Linux for Networking Professionals

Linux for Networking Professionals

by Rob VandenBrink
Released November 2021
Publisher(s): Packt Publishing
ISBN: 9781800202399

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Get to grips with the most common as well as complex Linux networking configurations, tools, and services to enhance your professional skills

Key Features

  • Learn how to solve critical networking problems using real-world examples
  • Configure common networking services step by step in an enterprise environment
  • Discover how to build infrastructure with an eye toward defense against common attacks

Book Description

As Linux continues to gain prominence, there has been a rise in network services being deployed on Linux for cost and flexibility reasons. If you are a networking professional or an infrastructure engineer involved with networks, extensive knowledge of Linux networking is a must.

This book will guide you in building a strong foundation of Linux networking concepts. The book begins by covering various major distributions, how to pick the right distro, and basic Linux network configurations. You'll then move on to Linux network diagnostics, setting up a Linux firewall, and using Linux as a host for network services. You'll discover a wide range of network services, why they're important, and how to configure them in an enterprise environment. Finally, as you work with the example builds in this Linux book, you'll learn to configure various services to defend against common attacks. As you advance to the final chapters, you'll be well on your way towards building the underpinnings for an all-Linux datacenter.

By the end of this book, you'll be able to not only configure common Linux network services confidently, but also use tried-and-tested methodologies for future Linux installations.

What you will learn

  • Use Linux as a troubleshooting and diagnostics platform
  • Explore Linux-based network services
  • Configure a Linux firewall and set it up for network services
  • Deploy and configure Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) services securely
  • Configure Linux for load balancing, authentication, and authorization services
  • Use Linux as a logging platform for network monitoring
  • Deploy and configure Intrusion Prevention Services (IPS)
  • Set up Honeypot solutions to detect and foil attacks

Who this book is for

This book is for IT and Windows professionals and admins looking for guidance in managing Linux-based networks. Basic knowledge of networking is necessary to get started with this book.

