Ibm Linux Tutorials - Lpi Certification 102 (Release 2) Exam Prep, Part 3 - L-Lpir27-a4(1).pdf

(169 KB) Pobierz
LPI certification 102 (release 2) exam
prep, Part 3
Presented by developerWorks, your source for great tutorials
ibm.com/developerWorks
Table of Contents
If you're viewing this document online, you can click any of the topics below to link directly to that section.
1. Before you start.........................................................
2. TCP/IP networking
.....................................................
3. Internet services
........................................................
4. Security overview
......................................................
5. Printing
...................................................................
6. Summary and resources
..............................................
2
4
8
14
22
28
LPI certification 102 (release 2) exam prep, Part 3
Page 1 of 30
ibm.com/developerWorks
Presented by developerWorks, your source for great tutorials
Section 1. Before you start
About this tutorial
Welcome to "Networking," the third of four tutorials designed to prepare you for the Linux
Professional Institute's 102 exam. In this tutorial, we'll introduce you to TCP/IP and Ethernet
Linux networking fundamentals, show you how to use the inetd and xinetd superservers,
share important tips for securing your Linux systems, and show you how to set up and use a
Linux print server.
This tutorial is ideal for those who want to learn about or improve their basic Linux
networking and security skills. It's especially appropriate for those who will be setting up
applications on Linux servers or desktops. For many, much of this material will be new, but
more experienced Linux users may find this tutorial to be a great way of rounding out their
important Linux system administration skills. If you are new to Linux, we recommend you
start with
Part 1
and work through the series from there.
By the end of this series of tutorials (eight in all; this is part seven), you'll have the knowledge
you need to become a Linux Systems Administrator and will be ready to attain an LPIC Level
1 certification (exams 101 and 102) from the Linux Professional Institute if you so choose.
For those who have taken the
release 1 version
of this tutorial for reasons other than LPI
exam preparation, you probably don't need to take this one. However, if you do plan to take
the exams, you should strongly consider reading this revised tutorial.
The LPI logo is a trademark of the
Linux Professional Institute.
About the authors
For technical questions about the content of this tutorial, contact the authors:
Daniel Robbins, at
drobbins@gentoo.org
Chris Houser, at
chouser@gentoo.org
Aron Griffis, at
agriffis@gentoo.org
Daniel Robbins lives in Albuquerque, New Mexico, and is the Chief Architect of Gentoo
Technologies, Inc., the creator of
Gentoo Linux,
an advanced Linux for the PC, and the
Portage system, a next-generation ports system for Linux. He has also served as a
contributing author for the Macmillan books
Caldera OpenLinux Unleashed, SuSE Linux
Unleashed,
and
Samba Unleashed.
Daniel has been involved with computers in some
fashion since the second grade, when he was first exposed to the Logo programming
language as well as to a potentially dangerous dose of Pac Man. This probably explains why
he has since served as a Lead Graphic Artist at Sony Electronic Publishing/Psygnosis.
Daniel enjoys spending time with his wife, Mary, and their daughter, Hadassah.
Chris Houser, known to his friends as "Chouser," has been a UNIX proponent since 1994
when he joined the administration team for the computer science network at Taylor
University in Indiana, where he earned his Bachelor's degree in Computer Science and
Mathematics. Since then, he has gone on to work in Web application programming, user
interface design, professional video software support, and now Tru64 UNIX device driver
Page 2 of 30
LPI certification 102 (release 2) exam prep, Part 3
Presented by developerWorks, your source for great tutorials
ibm.com/developerWorks
programming at Compaq. He has also contributed to various free software projects, most
recently to Gentoo Linux. He lives with his wife and two cats in New Hampshire.
Aron Griffis graduated from Taylor University with a degree in Computer Science and an
award that proclaimed him to be the "Future Founder of a Utopian UNIX Commune." Working
towards that goal, Aron is employed by Compaq writing network drivers for Tru64 UNIX, and
spending his spare time plunking out tunes on the piano or developing Gentoo Linux. He
lives with his wife Amy (also a UNIX engineer) in Nashua, New Hampshire.
