Print Book $44.99
Print+PDF
$58.49
Print Book £27.99
By Carla Schroder
Book Price: $44.99 USD
£27.99 GBP
PDF Price: $35.99
Cover | Table of Contents | Forum | Colophon
Index
[ Numbers ], [ A ], [ B ], [ C ], [ D ], [ E ], [ F ], [ G ], [ H ], [ I ], [ J ], [ K ], [ L ], [ M ], [ N ], [ O ], [ P ], [ Q ], [ R ], [ S ], [ T ], [ U ], [ V ], [ W ], [ X ], [ Z ],
Numbers[ Top ]
32-bit Cardbus adapters, 10
3FFE::/16 addresses, 441
6Bone test network, 441
6to4 tunnels, 450
A[ Top ]
access keyword, 412
Active Directory, 566
Active Directory domains, joining Linux hosts to, 319-323
adding Poptop servers to, 298
AGP (Accelerated Graphics Port), 566
AllowGroups, 216
AllowUsers, 216
analog telephone adapters (ATA), 125
Andreasson, Oskar, 36
antenna diversity, turning off, 115
anycast addresses, 441
Apache, configuring for Nagios, 376-378
apt-cache command, 340
apt-mirror application, 468
apt-proxy application, 470
areas, 174
arping, 523
Asterisk, 123-127
activation and making calls, 146-148
applications, 141
Asterisk.org, 128
AsteriskNOW, 168-171
installation and removal of packages on, 170
conferencing, 163
conference types, 163
monitoring conferences, 165
dialplans, 141
digital receptionists, creating, 151
extensions.conf, 137, 141
hold music, customizing, 161
IAX traffic, getting through NAT firewalls, 168
identifying unmet dependencies, 129
installation, versions 1.2 compared to 1.4, 130
installing on Debian, 131
apt-get, 131
module-assistant utility, 131
invention of, 125
making calls, 136
message of the day maintenance, 156-158
MP3 files, playing, 161
parking calls, 159
PBX connection to analog lines, 148-151
phone calls, 138
phone extensions, adding to, 136-143
local user accounts, setup, 136
production hardware and software, 124
recording custom prompts, 153-156
remote usage, 171
routing calls to groups of phones, 158
SIP traffic, getting through NAT firewalls, 166
sip.conf, 138
softphones, 143-145
source code installation, 127-131
Linux build environment, 128
starting and stopping, 132-135
shutdown commands, 134
startup files, 133
supported IP telephony services, 123
testing the server, 135
test-lab hardware and software, 124
transferring calls, 158
voicemail broadcasts, 162
voicemail.conf, 137, 142
ATM, 566
attributes, 334
B[ Top ]
bandwidth, 6
Bastille Linux, 43
bastion hosts, 37
Baud, 567
Bering uClibc, 43
Berkeley DB, 332
BGP (Border Gateway Protocol), 174
BGP Expert 2006 IPv4 Address Use Report, 438
BIOS (Basic Input/Output System), 567
boot
Nagios, starting at, 390
OpenVPN, boot startup configuration, 281
PXE boot, 452
time update at, 121
USB boot, 453
boot.iso, 454
BOOTPROTO configuration option, 50
Border Gateway Protocol (see BGP)
bridging, 567
broadcasting, 567
C[ Top ]
ca.crt, 106
cable services, 2, 3
cabling, 11
straight and crossover cables, 45
cachesize, 361
cache-size option, dnsmasq.conf, 118
Cardbus adapters, 10
Cat5, Cat5e, and Cat6 cabling, 11
CCMP (Counter Mode with CBC-MAC Protocol), 84
CentOS 5.0, 127
certificates, 568
OpenVPN, revocation under, 282
CF (Compact Flash) cards, Pyramid Linux installation on, 17
cfgmaker command, 416
chains, 40
check_icmp, 392
Chicken of the VNC, 229
CIDR (Classless Inter-Domain Routing), 568
notation, 178
common netmasks, 176
circuit switching, 569
Classless Inter-Domain Routing (see CIDR)
code examples, xxi
codec, 568
collision domain, 569
com2sec keyword, 411
command-line operation of Quagga daemons, 195
community string, 411, 569
Compact Flash writers, 18
computer networks (see networks)
condrestart, 208, 313
conferencing, 163
consoles, 569
contexts, 141
continuity testers, 516
Counter Mode with CBC-MAC Protocol (CCMP), 84
CPE (customer premises equipment), 569
cron, scheduling dial-up availability with, 510
crontabs, 511
CSU/DSU (Channel Service Unit/Data Service Unit), 569
D[ Top ]
daemons file (Quagga), 188
DB_CONFIG file, 343
db_stat, 359
DD-WRT, 83
Debian, xx
booting to text mode, 487
kernel characteristics, 590
kernels, customizing, 596
MPPE support, kernel patches for, 291
network installation of Pyramid Linux, 19-21
network installs, 466
automation with preseed files, 475
building a mirror with apt-mirror, 468
client PC configuration for your local mirror, 471
new system installs from your local mirror, 474
partial mirror with apt-proxy, 470
PXE Netboot server setup, 472
NIC configuration on, 45
OpenLDAP installation on, 339
RIP dynamic routing, using on, 187
RIP implementation, 187-191
Samba, supporting packages in, 308
