×
思维导图备注
Linux Server Hacks, Volume Two - William von Hagen; Brian K. Jon
首页
收藏书籍
阅读记录
书签管理
我的书签
添加书签
移除书签
Hack #64. Allow or Deny Access by IP Address
浏览
22
扫码
小字体
中字体
大字体
2022-02-24 01:33:04
请
登录
再阅读
上一篇:
下一篇:
Credits
About the Authors
Contributors
Acknowledgments
Preface
Why Linux Server Hacks, Volume Two?
How to Use This Book
How This Book Is Organized
Conventions Used in This Book
Using Code Examples
How to Contact Us
Safari® Enabled
Got a Hack?
1. Linux Authentication
1.1. Hacks 1–9: Introduction
Hack #1. Disable User Accounts Instantly
1.2.1. Disabling Accounts on Systems That Use Local Authentication
1.2.2. Disabling Accounts on Systems That Use Distributed Authentication
Hack #2. Edit Your Password File for Greater Access Control
Hack #3. Deny All Access in One Second or Less
1.4.1. See Also
Hack #4. Customize Authentication with PAMs
1.5.1. PAM Overview
1.5.2. Per-Application/Service PAM Configuration Files
1.5.3. PAMs Used by the login Process
1.5.4. Configuration and More Configuration
1.5.5. What if PAM Configuration Files Are Missing?
1.5.6. See Also
Hack #5. Authenticate Linux Users with a Windows Domain Controller
1.6.1. Software Requirements
1.6.2. Critical Samba Configuration for Using Windows Authentication
1.6.3. Updating /etc/nsswitch.conf
1.6.4. Integrating the pam_winbind.so PAM into System Authentication
1.6.5. Starting the winbindd Daemon
1.6.6. Joining the Domain
1.6.7. Testing Windows Authentication
1.6.8. Debugging Windows Authentication Problems
1.6.9. See Also
Hack #6. Centralize Logins with LDAP
1.7.1. Installing LDAP Clients and Servers
1.7.2. Configuring an OpenLDAP Server
1.7.3. Migrating User, Password, and Group Entries to an LDAP Server
1.7.4. Updating Client Systems to Use LDAP Authentication
1.7.5. See Also
Hack #7. Secure Your System with Kerberos
1.8.1. Installing Kerberos
1.8.2. Installing and Configuring a Kerberos Server
1.8.3. Installing and Configuring Kerberos Clients and Applications
1.8.4. Using Kerberos for Login Authentication
1.8.5. See Also
Hack #8. Authenticate NFS-Lovers with NIS
1.9.1. Installing NIS Clients and Servers
1.9.2. Setting Up an NIS Server
1.9.3. Setting Up an NIS Client
1.9.4. See Also
Hack #9. Sync LDAP Data with NIS
1.10.1. The Code
1.10.2. Running the Code
1.10.3. See Also
2. Remote GUI Connectivity
2.1. Hacks 10–19: Introduction
Hack #10. Access Systems Remotely with VNC
2.2.1. Understanding the VNC Server Startup Process
2.2.2. Starting Your VNC Server
2.2.3. Connecting to a VNC Server
2.2.4. Customizing Your VNC Server's X Window System Environment
2.2.5. Stopping Your VNC Server
2.2.6. Optimizing VNC Performance
2.2.7. See Also
Hack #11. Access VNC Servers over the Web
2.3.1. Installing Java Classes and Associated Files for the VNC Server
2.3.2. See Also
Hack #12. Secure VNC via SSH
2.4.1. Forwarding Remote VNC Ports to Your Current Host
2.4.2. Public or Private VNC Forwarding
2.4.3. Forwarding Ports Without Remote Login
2.4.4. Improving Performance with Compression
2.4.5. Optimizing Graphical Updates Between Server and Viewer
2.4.6. See Also
Hack #13. Autostart VNC Servers on Demand
2.5.1. Integrating Xvnc with inetd or xinetd
2.5.2. Activating XDMCP
2.5.3. Starting the Viewer
2.5.4. Troubleshooting Xvnc Startup
2.5.5. See Also
Hack #14. Put Your Desktops on a Thin Client Diet
2.6.1. Understanding the LTSP Client Boot Process
2.6.2. Downloading and Installing the LTSP Software
2.6.3. Configuring and Starting the LTSP Server
2.6.4. Preparing LTSP Client Boot Media
2.6.5. Booting an LTSP Client
2.6.6. See Also
Hack #15. Run Windows over the Network
2.7.1. Opening Your Connection
2.7.2. Mapping Local Devices to Your Remote Session
2.7.3. See Also
Hack #16. Secure, Lightweight X Connections with FreeNX
2.8.1. Installing the FreeNX Server
2.8.2. Installing the NX Client
2.8.3. Configuring and Starting Your NX Client
2.8.4. See Also
Hack #17. Secure VNC Connections with FreeNX
2.9.1. Creating an NX Client Configuration for VNC
2.9.2. See Also
Hack #18. Secure Windows Terminal Connections with FreeNX
2.10.1. Creating an NX Client Configuration for a Windows Terminal Server
2.10.2. See Also
Hack #19. Remote Administration with Webmin
2.11.1. Installation
2.11.2. Configure Away!
2.11.3. See Also
3. System Services
3.1. Hacks 20–28: Introduction
Hack #20. Quick and Easy DHCP Setup
3.2.1. Installing a DHCP Server
3.2.2. Configuring Simple DHCP Services
3.2.3. Fire It Up!
3.2.4. See Also
Hack #21. Integrate DHCP and DNS with Dynamic DNS Updates
3.3.1. Configuring the BIND 9 Name Server
3.3.2. Configuring the ISC DHCP Server
3.3.3. Starting the Services and Troubleshooting
3.3.4. See Also
Hack #22. Synchronize Your Watches!
