6. Software -Networking

Two ducks!

Linux being a product of the net revolution is a natural choice for a web server, mail server, a file and print server; if it is a part of your intranet environement, among various other roles it can perform superbly well. In this part we take a look at various avatars it can assume and serve your organisation for a long time to come. All distributions of linux whether be it RedHat or SuSe do provide in binary format tools/software for your linux to act as a Web server or a Mail server to mention a few, but the amount of advancements which happen in linux world are beyond the grasp of these companies for it to catch up. The situation is if something can be achieved, it will be done in shortest possible time hence we have used always source tarballs downloaded from the respective websites of the software(s) used as example in this book. This affords us the capability to configure, choose and optimise according to our needs. This part attempts to highlight the capablities of linux to act as a full fledged Web server, Mail server, a file and print server, as a B2B e-commerce point where the need of the hour is secure environement, etc. Enjoy!

Table of Contents
15. Software -Securities
15.1. OpenSSH
15.2. Configure and optimise Openssh
15.3. Configure the /etc/ssh/ssh_config file
15.4. Configure the /etc/ssh/sshd_config file
15.5. Configure OpenSSH to use TCP-Wrappers/inetd super server
15.6. OpenSSH Per-User Configuration
15.7. OpenSSH Users Tools
15.8. Installed files
16. Software -Securties(commercial)
16.1. Linux SSH2 Client/Server
16.2. Configure and Optimise SSH2
16.3. Configure the /etc/ssh2/ssh2_config file
16.4. Configure the /etc/ssh2/sshd2_config file
16.5. Configure sshd2 to use tcp-wrappers/inetd super server
16.6. Configuration of the /etc/pam.d/ssh file
16.7. Ssh2 Per-User Configuration
16.8. SSH2 Users Tools
16.9. Installed files
17. Software -Securities/System Integrity
17.1. Linux Tripwire 2.2.1
17.2. Configure the /var/tmp/install.cfg file
17.3. Configuration files
17.4. Configure the /usr/TSS/policy/twpol.txt file
17.5. Securing Tripwire for Linux
17.6. Integrity or Interactive Check Mode
17.7. Installed files
18. Linux Tripwire ASR 1.3.1
18.1. Install, Compile and Optimize
18.2. Configurations
18.3. Configure the /etc/tw.config file
18.4. Configure the /etc/cron.daily/tripwire.verify script
18.5. Tripwire in Interactive Checking Mode
18.6. Run Tripwire in Database Update Mode
19. Software -Securities/Management & Limitation
19.1. Linux GnuPG
19.2. Often used Commands
19.3. Importing keys
19.4. Encrypt and decrypt
20. Set Limits using Qouta
20.1. Qouta
20.2. Create of the quota.user and quota.group
20.3. edquota
20.4. Assign quota for a particular group
20.5. Often used Commands
21. Software -Networking
21.1. Linux DNS and BIND Server
21.2. Configure
21.3. Caching-only name Server
21.4. Primary master name Server
21.5. Secondary slave name Server
21.6. Run ISC BIND/DNS in a chroot jail
21.7. The syslog daemon
21.8. Clean-up and Test the new chrooted jail
21.9. DNS Administrative Tools
21.10. DNS Users Tools
21.11. Installed files
22. Software -Server/Mail Network
22.1. Linux Sendmail Server
22.2. Compile and optimize
22.3. Configurations
22.4. The /etc/sendmail.mc file /Central Mail Hub
22.5. Build and Tweak Sendmail
22.6. The /etc/mail/access and access.db files
22.7. The /etc/mail/aliases and aliases.db files
22.8. The /etc/mail/local-host-names file
22.9. The /etc/rc.d/init.d/sendmail script file
22.10. Secure Sendmail using smrsh
22.11. The /etc/mail/aliases file
22.12. Limit queue processing to root
22.13. Sendmail Administrative Tools
22.14. Installed files: Sendmail -Central Mail Hub
22.15. Installed files: Sendmail -Local server/client
23. Linux IMAP & POP Server
23.1. Configure and Compile
23.2. Configure to tweak
23.3. Enable IMAP or POP via the tcp-wrappers inetd super server
23.4. Installed files
24. Software -Networking/Encryption
24.1. Linux OPENSSL Server
24.2. Compile and Optimize
24.3. Configure OpenSSL to optimise
24.4. The /etc/ssl/openssl.cnf file
24.5. Create the /usr/bin/sign.sh program file