security updates, 472
SSL key creation for Syslog services, 551-557
Debian Router, 43
default gateways, setting, 178-180
for static hosts, 179
demarc, 570
demilitarized zones (DMZs), 37
DenyGroups, 216
DenyHosts, 216, 223
cron versus daemon operation, 224
options, 224
startup file, creating, 225
Destination NAT (see DNAT)
Development Tools package, 128
DEVICE configuration option, 49
DHCP (Dynamic Host Configuration Protocol), 570
dhcpd.conf, 465
dialplans, 141
dial-up networking, 501
call waiting, overriding, 512
cron, scheduling dial-up availability with, 510
dial-on-demand shared Internet dial-up, 509
dial-up Internet account sharing, 508
group ownership by root, 506
separate pppd logfiles, creating, 514
voicemail stutter tones, dialing over, 512
WvDial, 502
accounts for nonroot users, creating, 507
leaving the password out of the configuration file, 513
multiple accounts, configuring, 504
permissions for nonroot users, configuring, 505
single account configuration, 501-504
dial-up services, 4
dig command, 117
directory information tree (DIT), 333, 337
directory objects, 334
diskboot.img, 454
distance-vector routing algorithm, 173
distinguished names (see DNs)
DIT (directory information tree), 333, 337
Dixon, Jim, 126
DMZs (demilitarized zones), 37
dn2id.bdb, 359
DNAT (Destination NAT), 38
directing traffic to private services, 70
DNs (distinguished names), 334
DNS (Domain Name System), 570
DNS cache management, Windows caches, 120
DNS clients, troubleshooting, 545
DNS servers, troubleshooting, 542-545
dnsmasq, 90, 96
adding mail servers, 96
cache flags, 119
DNS cache management, 117-120
dnsmasq.conf, 91
server representation in, 110
domain (Windows), 570
domain component, 335
dotted-quad netmask notation, 176, 178
dpkg command, 340
DSA keys, 211
DSL (Digital Subscriber Line), 2, 570
DSL services, 4
duplicate IP addresses, finding, 523
dynamic address, 571
E[ Top ]
EAP-TLS authentication, 101
ebtables, 89
EGP (Exterior Gateway Protocol), 174
encryption, 571
entries, 334
environment file (Quagga), 189
eq index type, 355
/etc/iftab, 46
/etc/network/interfaces, 46
Etherboot project, 453
Ethernet, 571
Ethernet bridges, 88-89, 107, 567
OpenVPN servers, setting up to use, 284
versus routing, 108
extensions, 141
extensions.conf, 137, 141
calls, transferring, 158
Exterior Gateway Protocol (EGP), 174
exterior protocols, 174
F[ Top ]
Fast Ethernet, 571
Fedora
customizing kernels, 595
implementing RIP, 191
ipcalc command version, 176
kernel characteristics, 590
LDAP installation on, 341
mirrors page, 460
MPPE support, kernel patches for, 294
network installation of Pyramid linux, 21-24
network installs
boot media, creating, 453
boot media, using, 455-457
customized installations, creating, 461-463
FTP-based installation server setup, 458-460
HTTP installation server setup, 457
kickstart file installation, 463
PXE Netboot, 464
NIC configuration, 48-50
OpenLDAP database, creating, 344-347
Poptop pptpd, installing on, 293
Samba, supporting packages in, 308
SSL key creation for Syslog, 557-558
filter table, 41
firewall boxes, assembling network interfaces, 45
firewalls, 36-43
DMZs, 37
firewall boxes, assembling, 44
cabling, 45
required hardware, 44
firewall init script, 60
getting multiple SSH host keys past NAT, 68
Internet sharing on dynamic WAN IP addresses, 51-55
Internet sharing on static WAN IP addresses, 56
iptables, 38, 40-42
firewall setup on a server, 76-78
firewall shutdown, 58
logging configuration, 79
manual activation and manual shutdown, 59
need for, 39
NIC configuration on Debian, 45
public and private servers, 37
public services on private IP addresses, 69
remote SSH administration through NAT firewalls, 66
remote SSH administration, configuration for, 65
security of, 43
single-host firewalls, setting up, 71-75
specialized Linux distributions for, 42
status, displaying, 57
testing, 62-64
fox and hound pairs, 516
FPing, 521
FQDN (Fully Qualified Domain Name), 571
fractional T1 lines, 5
frame relay, 5, 571
FREE ciSCO, 42
Free World Dialup (FWD), 146
FreeNX, 228
advantages, tunneling over Unix, 238
custom desktop configuration, 242-244
generating and managing SSH keys, 233
managing FreeNX users, 239
Nxclient (see Nxclient)
running Linux from Solaris, Mac OS X, or Linux, 238
running Linux from Windows, 233-237
Session menu, 245
source of older NoMachine clients, 237
starting and stopping the server, 241
troubleshooting, 247
"Unable to create the X authorization cookie" message, 236