3.4.1. Hey! My Servers Are Gone!
3.4.2. See Also
Hack #23. Centralize X Window System Font Resources
3.5.1. Billions and Billions of Fonts…
3.5.2. Setting Up an X Font Server
3.5.3. Copying Fonts to a Font Server
3.5.4. Starting or Restarting the X Font Server
3.5.5. Updating Desktop Systems to Use an X Font Server
3.5.6. Troubleshooting
3.5.7. Summary
3.5.8. See Also
Hack #24. Create a CUPS Print Server
3.6.1. Defining a New Printer in CUPS
3.6.2. Testing CUPS Printing
3.6.3. Fine-Tuning Printer Configuration in CUPS
3.6.4. Enabling Remote Printing on the CUPS Server
3.6.5. Troubleshooting CUPS Printing
3.6.6. Summary
3.6.7. See Also
Hack #25. Configure Linux Connections to Remote CUPS Printers
3.7.1. Defining a Remote Printer in CUPS
3.7.2. Summary
3.7.3. See Also
Hack #26. Integrate Windows Printing with CUPS
3.8.1. Configuring Printing from Windows 2000/XP Systems
3.8.2. Server-Side Configuration for HTTP Printing
3.8.3. Troubleshooting Windows Printing to CUPS Servers
3.8.4. See Also
Hack #27. Centralize Macintosh Printing with CUPS
3.9.1. Configuring Access to a Remote CUPS Server
3.9.2. Server-Side Configuration for HTTP Printing
3.9.3. Testing Printing from Mac OS X to Your CUPS Server
3.9.4. Troubleshooting Mac OS X Printing to CUPS Servers
3.9.5. See Also
Hack #28. Define a Secure CUPS Printer
3.10.1. Enabling Remote Printing on a CUPS Server
3.10.2. Restricting Printer Access to Specific IP Addresses
3.10.3. Restricting Printer Access to Specific Users
3.10.4. Summary
3.10.5. See Also
4. Cool Sysadmin Tools and Tips
4.1. Hacks 29–45: Introduction
Hack #29. Execute Commands Simultaneously on Multiple Servers
4.2.1. See Also
Hack #30. Collaborate Safely with a Secured Wiki
4.3.1. Installing MediaWiki
4.3.2. Configuring MediaWiki
4.3.3. Getting Started: Data Structure
Hack #31. Edit Your GRUB Configuration with grubby
Hack #32. Give Your Tab Key a Workout
4.5.1. See Also
Hack #33. Keep Processes Running After a Shell Exits
4.6.1. Using nohup to Execute Commands
4.6.2. Using disown with Background Jobs
4.6.3. See Also
Hack #34. Disconnect Your Console Without Ending Your Session
4.7.1. screen Scripting
4.7.2. See Also
Hack #35. Use script to Save Yourself Time and Train Others
4.8.1. See Also
Hack #36. Install Linux Simply by Booting
4.9.1. Preparatory Steps
4.9.2. Getting It Working
4.9.3. Quick Troubleshooting
Hack #37. Turn Your Laptop into a Makeshift Console
4.10.1. Introducing minicom
4.10.2. Testing It
4.10.3. Troubleshooting
Hack #38. Usable Documentation for the Inherently Lazy
Hack #39. Exploit the Power of Vim
4.12.1. Recording a Vim Macro
4.12.2. Creating Vim Shortcut Keys
Hack #40. Move Your PHP Web Scripting Skills to the Command Line
4.13.1. The Code
4.13.2. Running the Code
Hack #41. Enable Quick telnet/SSH Connections from the Desktop
4.14.1. See Also
Hack #42. Speed Up Compiles
4.15.1. Using distcc
4.15.2. Distribute Compiles to Windows Machines
Hack #43. Avoid Common Junior Mistakes
4.16.1. Don't Take the root Name in Vain
4.16.2. Don't Get Too Comfortable
4.16.3. Don't Perform Production Commands "Off the Cuff"
4.16.4. Ask Questions
Hack #44. Get Linux Past the Gatekeeper
4.17.1. Don't Talk Money
4.17.2. Don't Talk About Linux in a Vacuum