LPI certification 102 (release 2) exam prep, Part 3
Page 3 of 30
ibm.com/developerWorks
Presented by developerWorks, your source for great tutorials
Section 2. TCP/IP networking
Introduction
Setting up an Ethernet-based Local Area Network (LAN) consisting of a bunch of Linux
machines is a common and relatively simple task. Generally, all you need to do is make sure
that your Linux systems have an Ethernet card of some kind installed in them. Then, connect
the machines to a central Ethernet hub or switch using Ethernet cabling. If all your systems
have support for their respective Ethernet card compiled into the kernel (as well as TCP/IP
support), then they technically have everything they need to communicate over your new
Ethernet LAN.
Ethernet alone isn't much fun
Even if you have all the hardware and kernel support needed for your LAN to work, an
Ethernet LAN alone won't do much. The vast majority of Linux applications and services
don't exchange information using raw Ethernet packets, or
frames.
Instead, they use a
higher-level protocol called
TCP/IP.
You've undoubtedly heard of TCP/IP -- it's the suite of
protocols that forms the foundation of Linux networking and the Internet in general.
The solution: TCP/IP over Ethernet
The solution, then, is to configure your new Ethernet LAN so that it can exchange TCP/IP
traffic. To understand how this works, we first need to understand a bit about Ethernet. On an
Ethernet LAN, in particular, the Ethernet card in every machine has a unique hardware
address. This hardware address (also called an "Ethernet" or "MAC" address) is assigned to
the card at the time of manufacture, and looks something like this:
00:01:02:CB:57:3C
Introducing IP addresses
These hardware addresses are used as unique addresses for individual systems on your
Ethernet LAN. Using hardware addresses, one machine can, for example, send an Ethernet
frame addressed to another machine. The problem with this approach is that TCP/IP-based
communication uses a different kind of addressing scheme, using what are called IP
addresses instead. IP addresses look something like this:
192.168.1.1
Associating an IP address with an Ethernet interface
In order to get your Ethernet LAN working for TCP/IP, you need some way of associating
each machine's Ethernet card (and thus its hardware address) with an IP address.
Fortunately, there's an easy way to associate an IP address with an Ethernet interface under
Linux. In fact, if you are currently using Ethernet with Linux, your distribution's system
Page 4 of 30
LPI certification 102 (release 2) exam prep, Part 3
Presented by developerWorks, your source for great tutorials
ibm.com/developerWorks
initialization scripts very likely have a command in them that looks something like this:
ifconfig eth0 192.168.1.1 broadcast 192.168.1.255 netmask 255.255.255.0
Above, the
ifconfig
command is used to associate eth0 (and thus eth0's hardware
address) with the 192.168.1.1 IP address. In addition, various other IP-related information is
specified, including a broadcast address (192.168.1.255) and a netmask (255.255.255.0).
When this command completes, your eth0 interface will be enabled and have an associated
IP address.
Using ifconfig -a
You can view all network devices that are currently running by typing
ifconfig -a,
resulting in output that looks something like this:
eth0
Link encap:Ethernet HWaddr 00:01:02:CB:57:3C
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:5 Base address:0xc400
Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:1065 errors:0 dropped:0 overruns:0 frame:0
TX packets:1065 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:262542 (256.3 Kb) TX bytes:262542 (256.3 Kb)
lo
Above, you can see a configured eth0 interface, as well as a configured lo (localhost)
interface. The lo interface is a special virtual interface that's configured so that you can run
TCP/IP applications locally, even without a network.
TCP/IP is working!
Once all of your network interfaces are brought up and associated with corresponding IP
addresses (probably done automatically by your distribution's startup scripts), your Ethernet
network can be used to carry TCP/IP traffic as well. The systems on your LAN can now
address each other using IP addresses, and common commands such as
ping, telnet,
and
ssh
will work properly between your machines.
Name resolution limitations
However, while you'll be able to type things like
ping 192.168.1.1,
you won't be able to
refer to your boxes by name. For example, you won't be able to type
ping mybox.
To do
this, you need to set up a file called /etc/hosts on each of your Linux boxes. In this file, you
specify an IP address, along with the name (or names) that are associated with each IP
LPI certification 102 (release 2) exam prep, Part 3
Page 5 of 30

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin