® PRESS ® ® ® PRESS Red Hat Linux Networking and System Administration Linux Solutions from the Experts at Red Hat SECURITY TOOLS INCLUDED ON CD-ROM Collings & Wall Your Official Red Hat ® Linux ® Guide to Networking and System Administration K URT W ALL has worked with Linux and Unix for nine years and is the author of several other books, including Red Hat Linux 7.2 Weekend Crash Course and Linux Programming by Example. T ERRY C OLLINGS is the Instructional Technologist at Muhlenberg College in Pennsylvania, where he is responsible for developing smart classroom technologies. He is also the coauthor of the Linux Bible. ■ Plan your network, install Red Hat Linux, and get a handle on the file system and configuration files ■ Configure TCP/IP networking, the Network File System, and the Net- work Information System ■ Set up print services and connections to Windows and Macintosh clients ■ Monitor performance, administer users and groups, back up and restore the file system, and install or upgrade software packages ■ Design a security plan, implement local security, set up firewalls and proxy servers, and combat system intrusions ■ Troubleshoot file system, networking, printing, and e-mail problems R eviewed by the experts at Red Hat, this in-depth guide delivers all the know-how you need to set up and manage a state-of-the-art Linux network. Red Hat Linux experts Terry Collings and Kurt Wall start with the basics—network planning and Red Hat installation and configuration. They then show you in detail how to set up network and Internet services, from establishing a network file system to configuring mail services. Eight chapters give you the lowdown on customizing the kernel, automating tasks with scripting, performing backups, and more—the nuts-and-bolts maintenance information you need to keep your system running smoothly. And last but not least, the authors provide nearly 100 pages of proven strategies and tips for maintaining system security. Complete with utilities and code on CD-ROM, this official Red Hat Linux guide is the one resource you need for a secure, high-performance Linux network. 9 780764 536328 55999 ISBN 0-7645-3632-X 7 85555 09538 0 Proven Red Hat Linux Networking and Administration Solutions CD-ROM INCLUDES Code, scripts, and ex- amples from the book Linux networking and administration tools, including Ethereal, logcheck, NET-SNMP, Nmap, Portsentry, Tripwire and SAINT trial version Plus a searchable e-version of the book Reviewed by the Experts at Red Hat $59.99 USA $89.99 Canada £44.99 UK incl.VAT Shelving Category Networking Reader Level Intermediate to Advanced www.redhat.com www.hungryminds.com Cover design by Michael J. Freeland Cover photo © Hulton Getty ® ® ® ® ™ Terry Collings & Kurt Wall O N T H E C D - R O M S E C U R I T Y T O O L S I N C L U D E D ™ Red Hat ® Linux ® Networking and System Administration a3632-X FM.F 2/21/02 8:33 AM Page i a3632-X FM.F 2/21/02 8:33 AM Page ii Red Hat ® Linux ® Networking and System Administration Terry Collings and Kurt Wall M&T Books An imprint of Hungry Minds, Inc. Best-Selling Books ● Digital Downloads ● e-Books ● Answer Networks e-Newsletters ● Branded Web Sites ● e-Learning New York, NY ● Cleveland, OH ● Indianapolis, IN a3632-X FM.F 2/21/02 8:33 AM Page iii Red Hat® Linux® Networking and System Administration Published by Hungry Minds, Inc. 909 Third Avenue New York, NY 10022 www.hungryminds.com Copyright © 2002 Hungry Minds, Inc. All rights reserved. No part of this book, including interior design, cover design, and icons, may be reproduced or transmitted in any form, by any means (electronic, photocopying, recording, or otherwise) without the prior written permission of the publisher. Library of Congress Control Number: 2001093591 ISBN: 0-7645-3632-X Printed in the United States of America 10 9 8 7 6 5 4 3 2 1 1O/RT/QT/QS/IN Distributed in the United States by Hungry Minds, Inc. Distributed by CDG Books Canada Inc. for Canada; by Transworld