4.17.3. Don't Pitch Linux for Something It's Not Well Suited For
4.17.4. Don't Be Impatient
Hack #45. Prioritize Your Work
4.18.1. Prioritizing Tasks
4.18.2. Prioritizing Projects
4.18.3. Summary
5. Storage Management and Backups
5.1. Hacks 46–55: Introduction
Hack #46. Create Flexible Storage with LVM
5.2.1. Logical Volume Buzzwords
5.2.2. Allocating Physical Volumes
5.2.3. Assigning Physical Volumes to Volume Groups
5.2.4. Creating a Logical Volume from a Volume Group
5.2.5. Suggestions
5.2.6. See Also
Hack #47. Combine LVM and Software RAID
5.3.1. Mirroring and Redundancy
5.3.2. Overview of RAID Levels
5.3.3. Combining Software RAID and LVM
5.3.4. Creating RAID Devices
5.3.5. Combining RAID and LVM
5.3.6. See Also
Hack #48. Create a Copy-on-Write Snapshot of an LVM Volume
5.4.1. Kernel Support for Snapshots
5.4.2. Creating a Snapshot
5.4.3. Mounting a Snapshot
5.4.4. See Also
Hack #49. Clone Systems Quickly and Easily
5.5.1. Building partimage
5.5.2. Cloning Partitions Using partimage
5.5.3. Restoring Partitions Using partimage
5.5.4. Summary
5.5.5. See Also
Hack #50. Make Disk-to-Disk Backups for Large Drives
5.6.1. Convenient Removable Media Technologies for Backups
5.6.2. Choosing the Right Backup Command
5.6.3. The Code
5.6.4. Running the Code
5.6.5. Choosing What to Back Up
5.6.6. Summary and Tips
Hack #51. Free Up Disk Space Now
Hack #52. Share Files Using Linux Groups
5.8.1. Linux Protections 101
5.8.2. Setting the umask to Create Sharable Files
5.8.3. Using Directory Permissions to Set Group Membership
5.8.4. See Also
Hack #53. Refine Permissions with ACLs
5.9.1. Installing and Activating ACL Support
5.9.2. Overview of Linux ACLs and Utilities
5.9.3. Displaying Current ACLs
5.9.4. Setting ACLs
5.9.5. See Also
Hack #54. Make Files Easier to Find with Extended Attributes
5.10.1. Getting and Installing Extended Attribute Support
5.10.2. Displaying Extended Attributes and Their Values
5.10.3. Setting Extended Attributes
5.10.4. Removing Extended Attributes
5.10.5. Searching Using Extended Attributes
Hack #55. Prevent Disk Hogs with Quotas
5.11.1. Setting Up Disk Quotas
5.11.2. Installing the Quota Software
5.11.3. Entering Single-User Mode
5.11.4. Editing /etc/fstab
5.11.5. Initializing the Quota Configuration Files
5.11.6. Configuring Your Quotas
5.11.7. See Also
6. Standardizing, Sharing, and Synchronizing Resources
6.1. Hacks 56–62: Introduction
Hack #56. Centralize Resources Using NFS
6.2.1. Configuring the NFS Server
6.2.2. Configuring the NFS Clients
6.2.3. Configuring the Service
6.2.4. A Final Consideration
Hack #57. Automount NFS Home Directories with autofs
Hack #58. Keep Filesystems Handy, but Out of Your Way
6.4.1. amd Configuration in a Nutshell
Hack #59. Synchronize root Environments with rsync
6.5.1. See Also
Hack #60. Share Files Across Platforms Using Samba
6.6.1. Setting Up Simple Samba Shares
Hack #61. Quick and Dirty NAS
6.7.1. Selecting the Hardware
6.7.2. Installing and Configuring Linux
6.7.3. Configuring User Storage
6.7.4. Configuring System Services
6.7.5. Deploying NAS Storage
6.7.6. Summary
6.7.7. See Also
Hack #62. Share Files and Directories over the Web
6.8.1. Installing and Configuring Apache's WebDAV Support