FreeRADIUS, 101
clients, authenticating to, 106
permissions, 103
testing, 103
Fully Qualified Domain Name, 571
fw_flush script, 58
fw_nat script, 52, 56
FWD (Free World Dialup), 146
FXS/FXO, 571
G[ Top ]
Gast, Matthew, 84
gateway address assignment, 47
gateways, 2, 37, 178-180
configuration definitions, 47
default gateways, 270
hardware options for Linux gateways, 7
single-board computers, building on, 12-35
required hardware, 13
required software, 14
(see also firewalls)
getty, 481
Gigabit Ethernet, 10, 571
Gnome remote desktop sharing, 230
GQ LDAP client, 334
GRE (Generic Routing Encapsulation), 572
group keyword, 412
GRUB (GRand Unified Bootloader), 572
H[ Top ]
Hardware Access Layer (HAL) blobs, 83
hardware IP phones (hardphones), 124
Heimdal Kerberos, 309
high-end enterprise routers, 7
Hosner, Charlie, 267
host keys, 207
generating and copying, 211
host-key authentication, 206, 209
hostapd, 84, 97-100
hostapd.conf, MAC address-based access control, 100
hostname command, 175
httping, 525
hub, 572
hubs versus switches, 8
HWADDR configuration option, 49
I[ Top ]
IAX (Inter-Asterisk eXchange), 572
ICMP, 39
id2entry.bdb, 359
IDE Compact Flash writers, 18
identity keys, 207
ifconfig -a, 46
ifrename, 46, 47
ifup and ifdown commands, 47, 93
ifup eth1 command, 54
Inter-Asterisk Exchange (IAX), 125
interface, 572
Internet, 1
Internet Assigned Numbers Authority (IANA), 440
Internet connection sharing
NAT and, 182
simplest configuration, 183-184
Internet gateways, 37
IOS (Internet Operating System), 573
IP, 39, 573
IP addresses
Debian, assignment on, 46
Fedora, assignment on, 48
gateway address assignment, 49
static addresses, setting from DHCP services, 93
ip command, 175, 445
setting null routes in zebra.conf, 198
IP forwarding, 182
IP Masquerading, 575
IP Multicast, 575
IP phones, 124
IP routing, 581
IP telephony services, 123
IPADDR configuration option, 50
ipcalc command
Fedora version, differences in, 176
options, 178
ipcalc commsnd, 176
IPCop, 42
iperf, 535-537
iproute2 command, 178
IPSec, 266, 573
IPSec VPN, 288
iptables, 36, 38, 40-42, 59
boot activation, 59
built-in modules and implementation by differing kernels, 55
chains, 40
commands for displaying firewall status, 57
configuration to allow Poptop VPN traffic, 300
custom kernel modules, 41
firewall testing, 63
handling by different Linux distributions, 61
Internet connection sharing over a dynamic WAN address, 52-55
kernel level operation, 55
logging configuration, 79
mangle table, 41
NAT table, 41
policies and rules, 40
running public services on private IP addresses, configuration, 69
script for single-host firewalls, 71
server firewalls, setting up, 76
shared dial-up Internet accounts, rules for, 508
simple Internet sharing script, 183
tables in, 41
TCP/IP headers and, 39
turning off firewalls, 58
IPv4 private address ranges, 177
IPv6, 437-442
addressing, 439-442
address types and ranges, 440
addresses, shortcuts for expressing, 446
calculating addresses, 449
global unicast addresses, 439
hexadecimal format, 441
interface ID, 440
quantity of available addresses, 438
autoconfiguration, 448
barriers to adoption, 438
copying files with scp, 447
IPv4 compared to, 438
Linux systems, testing for support of, 442
Mac OS X, support in, 442
Microsoft Windows, support in, 442
pinging Link Local IPv6 hosts, 443-446
SSH, using with, 446
using over the Internet, 450
ipv6calc command, 449
ISDN (Integrated Services Digital Network), 573
ISPs (Internet Service Providers)
cable services, 3
choosing, 2
dial-up services, 4
DSL services, 4
potential problems, 4
private networks, 6
regulated broadband services, 5
service options, 3-7
types of service, 2
iwlist, 113
J[ Top ]
J2ME VNC, 230
jumbo frames, 9
K[ Top ]
KDC (Key Distribution Center), 574
KDE remote desktop sharing, 230
Kerberos, 574
kernel building reference, 590-597
custom kernels, 590
adding new loadable kernel modules, 594
configuration options, 593
customizing Debian, 596
customizing Fedora, 595
patching, 594
prerequisites, 591
vanilla kernels, 591
Kickstart, 461
hands-off Fedora installation, 463
known_hosts file, 210
Konqueror, 330
krdc command, 230
Kwlan, 100
L[ Top ]
L2TP/IPsec-based VPNs, 288
LANs (Local Area Networks), 574
mixed Linux/Windows (see Samba)
latency, 6
LDAP (Lightweight Directory Access Protocol), 332-338, 574
DB_CONFIG file, 343
directory design considerations, 337
directory information tree, 333
directory structure, 333
objectClass, 335
