Slashdot Mirror
Linux Network Administrator's Guide, 2nd Edition
This book cleared up many questions I had, enabling my home network to run more efficiently and securely. For example, I learned about many options that can be adjusted in the kernel configuration to allow building a customized kernel which is optimized for your system and needs. This took me one step closer to being ready for my first attempt at compiling my own kernel. I also learned about and implemented some changes to my DNS configuration (improvements to /etc/hosts and /etc/resolv.conf), which resulted in faster name resolutions for web browsers and file managers. I found the information to be detailed enough so that I got what I needed, but not so overwhelming as to turn off my interest level. Another positive note was that the descriptions and examples given throughout the book are "distribution-neutral." I'm using Mandrake 9.1 and RedHat 9, and the configuration file instructions matched up perfectly with both filesystem structures. I believe they would also apply directly to other mainstream distributions, or be easily adapted to slightly different locations.
The book covers some history of networking, and explains the TCP/IP protocol in great detail. Issues covered include IP addressing/subnetting, name resolution, routing, kernel considerations, and drivers. The next several chapters discuss how to configure many kinds of networking hardware and software, such as ethernet, serial/SLIP/PPP, and NIS/NFS. There were great examples of the configuration files that require editing, with understandable explanations of why you were doing it. A make-believe small business is used as an example throughout the book, as they build and expand their corporate network and integrate with other branches of the company.
The next section covered how to set up a firewall/router, again with great example configuration files and scripts. This part went into just the right amount of detail, and included discussion on packet filtering, firewall testing, IP packet accounting, and NAT/masquerading. I'd say I got the most amount of useful knowledge from this section, and will refer to it many times again when I get around to building a router for the home LAN. I now feel that I have enough knowledge to replace my LAN's commercial router with an older computer I have laying around, running Linux with a customized iptables firewall. The IP/packet logging and accounting procedures I now understand will make me feel much more comfortable with what's going on in my network, and the security issues involving the internet interface.
There are several chapters dedicated to setting up and understanding various network services that you may with to install and administer. These include email server/client, UUCP/Usenet news, NNTP and INN, and DNS. There are excellent diagrams, tables, and examples throughout the book. If there was one area I would have liked to have seen addressed (maybe in the next edition?), it would be to have at least an introductory chapter addressing the use of Samba, as it is a common, easy method of integrating a Linux network with Windows computers. Overall I was very pleased with the book, and would recommend it to anyone interested in Linux networking. It has something for everyone, at all skill levels. The table of contents and index are excellent, and you can find exactly what you're looking for very quickly. Additionally, the book offers an excellent list of other reference books, websites, newsgroups, and user groups to assist with getting more in-depth information. I'd like to extend a "well done" to the authors, and to O'Reilly Publishing!
You can purchase the Linux Network Administrator's Guide, 2nd Edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. Dan Clough suggests you visit the Pensacola Linux User's Group, too ;)
While I think it's great that many of these are for free online, many people (including myself) do not enjoy reading a book on screen. I guess sometimes you just can't beat an old-fashioned book...
Essential System administration by Aeleen Frisch. Covers Solaris, Aix, Linux, HPUX, SCO etc. Alas no OS X.
ThereÂs a review here.
relevant topics like 'Using Kerebos as an authentication model', 'Fun with LDAP', 'Throwing NIS out the window for a secure networking scheme', rewriting Ext3 and Reiser for network authenication support', or a myriad of other topics that are actually relevant today.
Would you rather no one ever tried Linux?
This coming from the guy who suggests having linux box such as a BSD, Slackware or Debian to be used a firewall between his regular machines and the internet.
While I understand what you were saying I find it odd that you even unconciously refer to a BSD as a linux machine.
Just because the reviewer had little previous experience, that doesn't invalidate the experiances he did have. The guy wrote a review, not a athoratiative research paper.
What does the article create Fear, Uncertainty OR Doubt about?
Could you elaborate? What's so horrible about the packaging? If anything, his sytem is typical of a
geek home network.
What's so horrible about his setup?
I wouldn't put any of those computers "online" without something else between them and the internet.
Most "Speedstream Router/Switch" have NAT and a firewall to control access to IPs and ports. Hopefully he also keeps his sytems up to date and has updated anti-virus software running on his Windows boxes. Hopefully he uses tripwire.
Like a linux box running a BSD, Slackware, or Debian.
Many people would disagree with you here. Just installing Linux on a computer isn't some magic pill that will solve your firewall nightmare.
Running a dedicated SlipStream router has many advantages over a linux router: It's simple, easy to maintain, and is (hopefully) effective out of the box.
Running a firewall on top of a full fledged OS can add alot of overhead and unnecessary packaging, and can be very (human) error prone. For instance, his SlipStream box does not have CVS or CC installed, so there's no chance of a hacker compiling odd tools on his router.
You're right you know "enough to be dangerous" as in getting some worm and unknowingly using your computer as the host of a DDoS attack.
Your "You suck, you should use Linux"-solution isn't any better. How will your suggestion stop him from getting a worm or from DDOSing someone?
"Can of worms? The can is open... the worms are everywhere."
I now feel that I have enough knowledge to replace my LAN's commercial router with an older computer I have laying around, running Linux with a customized iptables firewall.
That's kinda funny. I just went the opposite direction a few weeks ago -- had an old P-200 as my firewall, but I sprung a whopping $9.99 for a D-Link router/firewall. Why? There are a few reasons. One less machine to maintain (I have enough machines already, thank you). One less machine drawing power (yeah, electricity is included in my rent for now, but one day I'll be out on my own, so I should start getting used to downsizing now). One less machine to drain the UPS when power goes out (ugh... you'd think Niagara Mohawk would have their act together after, what, a hundred years of being in the business?).
The D-Link does everything I need it to, is stable, quiet, always on... having a dedicated computer was fun, but this is a better solution for me.
Have EVDO, will travel.