Slashdot Mirror
Linux Network Administrator's Guide, 2nd Edition
This book cleared up many questions I had, enabling my home network to run more efficiently and securely. For example, I learned about many options that can be adjusted in the kernel configuration to allow building a customized kernel which is optimized for your system and needs. This took me one step closer to being ready for my first attempt at compiling my own kernel. I also learned about and implemented some changes to my DNS configuration (improvements to /etc/hosts and /etc/resolv.conf), which resulted in faster name resolutions for web browsers and file managers. I found the information to be detailed enough so that I got what I needed, but not so overwhelming as to turn off my interest level. Another positive note was that the descriptions and examples given throughout the book are "distribution-neutral." I'm using Mandrake 9.1 and RedHat 9, and the configuration file instructions matched up perfectly with both filesystem structures. I believe they would also apply directly to other mainstream distributions, or be easily adapted to slightly different locations.
The book covers some history of networking, and explains the TCP/IP protocol in great detail. Issues covered include IP addressing/subnetting, name resolution, routing, kernel considerations, and drivers. The next several chapters discuss how to configure many kinds of networking hardware and software, such as ethernet, serial/SLIP/PPP, and NIS/NFS. There were great examples of the configuration files that require editing, with understandable explanations of why you were doing it. A make-believe small business is used as an example throughout the book, as they build and expand their corporate network and integrate with other branches of the company.
The next section covered how to set up a firewall/router, again with great example configuration files and scripts. This part went into just the right amount of detail, and included discussion on packet filtering, firewall testing, IP packet accounting, and NAT/masquerading. I'd say I got the most amount of useful knowledge from this section, and will refer to it many times again when I get around to building a router for the home LAN. I now feel that I have enough knowledge to replace my LAN's commercial router with an older computer I have laying around, running Linux with a customized iptables firewall. The IP/packet logging and accounting procedures I now understand will make me feel much more comfortable with what's going on in my network, and the security issues involving the internet interface.
There are several chapters dedicated to setting up and understanding various network services that you may with to install and administer. These include email server/client, UUCP/Usenet news, NNTP and INN, and DNS. There are excellent diagrams, tables, and examples throughout the book. If there was one area I would have liked to have seen addressed (maybe in the next edition?), it would be to have at least an introductory chapter addressing the use of Samba, as it is a common, easy method of integrating a Linux network with Windows computers. Overall I was very pleased with the book, and would recommend it to anyone interested in Linux networking. It has something for everyone, at all skill levels. The table of contents and index are excellent, and you can find exactly what you're looking for very quickly. Additionally, the book offers an excellent list of other reference books, websites, newsgroups, and user groups to assist with getting more in-depth information. I'd like to extend a "well done" to the authors, and to O'Reilly Publishing!
You can purchase the Linux Network Administrator's Guide, 2nd Edition from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page. Dan Clough suggests you visit the Pensacola Linux User's Group, too ;)
Hello, I just picked up a copy of this book. It was so good I immediately began digging for my other C-64s in order to try forming my own network in Linux.
I have to say that setting things up was easy, and getting mplayer to run (and even exporting it to other C-64 terminals was a snap. My Baywatch SVCDs run *flawlessly*)
Overall, I give this book 9 out of 10.
I have never liked this book. It does a great job of telling me things I don't need to know.
I wish I had only spent my money on Essential System Administration, 3rd edition (Frisch), rather than both.
But why do I feel like I just walked out of a showroom for this year's new cars?
"He slimed me, Ray"...
Seriously, c'mon, give me the negatives. There had to be some negatives. Nothing's perfect.
It should be the running theme with Linux:
Linux Network Administrators Guide 2nd ed
O'Reilly Linux Command Reference
As far as "networking for linux", I wouldn't put any of those computers "online" without something else between them and the internet. Like a linux box running a BSD, Slackware, or Debian. The overhead and unneccessary packaging for those systems makes it an internet nightmare.
You're right you know "enough to be dangerous" as in getting some worm and unknowingly using your computer as the host of a DDoS attack.
