Linux Troubleshooting Bible [Electronic resources] نسخه متنی

اینجــــا یک کتابخانه دیجیتالی است

با بیش از 100000 منبع الکترونیکی رایگان به زبان فارسی ، عربی و انگلیسی

جستجو بر اساس ... همه عنوان پدیدآور موضوع یادداشت تمام متن
اصطلاحنامه مجموعه ها مرورالفبایی لغت نامه دهخدا
جستجو در لغت نامه
بیشتر
کتابخانه شخصی پرسش از کتابدار ارسال منبع

Linux Troubleshooting Bible [Electronic resources] - نسخه متنی

Christopher Negusand, Thomas Weeks

| نمايش فراداده ، افزودن یک نقد و بررسی
افزودن به کتابخانه شخصی
میخواهم بخوانم
درحال خواندن
خوانده شده
ارسال به دوستان

آدرس پست الکترونیک گیرنده :

آدرس پست الکترونیک فرستنده :

نام و نام خانوارگی فرستنده :

پیغام برای گیرنده ( حداکثر 250 حرف ) :

کد امنیتی را وارد نمایید

ارسال
جستجو در متن کتاب
بیشتر
تنظیمات قلم

فونت

اندازه قلم

+ - پیش فرض

حالت نمایش

روز نیمروز شب
جستجو در لغت نامه
بیشتر
لیست موضوعات

Sitemap

Table of Contents

BackCover

Linux Troubleshooting Bible

Preface

Troubleshooting Fedora and Red Hat Linux

Transitioning to SUSE or Debian Linux

Using Linux Troubleshooting Bible

Reach Out

Part I: Getting Going

Chapter 1: Introduction to Linux Troubleshooting

Introducing Fedora Linux

Going with Fedora (Without Going it Alone)

Giving Back to Fedora

Moving to Fedora Core 2

Summary

Chapter 2: Troubleshooting Installation

Understanding Installation

Choosing Hardware

Overcoming Installation Problems

General Installation Troubleshooting Tips

Getting Linux to Boot after Installation

Installation Troubleshooting Reference

Summary

Chapter 3: Updating and Upgrading Fedora

Keeping Fedora Core up to Date

Upgrading to Fedora Core

Troubleshooting Upgrade Problems

How to Keep Your Current Red Hat Linux Systems Running

Summary

Part II: Preventing Problems

Chapter 4: Securing and Automating Desktop and Server Installs

A Kickstart Overview

Starting Your Kickstart Templates

Locking Down Desktops and Servers

Creating a Kickstart Provisioning Server

Centralizing and Standardizing Your Kickstart Files

Creating Your Kickstart Provisioning Boot Media

Testing Your New Kickstart Media

Troubleshooting Common Kickstart Problems

Kickstart Troubleshooting References

Summary

Chapter 5: Preparing for Backups and Migration

Backup Types

Which Backup Strategy Should You Use?

