linux networking and security
DESCRIPTION
Linux Networking and Security. Chapter 2. Configuring Basic Networking. Describe how networking devices differ from other Linux devices Configure Linux networking using scripts and text-mode utilities Configure UNIX networking using popular graphic utilities - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/1.jpg)
1
Linux Networking and Security
Chapter 2
![Page 2: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/2.jpg)
2
Configuring Basic Networking
Describe how networking devices differ from other Linux devices
Configure Linux networking using scripts and text-mode utilities
Configure UNIX networking using popular graphic utilities Effectively use networking utilities to test a network and
troubleshoot network problems Understand the IPX and AppleTalk protocols
![Page 3: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/3.jpg)
3
Understanding Networked Devices in Linux
Linux design is based on the concept of the computer as a collection of devices Devices are accessed via the /dev directory A device driver is software that knows how to communicate with
the device Linux networking devices differ from most other devices
in several ways: They are installed in the Linux kernel Networking in Linux is handled by the kernel Can refer to software as well as hardware
![Page 4: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/4.jpg)
4
Understanding Networked Devices in Linux
![Page 5: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/5.jpg)
5
Understanding Networked Devices in Linux
Point-to-Point Protocol (PPP) Allows a host to tie directly to a single computer Commonly used to connect a modem to an ISP
Serial Line Internet Protocol (SLIP) Transmits data over a serial port Used with serial modems to connect to ISPs
Integrated Services Digital Network (ISDN) A special type of telephone service ISDN is less favored than DSL and cable modems
![Page 6: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/6.jpg)
6
Preparing to Configure Networking
![Page 7: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/7.jpg)
7
Preparing to Configure Networking
To create a networking device, add the appropriate module to the Linux kernel The module will locate the networking card and create the
appropriate device name Networking device kernel modules are normally found in the
/lib/modules directory Use the modprobe command to load the networking device Use the lsmod command to list the modules loaded in your
kernel at that point
![Page 8: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/8.jpg)
8
Configuring Networking with Command-Line Utilities
Use the ifconfig command to set up and check status of networking interfaces Parameters: network interface and IP address Without parameters: status of all configured network interfaces
on the system Use the route command to view or configure routing
table within the Linux kernel Without parameters: displays the kernel routing table
![Page 9: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/9.jpg)
9
Configuring Networking with Command-Line Utilities
![Page 10: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/10.jpg)
10
Configuring Networking with Command-Line Utilities
Use the arp command to display the arp cache, a mapping of IP addresses to hardware addresses Used mainly for troubleshooting network connectivity Also allows the addition and deletion of entries in the arp table
![Page 11: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/11.jpg)
11
Configuring Networking with Command-Line Utilities
![Page 12: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/12.jpg)
12
System Networking Scripts
Linux vendors have provided numerous scripts and configuration files to make complex networking easier to manage Scripts follow the model used for most system services on UNIX-
based computers Scripts are found in the /etc/sysconfig/network-scripts
subdirectory Configuration files are found in the /etc/sysconfig/networking
subdirectory
![Page 13: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/13.jpg)
13
Configuring Networking Using Graphical Tools
![Page 14: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/14.jpg)
14
Configuring Networking Using Graphical Tools
![Page 15: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/15.jpg)
15
Configuring Networking Using Graphical Tools
![Page 16: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/16.jpg)
16
Configuring Networking Using Graphical Tools
![Page 17: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/17.jpg)
17
Configuring Networking Using Graphical Tools
![Page 18: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/18.jpg)
18
Configuring Networking Using Graphical Tools
![Page 19: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/19.jpg)
19
Configuring Networking Using Graphical Tools
![Page 20: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/20.jpg)
20
Configuring Networking Using Graphical Tools
![Page 21: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/21.jpg)
21
Configuring Networking Using Graphical Tools
![Page 22: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/22.jpg)
22
Configuring Networking Using Graphical Tools
![Page 23: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/23.jpg)
23
Configuring Networking Using Graphical Tools
![Page 24: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/24.jpg)
24
Using Basic Networking Utilities
The Telnet Remote Login Utility A terminal-emulator program that allows remote login as if
present at the computer itself Use with caution due to security risks To use Telnet, there must be a Telnet client and a Telnet server The Telnet command requires the host name or IP address to
which the connection will be made
Use ssh instead
![Page 25: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/25.jpg)
25
Using Basic Networking Utilities
![Page 26: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/26.jpg)
26
Using Basic Networking Utilities
Using ping for System Testing Uses the ICMP echo command to check the status of a remote
host It is common to use a series of ping commands to test
networking and determine where a problem occurs The ping command has numerous command-line options that
allow the setting of parameters such as the number of packets to send before automatically stopping, the time to wait between packets and the size of the packets
![Page 27: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/27.jpg)
27
Using Basic Networking Utilities
Using traceroute to Examine Routing Patterns Tracks each router between you and a destination host, showing
where the packets are going and how long each hop takes Traceroute relies on the ttl field and ICMP “packet timed out”
messages to move step-by-step through the Internet to reach the host specified
Command-line options include setting the maximum number of routers to try, limiting the time to wait for each response and indicating that packets cannot be fragmented
![Page 28: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/28.jpg)
28
Troubleshooting Network Connections
![Page 29: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/29.jpg)
29
Other Networking Protocols
IPX and Linux Internetwork Packet Exchange (IPX) was designed by Novell,
Inc. Was replaced by IP when the Internet became more popular in
the early 1990’s Apple Networking and Linux
AppleTalk is the networking protocol used by Macintosh computers
On Linux, install the Netatalk package to allow Macintosh computers to recognize Linux
![Page 30: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/30.jpg)
30
Chapter Summary
Linux networking devices are created directly in the Linux kernel when a kernel module supporting a type of networking is loaded
Many types of networking are supported in Linux, though the most widely used for standard LANs is Ethernet
The modprobe command is used to add a networking module to the Linux kernel and the currently-loaded kernel modules are listed using the lsmod command
The ifconfig command sets up a networking interface in the Linux kernel of displays the current setup for all configured interfaces
![Page 31: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/31.jpg)
31
Chapter Summary
The route command establishes entries in the kernel IP routing table or displays the current routing table entries
The arp command lets you view the hardware address entries in the system’s ARP cache
A number of networking scripts are used to streamline the configuration of Linux networking, making it more flexible and robust
Networking configuration parameters are stored in files within the /etc/sysconfig/network-scripts directory
![Page 32: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/32.jpg)
32
Chapter Summary
IP aliasing occurs when multiple IP addresses are assigned to the same physical network interface
Red Hat Linux includes a powerful Network Administration Tool; Caldera uses the Webmin browser-based interface to configure networking; SuSE uses YaST
Enabling IP forwarding allows Linux to move packets between multiple network interfaces on the same host, effectively permitting a system to act as a router
The telnet utility lets you connect to a remote host as if you were sitting at that host
![Page 33: Linux Networking and Security](https://reader035.vdocuments.site/reader035/viewer/2022062400/56814bdc550346895db8b486/html5/thumbnails/33.jpg)
33
Chapter Summary
Ping is a utility that uses the ICMP echo command to check whether a remote host is accessible and alive
The traceroute command displays each of the intervening routers between your host and another host you wish to contact
IPX is a useful protocol that originated with Novell’s NetWare operating system, but is not widely used
AppleTalk is supported in Linux via the Netatalk package, which you can add to Linux so that a Macintosh computer can see and access Linux resources