Your SlideShare is downloading. ×
Chapter 03
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Chapter 03

312
views

Published on

CS325

CS325

Published in: Education, Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
312
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Linux Networking and Security Chapter 3
  • 2. Configuring Client Services
    • Configure DNS name resolution
    • Configure dial-up network access using PPP
    • Understand client services such as DHCP and LDAP
    • Use remote graphical applications and remote dial-up authentication
    • Use common client tools such as Linux Web browsers and email clients
  • 3. Setting Up Name Resolution
    • The domain name service (DNS) is implemented by a domain name server
      • The term domain name refers to the name of multiple hosts on the Internet that are collectively referred to
      • The most widely known top-level domain is .com
      • Within a top-level domain, an organization has its own domain or domains
      • Network hosts are given names called hostnames
      • A fully qualified domain name (FQDN) combines a hostname with the name of its domain
  • 4. Setting Up Name Resolution
  • 5. Configuring the DNS Resolver Manually
    • The resolver is the client part of DNS
      • It makes requests to a DNS server so that other workstation programs can use the IP address of a given server to make a network connection
      • The resolver is configured by a single file in Linux: /etc/resolv.conf
      • Configure the resolver by storing the IP address of one or more DNS servers in the resolv.conf file, proceeded by the keyword nameserver
  • 6. The hosts File
    • Another way to convert an IP address to a domain name is store the IP address and corresponding domain names in a text file called /etc/hosts on your host
    • The /etc/hosts.conf or /etc/nsswitch.conf files determine the order in which the resolver looks to various sources to resolve IP addresses
  • 7. Configuring the DNS Resolver Graphically
  • 8. Configuring the DNS Resolver Graphically
  • 9. Configuring the DNS Resolver Graphically
  • 10. Configuring the DNS Resolver Graphically
  • 11. Dial-up Network Access Using PPP
    • PPP is widely used to connect to the Internet via modem
      • PPP includes feature that make it more secure, flexible, and dependable than terminal emulation
      • In reality, PPP was not very secure and was challenging to configure and manage
    • Two advances improve PPP security:
      • Password Authentication Protocol (PAP) stores user data in a file that only the root user accesses
      • Challenge Handshake Authentication Protocol (CHAP) is the most secure PPP option
  • 12. PPP Connections
    • Text-mode utility wvdial is designed to ease the difficulty of working with PPP
      • Used from a command line on a server
    • Red Hat Linux uses a utility called rp3
      • This is a wizard-driven graphical utility
    • The Linux KDE graphical environment uses a utility called KPPP
    • diald automates PPP
      • difficult to use and challenging to set up
  • 13. PPP Connections
  • 14. PPP Connections
  • 15. Using DHCP
    • Dynamic Host Configuration Protocol (DHCP) allows the configuration of a service that hands out IP addresses to network clients
      • DHCP can drastically reduce the administration needs of a network
      • The DHCP server is installed by default on many Linux systems
      • Configuration of DHCP involves creating an /etc/dhcpd.conf file
  • 16. Using DHCP
  • 17. Understanding LDAP
    • The Lightweight Directory Access Protocol (LDAP) provides a directory service that lets users query a database of network resource information
      • LDAP directories are organized as inverted trees of information
      • To use a directory, client software allows traversal of the tree, looking for the needed data
      • Objects in the tree are referred to using a formalized set of identifiers
  • 18. Understanding LDAP
  • 19. Understanding LDAP
  • 20. Running Applications Remotely
  • 21. Running Applications Remotely
    • Before an X client can display its windows on a remote host, the remote host must be configured to allow others to use its X server
      • To use xhost Authentication, include the hostname of the computer that will be allowed to display
      • xauth Authentication is more secure than xhost since it employs the use of a cookie
    • XDMCP for Remote Graphical Terminals
      • lets users on remote X servers obtain a graphical login screen and begin using X clients on Linux
  • 22. Running Applications Remotely
    • Using r-Utilities for Remote Execution
