Installing OpenLDAP on Debian

        • Problem

        • Solution

        • Discussion

        • See Also

      • 12.2 Installing OpenLDAP on Fedora

        • Problem

        • Solution

        • Discussion

        • See Also

      • 12.3 Configuring and Testing the OpenLDAP Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 12.4 Creating a New Database on Fedora

        • Problem

        • Solution

        • Discussion

          • ObjectClasses and attributes

        • See Also

      • 12.5 Adding More Users to Your Directory

        • Problem

        • Solution

        • Discussion

        • See Also

      • 12.6 Correcting Directory Entries

        • Problem

        • Solution

        • Discussion

        • See Also

      • 12.7 Connecting to a Remote OpenLDAP Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 12.8 Finding Things in Your OpenLDAP Directory

        • Problem

        • Solution

        • Discussion

        • See Also

      • 12.9 Indexing Your Database

        • Problem

        • Solution

        • Discussion

        • See Also

      • 12.10 Managing Your Directory with Graphical Interfaces

        • Problem

        • Solution

        • Discussion

        • See Also

      • 12.11 Configuring the Berkeley DB

        • Problem

        • Solution

        • Discussion

        • See Also

      • 12.12 Configuring OpenLDAP Logging

        • Problem

        • Solution

        • Discussion

        • See Also

      • 12.13 Backing Up and Restoring Your Directory

        • Problem

        • Solution

        • Discussion

        • See Also

      • 12.14 Refining Access Controls

        • Problem

        • Solution

        • Discussion

        • See Also

      • 12.15 Changing Passwords

        • Problem

        • Solution

        • Discussion

        • See Also

    • Network Monitoring with Nagios

      • 13.0 Introduction

        • See Also

      • 13.1 Installing Nagios from Sources

        • Problem

        • Solution

        • Discussion

        • See Also

      • 13.2 Configuring Apache for Nagios

        • Problem

        • Solution

        • Discussion

        • See Also

      • 13.3 Organizing Nagios’ Configuration Files Sanely

        • Problem

        • Solution

        • Discussion

        • See Also

      • 13.4 Configuring Nagios to Monitor Localhost

        • Problem

        • Solution

        • Discussion

        • See Also

      • 13.5 Configuring CGI Permissions for Full Nagios Web Access

        • Problem

        • Solution

        • Discussion

        • See Also

      • 13.6 Starting Nagios at Boot

        • Problem

        • Solution

        • Discussion

        • See Also

      • 13.7 Adding More Nagios Users

        • Problem

        • Solution

        • Discussion

        • See Also

      • 13.8 Speed Up Nagios with check_icmp

        • Problem

        • Solution

        • Discussion

        • See Also

      • 13.9 Monitoring SSHD

        • Problem

        • Solution

        • Discussion

          • Command definitions

          • Host definitions

          • Service definitions

        • See Also

      • 13.10 Monitoring a Web Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 13.11 Monitoring a Mail Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 13.12 Using Servicegroups to Group Related Services

        • Problem

        • Solution

        • Discussion

        • See Also

      • 13.13 Monitoring Name Services

        • Problem

        • Solution

        • Discussion

        • See Also

      • 13.14 Setting Up Secure Remote Nagios Administration with OpenSSH

        • Problem

        • Solution

        • Discussion

        • See Also

      • 13.15 Setting Up Secure Remote Nagios Administration with OpenSSL

        • Problem

        • Solution

        • Discussion

        • See Also

    • Network Monitoring with MRTG

      • 14.0 Introduction

      • 14.1 Installing MRTG

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.2 Configuring SNMP on Debian

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.3 Configuring SNMP on Fedora

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.4 Configuring Your HTTP Service for MRTG

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.5 Configuring and Starting MRTG on Debian

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.6 Configuring and Starting MRTG on Fedora

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.7 Monitoring Active CPU Load

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.8 Monitoring CPU User and Idle Times

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.9 Monitoring Physical Memory

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.10 Monitoring Swap Space and Memory

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.11 Monitoring Disk Usage

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.12 Monitoring TCP Connections