Ignore the "p2p is theft" trolls, they're just uninformed
Having read this book I can tell you that it is NOT really for beginners. You may want to try Essential System Administration , which is also by O'Reilly .
As part of O'Reilly's Open Books Project, this book is also available (without the shiny binding) for free. You can also pickup PDF's and the like the Linux Documentation Project's guides section.
Christian Jones
Medicine. Mathematics. Mediocrity.
This one is a great addition to the {book shelf, work's library}, you all know how to do certain things in {Linux, Windows, Tae Bo, Winsor pilates, using decss, etc} but this book clarifies nicely why you are actually doing it. Also, it introduces nice {UNIX, MFC, advanced jump kick, high-calorie burning, fast dubbing, etc} concepts which {Window$, Linux, Tae Kwan Do, yoga, warez groups, etc} might not have come across before.
Follow my template and you too can have a karma gaining early post!
Essential System administration by Aeleen Frisch. Covers Solaris, Aix, Linux, HPUX, SCO etc. Alas no OS X.
ThereÂs a review here.
relevant topics like 'Using Kerebos as an authentication model', 'Fun with LDAP', 'Throwing NIS out the window for a secure networking scheme', rewriting Ext3 and Reiser for network authenication support', or a myriad of other topics that are actually relevant today.
Instead of the Barnes and Noble link...get it here for almost 40% less:
Bookpool
Does anybody else buy a book w/ the best intentions and end up doing all of your research online?
This guy is way out there
I have this book as well, and do not share the reviewer's enthusiasm for it, on several points.
1. It is old (2000, original edition is 1995) and vast sections of the book are completely useless.
2. It is too concise. The sections on NAT and Firewall are vague, and i had to consult additonal resources just to figure out how to get it to work. I had the same problems with the DNS chapter and the NIS chapter. This book gives enough info to let you know what something is, but often not enough to serve as a useful reference. The authors encourge you to buy additional o'reilly books if you want to know more, which is annoying.
3. Important stuff is missing. SSH? nothing. SAMBA? nothing. Entire chapters dedicated to obsolete technologies like PPP, SLIP, IPX, and UUCP? lots.
4. This book did not need four chapters on how to setup a Usenet news server. What a waste!
Although I was a newbie when I first read it, and learned a lot, i would recommend people look elsewhere. This book is simply too out-of-date. Half of it should be omitted, and the other half expanded so as to become usable.
So let's see, a RH box with all services (other than perhaps SSH if you're into getting home from the outside) shut down, and iptables set to basically drop everything...
Yeah, that would suck, you're right. Every machine I have should be a part of someone else's DDoS attack by now if you were right. We should bow before your expertise.
Why would you trust a SCO employee with your Linux Network Security?
Just built one myself, and while challenging, was definealty worth the effort. I used New Riders Linux Firewalls and found it a great reference. Best part is once you have set up your router as you like, just burn the config scripts to cdrom and you will be able to make your own router out of most old junk computers and a minimal amount of spare time. Another great thing is that you can make it as mild, or wild as you want, nat, stateful packet inspection, dhcp, ssh, or whatever features you want.
So a novice has no business reviewing a book for novices?
Good luck with that.
Could you elaborate? What's so horrible about the packaging? If anything, his sytem is typical of a
geek home network.
What's so horrible about his setup?
I wouldn't put any of those computers "online" without something else between them and the internet.
Most "Speedstream Router/Switch" have NAT and a firewall to control access to IPs and ports. Hopefully he also keeps his sytems up to date and has updated anti-virus software running on his Windows boxes. Hopefully he uses tripwire.
Like a linux box running a BSD, Slackware, or Debian.
Many people would disagree with you here. Just installing Linux on a computer isn't some magic pill that will solve your firewall nightmare.
Running a dedicated SlipStream router has many advantages over a linux router: It's simple, easy to maintain, and is (hopefully) effective out of the box.
Running a firewall on top of a full fledged OS can add alot of overhead and unnecessary packaging, and can be very (human) error prone. For instance, his SlipStream box does not have CVS or CC installed, so there's no chance of a hacker compiling odd tools on his router.
You're right you know "enough to be dangerous" as in getting some worm and unknowingly using your computer as the host of a DDoS attack.