      • Allow a user to learn about or execute a program on another host
      • The r-utilities are not secure
    • Using UUCP for Remote Access
      • Provides transfer of email over modem between multiple email servers
  • 23. Running Applications Remotely
  • 24. Web and Mail Clients
    • Popular Linux Browsers
      • Lynx is a text-based browser that is installed by default on many popular Linux distributions
      • Netscape Communicator on Linux is similar to Netscape on Windows
      • Mozilla is included as the default on Red Hat Linux on the Gnome desktop
      • Other browsers: Opera, dillo, Galeon, SkipStone
  • 25. Popular Linux Browsers
  • 26. Understanding Email
    • Email is transferred on the Internet via the Simple Mail Transport Protocol (SMTP)
    • Email-related programs are divided into three categories:
      • Mail Transfer Agent (MTA) - moves email messages from one server to another
      • Mail Delivery Agent (MDA) - places email in a user’s mailbox
      • Mail User Agent (MUA) - displays and manages email messages for a user
  • 27. Understanding Email
    • On every Linux system, user accounts have associated email accounts and email is placed in the /var/spool/mail directory
    • Email is typically retrieved using a MUA in one of three ways:
      • Post Office Protocol (POP3) - via a POP3 server downloads messages to the computer
      • Internet Mail Access Protocol (IMAP) - views messages on the remote server
      • Web browser
  • 28. Understanding Email
    • Using an Email Filter: Procmail
      • Procmail is a special MDA acts as a filter and processes email based on user-defined criteria
      • Difficult to configure, but worth the effort if a large number of incoming messages are regularly received
      • Is installed by default on many Linux systems
      • Checks for both a system-wide configuration file /etc/procmailrc and per-user .procmailrc
      • These files can contain recipes, or formulas for examining email messages and taking an action
  • 29. Linux Email Clients
  • 30. Linux Email Clients
  • 31. Chapter Summary
    • The client portion of the domain name service is called a resolver
    • A fully qualified domain name (FQDN) consists of a hostname plus the domain of which the host is part
    • PPP is a popular method of making network connections via modem
    • PPP security is provided by the Password Authentication (PAP) and Challenge Handshake Authentication (CHAP) protocols
    • The wvdial utility can configure and manage a PPP connection from the command line
  • 32. Chapter Summary
    • The diald program automates use of a dial-up connection via PPP, automatically connecting and disconnecting based on traffic
    • The Dynamic Host Configuration Protocol (DHCP) allows clients to configure IP networking automatically by receiving network address information from a DHCP server
    • Most versions of Linux include the dhcpd server and at least one of the three common DHCP clients
    • The Lightweight Directory Access Protocol (LDAP) provides a directory service that lets users query a worldwide database for information on resources
  • 33. Chapter Summary
    • The OpenLDAP server is provided with most Linux distributions
    • X can execute graphical programs remotely by referring to the DISPLAY variable or the --display command line option
    • XDMCP lets users on remote X servers obtain a graphical login screen and begin using X clients on Linux without first logging into Linux via Telnet
    • The r-utilities provide a convenient way to execute commands on, or copy files between, remote hosts when working in a trusted network environment
  • 34. Chapter Summary
    • The Unix to Unix Copy (UUCP) protocol was designed to facilitate inexpensive transfers of email messages between servers in the days before Internet connectivity was widespread
    • Many Web browsers are available for Linux, with the most popular being the text-mode browser Lynx and graphical browsers Mozilla and Netscape
    • Internet email relies on a Mail Transfer Agent (MTA) to move messages between hosts; a Mail Delivery Agent (MDA) may process mail as it is delivered to a user’s mailbox; and a Mail User Agent MUA is relied upon in order for a user to read and send messages
  • 35. Chapter Summary
    • MUAs can either read local mail files, or can use the POP3 or IMAP protocols to retrieve messages from a central server
    • The Procmail program processes email messages using recipes which provide automatic message management
    • Many other Linux email clients are popular: elm and pine, fetchmail, Kmail and Balsa