search the articles directory
Powered by Google™
old Linux articles
TCP IP Protocols - ...utlook Express for example), which has SMTP and POP3 functions according to OSI Layer 7 (application).
Layer 6: You send t...
The TCP/IP Internet Layer - ...mary concern is to find the best path between the endpoints, without caring about the contents of the packet. IP does not perform error checking and...
IP Addressing, IP Subnetting, and IP Supernetting - ... 11000000101010000000000100000001 is a valid IP address. For the ease of use, IP addresses are represented in a form called the dotted decimal forma...
Public and Private IP Addresses - ...has been succeeded by IANA (Internet Assigned Numbers Authority). IANA makes sure to provide unique IP network addresses to Internet Service Provide...
IP Supernetting or CIDR - ... addressing shows us the following:
Address ...
Linux Security Threats - ...onsider in running a safe network.
As hard as it may seem to protect your network from the outside world, the most dangerous threats always come f...
IP Spoofing - ...ofed to the attacked IP address. The receiver then sends back replies that can contain large amounts of data to the attacked IP address resulting in...
BIND Domain Name System DNS - ...ital for internet connection; so in order to disrupt services to victims, attackers have a great interest in bringing down DNS servers. Although BIN...
Simple Network Management Protocol SNMP - ...ces use version 1 or version 2, which have a very weak authentication method. SNMP version 1 contains a set of bugs in the way SNMP traps and reques...
Firewalls, netfilter/iptables - ...advanced routing and traffic shaping.
This article is intended to introduce the tools we will use throughout this article. However, netfilter ...
Iptables Target Specifications in Linux - ... consultation of other firewall rules.
An alternative to DROP is the REJECT target, which drops the packet but sends an ICMP packet to the sou...
A Basic Firewall Script, Linux as a Workstation - ...an old Linux distribution and decide to go for lunch after you have just booted up without any firewall and with a public IP address, good chances a...
NAT and Packet Mangling with iptables - ...IP works, in order for hosts to communicate on the Internet, each must have a unique IP address.
However, due to the shortage of public IP ad...
SNAT with iptables - ...rm NAT on Linux.
Setting Up the Kernel
Usually, every Linux distribution comes with a kernel compiled with netfi...
Linux as SOHO Router - ... than any computer, but if you have an old computer that you are about to throw away, you can easily install Linux on it and make it your own SOHO r...
Building Linux Firewall - ...ily commented.
We will run Squid on its default port, 3128. To be able to use Squid as transparent proxy, we have to add the following infor...
latest articles under "Linux"
Navigation: Categories » Computers and technology » Linux
Below is a list of all Linux articles. If you want to find a tutorial by keywords, all you have to do is a quick search in our directory. Just use the search option available at the top-right side of the page. The website search is powered by web-articles. Or, if you want to read specific Linux tutorial, just point to it. The newest articles and tutorials are shown first in the list. To access the last ones, browse the pages 2, 3, 4... at the bottom. Also, you may browse articles alphabetically ordered.
Page# 1 (last added articles shown first)
Enter page# 1 (last added articles shown first)
Below is a list of all Linux articles. If you want to find a tutorial by keywords, all you have to do is a quick search in our directory. Just use the search option available at the top-right side of the page. The website search is powered by web-articles. Or, if you want to read specific Linux tutorial, just point to it. The newest articles and tutorials are shown first in the list. To access the last ones, browse the pages 2, 3, 4... at the bottom. Also, you may browse articles alphabetically ordered.
Page# 1 (last added articles shown first)
Linux Based Networking (04/09/2007)
(...) The types of networks commonly used are: LAN (Local Area Network): A network in which the computers are close together (the same building). WAN (Wide Area Network): A network in which the computers are at very long distances. MAN (Metropolitan Area Network): A city-wide network. (...)
(...) The types of networks commonly used are: LAN (Local Area Network): A network in which the computers are close together (the same building). WAN (Wide Area Network): A network in which the computers are at very long distances. MAN (Metropolitan Area Network): A city-wide network. (...)
