1 Linux Networking and Security Chapter 4

2 Configuring Client Services Configure “superservers” to handle multiple network services Set up administrative services like logging and printing Use simple network information services like finger and talk Understand basic mailing list and news server configurations

3 The Superservers Superservers listen on multiple network ports and start the appropriate service when a client connection arrives for that port. xinetd is a superserver gaining popularity  It is a revised version of inetd that creates a more secure environment  Shipped with Red Hat Linux xinetd is the most widely used superserver  Application level security is provided via TCP Wrappers - the tcpd program

4 TCP Wrappers

5 TCP Wrappers - tcpd - is an application-level access control program  TCP Wrappers is not a firewall and should be used with one if Linux security issues exist  Configuration is done by two files: /etc/hosts.allow and /etc/hosts.deny  Ensure proper and expected configuration by testing carefully before relying on it

6 TCP Wrappers

7 Services Beyond the Superserver Many services do not rely on superservers, they are designed to run standalone  Apache Web server is the best example of this  Servers such as SMTP and FTP can be used in standalone mode, or with inetd or xinetd  FTP runs more efficiently in standalone mode if much FTP traffic is expected

8 Exploring Network Testing Services There are 5 common testing services and they are used via Telnet  The echo service repeats back whatever you type showing that a remote host is receiving typed data  The chargen service returns a character stream and continues to until the session is ended  The discard service is like /dev/null  The time service returns a number corresponding to the current time and closes the connection  The daytime service returns the current date/time in human- readable form, then ends the session

9 Using Administrative Services Logging with logd  System logging can be done remotely using syslogd by enabling another host to receive syslog messages across the network and specifying a host in /etc/syslog.conf Printing with lpd  Linux can print across the network using lpd when printer definitions that specify remote hosts cause a local copy of lpd to contact lpd running on a remote host and forward the print job to that host

10 Using Administrative Services

11 Using Administrative Services

12 Using Administrative Services Time Management with NTP  Time in Linux is managed using the Network Time Protocol (NTP), which is implemented by the ntpd daemon  On a LAN, NTP is designed to maintain correct time to within a few milliseconds, the NTP protocol is designed for precision of 232 picoseconds  The ntpd program is installed on most Linux systems by default and it is controlled by a script in /etc/rc.d/init.d

13 Using Administrative Services

14 Understanding SNMP on Linux The Simple Network management Protocol (SNMP) is designed to give feedback about how the components of the network are functioning  Use SNMP to determine if routers are overloaded or whether remote programs have crashed  An SNMP-aware program running on a host is called an agent and it is configured to watch for specific events on the host  An SNMP console gathers data from agents on the network for system administrator’s review

15 Benchmarking with NetPerf NetPerf provides benchmarking service to help determine how the throughput of the networking hardware compares with others  Benchmarking is the process of comparing items by evaluating their performance on a fixed task  Throughput tells how much data a connection can handle  NetPerf easily tests network speeds using the UDP and TCP transport protocols

16 Allowing Dial-in Access with a PPP Server The same program, pppd, is used for both the client and server sides of a PPP connection; the only difference is who calls whom and how pppd is configured  To set up a PPP dial-in server, you must have a getty-type program that watches a modem  mgetty is typically used since it was designed with modems in mind  mgetty starts pppd, however, mgetty must be configured to use the AutoPPP command

17 Using Basic Information Services Communicating with talk  The talk program uses the talkd daemon to allow a real-time conversation with another user who is logged in on a remote host and also using talkd  Talkd service must be enabled in /etc/inetd.conf or in /etc/xinetd.d/talkd  To work in a graphical display mode rather than a character- mode, access talkd functionality using a graphical tool such as Ktalk

18 Using Basic Information Services

19 Using Basic Information Services Using finger to Collect User Information  The finger program uses the finger protocol via the in.fingerd.daemon.finger  finger provides a user with information as to whether another user is logged in and for how long, as well as the user’s full name  finger is enabled in /etc/inetd.conf or /etc/xinetd.d/finger  To use a graphical finger client, use kfinger

20 Using Basic Information Services

21 Using Basic Information Services Collecting Server Information with whois  In order to learn more about a domain, access domain information in the database maintained by the domain registrar  The whois utility queries that database to learn about a specific domain  whois queries the main whois server, called whois.internic.net  Use whois with the help parameter to learn about extended queries you can make

22 Using Basic Information Services Linux Telephony  The term telephony typically refers to having a computer interact with a telephone in such a way that it can be an answering machine, it can route and track calls, and act as a voice recorder  Linux has support for special hardware cards that allow you to connect phone lines to the system  Using Linux as a fax server is a simple but useful form of telephony

23 Using Basic Information Services

24 Using Basic Information Services

25 Understanding Mailing Lists and News Servers A mailing list enables a group of users to share information on an ongoing basis via  The concept behind mailing lists is that when an message is sent (posted) to the list, the mailing list manager (MLM) sends the message to all users on the list  To become a member of a mailing list, users subscribe, where unsubscribing removes user

26 Understanding Mailing Lists and News Servers The advantage of mailing list software is that it automates subscribing, unsubscribing, and sending all the messages so individuals don’t have to spend time managing user lists  One of the most widely used MLM packages is majordomo  Other mailing list managers include: LISTSERV; ListProc; SmartList; Mailman

27 Understanding Mailing Lists and News Servers

28 Understanding Mailing Lists and News Servers Understanding Linux News Servers  Newsgroup postings are passed around the Internet using NNTP  The most widely used Linux news server software is INN, with the news server daemon innd  For most networks, setting up a dedicated news server is not worth the effort  A better solution is to gain access to an ISP’s news server

29 Understanding Mailing Lists and News Servers Linux News Clients  Linux provides several good news clients that allow the reading of newsgroup postings, either graphically or in text mode  Most full-featured Web browsers now include newsgroup browsing capabilities  Netscape browser is a popular browser option  Gnome and KDE are graphical options  The most widely used text-mode news reader is trn

30 Understanding Mailing Lists and News Servers

31 Chapter Summary The superservers, inetd and xinetd, listen to numerous ports and start network services when needed to respond to an incoming client request Application-level security is provided for inetd via TCP Wrappers - the tcpd program Ports are mapped to service names by the /etc/services file Some network services such as Apache Web server and the innd news server are not designed to be run by the superserver but standalone Network testing services such as chargen and echo are provided by inetd

32 Chapter Summary System logging can be done remotely using syslogd by enabling another host to receive syslog messages across the network and specifying a host in /etc/syslog.conf Linux can print across the network using lpd Time management in Linux is provided via NTP and the ntpd daemon SNMP provides detailed information about what is happening on hosts on a network NetPerf provides benchmarking service to help you determine how the throughput of your networking hardware compare with that of other systems

33 Chapter Summary To configure Linux as a PPP server, use mgetty or a similar program to watch for incoming modem calls The talk system lets users communicate in real-time between hosts Linux supports a number of chat-style messaging services such as Yahoo! Chat, America Online instant messager (AIM), and Microsoft Network The finger program provides a small user account summary The whois command lets you query information about a domain name through the network information databases maintained by name registers

34 Chapter Summary Linux telephony is a growing field that allows your computer to interact with voice telephone systems Voice-over-IP (VoIP) is a technology that allows you to make long-distance telephone calls Mailing List Management (MLM) software provides automated management of message delivery between a potentially large number of users Setting up a news server on Linux is possible, but maintaining such a server can entail much work Many Web browsers include news-reading capability