Cover image for Linux for Networking Professionals

Linux for Networking Professionals

Author Rob VandenBrink
Release Date: 2021/11/01
ISBN: 9781800202399
Topic:
0%
23
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Get to grips with the most common as well as complex Linux networking configurations, tools, and services to enhance your professional skills

Key Features

  • Learn how to solve critical networking problems using real-world examples
  • Configure common networking services step by step in an enterprise environment
  • Discover how to build infrastructure with an eye toward defense against common attacks

Book Description

As Linux continues to gain prominence, there has been a rise in network services being deployed on Linux for cost and flexibility reasons. If you are a networking professional or an infrastructure engineer involved with networks, extensive knowledge of Linux networking is a must.

This book will guide you in building a strong foundation of Linux networking concepts. The book begins by covering various major distributions, how to pick the right distro, and basic Linux network configurations. You'll then move on to Linux network diagnostics, setting up a Linux firewall, and using Linux as a host for network services. You'll discover a wide range of network services, why they're important, and how to configure them in an enterprise environment. Finally, as you work with the example builds in this Linux book, you'll learn to configure various services to defend against common attacks. As you advance to the final chapters, you'll be well on your way towards building the underpinnings for an all-Linux datacenter.

By the end of this book, you'll be able to not only configure common Linux network services confidently, but also use tried-and-tested methodologies for future Linux installations.

What you will learn

  • Use Linux as a troubleshooting and diagnostics platform
  • Explore Linux-based network services
  • Configure a Linux firewall and set it up for network services
  • Deploy and configure Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) services securely
  • Configure Linux for load balancing, authentication, and authorization services
  • Use Linux as a logging platform for network monitoring
  • Deploy and configure Intrusion Prevention Services (IPS)
  • Set up Honeypot solutions to detect and foil attacks

Who this book is for

This book is for IT and Windows professionals and admins looking for guidance in managing Linux-based networks. Basic knowledge of networking is necessary to get started with this book.

