E-Book, Englisch, 452 Seiten
Both Using and Administering Linux: Volume 3
1. Auflage 2019
ISBN: 978-1-4842-5485-1
Verlag: Apress
Format: PDF
Kopierschutz: 1 - PDF Watermark
Zero to SysAdmin: Network Services
E-Book, Englisch, 452 Seiten
ISBN: 978-1-4842-5485-1
Verlag: Apress
Format: PDF
Kopierschutz: 1 - PDF Watermark
Manage complex systems with ease and equip yourself for a new career. This book builds upon the skills you learned in Volumes 1 and 2 of this course and it depends upon the virtual network and virtual machine you created there. However, more experienced Linux users can begin with this volume and download an assigned script that will set up the VM for the start of Volume 3. Instructions with the script will provide specifications for configuration of the virtual network and the virtual machine. Refer to the volume overviews in the book's introduction to select the volume of this course most appropriate for your current skill level.Start by reviewing the administration of Linux servers and install and configure various Linux server services such as DHCP, DNS, NTP, and SSH server that will be used to provide advanced network services. You'll then learn to install and configure servers such as BIND for name services, DHCP for network host configuration, and SSH for secure logins to remote hosts. Other topics covered include public/private keypairs to further enhance security, SendMail and IMAP and antispam protection for email, using Apache and WordPress to create and manage web sites, NFS, SAMBA, and Chrony.
This volume also covers SELinux, and building RPMs to distribute automation scripts. All of these services are installed on a single server host over the course of the book and by the time you are finished you will have a single server that provides these services for your network. What You Will LearnInstall, configure, and manage several Linux server services such as email with spam management and single and multiple web sitesWork with NTP time synchronization, DHCP, SSH, and file sharing with Unix/Linux and Windows clientsCreate RPMs for distribution of scripts and administrative programs.Understand and work with enhanced security. Who This Book Is ForThose who are already Linux power users - SysAdmins who can administer Linux workstation hosts that are not servers - who want to learn to administer the services provided by Linux servers such as web, time, name, email, SSH, and more.
David Both is an Open Source Software and GNU/Linux advocate, trainer, writer, and speaker. He has been working with Linux and Open Source Software for more than 20 years and has been working with computers for over 45 years. He is a strong proponent of and evangelist for the 'Linux Philosophy for System Administrators.' David has been in the IT industry for over forty years. He worked for IBM for 21 years and, while working as a Course Development Representative in Boca Raton, FL, in 1981, wrote the training course for the first IBM PC. He has taught RHCE classes for Red Hat and has worked at MCI Worldcom, Cisco, and the State of North Carolina. In most of the places he has worked since leaving IBM in 1995, he has taught classes on Linux ranging from Lunch'n'Learns to full five day courses. Helping others learn about Linux and open source software is one of his great pleasures. David had some amazing teachers and mentors in my 40 years in IT and my more than 20 years working with Linux. At their core, Linux and open source in general are about sharing and helping others and about contributing to the community. These books, along with 'The Linux philosophy for SysAdmins,' are a continuation of his desire to pass on my knowledge and to provide mentoring to anyone interested in learning about Linux. David is the author of The Linux Philosophy for SysAdmins (Apress, 2018) and can be found on Twitter @linuxgeek46.
Autoren/Hrsg.
