Go back to fronty page View most popular entries View latest additions Submit tutorials to UnixTutorials.info
UnixTutorials logo

Search results for Use Webmin for Linux Administration

Linux Use Webmin for Linux Administration
Post date: April 12, 2005, 20:04 Category: Software Views: 39
Tutorial quote: Administering Linux and Unix-based servers does not need to be the scourge of your work day. With a handy tool called Webmin as part of your arsenal, you can regain complete control of your servers via the Web browser.
Linux iptables: The Linux Firewall Administration Program
Post date: November 29, 2005, 15:11 Category: Network Views: 86
Tutorial quote: This chapter covers the iptables firewall administration program used to build a Netfilter firewall. For those of you who are familiar with or accustomed to the older ipfwadm and ipchains programs used with the IPFW technology, iptables will look very similar to those programs. However, it is much more feature-rich and flexible, and it is very different on subtle levels.
Unix+clones CLI Magic: OpenSSH + Bash
Post date: January 25, 2006, 15:01 Category: Network Views: 30
Tutorial quote: As a system administrator, I have used OpenSSH's piping abilities more times than I can remember. The typical ssh call gets me access to systems for administration with a proven identity, but ssh is capable of so much more. In combination with bash's subshell invocation, OpenSSH can distribute the heavy work, reduce trace interference on a system under test, and make other "impossible" tasks possible. I've even used it to make Microsoft Windows remote administration easier.

In the examples below, I have tried to avoid GNU-specific idioms for tools which have non-GNU counterparts. This practice improves portability of shell scripts in heterogeneous environments.
Linux The Serial Console
Post date: April 14, 2005, 09:04 Category: Hardware Views: 71
Tutorial quote: In these modern times, a hardworking admin might be tempted to turn her back on the Old Ways, and indulge in increasingly exotic methods of interfacing with servers: SSH over ethernet, USB, Firewire, wireless, infrared, KVM switches, VNC, VPN... next stop: direct neural implants.

There's one old timer that still has useful place in the admin's tool kit: the serial console. Sure, it's slow and funky. But there are times it can be a real lifesaver. When nothing else works, it's a direct pipeline into your system. It's simple and cheap. You don't need to install drivers or expansion cards, it's just there.

Administration via serial console is common in data centers. Just imagine the nightmare of trying to connect all those rack units to keyboards and displays. The cabling can be extended to a nice comfortable ops center (well, an ops center, anyway). (This Lantronix Console Manager is an example of the type of device used to administer these.)

There are a number of ways to make the physical connection. You can connect an external modem--the kind us old timers fondly refer to as "real" modems--and do remote administration via dialup. It couldn't be any simpler, just dial direct. Or grab a null modem cable, connect to a laptop or a nearby workstation, and you have an instant terminal.
Debian Configuring Dynamic DNS & DHCP on Debian Stable
Post date: February 2, 2006, 20:02 Category: Network Views: 55
Tutorial quote: For the average home computer user there is no need to install a complex package such as the Internet Software Consortium's BIND DNS or DHCP server, since there are far simpler lower resource tools to use, for example dnsmasq. For those who you wish to learn how to use ISC's BIND and DHCP, for example as a learning exercise, this is how I got it all to work in Debian Sarge, the current stable version of Debian GNU/Linux.

This short article was prompted by my question on the Debian-Administration forum site, where I was able to get some answers to the issues I faced and I did promise to post a solution if I got one.
OpenBSD Hardening OpenBSD Internet Servers
Post date: April 11, 2006, 18:04 Category: Security Views: 36
Tutorial quote: This tutorial on how-to harden or improve security on OpenBSD Internet servers includes sections that apply to any UNIX system. Hardening is making a computer more secure by removing unneeded functions, restricting access and tracking changes and processes. It was revised to cover OpenBSD 3.0 on Dec. 15, 2001 and includes an overview of the 2.9 to 3.0 changes. A new page on priorities ranks the value of the techniques presented here. Familiarity with UNIX system administration but not OpenBSD is assumed.
IPCop Setup your own VPN with IPCop and OpenVPN
Post date: March 30, 2006, 12:03 Category: Network Views: 37
Tutorial quote: I ’m a huge fan of IPCop. It’s a great firewall distro that makes administration a snap using a slick web interface. My goal was to use IPCop and an easy-to-use VPN client to allow access to my LAN while away from home.

I ended up going with the ZERINA OpenVPN addon for IPCop and the OpenVPN GUI for Windows.

If you’ve ever wanted full, secure, encrypted access to your LAN from any remote location, here is your guide.

Just follow these ten easy steps…
Linux Hardening Linux: a 10 step approach to a secure server
Post date: June 22, 2005, 06:06 Category: Security Views: 156
Tutorial quote: The Internet has become a far more dangerous place than it was 20 years ago. Nowadays, Operating System and application security is an integral part of a server configuration and, while firewalls are very important, they are not the panacea.

This list of steps is intended as a guideline with a practical approach. We’ll try to provide a complete picture without getting into unnecesary details. This list won’t replace a good book on secure systems administration, but it will be useful as a quick guide.

Before we get started it’s worth to mention that security is not a status: it’s just a process. The correct initial setup of the server only provides a good start and helps you get half the way through. But you actually need to walk the other half of the road, by providing proper security vigilance, monitoring and updating.
Unix+clones The 'no-configuration, only-active-when-needed' SSH VPN
Post date: April 12, 2005, 23:04 Category: Network Views: 40
Tutorial quote: So, we started thinking about how we might set up a VPN between the application server and our internal software mirror. The only requirement is that the VPN be initiated from the "inside-out" and that the connection is only active for as long as we need to use. In other words, it would only be active during an administration session. Ideally, it wouldn't be a lot of work to setup and tear down either.

SSH to the rescue...

Fortunately, SSH client and server come with support for this out of the box, requiring no additional software to be installed, and no configuration changes. On the server side, sshd, the setting "AllowTcpForwarding" defaults to "yes" unless your sshd_config file explicitly disables it. On the client side, all you have to do is request the forwarding.
Linux Upstream Provider Woes? Point the Ping of Blame
Post date: April 14, 2005, 08:04 Category: Network Views: 42
Tutorial quote: Your users are complaining that "the Internet is, like, all slow." Users are always complaining, but you're seeing a lot of timeouts when you check mail, surf the Web, or try to log in for remote administration. Or even worse, latency is so bad that you keep getting killed all to heck in your favorite gory violent online multi-player game, so you know there is a problem. But there a lot of potential bottlenecks between your PC and the outside world, like your Internet gateway, proxy server, firewall, Internet service provider, and so forth, so where do you begin?

One of the best and most versatile network tools you can have is a notebook PC running Linux. This lets you plug in anywhere to run tests and find out what is going on. Make it a nothing-to-lose box--don't keep data on it so you can wipe and reinstall the operating system as necessary, because you want to be able to run tests outside of firewalls. Don't run any services. You can put a minimal iptables firewall on it, as there is no point in being totally exposed, but keep it simple. (Use MondoRescue to make a system snapshot for fast restores.)