OpenLDAP (see OpenLDAP)
rootDSE, 336
ldapadd, 349
ldapmodify, 350
ldappasswd, 370
ldapsearch, 353
ldapwhoami, 370
LDIF (LDAP Data Interchange Format) file, 345
Lighttpd, 413
Lighttpd HTTP server, 457
Lightweight Directory Access Protocol (see LDAP)
LILO (LInux LOader), 575
Link Local address, finding with ifconfig, 444
Link Local Unicast address, 441
link-state algorithm, 174
LinNeighborhood, 331
Linux, xx
installation over networks (see network installs)
mini-distributions for firewalls and Internet gateways, 509
Linux PPTP VPN servers, 287-290
connecting Linux clients to, 299
Debian, installing Poptop on, 290
Debian, patching for MPPE support, 291
Fedora, patching for MPPE support, 294
iptables configuration to allow Poptop VPN traffic, 300
Linux requirements, 289
monitoring, 301
Poptop pptpd, installation on Fedora, 293
Poptop server adding to Active Directory, 298
PPTP security, 288
standalone server setup, 295-298
troubleshooting, 302-304
Windows client update requirements, 288
LoadMIBs option, 420
local-ttl option, dnsmasq.conf, 118
locate command, 429
lrzsz package, 499
M[ Top ]
MAC addresses, 94
finding, 46
Mac OS X, IPv6 support, 442
make menuselect, 129
mangle table, 41
Masquerading, 575
MDI/MDI-X (medium dependent interfaces), 9
meetme command, 165
meetme.conf, 165
Metrix.net, 13
mgetty, 481
MIB (Management Information Base), 575
MIB (Management Information Browser), 409
MIB tree access controls, 411
Microsoft Windows
ACLs and Windows filesystems, 247
Active Directory, 566
adding Poptop servers to, 298
domains, joining Linux hosts to, 319-323
DNS cache management, 120
IPv6 support, 442
Linux, connecting to with, 230-232
MPPE, 575
networking issues, 307
remote desktop connections to, 228
Samba, replacing NT4 domain controllers with, 305
security, 38
tunneling TightVNC to Linux, 262-264
Windows machines, setting up as OpenVPN clients, 286
Windows PPTP servers, connecting Linux clients to, 299
WINS (Windows Internet Name Service), 588
X-Lite softphone, 143
MIMO (multiple-input/output), 116
Minicom, 14, 495
multiple profiles, configuring, 17
mirroring, 8
MIT Kerberos, 309
modems, 482, 575
MP3 files, playing on Asterisk, 161
MPPE (Microsoft Point-to-Point Encryption), 575
MPPE kernel module, building for Debian, 291
building for Fedora, 294
MRTG (Multi-Router Traffic Graph), 408
active CPU load, monitoring, 419-422
cfgmaker command, 416
configuration file, creating, 413
CPU user and idle times, monitoring, 422
Debian, configuring and starting on, 415-417
disk usage, monitoring, 426
Fedora, configuring and starting on, 418
HTTP service configuration for, 413
installing, 409
MIBs and OIDs, finding and testing, 429-430
mrtg.cfg file, 416
configuring to monitor CPU load, 419
monitoring CPU user and idle times, 422
options, 420
multiple MRTG index pages, creating, 433
physical memory, monitoring, 424
remote hosts, monitoring, 432
running as a daemon, 434-436
SNMP, dependency on, 408
snmpd, testing for operation, 410
swap space and memory, monitoring, 425
TCP connections, monitoring, 428
MSRC4 DSM plug-in, 229
mtr (My Traceroute) utility, 528
Multicast addressing, 441, 575
multimeters, 516
multiple-input/output (MIMO), 116
Multi-Router Traffic Graph (see MRTG)
N[ Top ]
Nagios, 371
Apache, configuring for, 376-378
CGI permissions, configuring for Nagios web access, 389
configuration files, organizing, 378-380
DNS and DHCP servers, monitoring, 403
grouping related services with servicegroups, 402
installing from source code, 372-376
localhost monitoring configuration, 380-389
mail servers, monitoring, 400-402
remote administration with OpenSSH, setting up, 405
remote administration with OpenSSL, setting up, 406
speeding up with check_icmp, 392
SSHD, monitoring, 393-396
starting at boot, 390
users, adding, 391
web servers, monitoring, 397-399
name services, setting up, 90-92
naming context, 335
NAS (Network Access Server), 576
NAT (Network Address Translation), 38, 576
NAT table, 41
Nautilus, 330
ncache, 362
ndiswrapper, 51, 82
Netfilter FAQ, 36
Netgate.com, 13
NETMASK configuration option, 50
netmasks, 176
net-snmp, 409
netstat command, 52, 62, 64, 174, 549
netstat-nat command, 56
net-tools package, 174
Network Address Translation (NAT), 38, 576
network installs, 452
Debian, 466
automation with preseed files, 475
building a mirror with apt-mirror, 468
client PC configuration for your local mirror, 471
new system installs from your local mirror, 474
partial Debian mirrors with apt-proxy, 470