Publishers Limited in the United Kingdom; by IDG Norge Books for Norway; by IDG Sweden Books for Sweden; by IDG Books Australia Publishing Corporation Pty. Ltd. for Australia and New Zealand; by TransQuest Publishers Pte Ltd. for Singapore, Malaysia, Thailand, Indonesia, and Hong Kong; by Gotop Information Inc. for Taiwan; by ICG Muse, Inc. for Japan; by Intersoft for South Africa; by Eyrolles for France; by International Thomson Publishing for Germany, Austria, and Switzerland; by Distribuidora Cuspide for Argentina; by LR International for Brazil; by Galileo Libros for Chile; by Ediciones ZETA S.C.R. Ltda. for Peru; by WS Computer Publishing Corporation, Inc., for the Philippines; by Contemporanea de Ediciones for Venezuela; by Express Computer Distributors for the Caribbean and West Indies; by Micronesia Media Distributor, Inc. for Micronesia; by Chips Computadoras S.A. de C.V. for Mexico; by Editorial Norma de Panama S.A. for Panama; by American Bookshops for Finland. For general information on Hungry Minds’ products and services please contact our Customer Care department within the U.S. at 800-762-2974, outside the U.S. at 317-572-3993 or fax 317-572-4002. For sales inquiries and reseller information, including discounts, premium and bulk quantity sales, and foreign- language translations, please contact our Customer Care department at 800-434-3422, fax 317-572-4002 or write to Hungry Minds, Inc., Attn: Customer Care Department, 10475 Crosspoint Boulevard, Indianapolis, IN 46256. For information on licensing foreign or domestic rights, please contact our Sub-Rights Customer Care department at 212-884-5000. For information on using Hungry Minds’ products and services in the classroom or for ordering examination copies, please contact our Educational Sales department at 800-434-2086 or fax 317-572-4005. For press review copies, author interviews, or other publicity information, please contact our Public Relations department at 650-653-7000 or fax 650-653-7500. For authorization to photocopy items for corporate, personal, or educational use, please contact Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, or fax 978-750-4470. LIMIT OF LIABILITY/DISCLAIMER OF W ARRANTY: THE PUBLISHER AND AUTHOR HAVE USED THEIR BEST EFFORTS IN PREPARING THIS BOOK. THE PUBLISHER AND AUTHOR MAKE NO REPRESENTATIONS OR WARRANTIES WITH RESPECT TO THE ACCURACY OR COMPLETENESS OF THE CONTENTS OF THIS BOOK AND SPECIFICALLY DISCLAIM ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. THERE ARE NO WARRANTIES WHICH EXTEND BEYOND THE DESCRIPTIONS CONTAINED IN THIS PARAGRAPH. NO WARRANTY MAY BE CREATED OR EXTENDED BY SALES REPRESENTATIVES OR WRITTEN SALES MATERIALS. THE ACCURACY AND COMPLETENESS OF THE INFORMATION PROVIDED HEREIN AND THE OPINIONS STATED HEREIN ARE NOT GUARANTEED OR WARRANTED TO PRODUCE ANY PARTICULAR RESULTS, AND THE ADVICE AND STRATEGIES CONTAINED HEREIN MAY NOT BE SUITABLE FOR EVERY INDIVIDUAL. NEITHER THE PUBLISHER NOR AUTHOR SHALL BE LIABLE FOR ANY LOSS OF PROFIT OR ANY OTHER COMMERCIAL DAMAGES, INCLUDING BUT NOT LIMITED TO SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR OTHER DAMAGES. Trademarks: Hungry Minds and the Hungry Minds logo are trademarks or registered trademarks of Hungry Minds. Red Hat, Red Hat Press, and the Red Hat Press logo are trademarks or registered trademarks of Red Hat, Inc. Linux is a trademark or registered trademark of Linus Torvalds. All other trademarks are property of their respective owners. Hungry Minds, Inc., is not associated with any product or vendor mentioned in this book. is a trademark of Hungry Minds, Inc. is a trademark of Hungry Minds, Inc. a3632-X FM.F 2/21/02 8:33 AM Page iv About the Authors Terry Collings has been working in the computer field since 1981 and has experience in all types of operating systems and their associated hardware. He has industry certifications in Novell, TCP/IP, MS Windows, and Unix. Terry’s full-time job is at Muhlenberg College in Allentown, PA, where