6.8.2. Creating WebDAV Users and Directories
6.8.3. See Also
7. Security
7.1. Hacks 63–68: Introduction
Hack #63. Increase Security by Disabling Unnecessary Services
7.2.1. Examining /etc/inittab
7.2.2. Optimizing Per-Runlevel Startup Scripts
7.2.3. Streamlining Services Run by the Internet Daemon
7.2.4. Summary
Hack #64. Allow or Deny Access by IP Address
7.3.1. Protecting Your Machine with hosts.allow and hosts.deny
7.3.2. Configuring hosts.allow and hosts.deny for Use
7.3.3. Hacking the Hack
7.3.4. See Also
Hack #65. Detect Network Intruders with snort
7.4.1. Installing snort
7.4.2. Configuring snort
7.4.3. Starting snort
7.4.4. Advanced snort
7.4.5. Summary
7.4.6. See Also
Hack #66. Tame Tripwire
7.5.1. Installing Tripwire
7.5.2. Tripwire's Execution Configuration File
7.5.3. Tripwire's Policy Configuration File
7.5.4. Preparing Tripwire for Use
7.5.5. Running Your First Filesystem Integrity Check
7.5.6. TripWire Tips
Hack #67. Verify Fileystem Integrity with Afick
7.6.1. Installing Afick
7.6.2. Configuring Afick to Match Your System
7.6.3. Running Afick
7.6.4. Securing Afick
7.6.5. Updating Your Database
7.6.6. Conclusion
7.6.7. See Also
Hack #68. Check for Rootkits and Other Attacks
7.7.1. Types of Rootkits
7.7.2. Obtaining, Building, and Installing chkrootkit
7.7.3. Running chkrootkit
7.7.4. Automating chkrootkit
7.7.5. Summary
7.7.6. See Also
8. Troubleshooting and Performance
8.1. Hacks 69–77: Introduction
Hack #69. Find Resource Hogs with Standard Commands
8.2.1. What About Disk Hogs?
8.2.2. Bandwidth Hogging
Hack #70. Reduce Restart Times with Journaling Filesystems
8.3.1. Journaling Filesystems 101
8.3.2. Journaling Filesystems Under Linux
8.3.3. Converting Existing Filesystems to Journaling Filesystems
8.3.4. Summary
8.3.5. See Also
Hack #71. Grok and Optimize Your System with sysctl
Hack #72. Get the Big Picture with Multiple Displays
8.5.1. See Also
Hack #73. Maximize Resources with a Minimalist Window Manager
8.6.1. Getting and Installing Fluxbox
8.6.2. Start Me Up, Scotty!
8.6.3. Configure Fluxbox
8.6.4. The Slit
8.6.5. Make It Pretty!
8.6.6. Minimal Hassle
8.6.7. See Also
Hack #74. Profile Your Systems Using /proc
8.7.1. The Code
Hack #75. Kill Processes the Right Way
8.8.1. Killing Processes in the Right Order
8.8.2. Stopping and Restarting a Process
8.8.3. The Last Resort
8.8.4. See Also
Hack #76. Use a Serial Console for Centralized Access to Your Systems
8.9.1. The Options
8.9.2. Start at the Beginning: The Bootloader
8.9.3. Putting It All Together
8.9.4. Where to Go from Here
8.9.5. See Also
Hack #77. Clean Up NIS After Users Depart
8.10.1. The Code
8.10.2. Running the Code
9. Logfiles and Monitoring
9.1. Hacks 78–88: Introduction
Hack #78. Avoid Catastrophic Disk Failure
Hack #79. Monitor Network Traffic with MRTG
9.3.1. Requirements
9.3.2. Installation
9.3.3. Automating MRTG
9.3.4. See Also
Hack #80. Keep a Constant Watch on Hosts
Hack #81. Remotely Monitor and Configure a Variety of Networked Equipment
9.5.1. The Code
9.5.2. Running the Code
Hack #82. Force Standalone Apps to Use syslog
Hack #83. Monitor Your Logfiles
9.7.1. Using log-guardian
9.7.2. Using logcheck
Hack #84. Send Log Messages to Your Jabber Client