PXE Netboot server setup, 472
Fedora
creating network install boot media for, 453
customized installations, creating, 461-463
FTP-based installation server setup, 458-460
install using boot media, 455-457
kickstart file installation, 463
PXE Netboot, 464
setting up an HTTP installation server for, 457
ndiswrapper, problems with, 467
PXE boot, 452
USB boot, 453
network interfaces, 45
network restart command, 93
network troubleshooting, 515
arping, finding duplicate IP addresses with, 523
cabling, testing and tracing, 516
DNS clients, 545
DNS servers, 542-545
FPing and Nmap, network profiling with, 521-523
HTTP throughput and latency testing, 525
measuring throughput and packet loss, 535-537
network diagnostic and repair laptops, 516-519
network monitoring with ntop, 540-542
packet sniffing with ngrep, 538-540
ping, 519
POP3, POP3s, and IMAP servers, 549-551
SMTP servers, 546-548
spare equipment, 516
SSL key creation for Syslog services on Debian, 551-557
SSL key creation for Syslog services on Fedora, 557-558
stunnel setup for Syslog-ng, 558
Syslog servers, building, 560-562
TCP flags, capturing with tcpdump, 533
traceroute, tcptraceroute, and mtr, 527-529
traffic, capturing and analyzing, 529-533
networking
dial-up (see dial-up networking)
Internet connection sharing between wireless and wired clients, 87
Linux and Windows static DHCP client configuration, 94
mail servers, adding to dnsmasq, 96
networking commands, 174
static IP addresses, setting from DHCP services, 93
networking restart command, 93
NetworkManager, 100, 107
networks, 1
areas, 174
bandwidth, latency, and throughput, 6
Internet connections, 1
mixed networks, integration of (see Samba)
Nagios, monitoring with (see Nagios)
troubleshooting (see network troubleshooting)
wireless networking, 11
next hop, 180
next hop routers, 178
ngrep, 538-540
NICs (network interface cards), 10, 576
configuration on Debian, 45
Fedora, configuration on, 48-50
identifying, 50
Nmap, 523
nmap, 62
nmap command, 63
nmbd, 312
NoMachine, 229
source of older clients, 237
no-negcache option, dnsmasq.conf, 118
NSS (Name Service Switch), 577
ntop, 540-542
NTP (Network Time Protocol), 577
ntpdate, 121
null modem cable, 577
NVRAM (Non-Volatile Random Access Memory), 577
Nxclient
creating additional Nxclient sessions, 244
file and printer sharing, and multimedia, 246
prevention of password saving in, 246
watching users from a FreeNX server, 240
O[ Top ]
Object IDs (see OIDs)
objectClass, 335
objectClass definitions, 334
OIDs (Object Identifiers), 335, 336, 577
LoadMIBs option and, 420
ONBOOT configuration option, 50
Open Shortest Path First (see OSPF)
OpenLDAP, 332
access controls, refining, 366-369
Berkeley DB configuration
logging configuration and performance, 362
Debian, installing on, 339
directory backup and restoration, 364-366
directory entries, correcting, 350-351
directory management with graphical interfaces, 356-358
directory searches, 352-354
Fedora, creating a database on, 344-347
Fedora, installing on, 341
indexing the database, 354
indexes and id2entry file size, 355
logging configuration, 363-364
passwords, changing, 370
remote OpenLDAP servers, connecting to, 352
-H option to commands, 352
schemas, 335
server testing and configuration, 341-344
Sleepycat Berkeley DB configuration, 358-363
users, adding to the directory, 348-349
OpenSSH, 205-207
alternate ports, finding, 219
client configuration files, using for easier logins, 218
components, 205
configuration syntax, checking, 218
DenyHosts startup file, creating, 225
encryption algorithms, 205
hardening, 215
host-key setup, 209
identity key management, 214
keys, 207
fingerprints, changing, 217
generating and copying, 211
labeling with comments, 222
passphrases, changing, 216
passphrases, creating, 208
public-key authentication for protection of passwords, 213
remote command execution without a remote shell, 221
servers and clients, 207
SSH attacks, foiling with DenyHosts, 223
sshfs, mounting remote filesystems with, 226
starting and stopping, 207
supported authentication schemes, 206
tunneling, 205
tunneling X Windows over SSH, 220
(see also SSH)
OpenVPN, 265-267
bridge mode server setup, 284
certificates, revoking, 282
client configuration, 267
configuring to start at boot, 281
connecting Windows clients, 286
encryption process, 266
encryption, testing with static keys, 272
PKI, creating, 276-279
remote Linux clients, connection with static keys, 274
running as a nonprivileged user, 285
