Part 6. Software -Networking

Two ducks!

Abstract

Linux being a product of the net revolution is a natural choice for a web server, mail server, a file and print server; if it is a part of your intranet environement, among various other roles it can perform superbly well. In this part we take a look at various avatars it can assume and serve your organisation for a long time to come. All distributions of linux whether be it RedHat or SuSe do provide in binary format tools/software for your linux to act as a Web server or a Mail server to mention a few, but the amount of advancements which happen in linux world are beyond the grasp of these companies for it to catch up. The situation is if something can be achieved, it will be done in shortest possible time hence we have used always source tarballs downloaded from the respective websites of the software(s) used as example in this book. This affords us the capability to configure, choose and optimise according to our needs. This part attempts to highlight the capablities of linux to act as a full fledged Web server, Mail server, a file and print server, as a B2B e-commerce point where the need of the hour is secure environement, etc. Enjoy!

Table of Contents

15. Software -Securities
1. OpenSSH
2. Configure and optimise Openssh
3. Configure the /etc/ssh/ssh_config file
4. Configure the /etc/ssh/sshd_config file
5. Configure OpenSSH to use TCP-Wrappers/inetd super server
6. OpenSSH Per-User Configuration
7. OpenSSH Users Tools
7.1. scp
8. Installed files
8.1. Free SSH clients for Windows
16. Software -Securties(commercial)
1. Linux SSH2 Client/Server
2. Configure and Optimise SSH2
3. Configure the /etc/ssh2/ssh2_config file
4. Configure the /etc/ssh2/sshd2_config file
5. Configure sshd2 to use tcp-wrappers/inetd super server
6. Configuration of the /etc/pam.d/ssh file
7. Ssh2 Per-User Configuration
8. SSH2 Users Tools
9. Installed files
17. Software -Securities/System Integrity
1. Linux Tripwire 2.2.1
2. Configure the /var/tmp/install.cfg file
3. Configuration files
4. Configure the /usr/TSS/policy/twpol.txt file
5. Securing Tripwire for Linux
5.1. Often used Commands
6. Integrity or Interactive Check Mode
7. Installed files
18. Linux Tripwire ASR 1.3.1
1. Install, Compile and Optimize
2. Configurations
3. Configure the /etc/tw.config file
4. Configure the /etc/cron.daily/tripwire.verify script
4.1. Security Issue
5. Tripwire in Interactive Checking Mode
6. Run Tripwire in Database Update Mode
6.1. Installed Files
19. Software -Securities/Management & Limitation
1. Linux GnuPG
2. Often used Commands
3. Importing keys
3.1. Key signing
4. Encrypt and decrypt
4.1. Exporting your public key
20. Set Limits using Qouta
1. Qouta
1.1. Modify the /etc/fstab file
2. Create of the quota.user and quota.group
3. edquota
3.1. The grace period parameter
4. Assign quota for a particular group
4.1. Assign quota for groups of users with the same value
5. Often used Commands
21. Software -Networking
1. Linux DNS and BIND Server
2. Configure
3. Caching-only name Server
4. Primary master name Server
5. Secondary slave name Server
5.1. /etc/rc.d/init.d/named script
6. Run ISC BIND/DNS in a chroot jail
7. The syslog daemon
8. Clean-up and Test the new chrooted jail
9. DNS Administrative Tools
10. DNS Users Tools
11. Installed files
22. Software -Server/Mail Network
1. Linux Sendmail Server
2. Compile and optimize
3. Configurations
4. The /etc/sendmail.mc file /Central Mail Hub
5. Build and Tweak Sendmail
5.1. The null.mc file
6. The /etc/mail/access and access.db files
7. The /etc/mail/aliases and aliases.db files
7.1. The /etc/mail/ Directory
8. The /etc/mail/local-host-names file
8.1. Configure the /etc/sysconfig/sendmail file
9. The /etc/rc.d/init.d/sendmail script file
10. Secure Sendmail using smrsh
11. The /etc/mail/aliases file
12. Limit queue processing to root
12.1. The SMTP greeting message
13. Sendmail Administrative Tools
13.1. Sendmail Users Tools
14. Installed files: Sendmail -Central Mail Hub
15. Installed files: Sendmail -Local server/client
23. Linux IMAP & POP Server
1. Configure and Compile
2. Configure to tweak
2.1. The /etc/pam.d/imap file
3. Enable IMAP or POP via the tcp-wrappers inetd super server
3.1. Securing IMAP/POP
4. Installed files
24. Software -Networking/Encryption
1. Linux OPENSSL Server
2. Compile and Optimize
3. Configure OpenSSL to optimise
4. The /etc/ssl/openssl.cnf file
5. Create the /usr/bin/sign.sh program file