24.6. Commands -often used
24.7. Securing OpenSSL
24.8. Installed files
25. Linux FreeS/WAN VPN
25.1. IPSEC/VPN -FreeS/WAN
25.2. Compile, insert FreeS/WAN into the kernel
25.3. Reconfigure and install the kernel with FreeS/WAN VPN support
25.4. Configure to optimise
25.5. Automatic or Manual Key connections
25.6. The /etc/ipsec.conf file
25.7. The /etc/ipsec.secrets file
25.8. Configure RSA private keys secrets
25.9. Required network setup for IPSec
25.10. Testing the installation
25.11. Further documentation
25.12. Installed files
26. Linux OpenLDAP Server
26.1. Compile ans Install
26.2. Compile and Optimize
26.3. Configurations
26.4. Configure the /etc/ldap/slapd.conf file
26.5. Configure the /etc/rc.d/init.d/ldap script file
26.6. Securing OpenLDAP
26.7. OpenLDAP Creation and Maintenance Tools
26.8. Create the LDMB backend database on-line
26.9. OpenLDAP Users Tools
26.10. Installed files
27. Linux PostgreSQL Database Server
27.1. Install PostgreSQL
27.2. Compile and Optimize
27.3. Database installation using superuser account
27.4. Configuration files
27.5. Configure the /etc/rc.d/init.d/postgresql script file
27.6. Commands often used
27.7. Installed files
28. Software -Server/Proxy Network
28.1. Linux Squid Proxy Server
28.2. Configure and Optimize
28.3. Improve performance Using GNU malloc library
28.4. Compile and Optimize
28.5. Configurations
28.6. Configure the /etc/squid/squid.conf file -in httpd-accelerator mode
28.7. Configure of the /etc/squid/squid.conf file -/proxy-caching mode
28.8. Configure the /etc/rc.d/init.d/squid script file -/all configurations
28.9. Configure the /etc/logrotate.d/squid file
28.10. Optimizing Squid
28.11. Netscape Proxies Configuration
28.12. Installed files
29. Software -Network Server, web/Apache
29.1. Linux MM Shared Memory Library
29.2. Compile
29.3. Linux Apache Web Server
29.4. Compile and Optimize
29.5. Configure and apply PHP4 to Apache source
29.6. Apply mod_perl to Apache source tree
29.7. Install Apache
29.8. Post install Configuration
29.9. Configure the /etc/httpd/conf/httpd.conf file
29.10. Configure the /etc/logrotate.d/apache file
29.11. Configure the /etc/rc.d/init.d/httpd script file
29.12. PHP4 server-side scripting
29.13. Perl module Devel::Symdump
29.14. CGI.pm Perl library
29.15. Securing Apache
29.16. users authentication with .dbmpasswd password file
29.17. Apache in a chroot jail
29.18. Apache to use shared libraries
29.19. The /chroot/etc directory
29.20. Test the new chrooted jail
29.21. Configure the new /etc/logrotate.d/apache file
29.22. Optimizing Apache
29.23. Installed files for Apache Web Server
29.24. Installed files /PHP4
29.25. Installed files by mod_perl
30. Optional component to install with Apache
30.1. Linux Webalizer
30.2. Compile
30.3. Configure the /etc/webalizer.conf file
30.4. Make Apache aware of Webalizer output directory
30.5. Run Webalizer automatically with a cron job
30.6. Linux FAQ-O-Matic
30.7. Compile and install FAQ-O-Matic
30.8. Make Apache aware Faq-O-Matic file's location
30.9. Configure your FAQ-O-Matic
30.10. Installed files
30.11. Linux Webmail IMP
30.12. Set up PHPLib
30.13. Compile to install Webmail IMP
30.14. Configure and create Webmail IMP SQL database
30.15. Configure your php.ini from PHP4
30.16. Configure Webmail IMP via your web browser
31. Software -Server/File Sharing-Network
31.1. Linux Samba Server
31.2. Configure Samba
31.3. Compile and optimize
31.4. Configurations
31.5. Configuration of the /etc/smb.conf file
31.6. Configure the /etc/lmhosts file
31.7. Encrypted Samba password file for clients
31.8. Optimizing Samba
31.9. Tuning the buffermem
31.10. Further documentation
31.11. Samba Administrative Tools
31.12. The /etc/rc.d/init.d/smb script file
31.13. Installed files
32. Linux FTP Server
32.1. chroot'd Guest FTP access
32.2. Setup an FTP user account minus shells
32.3. Setup a chroot user environment
32.4. Configurations
32.5. Configure the /etc/ftphosts file
32.6. Configure the /etc/ftpconversions file
32.7. Configure the /etc/logrotate.d/ftpd file
32.8. FTP Administrative Tools
32.9. Securing FTP
32.10. The special file .notar
32.11. Installed files