server configuration for multiple clients, 279-281
starting and testing, 270-272
"Connection refused" message, 271
--ifconfig option, 271
TAP/TUN drivers and, 267
test lab setup, 267-270
IP addresses setting, 269
OpenWRT, 83
organizational units (OUs), 334
OSPF (Open Shortest Path First), 174, 199-201, 578
ospfd, monitoring, 202
security enhancements, 201
OSXvnc, 229
OUs (organizational units), 334
P[ Top ]
packet filtering, 578
packet switching, 578
packets, 39
PalmVNC Palm OS client, 230
PAM (Pluggable Authentication Modules), 578
passphrase-less Authentication, 206
passphrases, 208
passwords, protection with public-key authentication, 213
PBX (Private Branch eXchange), 123, 579
PC Engines boards, 12
WRAP boards, 87
PC Weasel, 479
PCI (Peripheral Component Interconnect), 579
PCI adapters for telephony, 125
PCI bus, 10
PCI-Express, 10
PDC (Primary Domain Controller), 579
permissions, dial-up for nonroot users, 505
ping, 515, 519
ping6 command, 443
pkgsel command, 476
PKI (Public Key Infrastructure), 266, 579
OpenVPN, creating for, 276-279
PocketPC VNCServer, 230
PocketPC VNCViewer VNC client, 230
Point-to-Point Tunneling Protocol (see PPTP)
polarization diversity, 116
pool.ntp.org, 121
Poptop pptpd, 289
Active Directory, adding to, 298
Debian Linux, installing on, 290
Fedora kernel patches for MPPE support, 294
Fedora Linux, installing on, 293
iptables firewalls, getting PPTP traffic through, 300
PPTP servers, monitoring, 301
PPTP servers, troubleshooting, 302-304
setting up a standalone PPTP VPN server, 295
port 22, 208, 216
port trunking, 9
PPP (Point-to-Point Protocol), 579
PPTP (Point-to-Point Tunneling Protocol), 287, 580
(see also Linux PPTP VPN servers)
pres index type, 355
preseed, 475
priorities, 141
Private Branch eXchange (PBX), 123
private key passphrases, changing, 216
Protocol 2, 216
proute2 package, 175
Public Key Certificates, 568
Public Key Infrastructure (PKI), 266
public-key authentication, 206
sudo and, 214
PXE boot, 452
Debian PXE Netboot server setup, 472
Pyramid Linux, 12, 14, 43
adding software, 28-31
booting, 24
DHCP and DNS services, 90
Fedora, network installation on, 21-24
getting and installing the latest build, 28
hardening, 27
hardware drivers, adding, 32
hostapd, 97-100
installation on CF card, 17
kernel customization, 33
making the filesystem writable, 88
network installation on Debian, 19-21
Pyramid files, finding and editing, 26
router hostname, changing, 114
wireless access points, using for, 86
Q[ Top ]
QoS (Quality of Service), 9, 580
Quagga, 188-191
command-line operation, 192
command-line operation of daemons, 195
configuration file comments, 189
configuration files, 188
included routing daemons, 190
OSPF dynamic routing, 199-201
remote login to Quagga daemons, 194
startup file, 189
R[ Top ]
RADIUS servers, using for wireless authentication, 100-104
radiusd.conf, 103
radvd (router advertising daemon), 448
RAS (Remote Access Service), 580
rdesktop, 228
compatible Microsoft operating systems, 232
Linux, connecting to Microsoft Windows, 230-232
RDNs (Relative Distinguished Names), 334
RDP (Remote Desktop Protocol), 228, 580
RealVNC, 229
records, 334
Red Hat Linux, xx
regional registrars, 439
regulated broadband services, 5
RELATED,ESTABLISHED rules, 54
Relative Distinguished Names (RDNs), 334
remote administration, 204
Remote Desktop Protocol (RDP), 228
remote graphical desktops, 228
built-in remote desktop sharing, KDE and Gnome, 230
custom desktop configuration, 242-244
displaying windows to multiple remote users, 254-256
FreeNX (see FreeNX)
Microsoft Windows, connecting to, 228
Nxclient (see Nxclient)
rdesktop, 228
Linux, connecting to Microsoft Windows, 230-232
tunneling x11vnc over SSH, 261
VNC, 229
RFC (Request for Comment), 581
RFC 2132 numbers, 110
RHEL (Red Hat Enterprise Linux), xx
RIP (Routing Information Protocol), 173, 188, 581
Debian, configuration on, 187-191
default logging level, 190
dynamic routing on Debian, 187
Fedora set up, 191
security enhancements, 201
versions, 190
RIPD, monitoring, 197
ripd.conf (Quagga), 188
ripd.conf file definitions, 189
rootdn, 339
rootDSE, 336
rootpw, 339
route command, 178, 269
routerboards, 12
routers, 2, 37
commercial routers, 8
enabling Internet connection sharing, 183-184
enterprise routers, 7
hardware choices, 173
hostname, changing under Pyramid Linux, 114
inexpensive options, 45
Internet connection sharing between wired and wireless clients, 87
simple local routers, setting up, 180