TCP IP Protocols (04/09/2007)
(...) Layer 3: Your computer searches for the IP address of the SMTP server according to the routing table of the operating system. If it is not found in the routing table, it will forward it to the company router for path determination. The IP protocol is at OSI Layer 3 (network). (...)
(...) Layer 3: Your computer searches for the IP address of the SMTP server according to the routing table of the operating system. If it is not found in the routing table, it will forward it to the company router for path determination. The IP protocol is at OSI Layer 3 (network). (...)
The TCP/IP Internet Layer (04/09/2007)
(...) The 4-bit version field contains the number 4 if it is an IPv4 packet, and 6 if it is an IPv6 packet. However, this field is not used to distinguish between IPv4 and IPv6 packets. The protocol type field present in the Layer 2 envelope is used for that. (...)
(...) The 4-bit version field contains the number 4 if it is an IPv4 packet, and 6 if it is an IPv6 packet. However, this field is not used to distinguish between IPv4 and IPv6 packets. The protocol type field present in the Layer 2 envelope is used for that. (...)
IP Addressing, IP Subnetting, and IP Supernetting (04/09/2007)
(...) This gives us a maximum of 4,294,967,296 IP addresses. The IPv6 protocol extends the number of IP addresses by creating IP addresses 16 bytes long. Since IPv4 is most widely used protocol and it will still be for many years, we will refer to IPv4 addresses in this article. (...)
(...) This gives us a maximum of 4,294,967,296 IP addresses. The IPv6 protocol extends the number of IP addresses by creating IP addresses 16 bytes long. Since IPv4 is most widely used protocol and it will still be for many years, we will refer to IPv4 addresses in this article. (...)
Public and Private IP Addresses (04/09/2007)
(...) apnic.net ARIN (American Registry for Internet Numbers): North America Region, http://www.arin. (...)
(...) apnic.net ARIN (American Registry for Internet Numbers): North America Region, http://www.arin. (...)
Linux Security Threats (04/09/2007)
(...) If the provider has bad intentions, he or she can assume trusted IP addresses from one of the sites to log in into protected servers on the other site after sniffing out users and passwords. Of course, a serious provider would never do that, but still you might consider that behind everything there are people that can have malicious intentions, or that there is a small chance that some hacker that wants your data may hack your provider's systems. Well, we've now established that a security threat may come from inside, outside, or from transit points of the network. (...)
(...) If the provider has bad intentions, he or she can assume trusted IP addresses from one of the sites to log in into protected servers on the other site after sniffing out users and passwords. Of course, a serious provider would never do that, but still you might consider that behind everything there are people that can have malicious intentions, or that there is a small chance that some hacker that wants your data may hack your provider's systems. Well, we've now established that a security threat may come from inside, outside, or from transit points of the network. (...)
IP Spoofing (04/09/2007)
(...) We will discuss later in this article how to set up, configure, and secure BGP on Linux. ICMP Attacks ICMP is a very important part of the IP protocol enabling hosts and routers to exchange control messages. Using spoofed IP addresses, an attacker might disrupt communications between two hosts by sending "Time Exceeded" or "Destination Unreachable" messages to both hosts, resulting in a DoS attack. (...)
(...) We will discuss later in this article how to set up, configure, and secure BGP on Linux. ICMP Attacks ICMP is a very important part of the IP protocol enabling hosts and routers to exchange control messages. Using spoofed IP addresses, an attacker might disrupt communications between two hosts by sending "Time Exceeded" or "Destination Unreachable" messages to both hosts, resulting in a DoS attack. (...)
Simple Network Management Protocol SNMP (04/09/2007)
(...) This is very dangerous for the devices and the network; so here's what you should try to do: Try not to use SNMP, unless you have to. Whenever possible, use SNMP version 3, which has user mode authentication and can do encryption. In any case, if you use SNMP, change the default communities. (...)