he is the school’s Instructional Technologist. His main function in this position is assisting faculty in the use of computer technology to augment their classroom presentations. He is also the system administrator for the school’s online course content management software. Terry also teaches a wide range of computer and technology-related courses in the evenings at Allentown Business School. Terry has been a technical editor for several Hungry Minds, Inc., books and is the co-author of the Linux Bible. He can be reached at collings@muhlenberg.edu . Kurt Wall first touched a computer in 1980 when he learned FORTRAN on an IBM mainframe of forgotten vintage; things have only gotten better since then. These days, Kurt is a full-time Linux and Unix author, editor, consultant, and programmer. He has written five books about Linux and Unix programming and system administration, is working on his sixth, and is the technical editor for over a dozen other Linux- and Unix-related titles. Currently, Kurt works from his home in Indianapolis. He can be reached via e-mail at kwall@kurtwerks.com . a3632-X FM.F 2/21/02 8:33 AM Page v Credits CONTRIBUTING WRITERS Viktorie Navratilova Dennis Powell Brandon Wiley ACQUISITIONS EDITOR Terri Varveris PROJECT EDITOR Martin V. Minner TECHNICAL EDITORS Joel Lee Matt Hayden Sandra Moore COPY EDITOR Marti Paul RED HAT PRESS LIAISON Lorien Golaski, Red Hat Communications Manager PROJECT COORDINATOR Dale White GRAPHICS AND PRODUCTION SPECIALISTS Beth Brooks Sean Decker Melanie DesJardins Jeremey Unger QUALITY CONTROL TECHNICIANS Laura Albert Luisa Perez Carl Pierce Marianne Santy SENIOR PERMISSIONS EDITOR Carmen Krikorian MEDIA DEVELOPMENT SPECIALIST Greg Stephens MEDIA DEVELOPMENT COORDINATOR Marisa Pearman COVER DESIGN Michael Freeland COVER PHOTO Hulton Getty PROOFREADING AND INDEXING TECHBOOKS Production Services a3632-X FM.F 2/21/02 8:33 AM Page vi This book is dedicated to the victims and heroes of September 11, 2001. a3632-X FM.F 2/21/02 8:33 AM Page vii a3632-X FM.F 2/21/02 8:33 AM Page viii Preface Red Hat Linux is the most popular distribution of Linux currently in use. Red Hat Linux has shown itself to be a robust, reliable operating system that can run on a variety of hardware, from personal computers to large mainframes. Linux in general, and Red Hat Linux in particular, is a very powerful operating system that can be used at the enterprise level as a full-fledged server, as well as at the workstation level for typical user applications. For those of us dissatisfied with the reliability of other com- mercially available operating systems, Red Hat Linux is a pleasant alternative. How This Book Is Organized This book is divided into five parts. Each part covers a specific area of functionality in a typical Red Hat Linux system. Part I — Red Hat Linux System and Network Administration Defined This part describes the duties of a system administrator. Chapter 1 explains some of the more common tasks, such as installing servers and application software, managing user accounts, and backing up and restoring files. Many more topics are covered in this chapter. Chapter 2 details the steps involved in planning and build- ing a network and planning for security and disaster recovery. Chapter 3 takes you through the steps required to install Red Hat Linux on a local system as well as on a remote system. Chapter 4 gives an explanation of the Red Hat Linux file system and storage devices. Chapter 5, the last chapter in Part I, lists the system and network configuration files and their uses. Part II — Red Hat Linux Network Services This part of the book is where you learn about the networking services available in Red Hat Linux. Chapter 6 gives an explanation of the TCP/IP protocol suite and how to configure it on your system. Chapter 7 tells how to configure the Network File System (NFS) for sharing files with other Linux or Unix computers on your network. Chapter 8 provides a description of the Network Information System (NIS) as well as configuration instructions. If you have computers running Microsoft operating systems, Chapter 9 is where you find instructions for connecting your Red Hat Linux network to the Windows network. The final chapter in this part, Chapter 10, tells you how to connect your Red Hat Linux network to computers running the Apple operating system. ix a3632-X FM.F 2/21/02 8:33 AM Page ix [...]