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.13 Finding and Testing MIBs and OIDs

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.14 Testing Remote SNMP Queries

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.15 Monitoring Remote Hosts

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.16 Creating Multiple MRTG Index Pages

        • Problem

        • Solution

        • Discussion

        • See Also

      • 14.17 Running MRTG As a Daemon

        • Problem

        • Solution

        • Discussion

        • See Also

    • Getting Acquainted with IPv6

      • 15.0 Introduction

        • Barriers to Adoption

        • Anatomy of IPv6 Addresses

          • IPv6 address types and ranges

        • Counting in Hexadecimal

        • Mac and Windows IPv6 Support

      • 15.1 Testing Your Linux System for IPv6 Support

        • Problem

        • Solution

        • Discussion

        • See Also

      • 15.2 Pinging Link Local IPv6 Hosts

        • Problem

        • Solution

        • Discussion

        • See Also

      • 15.3 Setting Unique Local Unicast Addresses on Interfaces

        • Problem

        • Solution

        • Discussion

        • See Also

      • 15.4 Using SSH with IPv6

        • Problem

        • Solution

        • Discussion

        • See Also

      • 15.5 Copying Files over IPv6 with scp

        • Problem

        • Solution

        • Discussion

        • See Also

      • 15.6 Autoconfiguration with IPv6

        • Problem

        • Solution

        • Discussion

        • See Also

      • 15.7 Calculating IPv6 Addresses

        • Problem

        • Solution

        • Discussion

        • See Also

      • 15.8 Using IPv6 over the Internet

        • Problem

        • Solution

        • Discussion

        • See Also

    • Setting Up Hands-Free Network Installations of New Systems

      • 16.0 Introduction

        • PXE Boot

        • USB Boot

        • Installation

      • 16.1 Creating Network Installation Boot Media for Fedora Linux

        • Problem

        • Solution

        • Discussion

        • See Also

      • 16.2 Network Installation of Fedora Using Network Boot Media

        • Problem

        • Solution

        • Discussion

        • See Also

      • 16.3 Setting Up an HTTP-Based Fedora Installation Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 16.4 Setting Up an FTP-Based Fedora Installation Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 16.5 Creating a Customized Fedora Linux Installation

        • Problem

        • Solution

        • Discussion

        • See Also

      • 16.6 Using a Kickstart File for a Hands-off Fedora Linux Installation

        • Problem

        • Solution

        • Discussion

        • See Also

      • 16.7 Fedora Network Installation via PXE Netboot

        • Problem

        • Solution

        • Discussion

        • See Also

      • 16.8 Network Installation of a Debian System

        • Solution

        • Discussion

        • See Also

      • 16.9 Building a Complete Debian Mirror with apt-mirror

        • Problem

        • Solution

        • Discussion

        • See Also

      • 16.10 Building a Partial Debian Mirror with apt-proxy

        • Problem

        • Solution

        • Discussion

        • See Also

      • 16.11 Configuring Client PCs to Use Your Local Debian Mirror

        • Problem

        • Solution

        • Discussion

        • See Also

      • 16.12 Setting Up a Debian PXE Netboot Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 16.13 Installing New Systems from Your Local Debian Mirror

        • Problem

        • Solution

        • Discussion

        • See Also

      • 16.14 Automating Debian Installations with Preseed Files

        • Problem

        • Solution

        • Discussion

        • See Also

    • Linux Server Administration via Serial Console

      • 17.0 Introduction

      • 17.1 Preparing a Server for Serial Console Administration

        • Problem

        • Solution

        • Discussion

          • Modems

        • See Also

      • 17.2 Configuring a Headless Server with LILO

        • Problem

        • Solution

        • Discussion

        • See Also

      • 17.3 Configuring a Headless Server with GRUB

        • Problem

        • Solution

        • Discussion

        • See Also

      • 17.4 Booting to Text Mode on Debian

        • Problem

        • Solution

        • Discussion

        • See Also

      • 17.5 Setting Up the Serial Console

        • Problem

        • Solution

        • Discussion

          • File permissions

        • See Also

      • 17.6 Configuring Your Server for Dial-in Administration

        • Problem

        • Solution

        • Discussion

        • See Also

      • 17.7 Dialing In to the Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 17.8 Adding Security