Weitere Infos & Material
1;Table of Contents;5
2;About the Author;16
3;About the Technical Reviewer;17
4;Acknowledgments;18
5;Introduction;19
6;Chapter 1: Server Preparation;30
6.1;Objectives;30
6.2;Overview;30
6.3;Creating the VM;31
6.4;Installing Linux;32
6.4.1;Personalization;34
6.5;Chapter summary;34
6.6;Exercises;34
7;Chapter 2: Server Configuration;35
7.1;Objectives;35
7.2;Overview;35
7.3;Network configuration;35
7.4;Chapter summary;47
7.5;Exercises;47
8;Chapter 3: DHCP;48
8.1;Objectives;48
8.2;Overview of DHCP;48
8.3;Installing the DHCP server;49
8.4;Configuring the DHCP server;51
8.5;Configuring guest hosts;56
8.5.1;The dhcpd.conf file;58
8.6;Chapter summary;59
8.7;Exercises;59
9;Chapter 4: Name Services;60
9.1;Objectives;60
9.2;Introducing Domain Name Services;60
9.2.1;The /etc/hosts file;61
9.3;How a name search works;63
9.4;The DNS database;65
9.5;Common DNS record types;69
9.5.1;SOA;69
9.5.2;$ORIGIN;70
9.5.3;NS;70
9.5.4;A;71
9.5.5;AAAA;71
9.5.6;CNAME;71
9.5.7;PTR;72
9.5.8;MX;72
9.5.9;Other records;73
9.6;Using BIND;73
9.6.1;Preparation;73
9.6.2;Setting up the caching name server;74
9.6.3;Configuring IPTables for DNS;77
9.6.4;Start the name service;80
9.6.5;Reconfiguring DHCP;82
9.6.6;Using the top-level DNS servers;83
9.7;Creating a primary name server;84
9.7.1;Creating the forward zone file;84
9.7.2;Adding the forward zone files to named.conf;85
9.7.3;Adding CNAME records;87
9.7.4;Creating the reverse zone file;89
9.7.5;Add the reverse zone to named.conf;90
9.8;Chapter summary;93
9.9;Exercises;93
10;Chapter 5: Remote Access with SSH;94
10.1;Objectives;94
10.2;Introduction;94
10.3;Starting the SSH server;95
10.4;How SSH works – briefly;97
10.5;Public/Private Key Pairs;98
10.5.1;How PPKPs work;99
10.6;X-forwarding;105
10.6.1;The X Window System;107
10.7;Remote commands;108
10.7.1;Remote backups;110
10.8;Chapter summary;111
10.9;Exercises;112
11;Chapter 6: Routing and Firewalls;114
11.1;Objectives;114
11.2;Introduction;114
11.3;NIC configuration files;116
11.3.1;The ip command;117
11.3.2;Create an interface configuration File;117
11.4;The interface configuration file;120
11.5;Routing on a workstation;123
11.6;Network routing;124
11.7;Creating a router;126
11.7.1;Preparation;127
11.7.2;Configure the new NIC;128
11.7.3;Reconfiguring DHCP;129
11.7.4;Reconfiguring DNS;133
11.8;Setting up the router;137
11.8.1;Kernel configuration;137
11.8.2;Changing the firewall;139
11.8.2.1;Understanding the rule set;140
11.9;Complex routing;145
11.10;Fail2Ban;146
11.11;Chapter summary;150
11.12;Exercises;150
12;Chapter 7: Introducing Email;151
12.1;Objectives;151
12.2;Introduction;151
12.2.1;Definitions;152
12.3;Email data flow;153
12.4;Structure of an email;155
12.4.1;Email headers;155
12.5;SendMail on the server;160
12.5.1;Sendmail installation;160
12.5.2;SendMail configuration;161
12.5.3;Firewall and DNS configuration;171
12.6;SendMail on the client;173
12.7;SMTP – The protocol;176
12.8;Email-only accounts;180
12.9;Who gets email for root?;181
12.10;Things to remember;183
12.10.1;It is not instant;183
12.10.2;There is no delivery guarantee;183
12.11;Chapter summary;184
12.12;Exercises;184
13;Chapter 8: Email Clients;185
13.1;Objectives;185
13.2;Introduction;185
13.3;More mailx;186
13.4;IMAP;189
13.4.1;Configuring IMAP on the server;189
13.5;Thunderbird;192
13.6;Adding authentication;196
13.6.1;Certificates;197
13.6.2;IMAP authentication;197
13.7;More about ports;201
13.8;Other considerations;211
13.9;Chapter summary;211
13.10;Exercises;212
14;Chapter 9: Combating Spam;213
14.1;Objectives;213
14.2;Introduction;213
14.3;The problem;214
14.4;But why?;215
14.5;My email server;215
14.6;Project requirements;216
14.7;Procmail;217
14.8;How it works;218
14.9;Preparation;219
14.10;Configuration;220
14.10.1;Configuring SendMail;220
14.10.2;Hacking mimedefang-filter;221
14.10.3;Setting up a mail folder;228
14.10.4;Configuring Procmail;229
14.10.4.1;Reports of Procmail’s demise;232
14.10.5;Creating SpamAssassin rules;232
14.11;Additional resources;238
14.12;Chapter summary;238
14.13;Exercises;239
15;Chapter 10: Apache Web Server;240
