our site has been updated ...please check the latest version of this site http://www.labnium.org

Our site has been updated to http://www.labnium.org Please check out the newer version of this site

Wednesday, February 3, 2010

10 Tips to make Linux networking easier

10 Tips to make Linux networking easier

Post under , , at 7:41 PM Posted by World Love


Networking is a must-have on all levels of computing. Be it home or
corporate, networking is the one aspect of computing that is, without
a shadow of a doubt, a deal breaker. And with some help, the Linux
operating system can be the king of networking, in both ease of use
and security. But that doesn't mean the average (and sometimes even
the above-average) user can't use some help. These tips should help
make Linux networking go a little more smoothly.


1. Make use of your /etc/hosts file
the hosts file is used for static host names and is a quick way to
create networking shortcuts. One of the first things I do on a Linux
machine is add various machines to the /etc/hosts file. This saves me
from having to type a lot of IP addresses. The format of an address
for this file is:
IP_ADDRESS NICKNAME
For example, if I use one machine for a backup location at IP address
192.168.1.101, I could enter:
192.168.1.101 backups
Now if I have to connect to that machine, say with secure shell, I can
just type ssh -v -l username backups to make the connection.


2. Keep out unwanted users with /etc/hosts.deny
Yet another helpful "hosts" file is the hosts.deny file. This file
allows you to create access control based on client or server names.
This is helpful in many ways. You can block blacklist domains from
gaining access to your network or you can block certain users from
gaining access to certain machines. But no matter how you use it, the
format is the same.
Let's say you want to block the domain bad.domain.name from gaining
access to a machine. To do this, open up the /etc/hosts.deny file (you
will need either root or sudo privileges) and add:
ALL: bad.domain.name
to the bottom of the file. Save it and you're good to go.


3. Let WICD handle your wireless woes
I can't tell you how many times I have found myself banging my head
against a server rack. For the longest time Linux and wireless
networking were simply not good bedfellows. But that is quickly
becoming a thing of the past. With modern distributions, wireless card
detection has become a no-brainer. The issue now is encryption. Many
of the Linux wireless tools have trouble when any encryption is
involved. But the WICD tool takes care of this. Now, connecting to WPA
or WPA2 encrypted wireless networks is simple. Add to that the
amazingly easy GUI employed by WICD and you can check one nasty
headache off your list.


4. Download and install a front end for iptables
You can't assume that just because you are using Linux, you are
secure. You still need some security. And the best security you can
have with Linux is iptables. The only problem with iptables is that it
can be challenging (especially for the new user). Fortunately, there
are outstanding graphical front ends for iptables. One of the best is
Firestarter. This front end makes employing iptables a simple process,
so you won't keep bypassing security out of fear of the learning
curve.


5. Get to know the command-line tools
Let's face it: If you're running Linux, there might be an instance
where you will need to restart your network and you won't have access
to the GUI. In this particular case, knowing that /etc/rc.d/network
restart will do the trick will solve your problem. Of course, that is
not the only networking command-line tool. You'll also want to know
tools like dhclient, traceroute, samba, ping, and netstat.


6. Hard-code your DNS server addresses
I don't know how many times I have had networking problems that
pointed directly at missing DNS server addresses. To this end, I have
made it habit to hard-code my DNS servers into the /etc/resolv.conf
file. The format of the entries is:
nameserver IP_ADDRESS
where IP_ADDRESS is the address of your name server. You can have as
many name servers listed as you need.


7. Install ClamAV
If you run a mail server, an antivirus is essential. Even though you
are running Linux and you know your mail server is immune to
99.9999999% of the viruses in the wild, that doesn't mean all those
clients that download mail from your server are immune. With this in
mind, you will make your administrating life far easier if you install
an antivirus like ClamAV onto your Linux mail server. It will give you
peace of mind and enough security to ensure that your users most
likely won't come knocking at your office door demanding retribution.


8. Know how to configure an IP address manually
Yes, there are GUI tools for this. And yes, they all work very well.
But as you will eventually find if you administer any operating system
long enough, it's never bad to have backup tools to help you do your
job. And one of the best backup tools for Linux networking is the
ifconfig command. Not only will this command return to you (with no
arguments) your network card information, it will also allow you to
configure your network card manually. This is done like so:
/sbin/ifconfig eth0 192.168.1.10 netmask 255.255.255.0 broadcast 192.168.1.255
Of course, you will want to plug in your particular information as it
applies to the above.


9. Get to know your /etc/interfaces (Ubuntu) or
/etc/sysconfig/network-scripts (Red Hat/Fedora) file(s)
This file (or files) is where the information for each network
interface is stored. The format for this file is:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet dhcp
auto eth2
iface eth2 inet dhcp
auto ath0
iface ath0 inet dhcp
auto wlan0
iface wlan0 inet dhcp
As you can see above, all of my interfaces are set up for dhcp. This
is my laptop, which goes with me everywhere, so dhcp is a necessity.
But what if I use the wired interface in only one location? For that,
I can hard-code the information here under the eth0 interface like so
(for Ubuntu):
iface eth0 inet static
address 192.168.1.10
netmask 255.255.255.0
broadcast 192.168.1.255
network 192.168.1.104
gateway 192.168.1.1
Or like so (For Red Hat/Fedora):
DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.1.255
IPADDR=192.168.1.10
NETMASK=255.255.255.0
NETWORK=192.168.1.104.0
ONBOOT=yes
Again, you would plug in all the information suited to your network
and your device.


10. Don't forget smbpasswd when setting up Samba
Nearly every time clients come to me with Samba issues, the problem is
that they haven't added the user and a password with smbpasswd.
Without doing this, the user will not be able to authenticate to the
Samba server. And when using smbpasswd to add a new user, you have to
add the "-a" switch like so:
smbpasswd -a USERNAME
After you hit Enter, you will be asked for the users' password
(twice).
NOTE: You must have root access (or sudo) to pull this off.
These 10 quick tips should help make various aspects of Linux
networking easier. You never know when you'll wind up having to rely
on the command line or you'll need to enlist the help of a graphical
front end for iptables. Now, if you do, you should be good to go.
Digg Google Bookmarks reddit Mixx StumbleUpon Technorati Yahoo! Buzz DesignFloat Delicious BlinkList Furl

0 comments: on "10 Tips to make Linux networking easier"

Post a Comment

Subscribe to: Post Comments (Atom)