        • Problem

        • Solution

        • Discussion

        • See Also

      • 17.9 Configuring Logging

        • Problem

        • Solution

        • Discussion

        • See Also

      • 17.10 Uploading Files to the Server

        • Problem

        • Solution

        • Discussion

        • See Also

    • Running a Linux Dial-Up Server

      • 18.0 Introduction

      • 18.1 Configuring a Single Dial-Up Account with WvDial

        • Problem

        • Solution

        • Discussion

        • See Also

      • 18.2 Configuring Multiple Accounts in WvDial

        • Problem

        • Solution

        • Discussion

        • See Also

      • 18.3 Configuring Dial-Up Permissions for Nonroot Users

        • Problem

        • Solution

        • Discussion

        • See Also

      • 18.4 Creating WvDial Accounts for Nonroot Users

        • Problem

        • Solution

        • Discussion

        • See Also

      • 18.5 Sharing a Dial-Up Internet Account

        • Problem

        • Solution

        • Discussion

        • See Also

      • 18.6 Setting Up Dial-on-Demand

        • Problem

        • Solution

        • Discussion

        • See Also

      • 18.7 Scheduling Dial-Up Availability with cron

        • Problem

        • Solution

        • Discussion

        • See Also

      • 18.8 Dialing over Voicemail Stutter Tones

        • Problem

        • Solution

        • Discussion

        • See Also

      • 18.9 Overriding Call Waiting

        • Problem

        • Solution

        • Discussion

        • See Also

      • 18.10 Leaving the Password Out of the Configuration File

        • Problem

        • Solution

        • Discussion

        • See Also

      • 18.11 Creating a Separate pppd Logfile

        • Problem

        • Solution

        • Discussion

        • See Also

    • Troubleshooting Networks

      • 19.0 Introduction

        • Testing and Tracing Cabling

        • Spares for Testing

      • 19.1 Building a Network Diagnostic and Repair Laptop

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.2 Testing Connectivity with ping

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.3 Profiling Your Network with FPing and Nmap

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.4 Finding Duplicate IP Addresses with arping

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.5 Testing HTTP Throughput and Latency with httping

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.6 Using traceroute, tcptraceroute, and mtr to Pinpoint Network Problems

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.7 Using tcpdump to Capture and Analyze Traffic

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.8 Capturing TCP Flags with tcpdump

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.9 Measuring Throughput, Jitter, and Packet Loss with iperf

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.10 Using ngrep for Advanced Packet Sniffing

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.11 Using ntop for Colorful and Quick Network Monitoring

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.12 Troubleshooting DNS Servers

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.13 Troubleshooting DNS Clients

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.14 Troubleshooting SMTP Servers

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.15 Troubleshooting a POP3, POP3s, or IMAP Server

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.16 Creating SSL Keys for Your Syslog-ng Server on Debian

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.17 Creating SSL Keys for Your Syslog-ng Server on Fedora

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.18 Setting Up stunnel for Syslog-ng

        • Problem

        • Solution

        • Discussion

        • See Also

      • 19.19 Building a Syslog Server

        • Problem

        • Solution

        • Discussion

        • See Also

    • Essential References

    • Glossary of Networking Terms

      • A

      • B

      • C

      • D

      • E

      • F

      • G

      • H

      • I

      • K

      • L

      • M

      • N

      • O

      • P

      • Q

      • R

      • S

      • T

      • U

      • V

      • W

    • Linux Kernel Building Reference

      • Building a Custom Kernel

        • Prerequisites

        • Building a Vanilla Kernel

        • Configuration Options

        • Adding New Loadable Kernel Modules

        • Patching a Kernel

        • Customizing Fedora Kernels

        • Customizing Debian Kernels

        • See Also

    • Index

Tài liệu cùng người dùng

  • Đang cập nhật ...

Tài liệu liên quan