Table of Contents

  1. Linux for Networking Professionals
  2. Contributors
  3. About the author
  4. About the reviewer
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the color images
    5. Download the example code files
    6. Conventions used
    7. Get in touch
    8. Share Your Thoughts
  6. Section 1: Linux Basics
  7. Chapter 1: Welcome to the Linux Family
    1. Why Linux is a good fit for a networking team
    2. Why is Linux important?
    3. The history of Linux
    4. Mainstream data center Linux
    5. Red Hat
    6. Oracle/Scientific Linux
    7. SUSE
    8. Ubuntu
    9. BSD/FreeBSD/OpenBSD
    10. Specialty Linux distributions
    11. Open source firewalls
    12. Kali Linux
    13. SIFT
    14. Security Onion
    15. Virtualization
    16. Linux and cloud computing
    17. Picking a Linux distribution for your organization
    18. Summary
    19. Further reading
  8. Chapter 2: Basic Linux Network Configuration and Operations – Working with Local Interfaces
    1. Technical requirements
    2. Working with your network settings – two sets of commands
    3. Displaying interface IP information
    4. Displaying routing information
    5. IPv4 addresses and subnet masks
    6. Special-purpose addresses
    7. Private addresses – RFC 1918
    8. Assigning an IP address to an interface
    9. Adding a route
    10. Adding a route using legacy approaches
    11. Disabling and enabling an interface
    12. Setting the MTU on an interface
    13. More on the nmcli command
    14. Summary
    15. Questions
    16. Further reading
  9. Section 2: Linux as a Network Node and Troubleshooting Platform
  10. Chapter 3: Using Linux and Linux Tools for Network Diagnostics
    1. Technical requirements
    2. Network basics – the OSI model
    3. Layer 2 – relating IP and MAC addresses using ARP
    4. MAC address OUI values
    5. Layer 4 – how TCP and UDP ports work
    6. Layer 4 – TCP and the three-way handshake
    7. Local port enumeration – what am I connected to? What am I listening for?
    8. Remote port enumeration using native tools
    9. Remote port and service enumeration – nmap
    10. NMAP scripts
    11. Are there limits to Nmap?
    12. Wireless diagnostic operations
    13. Summary
    14. Questions
    15. Further reading
  11. Chapter 4: The Linux Firewall
    1. Technical requirements
    2. Configuring iptables
    3. iptables from a high level
    4. The NAT table
    5. The mangle table
    6. Order of operations in iptables
    7. Configuring nftables
    8. nftables basic configuration
    9. Using include files
    10. Removing our Firewall Configuration
    11. Summary
    12. Questions
    13. Further reading
  12. Chapter 5: Linux Security Standards with Real-Life Examples
    1. Technical requirements
    2. Why do I need to secure my Linux hosts?
    3. Cloud-specific security considerations
    4. Commonly encountered industry-specific security standards
    5. The Center for Internet Security critical controls
    6. Getting a start on CIS critical security controls 1 and 2
    7. OSQuery – critical controls 1 and 2, adding in controls 10 and 17
    8. The Center for Internet Security benchmarks
    9. Applying a CIS benchmark – securing SSH on Linux
    10. SELinux and AppArmor
    11. Summary
    12. Questions
    13. Further reading
  13. Section 3: Linux Network Services
  14. Chapter 6: DNS Services on Linux
    1. Technical requirements
    2. What is DNS?
    3. Two main DNS server implementations
    4. An organization's "internal" DNS server (and a DNS overview)
    5. An internet-facing DNS server
    6. Common DNS implementations
    7. Basic installation: BIND for internal use
    8. BIND: Internet-facing implementation specifics
    9. DNS troubleshooting and reconnaissance
    10. DoH
    11. DoT
    12. knot-dnsutils
    13. Implementing DoT in Nmap
    14. DNSSEC
    15. Summary
    16. Questions
    17. Further reading
  15. Chapter 7: DHCP Services on Linux
    1. How does DHCP work?
    2. Basic DHCP operation
    3. DHCP requests from other subnets (forwarders, relays, or helpers)
    4. DHCP options
    5. Securing your DHCP services
    6. Rogue DHCP server
    7. Rogue DHCP client
    8. Installing and configuring a DHCP server
    9. Basic configuration
    10. Static reservations
    11. Simple DHCP logging and troubleshooting in everyday use
    12. Summary
    13. Questions
    14. Further reading
  16. Chapter 8: Certificate Services on Linux
    1. Technical requirements
    2. What are certificates?
    3. Acquiring a certificate
    4. Using a certificate – web server example
    5. Building a private Certificate Authority
    6. Building a CA with OpenSSL
    7. Requesting and signing a CSR
    8. Securing your Certificate Authority infrastructure
    9. Legacy tried-and-true advice
    10. Modern advice
    11. CA-specific risks in modern infrastructures
    12. Certificate Transparency
    13. Using CT for inventory or reconnaissance
    14. Certificate automation and the ACME protocol
    15. OpenSSL cheat sheet
    16. Summary
    17. Questions
    18. Further reading
  17. Chapter 9: RADIUS Services for Linux
    1. Technical requirements