private addressing schemes, 182
routes, blackholing with zebra, 198
routing, 581
interior routing protocols, 173
OSPF for dynamic routing, 199-201
persistent static routes, configuring, 186
RIP (see RIP)
static routing, configuration across subnets, 185
wireless routing between two LAN segments, 108-113
Routing Information Protocol (see RIP)
RRAS (Routing and Remote Access Service), 580
RSA keys, 211
S[ Top ]
Samba, 305
compilation from source code, 310
hardware requirements, 306
Linux clients, command-line utilities for connecting, 326-329
Linux clients, graphical programs for connecting, 330
primary domain controller, using as, 313-317
required software, 307
starting and stopping, 312
supporting Debian and Fedora packages, 308
Windows 95/98/ME, joining to Samba domains, 323
Windows NT/2000, connecting to Samba domains, 325
Windows NT4 domain controllers, migrating from, 317-319
Windows NT4 domain controllers, replacing with, 305
Windows NT4, connecting to Samba domains, 324
Windows XP, connnecting to Samba domains, 325
SBCs (single-board computers), 12, 581
wireless access points, using for, 86
(see also Soekris 4521 boards)
Scope:Link address, 441
scp, copying files over IPv6, 447
Secure Sockets Layer (see SSL)
Secure Sockets Layer-based Virtual Private Networks (see SSL VPNs)
security
adding to RIP and OSPF, 201
Debian security updates, 472
firewalls (see firewalls)
hardening Pyramid Linux, 27
MAC addresses and, 94
serial connections, 496
wireless networking, 84
Sentry Firewall, 42
serial consoles, 478, 582
commercial consoles, 479
logging, configuring, 497
networks, connecting to, 478
security, improving, 496
servers, dialing into, 495
servers, file uploads to, 498
servers, preparing for administration by, 479
BIOS serial console support, checking, 480
modems, 482
setting up, 489-491
x86 PC BIOS and, 479
(see also servers, preparing for headless operation)
serial ports, 480
servers, preparing for headless operation, 479
configuration for dial-in administration, 492-494
GRUB, configuration with, 485-487
LILO, configuration with, 483-485
(see also serial consoles)
services file (Quagga), 189
set_cachesize, 361
single-board computers (see SBCs)
SIP (Session Initiation Protocol), 582
sip.conf, 138
SLA (Service Level Agreement), 582
slapadd, 365
slapcat, 364
slapd.conf, 337, 339, 342
indexing options, 354
security concerns, 346
slapindex, 355
Sleepycat Berkeley DB, 332, 340
configuring, 358-363
logging configuration and performance, 362
Smb4k, 330
smbclient, 328
smbd, 312
smbmnt, 329
smbmount and smbumount, 329
smbtree, 327
SMTP servers, troubleshooting, 546-548
Smurf attack, 582
SNAT (Source NAT), 38, 56
SNMP (Simple Network Management Protocol), 408, 582
Debian, configuring on, 410-412
Fedora, configuring on, 413
MRTG and, 408
snmpd, manual startup using chkconfig, 410
snmpd, testing for operation, 410
snmpd.conf, 410
testing remote SNMP characters, 430
snmpwalk, 410
remote snmp queries, testing, 431
syntax, 412
Soekris 4521 boards, 12, 14-17
comBIOS, updating, 34
Minicom, loading to, 14
netbooting, 19-24
Debian, using, 19-21
Fedora, using, 21-24
Pyramid Linux files, finding and editing, 26
Pyramid Linux kernel, customizing, 33
Pyramid Linux, adding software to, 28
Pyramid Linux, booting, 24
Pyramid Linux, hardening, 27
Pyramid Linux, installing the latest build, 28
serial port address configuration, 15
serial terminal options, 16
Soekris routerboard series, 87
softphones (software phones), 143-145
software phones (softphones), ALSA soundsystem, 145
SOHO (Small Office/Home Office), 583
Source NAT (SNAT), 38, 56
spatial diversity, 116
speex-devel package, 130
Spencer, Mark, 125
SRPM (Source RPM), 583
SSH (Secure Shell), 39, 205, 583
allowing remote SSH through NAT firewalls, 66
default port, 208
changing to a nonstandard port, 216
firewall configuration for remote administration, 65
FreeNX, key generation and management with, 233
getting multiple host keys past NAT, 68
IPv6 logins, options to permit, 447
keys, labeling with comments, 222
known_hosts file on clients, 210
SSH-1 versus SSH-2, 216
tunneling, 205
tunneling x11vnc, 261
(see also OpenSSH)
ssh-copy-id, 214
sshd -l command, 218
sshd_config, 215, 219
syntax checking, 218
sshfs, mounting remote filesystems with, 226
ssh-keygen command, 215, 217
-p switch, 217
SSL (Secure Sockets Layer), 265, 583
SSL VPNs, 265
state (packet filtering), 583
Static address, 584
stunnel, 551, 558
sub index type, 355
subnets, 584