9.8.1. The Code
9.8.2. Running the Code
Hack #85. Monitor Service Availability with Zabbix
9.9.1. Dependencies
9.9.2. Installing Zabbix
9.9.3. Monitoring Hosts
9.9.4. Mapping the Network
9.9.5. The Details
Hack #86. Fine-Tune the syslog Daemon
9.10.1. Making Sense of syslog.conf
9.10.2. Real-Time Alerts from the System Log
9.10.3. Centralizing Logs for Convenient Access
9.10.4. See Also
Hack #87. Centralize System Logs Securely
9.11.1. Getting Started
9.11.2. Creating Your Encryption Certificates
9.11.3. Configuring stunnel
9.11.4. Configuring syslog-ng
9.11.5. Testing
9.11.6. Where Next?
9.11.7. See Also
Hack #88. Keep Tabs on Systems and Services
9.12.1. Enter Nagios
9.12.2. Hosts, Services, and Contacts, Oh My!
9.12.3. See Also
10. System Rescue, Recovery, and Repair
10.1. Hacks 89–100: Introduction
Hack #89. Resolve Common Boot and Startup Problems
10.2.1. Check BIOS Settings
10.2.2. Fixing Runlevel or X Window System Problems
10.2.3. Regenerating a Default X Window System Configuration File
10.2.4. Booting to Single-User Mode
10.2.5. Resolving Filesystem Consistency Problems
10.2.6. See Also
Hack #90. Rescue Me!
10.3.1. Downloading and Burning the Rescue Disk
10.3.2. Using the Rescue CD
10.3.3. See Also
Hack #91. Bypass the Standard Init Sequence for Quick Repairs
Hack #92. Find Out Why You Can't Unmount a Partition
10.5.1. Background
10.5.2. Finding Processes That Are Using a Filesystem
10.5.3. Listing Open Files
10.5.4. Summary
10.5.5. See Also
Hack #93. Recover Lost Partitions
10.6.1. Looking for Partitions
10.6.2. Writing the Partition Table
10.6.3. See Also
Hack #94. Recover Data from Crashed Disks
10.7.1. Popular Disk Failure Modes
10.7.2. Attempt to Read Block from Filesystem Resulted in Short Read…
10.7.3. Standard Filesystem Diagnostics and Repair
10.7.4. Removing an ext3 Filesystem's Journal
10.7.5. Cloning a Bad Disk Using ddrescue
10.7.6. Checking the Restored Disk
10.7.7. See Also
Hack #95. Repair and Recover ReiserFS Filesystems
10.8.1. Correcting a Damaged ReiserFS Filesystem
10.8.2. Identifying Files and Directories in the ReiserFS lost+found
10.8.3. See Also
Hack #96. Piece Together Data from the lost+found
10.9.1. Exploring the lost+found
10.9.2. Recovering Directories from the lost+found
10.9.3. Recovering Recognizable Groups of Files
10.9.4. Examining Individual Files
10.9.5. Summary
10.9.6. See Also
Hack #97. Recover Deleted Files
10.10.1. Preventing Additional Changes to the Partition
10.10.2. Looking for the Missing Data
10.10.3. See Also
Hack #98. Permanently Delete Files
10.11.1. Using the shred Utility
10.11.2. See Also
Hack #99. Permanently Erase Hard Disks
10.12.1. Using shred to Wipe Hard Drives
10.12.2. Using Darik's Boot and Nuke
10.12.3. Summary
10.12.4. See Also
Hack #100. Recover Lost Files and Perform Forensic Analysis
10.13.1. Building and Installing The Sleuth Kit
10.13.2. Building and Installing Autopsy and Related Software
10.13.3. Using The Sleuth Kit to Recover Deleted Files
10.13.4. Summary
10.13.5. See Also
暂无相关搜索结果!
×
二维码
手机扫一扫,轻松掌上学
×
《Linux Server Hacks, Volume Two - William von Hagen; Brian K. Jon》电子书下载
请下载您需要的格式的电子书,随时随地,享受学习的乐趣!
EPUB 电子书
×
书签列表
×
阅读记录
阅读进度:
0.00%
(
0/0
)
重置阅读进度