Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Linux Networking and Security Chapter 4. 2 Configuring Client Services Configure “superservers” to handle multiple network services Set up administrative.

Published byLynette Whitehead Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Linux Networking and Security Chapter 4. 2 Configuring Client Services Configure “superservers” to handle multiple network services Set up administrative."— Presentation transcript:

1 1 Linux Networking and Security Chapter 4

2 2 Configuring Client Services Configure “superservers” to handle multiple network services Set up administrative services like logging and printing Use simple network information services like finger and talk Understand basic mailing list and news server configurations

3 3 The Superservers Superservers listen on multiple network ports and start the appropriate service when a client connection arrives for that port. xinetd is a superserver gaining popularity  It is a revised version of inetd that creates a more secure environment  Shipped with Red Hat Linux xinetd is the most widely used superserver  Application level security is provided via TCP Wrappers - the tcpd program

4 4 TCP Wrappers

5 5 TCP Wrappers - tcpd - is an application-level access control program  TCP Wrappers is not a firewall and should be used with one if Linux security issues exist  Configuration is done by two files: /etc/hosts.allow and /etc/hosts.deny  Ensure proper and expected configuration by testing carefully before relying on it

6 6 TCP Wrappers

7 7 Services Beyond the Superserver Many services do not rely on superservers, they are designed to run standalone  Apache Web server is the best example of this  Servers such as SMTP and FTP can be used in standalone mode, or with inetd or xinetd  FTP runs more efficiently in standalone mode if much FTP traffic is expected

8 8 Exploring Network Testing Services There are 5 common testing services and they are used via Telnet  The echo service repeats back whatever you type showing that a remote host is receiving typed data  The chargen service returns a character stream and continues to until the session is ended  The discard service is like /dev/null  The time service returns a number corresponding to the current time and closes the connection  The daytime service returns the current date/time in human- readable form, then ends the session

9 9 Using Administrative Services Logging with logd  System logging can be done remotely using syslogd by enabling another host to receive syslog messages across the network and specifying a host in /etc/syslog.conf Printing with lpd  Linux can print across the network using lpd when printer definitions that specify remote hosts cause a local copy of lpd to contact lpd running on a remote host and forward the print job to that host

10 10 Using Administrative Services

11 11 Using Administrative Services

12 12 Using Administrative Services Time Management with NTP  Time in Linux is managed using the Network Time Protocol (NTP), which is implemented by the ntpd daemon  On a LAN, NTP is designed to maintain correct time to within a few milliseconds, the NTP protocol is designed for precision of 232 picoseconds  The ntpd program is installed on most Linux systems by default and it is controlled by a script in /etc/rc.d/init.d

13 13 Using Administrative Services

14 14 Understanding SNMP on Linux The Simple Network management Protocol (SNMP) is designed to give feedback about how the components of the network are functioning  Use SNMP to determine if routers are overloaded or whether remote programs have crashed  An SNMP-aware program running on a host is called an agent and it is configured to watch for specific events on the host  An SNMP console gathers data from agents on the network for system administrator’s review

15 15 Benchmarking with NetPerf NetPerf provides benchmarking service to help determine how the throughput of the networking hardware compares with others  Benchmarking is the process of comparing items by evaluating their performance on a fixed task  Throughput tells how much data a connection can handle  NetPerf easily tests network speeds using the UDP and TCP transport protocols

16 16 Allowing Dial-in Access with a PPP Server The same program, pppd, is used for both the client and server sides of a PPP connection; the only difference is who calls whom and how pppd is configured  To set up a PPP dial-in server, you must have a getty-type program that watches a modem  mgetty is typically used since it was designed with modems in mind  mgetty starts pppd, however, mgetty must be configured to use the AutoPPP command

17 17 Using Basic Information Services Communicating with talk  The talk program uses the talkd daemon to allow a real-time conversation with another user who is logged in on a remote host and also using talkd  Talkd service must be enabled in /etc/inetd.conf or in /etc/xinetd.d/talkd  To work in a graphical display mode rather than a character- mode, access talkd functionality using a graphical tool such as Ktalk

18 18 Using Basic Information Services

19 19 Using Basic Information Services Using finger to Collect User Information  The finger program uses the finger protocol via the in.fingerd.daemon.finger  finger provides a user with information as to whether another user is logged in and for how long, as well as the user’s full name  finger is enabled in /etc/inetd.conf or /etc/xinetd.d/finger  To use a graphical finger client, use kfinger

20 20 Using Basic Information Services

21 21 Using Basic Information Services Collecting Server Information with whois  In order to learn more about a domain, access domain information in the database maintained by the domain registrar  The whois utility queries that database to learn about a specific domain  whois queries the main whois server, called whois.internic.net  Use whois with the help parameter to learn about extended queries you can make

22 22 Using Basic Information Services Linux Telephony  The term telephony typically refers to having a computer interact with a telephone in such a way that it can be an answering machine, it can route and track calls, and act as a voice recorder  Linux has support for special hardware cards that allow you to connect phone lines to the system  Using Linux as a fax server is a simple but useful form of telephony