Backup Strategies

Backup Tools and How to Use Them

Backup Examples

Testing and Doing Restores

Server Migrations

Backup-Related Resources

Summary

Part III: Troubleshooting Basic Features

Chapter 6: Troubleshooting Tools

Getting Around with the Shell

Obtaining Root Privilege

Examining System Processes

Going into Rescue Mode

Detecting and Configuring Hardware

Using Network Troubleshooting Tools

Summary

Chapter 7: X Troubleshooting: Video, Mouse, and Keyboard

Configuring Video, Mouse, and Keyboard

Digging into the X Server and XF86Config File

Setting and Tuning Your Video Driver

Video Troubleshooting Tips

Mouse Troubleshooting Tips

Video Troubleshooting Reference

Summary

Chapter 8: Software Package Troubleshooting

Installing, Upgrading, and Deleting Packages

Checking Software Packages

Querying Software Packages

Verifying Software Packages

Repairing a Broken RPM Database

Troubleshooting Software Package Tips

Software Package Troubleshooting Reference

Summary

Chapter 9: File System, Disk, and Power Troubleshooting

Checking and Tuning Your Hard Disk

Managing Power Settings for Laptops

Disk, File System, and Power Troubleshooting References

Summary

Part IV: Troubleshooting the Network

Chapter 10: Detecting and Responding to Intrusions

Intrusion Detection and Response: An Overview

Intrusion Detection Tools

Verifying Your Files with RPM

Creating a Security Baseline

Automating System Scanning and Notification

Intrusion Troubleshooting

Intrusion Detection Resources

Summary

Chapter 11: Firewall Troubleshooting

Firewall Theory

Firewalls in Action

Linux Firewall Mechanisms

TCP Wrappers: Securing Local Services

iptables and the Single Server

iptables and Network Firewalls

Graphical Firewall Tools

Troubleshooting iptables

Firewall Resources

Summary

Chapter 12: Troubleshooting BIND9 and DNS

DNS History and Theory

Configuring a Master DNS Server

Slave BIND9 DNS Servers

BIND9 Security

Troubleshooting BIND9 and DNS Issues

DNS and BIND Resources

Summary

Chapter 13: Modem TroubleshootIng

Choosing a Modem

Probing and Trying Your Modem

Setting up Your Modem through the GUI

Setting up Your Modem with minicom

Modem Troubleshooting Tips

Finding Modem Troubleshooting Resources

Summary

Part V: Troubleshooting Internal Services

Chapter 14: Printer Troubleshooting

Getting the Right Printer

Setting up a Printer Under Fedora Core

Sharing a Printer Under Fedora Core

Going Beyond Setup

Top Troubleshooting Tips

No-GUI Printer Administration

Printer Resources

Summary

Chapter 15: Samba Troubleshooting

Understanding Samba

Basic Samba Setup

Using Samba

Samba Troubleshooting Tips

Samba Resources

Summary

Chapter 16: NFS Troubleshooting

Troubleshooting NFS

NFS Troubleshooting References

Summary

Part VI: Troubleshooting External Services

Chapter 17: Web Server Troubleshooting

Apache Configuration

Common Apache Usage

Migrating From Apache 1.x to 2.0

Apache 2.0 Tips and Tricks

Tweaking Apache for Higher Loads

Apache Troubleshooting

Apache Resources

Summary

Chapter 18: File Transfer Troubleshooting

Which File Transfer Method to Use?

Configuring and using FTP

Configuring and using scp and sftp

Configuring and using WebDAV

Other File Transfer Solutions

File Transfer Troubleshooting

File Transfer Resources

Summary

Chapter 19: E-Mail Server Troubleshooting

Switching between MTAs with the Alternatives System

Sendmail Configuration

Sendmail Tips and Tricks

Diagnosing Sendmail Problems

Sendmail Troubleshooting

Top Sendmail Problems (And Solutions)

PostFix Overview

Sendmail and PostFix Resources

Summary

Appendix A: Fedora Software Repositories

Appendix B: Troubleshooting SUSE Linux

Licenses and Maintenance

The sysconfig Directory

YaST

Installing Non-SUSE Packages

Finding More Information

Appendix C: Troubleshooting Debian GNU/Linux

The Debian CD-ROMs

Installation Notes

Debian Basics

Troubleshooting Tips and Tools

Getting Help

Summary

Index

Index_B

Index_C

Index_D

Index_E

Index_F

Index_G

Index_H

Index_I

Index_K

Index_L

Index_M

Index_N

Index_O

Index_P

Index_Q

Index_R

Index_S

Index_T

Index_U

Index_V

Index_W

Index_X

Index_Y

Index_Z

List of Figures

List of Tables

List of Listings

List of Sidebars
توضیحات
افزودن یادداشت جدید







Firewalls in Action

No matter how complex the firewall is, in its most simple form, a firewall allows and disallows access to specific services based on host addresses, networks, or other such trigger criteria. The services, ports, and daemon names (for Red Hat/Fedora Core systems) that most Linux sys-admins are concerned about are shown in Table 11-1.










