15.1;Objectives;240
15.2;Introduction;240
15.3;Installing Apache;241
15.4;Testing Apache;241
15.5;Creating a simple index file;244
15.6;Adding DNS;246
15.7;Using Telnet to test the web site;247
15.8;Good practice configuration;248
15.9;Virtual hosts;249
15.9.1;Configuring the primary virtual host;249
15.9.2;Configuring the second virtual host;251
15.10;Using CGI scripts;253
15.10.1;Using Perl;253
15.10.2;Using BASH;255
15.10.3;Redirecting the web page to CGI;256
15.10.4;Refreshing the page automatically;258
15.11;Chapter summary;258
15.12;Exercises;259
16;Chapter 11: WordPress;260
16.1;Objectives;260
16.2;Introduction;260
16.3;Install PHP and MariaDB;261
16.4;Install WordPress;262
16.5;HTTPD configuration;264
16.6;Creating the WordPress Database;265
16.7;Configuring WordPress;266
16.8;Administering WordPress;269
16.9;Updating WordPress;271
16.10;Exploring MariaDB;272
16.11;Chapter summary;274
16.12;Exercises;275
17;Chapter 12: Mailing Lists;276
17.1;Objectives;276
17.2;Introduction;276
17.3;Installing MailMan;277
17.4;Integrating MailMan with Apache;277
17.5;Site mailing list;278
17.6;Create a mailing list;281
17.7;Configuring the new list;282
17.8;Changing list defaults;284
17.9;The user interface;285
17.10;Rejections from large email services;287
17.11;Documentation;288
17.12;Chapter summary;289
17.13;Exercises;289
18;Chapter 13: File Sharing;290
18.1;Objectives;290
18.2;Introduction;290
18.3;File sharing use cases;291
18.4;Preparation;293
18.5;FTP and FTPS;296
18.6;VSFTP;296
18.6.1;Installation and preparation of VSFTP;296
18.6.2;The FTP client;299
18.6.3;Firewall configuration for FTP;301
18.6.3.1;Active mode;302
18.6.3.2;Passive mode;303
18.6.3.3;Setting the firewall rules;304
18.6.4;Anonymous FTP access;305
18.6.5;Securing VSFTP with encryption;307
18.7;NFS;309
18.7.1;NFS server;309
18.7.2;NFS client;316
18.7.3;Cleanup;317
18.8;SAMBA;318
18.8.1;Using the SAMBA client;324
18.9;Midnight Commander;327
18.9.1;Midnight Commander and SAMBA;331
18.10;Apache web server;331
18.11;Chapter summary;337
18.12;Exercises;338
19;Chapter 14: Remote Desktop Access;340
19.1;Objectives;340
19.2;Introduction;340
19.3;TigerVNC;341
19.4;Security;346
19.5;Problems;348
19.5.1;Blank TigerVNC view screen;348
19.6;Chapter summary;349
19.7;Exercises;349
20;Chapter 15: Network Time Protocol;351
20.1;Objectives;351
20.2;Linux and time;351
20.3;The NTP server hierarchy;352
20.4;NTP choices;353
20.5;Chrony structure;354
20.6;Client configuration;354
20.7;Configuring NTP with Chrony;358
20.7.1;Configuring the NTP server;358
20.7.2;Configuring the client and testing;360
20.8;chronyc as an interactive tool;362
20.9;Setting the hardware clock;363
20.10;About time zones;364
20.11;Chapter summary;367
20.12;Exercises;368
21;Chapter 16: Security;369
21.1;Objectives;369
21.2;Introduction;369
21.3;Advanced DNS security;370
21.3.1;About chroot;370
21.3.2;Enabling bind-chroot;370
21.4;Hardening the network;374
21.5;Advanced iptables;376
21.6;Advanced backups;379
21.6.1;rsync;380
21.6.2;Performing backups;384
21.6.3;Recovery testing;387
21.7;Restrict SSH remote root login;387
21.8;Malware;388
21.8.1;Root kits;388
21.8.2;Clam-AV;393
21.8.3;Tripwire;395
21.9;SELinux;398
21.9.1;Additional SELinux considerations;404
21.10;Social engineering;404
21.11;Chapter summary;405
21.12;Exercises;405
22;Chapter 17: Advanced Package Management;407
22.1;Objectives;407
22.2;Introduction;407
22.3;Preparation;408
22.4;Examining the spec file;412
22.4.1;Preamble;412
22.4.2;%description;414
22.4.3;%prep;414
22.4.4;%files;415
22.4.5;%pre;416
22.4.6;%post;416
22.4.7;%postun;416
22.4.8;%clean;417
22.4.9;%changelog;417
22.5;Building the RPM;418
22.6;Testing the RPM;420
22.7;Experimenting;421
22.8;Rebuilding a corrupted RPM database;422
22.9;Chapter summary;422
22.10;Exercises;423
23;Chapter 18: Where Do I Go from Here?;424
23.1;Introduction;424
23.2;Curiosity;424
23.3;Convert;425
23.4;Tools;426
23.5;Resources;427
23.6;Contribute;428
23.7;Skip this;428
23.7.1;Compiling the kernel;428
23.8;Chapter summary;429
24;Bibliography;431
24.1;Books;431
24.2;Web sites;432
25;Index;437