Your "You suck, you should use Linux"-solution isn't any better. How will your suggestion stop him from getting a worm or from DDOSing someone?
"Can of worms? The can is open... the worms are everywhere."
Security means bringing on less advantages for an attack. And using the systems the reviewer mentioned there is no way the system could ever be secure unless they went through and stripped the NAT server down. Considering they didn't even know how to compile their own kernel I highly doubt they did this.
So, Get Bent.
Ignore the "p2p is theft" trolls, they're just uninformed
"Global Domination Handbook" by Microsoft Press
"Maintaining Good Business Relationships - The SCO Way"
"The Enron Guide to Business Ethics"
I'd don't know my skill level with Linux and networking versus the reviewer, but I'd fall into the category of "just enough knowledge to be dangerous".
/etc/hosts file and be done with it. Do you really need a DNS server for that? And if you REALLY need critical DNS, do you want to use a "survey book" to set-up the configuration! Please! The hosts file is about the extent this book should go with DNS as far as I'm concerned.
Frankly, there are negatives to this book. A few examples I can think of off the top of my head (unfortunately, I don't have the book in front of me to refresh my memory) are:
Generally, no matter what topic in the book, all you get is a simple walkthrough of the commands and minimal description of why you do them or what to do for an unusual set-up. Well, ok, I understand it is "survey type" book, but since all this stuff is readily available via man pages, How-Tos and newsgroups, why buy a 40 dollar book on it?
For example, getting an ethernet adapter configured via the command line was easy to do, but hard to follow in the book as to why you use certain commands and flags and what things other than the simple example they are good for. I didn't get a great explanation as to theifconfig command and the route command. Also, it was difficult to understand how to configure two ethernet adapters on the same machine in order to set up a Linux firewall or DHCP server in place of a router.
The section on DNS is a big waste of time. If you are going to delve into DNS, you might as well get O'Reilly's DNS & Bind and slog through that nightmare (not the book, setting up DNS). If all you are doing is setting up 5 machines behind a home router (my set-up is similar), then just use the
I'd say the same for setting up a mail server... with all I hear about sendmail, why would I count on the simplistic outline in a general Linux networking book for configuring sendmail? Especially with the chance of screwing it up and having all hell break loose with the mail server and my network!
It is not a worthless book. It does a good job of explaining how the internet works, how you set-up a machine to be on the internet and what general security issues are involved (i.e., enough for some clown like me to keep his network safe behind a home router or even behind linux router if you slog through setting that up).
I won't pretend to be a professional IT guy. But I do like playing around with home networking using various services for fun, so when I buy a book like this, I'd like it to contain more than just simple examples and a rehash of readily available stuff from man pages and How-Tos.
-Anthony
While I worked some on this O'Reilly's open book policy and am proud to see it growing, I also should admit for historical accuracy that the Linux Network Administrator's Guide started as an LDP project. I made a deal with Olaf Kirch, the first author: O'Reilly would put in a lot of editing and production work and donate it all back to the free version of the book, and in return we'd publish it. The license has changed over time, but the book started out open and has remained that way. Nevertheless, I and the rest of the company invested a lot of time and money into making it a strong, professional text.
Hey! I already reviewed this book. Right here on slashdot. Almost three years ago.
Oceania has always been at war with Eastasia.
I now feel that I have enough knowledge to replace my LAN's commercial router with an older computer I have laying around, running Linux with a customized iptables firewall.
That's kinda funny. I just went the opposite direction a few weeks ago -- had an old P-200 as my firewall, but I sprung a whopping $9.99 for a D-Link router/firewall. Why? There are a few reasons. One less machine to maintain (I have enough machines already, thank you). One less machine drawing power (yeah, electricity is included in my rent for now, but one day I'll be out on my own, so I should start getting used to downsizing now). One less machine to drain the UPS when power goes out (ugh... you'd think Niagara Mohawk would have their act together after, what, a hundred years of being in the business?).
The D-Link does everything I need it to, is stable, quiet, always on... having a dedicated computer was fun, but this is a better solution for me.
Have EVDO, will travel.