- •About the Author
- •Credits
- •How This Book Is Organized
- •Part I: Linux Basics
- •Part II: Installation
- •Part III: Configuration
- •Part IV: Administration
- •Part V: Maintaining the Linux System
- •How Each Chapter Is Structured
- •How to Use This Book
- •Conventions Used in This Book
- •What is Linux?
- •The origin of UNIX
- •Who started Linux?
- •Understanding Open Source
- •Understanding Closed Source
- •Understanding Artistic License
- •Is Freeware really free?
- •Is Shareware never free?
- •A comparison and contrast of licensing methods
- •The Growth of Linux
- •Linux on a Personal Computer
- •Graphical installation
- •Hardware detection
- •Graphical user interface
- •Linux limitations on the PC
- •Linux succeeds on the PC
- •Linux on workstations
- •Linux on servers
- •Summary
- •Assessment Questions
- •Scenarios
- •Answers to Chapter Questions
- •Assessment Questions
- •Scenarios
- •Linux Kernel
- •Kernel versions
- •Kernel availability
- •Linux Distributions
- •Beehive
- •BlueCat
- •Caldera OpenLinux
- •Debian
- •Corel
- •DragonLinux
- •Elfstone
- •Gentoo
- •Hard Hat Linux
- •KRUD
- •LinuxPPC
- •Mandrake
- •Phat Linux
- •Slackware
- •StormLinux
- •SuSE
- •TurboLinux
- •Yellow Dog Linux
- •Mini and Specialty Distributions
- •Astaro
- •KYZO
- •FlightLinux
- •NetMAX
- •Packages and Packaging Solutions
- •Red Hat Package Manager
- •Debian Package Management System
- •Tarball
- •Linux Resources
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Assessment Questions
- •Scenarios
- •Linux In the Real World
- •Word Processing
- •Spreadsheets and databases
- •Web browsing
- •File transfer
- •More, more, and more applications
- •The Server and DNS
- •A Linux Web server
- •Linux e-mail server
- •File servers
- •Proxy, news, and search servers
- •FTP servers
- •Firewalls
- •Determining Linux Roles and Services
- •Comparing Linux with other operating systems
- •Hardware compatibility
- •Summary
- •Assessment Questions
- •Scenarios
- •Answers to Chapter Questions
- •Assessment Questions
- •Scenarios
- •Installing Linux
- •Final Preparations for Installation
- •Verification
- •Package selection
- •Final hardware verification
- •Pre-installation partitioning planning
- •Installing Linux
- •Text or GUI installation
- •Basic setup of Linux
- •Selecting the machine type
- •Partitioning the hard disk drive
- •Installing a boot manager
- •Creating the Boot Diskette
- •Networking
- •Additional installation information
- •Accounts and passwords
- •Additional packages to install
- •GUI installation
- •Obtaining video card information
- •Configuring the X windows system
- •Selecting the windows manager or desktop environment
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Answers to Assessment Questions
- •Scenarios
- •Alternative to the GUI Installation
- •Command Line installation
- •Install the Linux system
- •Network installations of Linux
- •Review of a Linux Installation
- •Installation media
- •Initial selections
- •Installation type or class
- •Disk partitioning and formatting
- •Installing LILO
- •Network configuration
- •User accounts
- •Authentication methods
- •Package selection and installation
- •A Dual-Boot Installation of Linux
- •Linux with Microsoft Windows
- •Linux with Microsoft Windows NT and 2000
- •Linux and Solaris
- •Linux and other operating systems
- •Installing Additional Software with gzip and tar
- •Installing Additional Software with RPM
- •Removing software with RPM
- •Upgrading software with RPM
- •Query the RPM software
- •Verify the RPM software
- •Verify the package files
- •Upgrading the Kernel
- •Upgrading a Linux Kernel
- •System Log Files
- •The Final Test of the Installation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •What is the X Window System?
