Building Intranets with Linux

Overview
The infrastructure of most corporate intranets (file and print servers, routers, gateways, mail systems, firewalls, etc) is typically provided by proprietary systems purchased from a variety of vendors. Linux, along with the many open-source software products that are provided with it, can fulfill all these roles, often with a substantial saving in cost and increase in reliability.
In this very practical course, you learn how to provide a complete networking infrastructure and a wide range of corporate network services with Linux. You discover how to set up key networking software components and integrate Linux into existing Windows networks.

Intended Audience
his course is intended for existing Linux system administrators who wish to build a network infrastructure with Linux. Participants should have a working knowledge of basic Linux administration. They should be comfortable with navigating the filesystem and managing files using command line tools. They should be able to construct solutions on the command line using simple pipelines and UNIX filter commands such as grep, and be able to edit structured configuration files such as /etc/passwd. Course 410 provides adequate background.
Some prior knowledge of TCP/IP networks will make it easier to assimilate the material in this course, but is not essential.

Key Skills
You will learn how to:

• Configure a Linux machine onto a TCP/IP network
• Provide basic network services including DHCP and DNS
• Share files and printers to Linux, UNIX and Windows systems
• Set up dial-out and dial-in connections using PPP
• Create a firewall using policy-based routing and proxies
• Set up and maintain mail, web and FTP servers
• Provide secure access control to key services

Practical Work
Using the in-class network of Linux servers, participants begin by establishing a complete IP configuration 'from scratch'. Later exercises include:

• Monitoring and interpreting packet traces with wireshark
• Providing file service to Windows desktop machines
• Setting up remote printing services
• Establishing a web site using Apache
• Creating an anonynous FTP server
• Deploying TCP Wrappers to restrict and log access to network services

Course Contents
A TCP/IP Primer

• Host names, IP addresses and netmasks
• Local delivery: MAC addresses, ARP and the ARP cache
• Remote delivery: routing and default routes
• Related Protocols: ICMP, TCP and UDP
• Services and Port Numbers

Establishing Network Connectivity

• Assigning an IP address and netmask with ifconfig
• Assigning a hostname, domain name and default gateway
• Controlling boot-time startup of network services
• Monitoring the network with ping, traceroute, netstat and arp
• Observing network traffic with ethereal and tcpdump

Providing Network Infrastructure

• Domain Name Service (DNS) namespaces and zones
• DNS client configuration: resolver config files
• DNS server configuration: the named.conf file
• Zone files: SOA and NS records
• Reverse mapping: the in-addr.arpa domain
• Automatic IP address assignment with DHCP
• Configuring a DHCP server: the dhcpd.conf file

Routing

• Adding static routes with the route add command
• Examining and understanding the routing table
• Dynamic routing with routed and gated

File Sharing

• Exporting and mounting file systems with NFS
• Exporting files to Windows using SAMBA
• Structure of the smb.conf file

The Apache Web Server

• Building and Installing Apache
• Basic Configuration: the httpd.conf file
• Virtual hosting
• Establishing machine-based and user-based access controls

Remote Login Services

• telnet and rlogin
• secure alternatives: ssh
• FTP login: configuring user login and anonymous login

Network Security

• Restricting and logging service access with TCP wrappers and xinetd
• Establishing a policy-based router (firewall) using iptables

Dial-Up Networking

• PPP concepts and config files
• Dialling out to an ISP using PPP: chat scripts and config files
• Creating a dial-in service with PPP

Mail Services

• Mail system architecture: user agents, transport agents, delivery agents
• Configuring sendmail
• Creating a POP-3 mail drop
• Mail delivery agents and mail user agents for Linux