Table of contents

  1. Linux for Networking Professionals
  2. Contributors
  3. About the author
  4. About the reviewer
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the color images
    5. Download the example code files
    6. Conventions used
    7. Get in touch
    8. Share Your Thoughts
  6. Section 1: Linux Basics
  7. Chapter 1: Welcome to the Linux Family
    1. Why Linux is a good fit for a networking team
      1. Why is Linux important?
      2. The history of Linux
    2. Mainstream data center Linux
      1. Red Hat
      2. Oracle/Scientific Linux
      3. SUSE
      4. Ubuntu
      5. BSD/FreeBSD/OpenBSD
    3. Specialty Linux distributions
      1. Open source firewalls
      2. Kali Linux
      3. SIFT
      4. Security Onion
    4. Virtualization
      1. Linux and cloud computing
    5. Picking a Linux distribution for your organization
    6. Summary
    7. Further reading
  8. Chapter 2: Basic Linux Network Configuration and Operations – Working with Local Interfaces
    1. Technical requirements
    2. Working with your network settings – two sets of commands
    3. Displaying interface IP information
      1. Displaying routing information
    4. IPv4 addresses and subnet masks
      1. Special-purpose addresses
      2. Private addresses – RFC 1918
    5. Assigning an IP address to an interface
      1. Adding a route
      2. Adding a route using legacy approaches
      3. Disabling and enabling an interface
      4. Setting the MTU on an interface
      5. More on the nmcli command
    6. Summary
    7. Questions
    8. Further reading
  9. Section 2: Linux as a Network Node and Troubleshooting Platform
  10. Chapter 3: Using Linux and Linux Tools for Network Diagnostics
    1. Technical requirements
    2. Network basics – the OSI model
    3. Layer 2 – relating IP and MAC addresses using ARP
      1. MAC address OUI values
    4. Layer 4 – how TCP and UDP ports work
      1. Layer 4 – TCP and the three-way handshake
    5. Local port enumeration – what am I connected to? What am I listening for?
    6. Remote port enumeration using native tools
    7. Remote port and service enumeration – nmap
      1. NMAP scripts
      2. Are there limits to Nmap?
    8. Wireless diagnostic operations
    9. Summary
    10. Questions
    11. Further reading
  11. Chapter 4: The Linux Firewall
    1. Technical requirements
    2. Configuring iptables
      1. iptables from a high level
      2. The NAT table
      3. The mangle table
      4. Order of operations in iptables
    3. Configuring nftables
      1. nftables basic configuration
      2. Using include files
      3. Removing our Firewall Configuration
    4. Summary
    5. Questions
    6. Further reading
  12. Chapter 5: Linux Security Standards with Real-Life Examples
    1. Technical requirements
    2. Why do I need to secure my Linux hosts?
    3. Cloud-specific security considerations
    4. Commonly encountered industry-specific security standards
    5. The Center for Internet Security critical controls
      1. Getting a start on CIS critical security controls 1 and 2
      2. OSQuery – critical controls 1 and 2, adding in controls 10 and 17
    6. The Center for Internet Security benchmarks
      1. Applying a CIS benchmark – securing SSH on Linux
    7. SELinux and AppArmor
    8. Summary
    9. Questions
    10. Further reading
  13. Section 3: Linux Network Services
  14. Chapter 6: DNS Services on Linux
    1. Technical requirements
    2. What is DNS?
    3. Two main DNS server implementations
      1. An organization's "internal" DNS server (and a DNS overview)
      2. An internet-facing DNS server
    4. Common DNS implementations
      1. Basic installation: BIND for internal use
      2. BIND: Internet-facing implementation specifics
    5. DNS troubleshooting and reconnaissance
    6. DoH
    7. DoT
      1. knot-dnsutils
      2. Implementing DoT in Nmap
      3. DNSSEC
    8. Summary
    9. Questions
    10. Further reading
  15. Chapter 7: DHCP Services on Linux
    1. How does DHCP work?
      1. Basic DHCP operation
      2. DHCP requests from other subnets (forwarders, relays, or helpers)
      3. DHCP options
    2. Securing your DHCP services
      1. Rogue DHCP server
      2. Rogue DHCP client
    3. Installing and configuring a DHCP server
      1. Basic configuration
      2. Static reservations
      3. Simple DHCP logging and troubleshooting in everyday use
    4. Summary
    5. Questions
    6. Further reading
  16. Chapter 8: Certificate Services on Linux
    1. Technical requirements
    2. What are certificates?
    3. Acquiring a certificate
    4. Using a certificate – web server example
    5. Building a private Certificate Authority
      1. Building a CA with OpenSSL
      2. Requesting and signing a CSR
    6. Securing your Certificate Authority infrastructure
      1. Legacy tried-and-true advice
      2. Modern advice
      3. CA-specific risks in modern infrastructures
    7. Certificate Transparency
      1. Using CT for inventory or reconnaissance
    8. Certificate automation and the ACME protocol
    9. OpenSSL cheat sheet
    10. Summary
    11. Questions
    12. Further reading
  17. Chapter 9: RADIUS Services for Linux
    1. Technical requirements
    2. RADIUS basics – what is RADIUS and how does it work?