Table 11-1: Services and Daemons


Service Name


Port


Description


Red Hat/Fedora Daemon Name


Ftp


21


VS-FTP


Vsftpd


Ssh


22


OpenSSH/sftp/scp


Sshd


Http


80


Apache/Web


Httpd


Sunrpc


111


RPC/NFS related service


Portmap


Https


443


Apache/web SSL


Httpd


Smtp


25


Sendmail/SMTP mail


Sendmail


Domain


53


BIND DNS


Named


Ipp


631


CUPS


Cupsd


Nfs


2049


Network file system


nfs


Mysql


3306


MySQL database


mysqld



You'll need to know these service names and ports whether you're controlling access to them on a single stand-alone server firewall or protecting an entire network of these services as a NAT router firewall setup would do.

Lets take a look at when you might want to just use basic service access control on a single server with TCP wrappers.


Full Firewall or Trusted Access Control?


If the services that you want to allow or disallow access to are running on a server connected to a trusted network or LAN, you can use either TCP wrappers or iptables to set up your local server-side service access control (personal firewall). That said, TCP wrappers is really not considered to be a true hardened firewall grade form of access control because incoming data is allowed past the networking stack into what's called user space. This is where many Internet worms and attacks are launched to strike, and this in turn means that you can still be cracked if your TCP wrappers-based system is attacked with a known TCP wrappers exploit. Armed with this knowledge, if you have a single server on an untrusted network or directly on the Internet and you wish to run a serious single host-based firewall configuration, iptables should be your only real choice for a real firewall.

If you're already on a secure network and you just want to allow/disallow services to various IP addresses, hosts, or networks within your network, then TCP wrappers might be easier for you to use.





Caution

While TCP wrappers is fine for doing basic allow/deny access to services on a trusted network or LAN, it should not be used in the wild, on an untrusted network, or on the Internet without some form of real firewall in front of it (such as iptables or a full-blown network firewall).


Figure 11-1 shows a basic single-homed or stand-alone firewall. Note the single computer with its single network connection. This would typically be the configuration of a server running its own iptables-based firewall or TCP wrappers service control, already behind a network-wide corporate firewall, for example.


Figure 11-1: A single-homed stand-alone server can use an iptables-based firewall config or TCP wrappers to control incoming service requests, but not all services can be controlled with TCP wrappers by default.

Dual-homed firewalls (Figure 11-2) are designed to protect an entire network of PCs or servers, and sometimes act as NAT-based routers for your LAN (more on this later). See Figure 11-2 for an example of a dual-homed firewall or network firewall configuration.


Figure 11-2: Dual-homed or network firewalls are designed to protect entire networks of machines, not services running on the same server. These firewalls should only be using iptables.





Note

In addition to single-homed and dual-homed firewalls, you may also run across tri-homed firewalls. These firewalls incorporate a DMZ, or demilitarized zone, which is a semiprotected network outside the protected internal network. Tri-homed firewalls are beyond the scope of this book, but you can learn more by consulting RFC 2647 or doing a Google web search on firewall and DMZ.


As you read more about firewalls, you will come across the terms trusted and untrusted interfaces. These terms are used in relation to network and security boundaries. A dual-homed (or two network card) firewall is usually placed between a trusted and an untrusted network, and so the two interfaces on the firewall that physically connect to these networks get their names accordingly. If you have a trusted network interface (for example, eth0 ) and an untrusted network interface (such as

eth1 ), you need to use iptables (along with ip forwarding) to control network access through your firewall from one interface to the other. (You can see the interfaces and the networks they're connected to in Figure 11-2.)


Now that some of the basics on firewall theory are out of the way, the next section focuses on the differences between TCP wrappers and iptables, and when and how to use each.

/ 213