- •The X Window System
- •X Client and Server communications
- •X Window Manager
- •Configuring X Window Systems
- •Custom X Window System Programs
- •Manual Configuration of the X Window System
- •Documentation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Basic Network Services
- •TCP/IP Protocol Suite
- •Connection protocols needed
- •Other network protocols
- •Configuring Basic Network Services
- •Host name
- •IP addressing
- •DHCP
- •Netmask
- •Hardware resources
- •Routing and gateways
- •PPP, SLIP and PLIP connections
- •Server Tasks with
- •IP aliases for virtual hosts
- •Apache Web Server
- •Samba File Server
- •Home directories
- •Disk shares
- •Configuring Client Services
- •SMB/CIFS
- •NIS client configuration
- •NFS client configuration
- •Configuring Internet Services
- •Web browser
- •POP and SMTP
- •TFTP
- •SNMP
- •Remote Access
- •Rlogin
- •Telnet
- •OpenSSH
- •Documentation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Adding Hardware
- •Memory
- •Swap
- •Adding a hard drive
- •Video and monitor
- •Printers
- •Configuration files
- •Setting environment variables
- •BASH
- •Documentation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Basic User and Group Administration
- •What are users and groups?
- •Creating users
- •Change user information
- •Deleting users
- •Creating groups
- •Getting Around Linux
- •Navigating Linux
- •Common file and directory commands
- •Setting File and Directory Permissions
- •Mounting and Managing File Systems
- •Mount
- •Umount
- •Mounted file systems
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Multi-User Environment
- •The creation of Virtual Consoles
- •The Linux Terminal Server Project
- •Configurations for remote systems
- •Monitoring remote connections
- •Common Shell Commands
- •Basic shell scripts
- •Caution using root access
- •Navigating the GUI interface
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Linux Runlevels
- •init
- •Shutting down Linux
- •Managing Linux Services
- •Configuring Linux Printing
- •lpd daemon
- •/etc/printcap
- •Printing management
- •Using the vi Editor
- •vi operation modes
- •Editing text files
- •Using the
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Disk and File System Management
- •Repairing Partitions
- •System Automation and Scheduling
- •cron
- •Core Dumps
- •Analyzing core dumps
- •GNU Debugger
- •Managing Networking Interfaces
- •Installing System Packages and Patches
- •Compressed archive
- •Debian Package Installer
- •Slackware Package Installation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Linux Processes
- •Core services versus non-critical services
- •Process administration
- •Process control
- •Monitoring Log Files
- •Maintaining Documentation
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Linux Security
- •Securing the Environment
- •Location
- •Environment
- •System Security
- •System/user files
- •Permissions
- •Log auditing
- •Backups
- •Linux Security Best Practices
- •Network security
- •Firewall
- •System security
- •Securing a Web server
- •Securing an FTP server
- •FTP program version
- •FTP configuration files
- •Process security
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Disaster Recovery Planning
- •Types of data
- •Frequency and Scheduling
- •Storage and media types
- •Recovering data
- •Offsite storage
- •Linux Backup Tools and Commands
- •Third party tools
- •Tape devices
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Identifying the Problem
- •Methodology and Best Practices
- •Troubleshooting Resources
- •Documentation resources
- •Internet resources
- •System Log Files
- •Tools for Log Files
- •Output to another file
- •Locating files
- •Process Configuration and Management
- •Stopping, Starting, and Restarting Processes
- •Configuration Files
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Examining the Startup Process
- •Boot process steps
- •Analyzing Boot Process Errors
- •Common Boot Problems
- •Using System Status Tools
- •File System Check
- •System Resource Commands
- •Using the System Boot Disk
- •Types of boot disks
- •Creating a boot disk
- •Creating a rescue/utility disk
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Common User Problems
- •Login problems
- •File and directory permissions
- •Printing problems
- •Mail problems
- •Software Package Problems
- •Package dependencies
- •Software and version conflicts
- •Backup and Restore Errors
- •Backup hardware
- •Backup software
- •File restore errors
- •Application Failures
- •Log files
- •Process and daemon errors
- •Web server errors
- •Telnet
- •Mail services
- •Basic Networking Troubleshooting
- •Networking connectivity
- •Network hardware problems
- •Summary
- •Assessment Questions
- •Scenarios
- •Lab Exercises
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •Mainboard Components
- •BIOS
- •System memory
- •System Resources
- •I/O addresses
- •Direct memory access
- •Laptop Considerations
- •PCMCIA
- •Linux Peripheral Configuration
- •Installing and Configuring SCSI Devices
- •SCSI definitions
- •SCSI technologies
- •SCSI cabling and termination
- •SCSI device configuration
- •Linux SCSI devices
- •ATA/IDE Devices
- •IDE drive configuration
- •Linux ATA/IDE Drive configuration
- •Linux Support for Other Devices
- •IEEE 1394 (Firewire)
- •Summary
- •Assessment Questions
- •Scenarios
- •Answers to Chapter Questions
- •Chapter Pre-test
- •Assessment Questions
- •Scenarios
- •What’s on the CD-ROM
- •System Requirements
- •Using the CD with Microsoft Windows
- •Using the CD with Linux
- •Microsoft Windows applications
- •Linux applications
- •Troubleshooting
- •Sample Exam
- •Exam Questions
- •Exam Answers
- •Taking a CompTIA Exam
- •How to register for an exam
- •What to expect at the testing center
- •Your exam results
- •If you don’t receive a passing score
- •About the Linux + Exam
- •Preparing for the Linux+ Exam
- •For More Information
- •Preamble
- •No Warranty
- •Glossary
- •Index
Chapter 7 Configuring Networking 205
The ability to network is the primary function of Linux. Installing networking may include basic configuration of network services, access rights, client ser-
vices, Internet services, and remote access. If you know the features of most of the available services, you should be able to prevent major security risks and perform a basic configuration of these services. In fact, you should know that you could make a career out of performing each of these tasks individually. The goal of this chapter is to make you familiar with most of the available services and to show you their basic configurations.
