LiTo begin, you’ll find out how to use Samba 4 to create an Active Directory compatible directory service for your network, then you’ll see how to set up file storage. In this section you will learn how several options to explore in order to host your own file storage, including Samba, NFS, and WebDAV.
Moving on, you’ll learn how to set up an e-mail server, and we'll look at how e-mail works as a service. You’ll also set up SMTP and IMAP mail services, and enable spam filtering. Then we’ll configure our own XMPP-based IM service, configure it to communicate with other XMPP services, and configure Pidgin as a client to utilize the service.
After that, you’ll see how to start monitoring services on your network using Nagios. Then, you’ll map out the network so you can discover what is actually there. Finally, you’ll discover how to watch over your network through centralized logging and manage an intrusion detection system using Snort.
About The Author
Gregory Boyce is a technologist with nearly 20 years' experience using and managing Linux systems. When he's not at work or spending time with his wife and two daughters, he plays around with new technologies. Gregory has spent the last 15 years working at Akamai Technologies, where he has worked in roles ranging from Network Operations, Internal IT, Information Security, Software Testing, and Professional Services. Currently, he heads up the Linux OS team that manages Akamai's custom Linux operating system, which runs on their massively distributed customer-facing network.
In this video, we will look at how the synchronization of settings works, and what it will coordinate on your behalf.
In this video, we will join machine to the domain using Administrator credentials to participate in an AD-style domain.
In this video, we will be setting up a simple read-only file server using Samba, and then we will expand on it from there.
Samba supports granting authenticated access to shares in addition to making them available as public shares.
NFS is trivial to set up and is typically rather fast, but it can introduce some interesting security issues if it is not done correctly.
WebDAV clients are built into macOS and Windows as well as the file managers for Gnome, KDE and many other Linux desktop environments.
Postfix comes with a set of sane, safe defaults. Additionally, any setting, which is not defined within your configuration file uses that default. This allows for very stripped down configuration files, although you are certainly free to define all the defaults within your configuration file if you want.
Rather than depending on the A record, you can use one or more MX records with defined priorities that point to A records which may be in or out of the domain you're configuring.
We're going to look at setting up a Dovecot e-mail server.
We cannot send mail from remote systems. In order to enable this functionality, we need to configure Postfix to require auth for sending outbound mail from remote users.
Postfix can utilize TLS for securing communication in a few ways.
There are steps that can be taken in order to detect or limit the spam directed to your system.
SpamAssassin uses a number of methodologies to identify spam messages and then either filter, tag or drop them.
In this video we're going to look at ejabberd, which is an extremely powerful and flexible option that has great online documentation.
There are special DNS records which you can optionally add to your zone file in order to change how the XMPP service operates.
Here we will look at how to use Pidgin to connect to our XMPP server.
Nagios is an industry standard for open source monitoring and reporting. It is incredibly flexible and extendable, for better or worse.
This will allow you to use a finer grained access control as well as making your life easier, as employees come and go in the company.
Monitoring your local system, you have full access to information regarding number of processes, amount of memory, CPU usage, and so on. When you're looking at remote systems, you're limited to accessing remotely accessible information like if a remote port is listening, ping ability, and so on.
You need to define a name for the service and the command to run in order to monitor it.
This video helps us to see how an existing command is defined, or if you want to define your own custom command.
NRPE runs on the machine that you'd like to monitor and executes the same commands/ plugins which Nagios itself would have.
SNMP is useful for monitoring network equipment like routers and switches, which often have SNMP agents built into them.
Most commonly used as a port scanner, but it actually started its life as a network-mapping tool for discovering hosts. It can utilize ICMP, UDP, and TCP.
Some systems choose to block the ICMP traffic, which can result in them not appearing in a ping scan. Any system on your local network, however, must respond to ARP requests if they are going to communicate with additional machines on the network.
There are a number of different types of TCP scans, we are going to look at the two most common ones, the Connect scan and the SYN scan.
UDP is not so easy, being stateless. A UDP packet to a closed port will result in an ICMP Destination Port Unreachable message. A filtered UDP packet will result in no response.
Explore a library or code fragment without having to first set up a new solution and even experiment with different possible approaches when problem solving
nmap can attempt to identify the Operating System running on a particular system.
Linux servers are typically configured to use a syslog based logging system for handling events.
To start monitoring our network for irregular traffic, we are going to start by installing a Snort IDS.
Having a place to download rules from is great, but having a way to keep them up to date in an automated manner is even better. With Snort, this can be done by the PulledPork tool, which automates the downloads, installation, and management of the rule sets.
The default Snort configuration causes it to log any triggered alerts in unified2 format.
Packt has been committed to developer learning since 2004. A lot has changed in software since then - but Packt has remained responsive to these changes, continuing to look forward at the trends and tools defining the way we work and live. And how to put them to work.
With an extensive library of content - more than 4000 books and video courses -Packt's mission is to help developers stay relevant in a rapidly changing world. From new web frameworks and programming languages, to cutting edge data analytics, and DevOps, Packt takes software professionals in every field to what's important to them now.
From skills that will help you to develop and future proof your career to immediate solutions to every day tech challenges, Packt is a go-to resource to make you a better, smarter developer.
Packt Udemy courses continue this tradition, bringing you comprehensive yet concise video courses straight from the experts.