Linux Networking and Security

volleyballbeginnerNetworking and Communications

Oct 27, 2013 (3 years and 9 months ago)

79 views

1

Linux Networking and
Security

Chapter 2

2

Configuring Basic Networking


Describe how networking devices differ from other Linux
devices


Configure Linux networking using scripts and text
-
mode
utilities


Configure UNIX networking using popular graphic
utilities


Effectively use networking utilities to test a network and
troubleshoot network problems


Understand the IPX and AppleTalk protocols

3

Understanding Networked Devices
in Linux


Linux design is based on the concept of the computer as
a collection of devices


Devices are accessed via the /dev directory


A device driver is software that knows how to communicate with
the device


Linux networking devices differ from most other devices
in several ways:


They are installed in the Linux kernel


Networking in Linux is handled by the kernel


Can refer to software as well as hardware

4

Understanding Networked Devices
in Linux

5

Understanding Networked Devices
in Linux


Point
-
to
-
Point Protocol (PPP)


Allows a host to tie directly to a single computer


Commonly used to connect a modem to an ISP


Serial Line Internet Protocol (SLIP)


Transmits data over a serial port


Used with serial modems to connect to ISPs


Integrated Services Digital Network (ISDN)


A special type of telephone service


ISDN is less favored than DSL and cable modems

6

Preparing to Configure Networking

7

Preparing to Configure Networking


To create a networking device, add the appropriate
module to the Linux kernel


The module will locate the networking card and create the
appropriate device name


Networking device kernel modules are normally found in the
/lib/modules directory


Use the modprobe command to load the networking device


Use the lsmod command to list the modules loaded in your
kernel at that point

8

Configuring Networking with
Command
-
Line Utilities


Use the ifconfig command to set up and check status of
networking interfaces


Parameters: network interface and IP address


Without parameters: status of all configured network interfaces
on the system


Use the route command to view or configure routing
table within the Linux kernel


Without parameters: displays the kernel routing table

9

Configuring Networking with
Command
-
Line Utilities

10

Configuring Networking with
Command
-
Line Utilities


Use the arp command to display the arp cache, a
mapping of IP addresses to hardware addresses


Used mainly for troubleshooting network connectivity


Also allows the addition and deletion of entries in the arp table

11

Configuring Networking with
Command
-
Line Utilities

12

System Networking Scripts


Linux vendors have provided numerous scripts and
configuration files to make complex networking easier to
manage


Scripts follow the model used for most system services on UNIX
-
based computers


Scripts are found in the /etc/sysconfig/network
-
scripts
subdirectory


Configuration files are found in the /etc/sysconfig/networking
subdirectory

13

Configuring Networking Using
Graphical Tools

14

Configuring Networking Using
Graphical Tools

15

Configuring Networking Using
Graphical Tools

16

Configuring Networking Using
Graphical Tools

17

Configuring Networking Using
Graphical Tools

18

Configuring Networking Using
Graphical Tools

19

Configuring Networking Using
Graphical Tools

20

Configuring Networking Using
Graphical Tools

21

Configuring Networking Using
Graphical Tools

22

Configuring Networking Using
Graphical Tools

23

Configuring Networking Using
Graphical Tools

24

Using Basic Networking Utilities


The Telnet Remote Login Utility


A terminal
-
emulator program that allows remote login as if
present at the computer itself


Use with caution due to security risks


To use Telnet, there must be a Telnet client and a Telnet server


The Telnet command requires the host name or IP address to
which the connection will be made



Use
ssh

instead

25

Using Basic Networking Utilities

26

Using Basic Networking Utilities


Using ping for System Testing


Uses the ICMP echo command to check the status of a remote
host


It is common to use a series of ping commands to test
networking and determine where a problem occurs


The ping command has numerous command
-
line options that
allow the setting of parameters such as the number of packets to
send before automatically stopping, the time to wait between
packets and the size of the packets

27

Using Basic Networking Utilities


Using traceroute to Examine Routing Patterns


Tracks each router between you and a destination host, showing
where the packets are going and how long each hop takes


Traceroute relies on the ttl field and ICMP “packet timed out”
messages to move step
-
by
-
step through the Internet to reach the
host specified


Command
-
line options include setting the maximum number of
routers to try, limiting the time to wait for each response and
indicating that packets cannot be fragmented

28

Troubleshooting Network
Connections

29

Other Networking Protocols


IPX and Linux


Internetwork Packet Exchange (IPX) was designed by Novell,
Inc.


Was replaced by IP when the Internet became more popular in
the early 1990’s


Apple Networking and Linux


AppleTalk is the networking protocol used by Macintosh
computers


On Linux, install the Netatalk package to allow Macintosh
computers to recognize Linux

30

Chapter Summary


Linux networking devices are created directly in the Linux kernel
when a kernel module supporting a type of networking is loaded


Many types of networking are supported in Linux, though the
most widely used for standard LANs is Ethernet


The modprobe command is used to add a networking module to
the Linux kernel and the currently
-
loaded kernel modules are
listed using the lsmod command


The ifconfig command sets up a networking interface in the
Linux kernel of displays the current setup for all configured
interfaces

31

Chapter Summary


The route command establishes entries in the kernel IP routing
table or displays the current routing table entries


The arp command lets you view the hardware address entries in
the system’s ARP cache


A number of networking scripts are used to streamline the
configuration of Linux networking, making it more flexible and
robust


Networking configuration parameters are stored in files within
the /etc/sysconfig/network
-
scripts directory

32

Chapter Summary


IP aliasing occurs when multiple IP addresses are assigned to
the same physical network interface


Red Hat Linux includes a powerful Network Administration Tool;
Caldera uses the Webmin browser
-
based interface to configure
networking; SuSE uses YaST


Enabling IP forwarding allows Linux to move packets between
multiple network interfaces on the same host, effectively
permitting a system to act as a router


The telnet utility lets you connect to a remote host as if you were
sitting at that host

33

Chapter Summary


Ping is a utility that uses the ICMP echo command to check
whether a remote host is accessible and alive


The traceroute command displays each of the intervening
routers between your host and another host you wish to contact


IPX is a useful protocol that originated with Novell’s NetWare
operating system, but is not widely used


AppleTalk is supported in Linux via the Netatalk package, which
you can add to Linux so that a Macintosh computer can see and
access Linux resources