6. Commands -often used
7. Securing OpenSSL
8. Installed files
25. Linux FreeS/WAN VPN
1. IPSEC/VPN -FreeS/WAN
2. Compile, insert FreeS/WAN into the kernel
3. Reconfigure and install the kernel with FreeS/WAN VPN support
4. Configure to optimise
5. Automatic or Manual Key connections
6. The /etc/ipsec.conf file
7. The /etc/ipsec.secrets file
8. Configure RSA private keys secrets
9. Required network setup for IPSec
10. Testing the installation
11. Further documentation
12. Installed files
26. Linux OpenLDAP Server
1. Compile ans Install
2. Compile and Optimize
3. Configurations
4. Configure the /etc/ldap/slapd.conf file
5. Configure the /etc/rc.d/init.d/ldap script file
6. Securing OpenLDAP
7. OpenLDAP Creation and Maintenance Tools
7.1. LDMB backend database off-line
8. Create the LDMB backend database on-line
8.1. ldapmodify
9. OpenLDAP Users Tools
9.1. The Netscape Address Book client for LDAP
10. Installed files
27. Linux PostgreSQL Database Server
1. Install PostgreSQL
2. Compile and Optimize
3. Database installation using superuser account
4. Configuration files
5. Configure the /etc/rc.d/init.d/postgresql script file
6. Commands often used
7. Installed files
28. Software -Server/Proxy Network
1. Linux Squid Proxy Server
2. Configure and Optimize
3. Improve performance Using GNU malloc library
4. Compile and Optimize
5. Configurations
6. Configure the /etc/squid/squid.conf file -in httpd-accelerator mode
7. Configure of the /etc/squid/squid.conf file -/proxy-caching mode
8. Configure the /etc/rc.d/init.d/squid script file -/all configurations
9. Configure the /etc/logrotate.d/squid file
9.1. Securing and Immunize Squid
10. Optimizing Squid
10.1. The cachemgr.cgi
11. Netscape Proxies Configuration
12. Installed files
29. Software -Network Server, web/Apache
1. Linux MM Shared Memory Library
2. Compile
2.1. Installed files
3. Linux Apache Web Server
4. Compile and Optimize
5. Configure and apply PHP4 to Apache source
6. Apply mod_perl to Apache source tree
7. Install Apache
8. Post install Configuration
9. Configure the /etc/httpd/conf/httpd.conf file
10. Configure the /etc/logrotate.d/apache file
11. Configure the /etc/rc.d/init.d/httpd script file
12. PHP4 server-side scripting
13. Perl module Devel::Symdump
13.1. Installed files
14. CGI.pm Perl library
14.1. Installed files
15. Securing Apache
16. users authentication with .dbmpasswd password file
16.1. Immunize configuration files like httpd.conf
17. Apache in a chroot jail
18. Apache to use shared libraries
19. The /chroot/etc directory
20. Test the new chrooted jail
21. Configure the new /etc/logrotate.d/apache file
22. Optimizing Apache
23. Installed files for Apache Web Server
24. Installed files /PHP4
25. Installed files by mod_perl
30. Optional component to install with Apache
1. Linux Webalizer
2. Compile
2.1. Configurations
3. Configure the /etc/webalizer.conf file
4. Make Apache aware of Webalizer output directory
4.1. Running Webalizer manually first time
5. Run Webalizer automatically with a cron job
5.1. Installed files
6. Linux FAQ-O-Matic
7. Compile and install FAQ-O-Matic
8. Make Apache aware Faq-O-Matic file's location
9. Configure your FAQ-O-Matic
10. Installed files
11. Linux Webmail IMP
12. Set up PHPLib
13. Compile to install Webmail IMP
14. Configure and create Webmail IMP SQL database
15. Configure your php.ini from PHP4
15.1. Configure Apache to recognize Webmail IMP
16. Configure Webmail IMP via your web browser
31. Software -Server/File Sharing-Network
1. Linux Samba Server
2. Configure Samba
3. Compile and optimize
4. Configurations
5. Configuration of the /etc/smb.conf file
6. Configure the /etc/lmhosts file
6.1. Configure the /etc/pam.d/samba file
7. Encrypted Samba password file for clients
8. Optimizing Samba
8.1. Tuning the buffer cache
9. Tuning the buffermem
10. Further documentation
11. Samba Administrative Tools
11.1. Samba Users Tools
12. The /etc/rc.d/init.d/smb script file
12.1. Securing Samba
13. Installed files
32. Linux FTP Server
1. chroot'd Guest FTP access
2. Setup an FTP user account minus shells
3. Setup a chroot user environment
4. Configurations
5. Configure the /etc/ftphosts file
5.1. Configure the /etc/ftpusers file
6. Configure the /etc/ftpconversions file
6.1. Configure the /etc/pam.d/ftp file
7. Configure the /etc/logrotate.d/ftpd file
7.1. Configure ftpd to use tcp-wrappers inetd
8. FTP Administrative Tools
9. Securing FTP
10. The special file .notar
11. Installed files