Basic Network Services
3.4 Configure basic network services and settings (e.g., netconfig, linuxconf; settings for TCP/IP, DNS, DHCP)
7.8 Identify basic networking concepts, including how a network works
A number of services are available to the Linux system to provide networking. In general, these services can be used in any environment and can be divided into two types — clients and servers — and can be used in any environment. Clients use their services to connect to servers and servers use their services to provide information to clients. This relationship is true of every networking system in use, including so-called “peer-to-peer” systems in which both systems act as a client and a server. The major networking protocol for Linux is the Transmission Control Protocol and Internet Protocol (TCP/IP) protocol. TCP/IP provides all network services used in the Linux environment. TCP/IP is the primary protocol of the Internet, so interfacing your local Linux network services to the Internet is very straightforward. You must configure these services at the most basic level. You can use these services after you get them running, but keep the following warning in mind: Although client-side services are usually safe, these services have proven to be insecure in some situations. Therefore, always consult network security information or another source before activating one of these services in any environment. In general, you are required to configure the basic network services — even if it is just to connect to the Internet — so you may benefit from some background information before beginning configuration.
TCP/IP Protocol Suite
The TCP/IP suite is used everyday by anyone who accesses the Internetor or uses a local LAN. The strength of TCP/IP comes from its development: It was designed to be robust and includes two sets of systems — connection-oriented (TCP) and connectionless (UDP) protocols — that allow the remote connection to clients or servers. Table 7-1 lists many of the most popular protocols and services that they provide.
206 Part III Configuration
Table 7-1
The TCP/IP Protocol Suite
System |
Port (default) |
Service provided |
|
|
|
FTP |
20-21 |
File Transfer Protocol allows the transfer of |
|
|
files from one system to another with |
|
|
Transmission Control Protocol (TCP) to ensure |
|
|
delivery and directory visibility. |
|
|
|
SSH |
22 |
Secure Shell, sometimes known as Secure |
|
|
Socket Shell, provides secure access to a |
|
|
remote computer. |
|
|
|
Telnet |
23 |
Telnet protocol allows communication with |
|
|
remote systems, usually to access and use the |
|
|
remote system. |
|
|
|
SMTP |
25 |
Simple Mail Transfer Protocol used in sending |
|
|
and receiving e-mail. Because it is limited in |
|
|
its ability to queue messages, it is normally |
|
|
used for server-to-server mail transfer. |
|
|
|
DNS |
53 |
Domain Name System is used to translate a |
|
|
user-friendly name, such as www.linux.org, |
|
|
to the related IP address, 198.182.196.56 for |
|
|
www.linux.org. |
|
|
|
DHCP and BOOTPS |
67 |
Dynamic Host Configuration Protocol is a |
|
|
communications protocol that automates the |
|
|
assignment of Internet Protocol (IP) addresses |
|
|
in a network. Bootstrap Protocol is a protocol |
|
|
that automatically configures a network user |
|
|
and boots or initiates an operating system. |
|
|
BOOTPS is the server-side protocol. |
|
|
|
BOOTPC |
68 |
Bootstrap Protocol is a protocol that |
|
|
automatically configures a network user and |
|
|
boots or initiates an operating system. BOOTP |
|
|
is the client-side protocol. |
|
|
|
TFTP |
69 |
Trivial File Transfer Protocol is used much like |
|
|
FTP; TFTP, however, uses the User Datagram |
|
|
Protocol (UDP) and does not ensure delivery |
|
|
or provide directory visibility. |
Gopher |
70 |
Gopher provides a way to bring text files from |
|
|
all over the world to a viewer on your |
computer. It has been replaced by the HTTP protocol.