... servers in use Part IV — Red Hat Linux System Maintenance The goal of this part of the book is to provide a fundamental understanding of the tasks required to maintain your system and ensure that it runs optimally Chapter 16 explains the Red Hat Network, a service available from Red Hat that you can use to keep your system current You can register your systems with Red Hat and then receive notifications... Red Hat Linux System and Network Administration Defined 1 2 3 4 5 Part II Chapter Chapter Chapter Chapter Chapter Red Hat Linux Network Services 6 7 8 9 10 Part III Chapter Chapter Chapter Chapter Chapter Duties of the System Administrator 3 Planning the Network 13 Installing Red Hat Linux 27 Red Hat Linux File System 71 Red Hat. .. 31 Starting the Red Hat Linux Installation 32 Partitioning the Hard Disk for Red Hat Linux 36 Naming disks and devices 36 Mounting a file system on a device 37 Understanding the swap partition 38 Preparing disk partitions for Red Hat Linux 39 Configuring Red Hat Linux Installation ... 400 Part IV Red Hat Linux System Maintenance Chapter 16 Using the Red Hat Network 403 Chapter 17 Chapter 18 Registering Your System 403 Configuring the Red Hat Update Agent 407 Using the Red Hat Update Agent 410 Using the Red Hat Network via the Internet 413 Red Hat Network Main page tab ... of firewalls and Internet security and the risks you may encounter from outside connections Chapter 27 looks at ways to monitor a Red Hat Linux system for attempted, potential, and actual security compromises using the tools available in a standard Red Hat Linux installation The last chapter in this part, Chapter 28, lists problems you may encounter during normal operation of your system and the steps... Starting a KickStart Installation 69 Summary 70 Red Hat Linux File System 71 Understanding the Red Hat Linux File System Structure 71 The / directory 72 Using File System Commands 74 ls 74 cp ... 365 Part IV Red Hat Linux System Maintenance Chapter 16 Chapter 17 Chapter 18 Chapter 19 Chapter 20 Chapter 21 Chapter 22 Chapter 23 Using the Red Hat Network 403 Upgrading and Customizing the Kernel 419 Configuring the System on the Command Line 463 Using Scripts to Automate Tasks 503 Performance Monitoring 551 Administering Users and Groups... part of system maintenance, and Chapter 21 describes this process Chapter 22 details the steps necessary to back up your file system and use the backups to restore your system The final chapter in this part, Chapter 23, gives instructions on installing and upgrading software packages Part V — Security and Problem Solving A critical area of concern for system administrators is maintaining a secure system. .. 78 macutil 78 Working With Linux Supported File Systems 79 Standard disk file systems 79 Nonstandard Linux file systems 82 Memory file systems and virtual file systems 83 Linux Disk Management 88 Partitioning an x86 machine 89 Mounting... Red Hat System Configuration Files 93 TCP/IP Networking The Network File System The Network Information System Connecting to Microsoft Networks Connecting to Apple Networks 123 153 185 209 235 Red Hat Linux Internet Services 11 12 13 14 15 What are Internet Services? 253 The Domain Name System . functionality in a typical Red Hat Linux system. Part I — Red Hat Linux System and Network Administration Defined This part describes the duties of a system administrator Your Official Red Hat ® Linux ® Guide to Networking and System Administration K URT W ALL has worked with Linux and Unix for nine years and is the author