Introduction to Linux Network Services

Xinetd

Xinetd Connection Limiting and Access Control

Xinetd: Resource limits, redirection, logging

TCP Wrappers

The /etc/hosts.allow & /etc/hosts.deny Files

/etc/hosts.{allow,deny} Shortcuts

Advanced TCP Wrappers

Basic Firewall Activation

Netfilter: Stateful Packet Filter Firewall

Netfilter Concepts

Using the iptables Command

Netfilter Rule Syntax

Targets

Common match_specs

Connection Tracking

AppArmor

SELinux Security Framework

Choosing an SELinux Policy

SELinux Commands

SELinux Booleans

Graphical SELinux Policy Tools

Naming Services

DNS - A Better Way

The Domain Name Space

Delegation and Zones

Server Roles

Resolving Names

Resolving IP Addresses

Basic BIND Administration

Configuring the Resolver

Testing Resolution

BIND Configuration Files

named.conf Syntax

named.conf Options Block

Creating a Site-Wide Cache

rndc Key Configuration

Zones In named.conf

Zone Database File Syntax

SOA - Start of Authority

A & PTR - Address & Pointer Records

NS - Name Server

CNAME & MX - Alias & Mail Host

Abbreviations and Gotchas

$ORIGIN and $GENERATE

Subdomains and Delegation

Subdomains

Delegating Zones

in-addr.arpa. Delegation

Issues with in-addr.arpa.

RFC2317 & in-addr.arpa.

Address Match Lists & ACLs

Split Namespace with Views

Restricting Queries

Restricting Zone Transfers

Running BIND in a chroot jail

Dynamic DNS Concepts

Allowing Dynamic DNS Updates

DDNS Administration with nsupdate

Common Problems

Securing DNS with TSIG

LDAP: History and Uses

LDAP: Data Model Basics

LDAP: Protocol Basics

LDAP: Applications

LDAP: Search Filters

LDIF: LDAP Data Interchange Format

OpenLDAP Client Tools

Alternative LDAP Tools

Popular LDAP Server Implementations

OpenLDAP: Server Architecture

OpenLDAP: Backends

OpenLDAP: Replication

OpenLDAP: Configuration Options

OpenLDAP: Configuration Sections

OpenLDAP: Global Parameters

OpenLDAP: Database Parameters

OpenLDAP Server Tools

Enabling LDAP-based Login

System Security Services Daemon (SSSD)

HTTP Operation

Apache Architecture

Dynamic Shared Objects

Adding Modules to Apache

Apache Configuration Files

httpd.conf - Server Settings

httpd.conf - Main Configuration

HTTP Virtual Servers

Virtual Hosting DNS Implications

httpd.conf - VirtualHost Configuration

Port and IP based Virtual Hosts

Name-based Virtual Host

Apache Logging

Log Analysis

The Webalizer

Virtual Hosting Security Implications

Delegating Administration

Directory Protection

Directory Protection with AllowOverride

Common Uses for .htaccess

Symmetric Encryption Algorithms

Asymmetric Encryption Algorithms

Digital Certificates

SSL Using mod_ssl.so

Dynamic HTTP Content

PHP: Hypertext Preprocessor

Developer Tools for PHP

Installing PHP

Configuring PHP

Securing PHP

Security Related php.ini Configuration

Java Servlets and JSP

Apache's Tomcat

Installing Java SDK

Installing Tomcat Manually

Using Tomcat with Apache

The FTP Protocol

Active Mode FTP

Passive Mode FTP

ProFTPD

Pure-FTPd

vsftpd

Configuring vsftpd

Anonymous FTP with vsftpd

Squid Overview

Squid File Layout

Squid Access Control Lists

Applying Squid ACLs

Tuning Squid & Configuring Cache Hierarchies

Bandwidth Metering

Monitoring Squid

Proxy Client Configuration

Introducing Samba

Samba Daemons

NetBIOS and NetBEUI

Accessing Windows/Samba Shares from Linux

Samba Utilities

Samba Configuration Files

The smb.conf File

Mapping Permissions and ACLs

Mapping Linux Concepts

Mapping Case Sensitivity

Mapping Users

Sharing Home Directories

Sharing Printers

Share Authentication

Share-Level Access

User-Level Access

Samba Account Database

User Share Restrictions

SMTP

SMTP Terminology

SMTP Architecture

SMTP Commands

SMTP Extensions

SMTP AUTH

SMTP STARTTLS

SMTP Session

Postfix Features

Postfix Architecture

Postfix Components

Postfix Configuration

master.cf

main.cf

Postfix Map Types

Postfix Pattern Matching

Advanced Postfix Options

Virtual Domains

Postfix Mail Filtering

Configuration Commands

Management Commands

Postfix Logging

Logfile Analysis

chrooting Postfix

Postfix, Relaying and SMTP AUTH

SMTP AUTH Server and Relay Control

SMTP AUTH Clients

Postfix / TLS

TLS Server Configuration

Postfix Client Configuration for TLS

Other TLS Clients

Ensuring TLS Security

Filtering Email

Procmail

SpamAssassin

Bogofilter

amavisd-new Mail Filtering

Accessing Email

The IMAP4 Protocol

Dovecot POP3/IMAP Server

Cyrus IMAP/POP3 Server

Cyrus IMAP MTA Integration

Cyrus Mailbox Administration

Fetchmail

SquirrelMail