broadcast addresses, 177
calculation with ipcalc, 176
subschemas, 336
sudo
compared to su command, 222
public-key authentication and, 214
suffix, 335
switch, 584
switches, 8
management ports, 8
MDI/MDI-X, 9
serial ports, 9
SYN/ACK, 584
sysctl command, 55
Syslog servers, building, 560-562
SysRq, 497
T[ Top ]
T1 lines, 2
TAP/TUN drivers, 267
tasksel command, 475
tc command, 175
TCAM (Ternary Content Addressable Memory), 7, 173, 585
TCP (Transmission Control Protocol), 39, 585
tcpdump, 529-533
TCP flags, capturing with, 533
tcptraceroute, 527
telnet, 550
Ternary Content Addressable Memory (see TCAM)
throughput, 6
TightVNC, 229
multiple concurrent users, 254
tunneling between Linux and Windows, 262-264
time, updating at boot, 121
TLS (Transport Layer Security), 265, 583
traceroute, 527
Transport Layer Security (see TLS)
TTL (Time To Live), 586
tunnel brokers (6to4), 451
tunneling, 205
X Windows over SSH, 220
x11vnc over SSH, 261
Twinkle softphone, 143
TwinVNC, 230
U[ Top ]
UART (Universal Asynchronous Receiver/Transmitter), 586
UDP, 39
UIDs (user IDs), 334
UltraVNC, 229
Unique Local Unicast addresses, 441
USB 2.0 versus USB 1.1, 51
USB boot, 453
USB headsets, 145
user IDs (UIDs), 334
USERCTL configuration option, 50
V[ Top ]
vectors (RIP), 173
view keyword, 412
Vino, 230
Virtual Network Computing (see VNC)
VLAN (Virtual LAN), 586
VLANs, 9
VNC (Virtual Network Computing), 229, 587
changing the Linux VNC server password, 256
connecting to an existing X session, 259
customizing remote desktops, 257
displaying windows to multiple remote users, 254-256
Microsoft Windows, controlling from Linux, 248-250
remote desktop size, setting, 258
tunneling TightVNC between Linux and Windows, 262-264
using for remote Linux-to-Linux administration, 252
port numbers, specifying, 253
using to control Windows and Linux simultaneously, 250
x11vnc, 230
tunneling over SSH, 261
VNC server for MorphOS, 230
vncpasswd command, 256
voicemail broadcasts, 162
voicemail.conf, 137, 142
VoIP (Voice over Internet Protocol), 587
VoIP services (see Asterisk)
Voyage Linux, 43
VPNs (Virtual Private Networks), 265, 587
default gateways, 270
IPSec VPN, 288
Linux PPTP VPN servers (see Linux PPTP VPN servers)
vsftpd, 459
vtysh, 192
W[ Top ]
WAN (Wide Area Network), 587
WAP (Wireless Access Point), 588
WEP (Wired Equivalent Privacy), 11, 84, 588
wext driver, 99
whitelists, 223
Wi-Fi, 588
Wi-Fi Protected Access (WPA), 84
Win2VNC, 229
Winbind, 588
window manager startup commands, 244
Windows static DHCP clients, configuring, 94
Windows, Microsoft (see Microsoft Windows)
WindowsCE.NET server, 230
WINS (Windows Internet Name Service), 588
Wired Equivalent Privacy (WEP), 11, 84
wireless chipsets with Linux compatibility, 83
wireless networking, 11
access points, 100
building, 86
inexpensive options, 45
supported clients, 100
authentication with RADIUS servers, 100-104
binary blobs in the kernel, 83
encryption and authentication, 84
FreeRADIUS, authenticating clients to, 106
hostnames, changing on Pyramid Linux routers, 114
Internet connection sharing between wired and wireless clients, 87
name services, setting up, 90-92
probing wireless interface cards, 113
routing between LAN segments, 108-113
security, 84
security risks of unsecured networks, 84
shutting down one of two antennas, 115
static IP addresses, setting from DHCP services, 93
WPA2 security enhancements using Pyramid Linux, 97-100
Wistron CM9 mini-PCI interface, 83
wlanconfig, 113
WPA (Wi-Fi Protected Access), 84, 589
support for Windows XP, 99
wpa_supplicant, 85
WPA2, 84, 589
security enhancements using Pyramid Linux, 97-100
WPA-EAP, 84
WPA-Enterprise, 85
WPA-Personal, 84
WPA-PSK, 84
WRAP boards, 44
WvDial, 502
(see also dial-up networking)
wvdial.conf, 504
X[ Top ]
x11vnc, 230
tunneling over SSH, 261
x2vnc, 230, 250
X-Lite softphone, 143
Z[ Top ]
zebra, 188, 190
blackholing routes, 198
zebra.conf, 188
setting null routes in, 198
ztdummy module, 131
Return to Linux Networking Cookbook
 © 2008, O'Reilly Media, Inc. (707) 827-7000 / (800) 998-9938 All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. |
About O'Reilly Privacy Policy Contacts Authors Press Room Jobs User Groups Academic Solutions Newsletters Writing for O'Reilly RSS Feeds |
Other O'Reilly Sites O'Reilly Radar Ignite Tools of Change for Publishing Digital Media makezine.com craftzine.com hackzine.com perl.com xml.com |
Sponsored Sites Inside Aperture Inside iPhone Inside Lightroom Inside Port 25 InsideRIA |