    3. Implementing RADIUS with local Linux authentication
    4. RADIUS with LDAP/LDAPS backend authentication
      1. NTLM authentication (AD) – introducing CHAP
    5. Unlang – the unlanguage
    6. RADIUS use-case scenarios
      1. VPN authentication using user ID and password
      2. Administrative access to network devices
      3. RADIUS configuration for EAP-TLS authentication
      4. Wireless network authentication using 802.1x/EAP-TLS
      5. Wired network authentication using 802.1x/EAP-TLS
    7. Using Google Authenticator for MFA with RADIUS
    8. Summary
    9. Questions
    10. Further reading
  18. Chapter 10: Load Balancer Services for Linux
    1. Technical requirements
    2. Introduction to load balancing
      1. Round Robin DNS (RRDNS)
      2. Inbound proxy – Layer 7 load balancing
      3. Inbound NAT – Layer 4 load balancing
      4. DSR load balancing
    3. Load balancing algorithms
    4. Server and service health checks
    5. Datacenter load balancer design considerations
      1. Datacenter network and management considerations
    6. Building a HAProxy NAT/proxy load balancer
      1. Before you start configuring – NICs, addressing, and routing
      2. Before you start configuring – performance tuning
      3. Load balancing TCP services – web services
      4. Setting up persistent (sticky) connections
      5. Implementation note
      6. HTTPS frontending
    7. A final note on load balancer security
    8. Summary
    9. Questions
    10. Further reading
  19. Chapter 11: Packet Capture and Analysis in Linux
    1. Technical requirements
    2. Introduction to packet capturing – the right places to look
      1. Capturing from either end
      2. Switching the monitoring port
      3. Intermediate in-line host
      4. Network tap
      5. Malicious packet capture approaches
    3. Performance considerations when capturing
    4. Capturing tools
      1. tcpdump
      2. Wireshark
      3. TShark
      4. Other PCAP tools
    5. Filtering captured traffic
      1. Wireshark capture filters (capturing your home network traffic)
      2. tcpdump capture filters – VoIP phones and DHCP
      3. More capture filters – LLDP and CDP
      4. Collecting files from a packet capture
    6. Troubleshooting an application – capturing a VoIP telephone call
      1. Wireshark display filters – separating specific data in a capture
    7. Summary
    8. Questions
    9. Further reading
  20. Chapter 12: Network Monitoring Using Linux
    1. Technical requirements
    2. Logging using Syslog
      1. Log size, rotation, and databases
      2. Log analysis – finding "the thing"
      3. Alerts on specific events
      4. Syslog server example – Syslog
    3. The Dshield project
      1. Network device management using SNMP
      2. SNMP NMS deployment example – LibreNMS
      3. SNMPv3
    4. Collecting NetFlow data on Linux
      1. What is NetFlow and its "cousins" SFLOW, J-Flow, and IPFIX?
      2. Flow collection implementation concepts
      3. Configuring a router or switch for flow collection
      4. An example NetFlow server using NFDump and NFSen
    5. Summary
    6. Questions
    7. Further reading
      1. Commonly used SNMP OIDs
  21. Chapter 13: Intrusion Prevention Systems on Linux
    1. Technical requirements
    2. What is an IPS?
    3. Architecture options – where does an IPS fit in your data center?
    4. IPS evasion techniques
      1. Detecting a WAF
      2. Fragmentation and other IPS evasion methods
    5. Classic/network-based IPS solutions – Snort and Suricata
    6. Suricata IPS example
    7. Constructing an IPS rule
    8. Passive traffic monitoring
      1. Passive monitoring with P0F – example
    9. Zeek example – collecting network metadata
    10. Summary
    11. Questions
    12. Further reading
  22. Chapter 14: Honeypot Services on Linux
    1. Technical requirements
    2. Honeypot overview – what is a honeypot, and why do I want one?
    3. Deployment scenarios and architecture – where do I put a honeypot?
    4. Risks of deploying honeypots
    5. Example honeypots
      1. Basic port alerting honeypots – iptables, netcat, and portspoof
      2. Other common honeypots
    6. Distributed/community honeypot – the Internet Storm Center's DShield Honeypot Project
    7. Summary
    8. Questions
    9. Further reading
  23. Assessments
    1. Chapter 2 – Basic Linux Network Configuration and Operations – Working with Local Interfaces
    2. Chapter 3 – Using Linux and Linux Tools for Network Diagnostics
    3. Chapter 4 – The Linux Firewall
    4. Chapter 5 – Linux Security Standards with Real-Life Examples
    5. Chapter 6 – DNS Services on Linux
    6. Chapter 7 – DHCP Services on Linux
    7. Chapter 8 – Certificate Services on Linux
    8. Chapter 9 – RADIUS Services for Linux
    9. Chapter 10 – Load Balancer Services for Linux
    10. Chapter 11 – Packet Capture and Analysis in Linux
    11. Chapter 12 – Network Monitoring Using Linux
    12. Chapter 13 – Intrusion Prevention Systems on Linux
    13. Chapter 14 – Honeypot Services on Linux
    14. Why subscribe?
  24. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Share Your Thoughts

Product information

  • Title: Linux for Networking Professionals
  • Author(s): Rob VandenBrink
  • Release date: November 2021
  • Publisher(s): Packt Publishing
  • ISBN: 9781800202399