Chapter 7 Configuring Networking 207
System |
Port (default) |
Service provided |
|
|
|
Finger |
79 |
Finger is a program that tells you the name |
|
|
associated with an e-mail address. |
|
|
|
HTTP |
80 |
The Hypertext Transfer Protocol is the set of |
|
|
rules for exchanging files (text, graphic |
|
|
images, sound, video, and other multimedia |
|
|
files) on the World Wide Web. |
|
|
|
POP (3) |
110 |
Post Office Protocol 3 is the most recent |
|
|
version of a standard protocol for receiving |
|
|
e-mail downloaded to clients from servers. |
|
|
POP (3) is an alternative to IMAP. |
|
|
|
RPC |
111 |
SUN Remote Procedure Call is a protocol that |
|
|
one program can use to request a service |
|
|
from another host on the network without |
|
|
having to understand network details. |
|
|
|
RPC |
135 |
Microsoft RPC. |
|
|
|
SMB/CIFS |
139 |
SMB/CIFS/CIFS server. |
|
|
|
IMAP |
143 and 220 |
Internet Message Access Protocol is a standard |
|
|
protocol for accessing e-mail from your mail |
|
|
server; it is not downloaded until instructed to |
|
|
do so. |
|
|
|
SNMP |
161 |
Simple Network Management Protocol |
|
|
governs network management and the |
|
|
monitoring of network devices. |
|
|
|
rlogin |
221 |
Remote login is a command that allows an |
|
|
authorized user to log in to other machines |
|
|
(host) on a network and to interact as if the |
|
|
user were physically at the host computer. It |
|
|
has been replaced by SSH and is less known |
|
|
than telnet. |
SSL/TSL |
443 |
The Secure Sockets Layer protocol is used for |
|
|
the secure transmission of data on the |
|
|
Internet. TLS is the successor to the Secure |
|
|
Sockets Layer (SSL). It uses the same port but |
|
|
provides more security and is backwards- |
|
|
compatible with SSL; most browsers now |
|
|
use TSL. |
SMB/CIFS |
445 |
The Server Message Block Protocol provides a |
|
|
method for client applications in a computer |
|
|
to read and write to files on — and to request |
services from — server programs in a computer network. It is used to connect to the Microsoft Windows Platform.
208 Part III Configuration
Don’t try to memorize these ports; instead, focus on configuring the services and learn what protocol provides what service, such as HTTP for Web pages.
Connection protocols needed
Because the TCP/IP protocol suite is limited to network routing and transportation of information, you may need other protocols to network other systems.
Point-to-Point Protocol
The simplest and most widely used modem-based protocol is the Point-to-Point Protocol (PPP). PPP communicates between two computers by using a serial interface; for example, a personal computer is connected by an analog phone line to a server. Many users access the Internet from home by dialing a modem that connects to a modem pool, which then establishes a point-to-point connection by using PPP. This protocol can also be used for server-to-server connections and router-to- router connections. PPP provides a static connection between two pieces of equipment. It can also be used in many broadband, xDSL or cable, Internet connections with Ethernet.
Ethernet
Ethernet is the most widely used Local Area Network (LAN) access method. It is used to connect most workstations, servers, and routers at hubs that create the LAN.
Ethernet uses the IEEE 802.3 standard to provide connectivity to a network. Ethernet and PPP are the most commonly used access methods, but they aren’t the only ones used.
Serial Line Internet Protocol
SLIP, or Serial Line Internet Protocol, is an alternative to PPP. SLIP is not used very widely because it doesn’t provide for error detection and it doesn’t support synchronous connections.
WAN protocols
Linux can directly support almost any connection, including xDSL, cable, leased lines, and more. To support these connections, Linux employs PPPoE, Frame Relay, and other high-speed interface connection methods. These are not basic configurations of the Linux system, but you should be aware of them.
Other network protocols
Other network protocols include Yellow Pages or NIS (Network Information System) and NFS (Network File System), which use the SUN Remote Procedure Call (part of TCP/IP) to provide networking services. NIS is used to provide access to all systems on a network while only requiring one authentication. NFS is used to provide for file viewing and storage on a remote system.