Scribd Logo
Fazer o upload

Bem-vindo(a) ao Scribd!

  • Internet Conn

    Enviado por

    Dakshin Krish
    10 visualizações26 páginas
    Ifconfig is used to configure the kernelresident network interfaces. Route, ip apache, ftp tcpdump and ethereal Servers Setup - Troubleshooting. Iptables is used to block some types of denial of service (DoS) attacks.

    Descrição original:

    Direitos autorais

    © Attribution Non-Commercial (BY-NC)

    Formatos disponíveis

    PDF, TXT ou leia online no Scribd

    Você considera este documento útil?

    Este conteúdo é inapropriado?

    Denunciar este documento
    Ifconfig is used to configure the kernelresident network interfaces. Route, ip apache, ftp tcpdump and ethereal Servers Setup - Troubleshooting. Iptables is used to block some types of denial of service (DoS) attacks.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    10 visualizações26 páginas

    Internet Conn

    Enviado por

    Dakshin Krish
    Ifconfig is used to configure the kernelresident network interfaces. Route, ip apache, ftp tcpdump and ethereal Servers Setup - Troubleshooting. Iptables is used to block some types of denial of service (DoS) attacks.

    Direitos autorais:

    Attribution Non-Commercial (BY-NC)
    Baixe no formato PDF, TXT ou leia online no Scribd
    Sinalizar o conteúdo como inadequado
    de 26

    Linux Networking Basics

    Naveen.M.K, Protocol Engineering & Technology Unit, Electrical Engineering Department, Indian Institute of Science, Bangalore - 12.

    Outline

    Basiclinuxnetworkingcommands

    ifconfig,route,ip apache,ftp tcpdumpandethereal

    ServersSetup

    Troubleshooting

    Ifconfig

    Ifconfigisusedtoconfigurethekernelresident networkinterfaces.Itisusedatboottimetoset upinterfacesasnecessary.Afterthat,itis usuallyonlyneededwhendebuggingorwhen systemtuningisneeded. Options:


    interface up down netmask

    Ifconfig

    ``ipcommand

    ``routecommand

    NICConfiguration

    /etc/init.d/networkstart/stopcommand systemconfignetworkcommand

    LinuxFirewallConfiguration

    Using``iptablesand``systemconfigsecuritylevel

    Statefulpacketinspection FilteringpacketsbasedonaMACaddressandthevalues oftheflagsintheTCPheader Systemloggingthatprovidestheoptionofadjustingthe levelofdetailofthereporting Betternetworkaddresstranslation SupportfortransparentintegrationwithsuchWebproxy programsasSquid Aratelimitingfeaturehelpsiptablesblocksometypesof denialofservice(DoS)attacks.

    iptables execution

    LinuxFirewallConfiguration

    Using``iptables

    ACCEPT DROP REJECT LOG DNAT SNAT MASQUERADE:UsedtoSNAT.

    ipchainsrulesexamples

    iptablesAINPUTs0/0ieth0d192.168.1.1pTCPjACCEPT iptablesisbeingconfiguredtoallowthefirewalltoacceptTCPpackets cominginoninterfaceeth0fromanyIPaddressdestinedforthe firewall'sIPaddressof192.168.1.1.The0/0representationofanIP addressmeansany. iptablesAFORWARDs0/0ieth0d192.168.1.58oeth1pTCP sport1024:65535dport80jACCEPT iptablesisbeingconfiguredtoallowthefirewalltoacceptTCPpackets forroutingwhentheyenteroninterfaceeth0fromanyIPaddressand aredestinedforanIPaddressof192.168.1.58thatisreachablevia interfaceeth1.Thesourceportisintherange1024to65535andthe destinationportisport80(www/http).

    SERVERS WEB,FTP,DHCP.

    ApacheWebServer

    Downloadandinstall:http://httpd.apache.org/ Configurationfiles httpd.conf,access.conf.andsrm.conf

    <Directory /var/www/html> order deny,allow deny from all allow from 10.10.64 </Directory> ErrorDocument 404 /error.html DocumentRoot /var/www/html

    FTPServer

    Using``vsftpd Thevsftpd.confFile VSFTPDrunsasananonymousFTPserver. VSFTPDallowsonlyanonymousFTPdownloadstoremoteusers, notuploadsfromthem VSFTPDdoesn'tallowanonymoususerstocreatedirectorieson yourFTPserver VSFTPDlogsFTPaccesstothe/var/log/vsftpd.loglogfile BydefaultVSFTPDexpectsfilesforanonymousFTPtobeplaced inthe/var/ftpdirectory. Limitingthemaximumnumberofclientconnections(max_clients)

    DHCP:dhcpdanddhclient

    dhcpdDynamicHostConfigurationProtocol Server ImplementstheDynamicHostConfiguration Protocol(DHCP)andtheInternetBootstrap Protocol(BOOTP).DHCPallowshostsona TCP/IPnetworktorequestandbeassignedIP addresses,andalsotodiscoverinformationabout thenetworktowhichtheyareattached.


    #[PATHTODHCPD]dhcpd{start|stop|restart|status}

    dhcpdanddhclient

    DHCPClient,dhclient,providesameansfor configuringoneormorenetworkinterfacesusing theDynamicHostConfigurationProtocol, BOOTPprotocol,oriftheseprotocolsfail,by staticallyassigninganaddress.


    #[PATHTOdhclient]dhclient

    dhclientoutput

    dhcpd.confanddhclient.conf

    dhcpd.conffilecontainsconfigurationinformation fordhcpd Keywords:


    defaultleasetime,maxleasetime subnet,netmask,range,routers domainname,domainnameservers

    dhcpd.confanddhclient.conf

    dhclient.conffilecanbeusedtoconfigurethebehaviourof theclientinawidevarietyofways: protocoltiming,informationrequestedfromtheserver informationrequiredoftheserver defaultstouseiftheserverdoesnotprovidecertain information valueswithwhichtooverrideinformationprovidedbythe server, valuestoprependorappendtoinformationprovidedbythe server.Theconfigurationfilecanalsobepreinitializedwith addressestouseonnetworksthatdon'thaveDHCPservers.

    dhcpd.confanddhclient.conf

    dhcpd.confanddhclient.conf

    Troubleshooting

    Tcpdump

    Tcpdumpprintsouttheheadersofpacketsonanetwork interfacethatmatchthebooleanexpression.

    Ethereal

    Protocolanalyzer,or"packetsniffer"software,usedfor networktroubleshooting,analysis,softwareandprotocol development,andeducation.Ithasallofthestandard featuresofaprotocolanalyzer.

    TCPDUMP

    Ethereal

    Ethereal

    Ethereal

    Você também pode gostar