(...) This is very dangerous for the devices and the network; so here's what you should try to do: Try not to use SNMP, unless you have to. Whenever possible, use SNMP version 3, which has user mode authentication and can do encryption. In any case, if you use SNMP, change the default communities. (...)
Firewalls, netfilter/iptables (04/09/2007)
(...) lartc.org. netfilter/iptables netfilter is a very important part of the Linux kernel in terms of security, packet mangling, and manipulation. (...)
(...) lartc.org. netfilter/iptables netfilter is a very important part of the Linux kernel in terms of security, packet mangling, and manipulation. (...)
Iptables Target Specifications in Linux (04/09/2007)
(...) The valid names are debug, info, notice, warning, err, crit, alert, and emerg with corresponding numbers from 7 to 0. --log-prefix prefix: Log prefix is followed by a string of up to 29 characters, placed at the beginning of the log message. --log-tcp-sequence: Logs TCP sequence numbers. (...)
(...) The valid names are debug, info, notice, warning, err, crit, alert, and emerg with corresponding numbers from 7 to 0. --log-prefix prefix: Log prefix is followed by a string of up to 29 characters, placed at the beginning of the log message. --log-tcp-sequence: Logs TCP sequence numbers. (...)
A Basic Firewall Script, Linux as a Workstation (04/09/2007)
(...) Next, we flush all existing rules out from the filter table. At this point, nothing really works. Some applications use TCP/IP connections on the loopback interface; so it's safe to allow packets that come in on the interface "lo". (...)
(...) Next, we flush all existing rules out from the filter table. At this point, nothing really works. Some applications use TCP/IP connections on the loopback interface; so it's safe to allow packets that come in on the interface "lo". (...)
NAT and Packet Mangling with iptables (04/09/2007)
(...) SNAT and Masquerade SNAT is an alias for Source Network Address Translation. It is called so because only the source IP address gets translated. The NAT box will overwrite the source address in IP headers of all packets sent by a box behind NAT to one or many IP addresses. (...)
(...) SNAT and Masquerade SNAT is an alias for Source Network Address Translation. It is called so because only the source IP address gets translated. The NAT box will overwrite the source address in IP headers of all packets sent by a box behind NAT to one or many IP addresses. (...)
SNAT with iptables (04/09/2007)
(...) com/linux/Kernel-Build-HOWTO.html When compiling a new kernel or recompiling the kernel that you have, you must set NETFILTER=y in order to use iptables. In the 2. (...)
(...) com/linux/Kernel-Build-HOWTO.html When compiling a new kernel or recompiling the kernel that you have, you must set NETFILTER=y in order to use iptables. In the 2. (...)
Linux as SOHO Router (04/09/2007)
(...) If you want the LAN to be wired and wireless, the Ethernet interface for the local network will be plugged into an access point with a built-in switch. However it is, everything is basically a LAN (wired, wireless, bridged, or switched); so, from the firewall point of view, it doesn't really matter what we use at the first and second layers of the OSI model (access points, hubs, switches). The provider usually assigns us a public IP address that can be either statically assigned or dynamically assigned using DHCP or PPPoE. (...)
(...) If you want the LAN to be wired and wireless, the Ethernet interface for the local network will be plugged into an access point with a built-in switch. However it is, everything is basically a LAN (wired, wireless, bridged, or switched); so, from the firewall point of view, it doesn't really matter what we use at the first and second layers of the OSI model (access points, hubs, switches). The provider usually assigns us a public IP address that can be either statically assigned or dynamically assigned using DHCP or PPPoE. (...)
Building Linux Firewall (04/09/2007)
(...) Any file can be a virus, and the file extensions that follow are just as an example; so please feel free to add any file extension you consider dangerous. In the squid.conf file, we add the following lines: acl all src 0. (...)
(...) Any file can be a virus, and the file extensions that follow are just as an example; so please feel free to add any file extension you consider dangerous. In the squid.conf file, we add the following lines: acl all src 0. (...)
Enter page# 1 (last added articles shown first)