    2. RADIUS basics – what is RADIUS and how does it work?
    3. Implementing RADIUS with local Linux authentication
    4. RADIUS with LDAP/LDAPS backend authentication
    5. NTLM authentication (AD) – introducing CHAP
    6. Unlang – the unlanguage
    7. RADIUS use-case scenarios
    8. VPN authentication using user ID and password
    9. Administrative access to network devices
    10. RADIUS configuration for EAP-TLS authentication
    11. Wireless network authentication using 802.1x/EAP-TLS
    12. Wired network authentication using 802.1x/EAP-TLS
    13. Using Google Authenticator for MFA with RADIUS
    14. Summary
    15. Questions
    16. Further reading
  18. Chapter 10: Load Balancer Services for Linux
    1. Technical requirements
    2. Introduction to load balancing
    3. Round Robin DNS (RRDNS)
    4. Inbound proxy – Layer 7 load balancing
    5. Inbound NAT – Layer 4 load balancing
    6. DSR load balancing
    7. Load balancing algorithms
    8. Server and service health checks
    9. Datacenter load balancer design considerations
    10. Datacenter network and management considerations
    11. Building a HAProxy NAT/proxy load balancer
    12. Before you start configuring – NICs, addressing, and routing
    13. Before you start configuring – performance tuning
    14. Load balancing TCP services – web services
    15. Setting up persistent (sticky) connections
    16. Implementation note
    17. HTTPS frontending
    18. A final note on load balancer security
    19. Summary
    20. Questions
    21. Further reading
  19. Chapter 11: Packet Capture and Analysis in Linux
    1. Technical requirements
    2. Introduction to packet capturing – the right places to look
    3. Capturing from either end
    4. Switching the monitoring port
    5. Intermediate in-line host
    6. Network tap
    7. Malicious packet capture approaches
    8. Performance considerations when capturing
    9. Capturing tools
    10. tcpdump
    11. Wireshark
    12. TShark
    13. Other PCAP tools
    14. Filtering captured traffic
    15. Wireshark capture filters (capturing your home network traffic)
    16. tcpdump capture filters – VoIP phones and DHCP
    17. More capture filters – LLDP and CDP
    18. Collecting files from a packet capture
    19. Troubleshooting an application – capturing a VoIP telephone call
    20. Wireshark display filters – separating specific data in a capture
    21. Summary
    22. Questions
    23. Further reading
  20. Chapter 12: Network Monitoring Using Linux
    1. Technical requirements
    2. Logging using Syslog
    3. Log size, rotation, and databases
    4. Log analysis – finding "the thing"
    5. Alerts on specific events
    6. Syslog server example – Syslog
    7. The Dshield project
    8. Network device management using SNMP
    9. SNMP NMS deployment example – LibreNMS
    10. SNMPv3
    11. Collecting NetFlow data on Linux
    12. What is NetFlow and its "cousins" SFLOW, J-Flow, and IPFIX?
    13. Flow collection implementation concepts
    14. Configuring a router or switch for flow collection
    15. An example NetFlow server using NFDump and NFSen
    16. Summary
    17. Questions
    18. Further reading
    19. Commonly used SNMP OIDs
  21. Chapter 13: Intrusion Prevention Systems on Linux
    1. Technical requirements
    2. What is an IPS?
    3. Architecture options – where does an IPS fit in your data center?
    4. IPS evasion techniques
    5. Detecting a WAF
    6. Fragmentation and other IPS evasion methods
    7. Classic/network-based IPS solutions – Snort and Suricata
    8. Suricata IPS example
    9. Constructing an IPS rule
    10. Passive traffic monitoring
    11. Passive monitoring with P0F – example
    12. Zeek example – collecting network metadata
    13. Summary
    14. Questions
    15. Further reading
  22. Chapter 14: Honeypot Services on Linux
    1. Technical requirements
    2. Honeypot overview – what is a honeypot, and why do I want one?
    3. Deployment scenarios and architecture – where do I put a honeypot?
    4. Risks of deploying honeypots
    5. Example honeypots
    6. Basic port alerting honeypots – iptables, netcat, and portspoof
    7. Other common honeypots
    8. Distributed/community honeypot – the Internet Storm Center's DShield Honeypot Project
    9. Summary
    10. Questions
    11. Further reading
  23. Assessments
    1. Chapter 2 – Basic Linux Network Configuration and Operations – Working with Local Interfaces
    2. Chapter 3 – Using Linux and Linux Tools for Network Diagnostics
    3. Chapter 4 – The Linux Firewall
    4. Chapter 5 – Linux Security Standards with Real-Life Examples
    5. Chapter 6 – DNS Services on Linux
    6. Chapter 7 – DHCP Services on Linux
    7. Chapter 8 – Certificate Services on Linux
    8. Chapter 9 – RADIUS Services for Linux
    9. Chapter 10 – Load Balancer Services for Linux
    10. Chapter 11 – Packet Capture and Analysis in Linux
    11. Chapter 12 – Network Monitoring Using Linux
    12. Chapter 13 – Intrusion Prevention Systems on Linux
    13. Chapter 14 – Honeypot Services on Linux
    14. Why subscribe?
  24. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Share Your Thoughts
3.17.150.163