23 23 Using Basic Information Services

24 24 Using Basic Information Services

25 25 Understanding Mailing Lists and News Servers A mailing list enables a group of users to share information on an ongoing basis via email  The concept behind mailing lists is that when an email message is sent (posted) to the email list, the mailing list manager (MLM) sends the message to all users on the list  To become a member of a mailing list, users subscribe, where unsubscribing removes user

26 26 Understanding Mailing Lists and News Servers The advantage of mailing list software is that it automates subscribing, unsubscribing, and sending all the messages so individuals don’t have to spend time managing user lists  One of the most widely used MLM packages is majordomo  Other mailing list managers include: LISTSERV; ListProc; SmartList; Mailman

27 27 Understanding Mailing Lists and News Servers

28 28 Understanding Mailing Lists and News Servers Understanding Linux News Servers  Newsgroup postings are passed around the Internet using NNTP  The most widely used Linux news server software is INN, with the news server daemon innd  For most networks, setting up a dedicated news server is not worth the effort  A better solution is to gain access to an ISP’s news server

29 29 Understanding Mailing Lists and News Servers Linux News Clients  Linux provides several good news clients that allow the reading of newsgroup postings, either graphically or in text mode  Most full-featured Web browsers now include newsgroup browsing capabilities  Netscape browser is a popular browser option  Gnome and KDE are graphical options  The most widely used text-mode news reader is trn

30 30 Understanding Mailing Lists and News Servers

31 31 Chapter Summary The superservers, inetd and xinetd, listen to numerous ports and start network services when needed to respond to an incoming client request Application-level security is provided for inetd via TCP Wrappers - the tcpd program Ports are mapped to service names by the /etc/services file Some network services such as Apache Web server and the innd news server are not designed to be run by the superserver but standalone Network testing services such as chargen and echo are provided by inetd

32 32 Chapter Summary System logging can be done remotely using syslogd by enabling another host to receive syslog messages across the network and specifying a host in /etc/syslog.conf Linux can print across the network using lpd Time management in Linux is provided via NTP and the ntpd daemon SNMP provides detailed information about what is happening on hosts on a network NetPerf provides benchmarking service to help you determine how the throughput of your networking hardware compare with that of other systems

33 33 Chapter Summary To configure Linux as a PPP server, use mgetty or a similar program to watch for incoming modem calls The talk system lets users communicate in real-time between hosts Linux supports a number of chat-style messaging services such as Yahoo! Chat, America Online instant messager (AIM), and Microsoft Network The finger program provides a small user account summary The whois command lets you query information about a domain name through the network information databases maintained by name registers

34 34 Chapter Summary Linux telephony is a growing field that allows your computer to interact with voice telephone systems Voice-over-IP (VoIP) is a technology that allows you to make long-distance telephone calls Mailing List Management (MLM) software provides automated management of message delivery between a potentially large number of users Setting up a news server on Linux is possible, but maintaining such a server can entail much work Many Web browsers include news-reading capability

Download ppt "1 Linux Networking and Security Chapter 4. 2 Configuring Client Services Configure “superservers” to handle multiple network services Set up administrative."

Similar presentations

CCNA – Network Fundamentals

CCNA – Network Fundamentals
1 Linux Networking and Security Chapter 2. 2 Configuring Basic Networking Describe how networking devices differ from other Linux devices Configure Linux.

1 Linux Networking and Security Chapter 2. 2 Configuring Basic Networking Describe how networking devices differ from other Linux devices Configure Linux.
System Security Scanning and Discovery Chapter 14.

System Security Scanning and Discovery Chapter 14.
Network Layer and Transport Layer.

Network Layer and Transport Layer.
Exchange server 2003. Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.

Exchange server Mail system Four components Mail user agent (MUA) to read and compose mail Mail transport agent (MTA) route messages Delivery agent.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Guide to Linux Installation and Administration, 2e1 Chapter 12 Printing in Linux.

Guide to Linux Installation and Administration, 2e1 Chapter 12 Printing in Linux.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 8: Implementing and Managing Printers.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 8: Implementing and Managing Printers.
Network+ Guide to Networks, Fourth Edition Chapter 1 An Introduction to Networking.

Network+ Guide to Networks, Fourth Edition Chapter 1 An Introduction to Networking.
CS 497C – Introduction to UNIX Lecture 35: - TCP/IP Networking Tools Chin-Chih Chang

CS 497C – Introduction to UNIX Lecture 35: - TCP/IP Networking Tools Chin-Chih Chang
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols Network Fundamentals – Chapter.
IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)

IST 228\Ch3\IP Addressing1 TCP/IP and DoD Model (TCP/IP Model)
2440: 141 Web Site Administration Remote Web Server Access Tools Instructor: Enoch E. Damson.

2440: 141 Web Site Administration Remote Web Server Access Tools Instructor: Enoch E. Damson.
1 Linux Networking and Security Chapter 3. 2 Configuring Client Services Configure DNS name resolution Configure dial-up network access using PPP Understand.

1 Linux Networking and Security Chapter 3. 2 Configuring Client Services Configure DNS name resolution Configure dial-up network access using PPP Understand.
CLIENT A client is an application or system that accesses a service made available by a server. applicationserver.

CLIENT A client is an application or system that accesses a service made available by a server. applicationserver.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Chapter 7: Using Windows Servers to Share Information.

Chapter 7: Using Windows Servers to Share Information.

Similar presentations

Ads by Google