Automating UNIX and Linux Administration will focus on automating the tedious daily tasks of system administration. It will provide real-world examples and explore the existing tools that will help with this task. Although the book will provide brief overviews of tools and technologies that are covered, the author will assume the reader knows how to edit a configuration file or mount a file system. The book will focus on putting these tools to use in the real world, such as how to use a set of Perl scripts to manage your user accounts across 1000 machines. It will not show you how to write a basic 'Hello World' program in Perl nor contain a Perl function reference or summary.
The techniques, methods and tools covered in this book will help on a single system, but will be much more useful across multiple systems. Whether you are managing 2 or 5,000 systems, whether they are desktops, servers, or a Beowulf cluster, you will benefit from this type of automation. Although some of the book will be Linux-specific, most of it will apply to any UNIX system. The book will also focus on automating tasks across multiple variants of UNIX.
In order to thoroughly understand what makes Linux tick and why it works so well on a wide variety of systems, you need to delve deep into the heart of the kernel. The kernel handles all interactions between the CPU and the external world, and determines which programs will share processor time, in what order. It manages limited memory so well that hundreds of processes can share the system efficiently, and expertly organizes data transfers so that the CPU isn't kept waiting any longer than necessary for the relatively slow disks.
The third edition of "Understanding the Linux Kernel" takes you on a guided tour of the most significant data structures, algorithms, and programming tricks used in the kernel. Probing beyond superficial features, the authors offer valuable insights to people who want to know how things really work inside their machine. Important Intel-specific features are discussed. Relevant segments of code are dissected line by line. But the book covers more than just the functioning of the code; it explains the theoretical underpinnings of why Linux does things the way it does.
This edition of the book covers Version 2.6, which has seen significant changes to nearly every kernel subsystem, particularly in the areas of memory management and block devices. The book focuses on the following topics:
Memory management, including file buffering, process swapping, and Direct memory Access (DMA)
The Virtual Filesystem layer and the Second and Third Extended Filesystems
Process creation and scheduling
Signals, interrupts, and the essential interfaces to device drivers
Timing
Synchronization within the kernel
Interprocess Communication (IPC)
Program execution
"Understanding the Linux Kernel" will acquaint you with all the inner workings of Linux, but it's more than just an academic exercise. You'll learn what conditions bring out Linux's best performance, and you'll see how it meets the challenge of providing good system response during process scheduling, file access, and memory management in a wide variety of environments. This book will help you make the most of your Linux system.
The classic guide to UNIX networking APIs... now completely updated!
To build today's highly distributed, networked applications and services, you need deep mastery of sockets and other key networking APIs. One book delivers comprehensive, start-to-finish guidance for building robust, high-performance networked systems in any environment: UNIX Network Programming, Volume 1, Third Edition.
Building on the legendary work of W. Richard Stevens, this edition has been fully updated by two leading network programming experts to address today's most crucial standards, implementations, and techniques. New topics include:
* POSIX Single UNIX Specification Version 3
* IPv6 APIs (including updated guidance on IPv6/IPv4 interoperability)
* The new SCTP transport protocol
* IPsec-based Key Management Sockets
* FreeBSD 4.8/5.1, Red Hat Linux 9.x, Solaris 9, AIX 5.x, HP-UX, and Mac OS X implementations
* New network program debugging techniques
* Source Specific Multicast API, the key enabler for widespread IP multicast deployment
The authors also update and extend Stevens' definitive coverage of these crucial UNIX networking standards and techniques:
* TCP and UDP transport
* Sockets: elementary, advanced, routed, and raw
* I/O: multiplexing, advanced functions, nonblocking, and signal-driven
* Daemons and inetd
* UNIX domain protocols
* ioctl operations
* Broadcasting and multicasting
* Threads
* Streams
* Design: TCP iterative, concurrent, preforked, and prethreaded servers
Since 1990, network programmers have turned to one source for the insights and techniques they need: W. Richard Stevens' UNIX Network Programming. Now, there's an edition specifically designed for today's challenges--and tomorrow's.
For over a decade, serious C programmers have relied on one book for practical, in-depth knowledge of the programming interfaces that drive the UNIX and Linux kernels: W. Richard Stevens' Advanced Programming in the UNIX® Environment. Now, Stevens' colleague Stephen Rago has thoroughly updated this classic to reflect the latest technical advances and add support for today's leading UNIX and Linux platforms.
Rago carefully retains the spirit and approach that made this book a classic. Building on Stevens' work, he begins with basic topics such as files, directories, and processes, carefully laying the groundwork for understanding more advanced techniques, such as signal handling and terminal I/O.
Substantial new material includes chapters on threads and multithreaded programming, using the socket interface to drive interprocess communication (IPC), and extensive coverage of the interfaces added to the latest version of the POSIX.1 standard. Nearly all examples have been tested on four of today's most widely used UNIX/Linux platforms: FreeBSD 5.2.1; the Linux 2.4.22 kernel; Solaris 9; and Darwin 7.4.0, the FreeBSD/Mach hybrid underlying Apple's Mac OS X 10.3.
As in the first edition, you'll learn through example, including more than 10,000 lines of downloadable, ANSI C source code. More than 400 system calls and functions are demonstrated with concise, complete programs that clearly illustrate their usage, arguments, and return values. To tie together what you've learned, the book presents several chapter-length case studies, each fully updated for contemporary environments.
Advanced Programming in the UNIX® Environment has helped a generation of programmers write code with exceptional power, performance, and reliability. Now updated for today's UNIX/Linux systems, this second edition will be even more indispensable.
When Practical UNIX Security was first published in 1991, it became an instant classic. Crammed with information about host security, it saved many a UNIX system administrator and user from disaster.
This second edition is a complete rewrite of the original book. It's packed with twice the pages and offers even more practical information for UNIX users and administrators. It covers features of many types of UNIX systems, including SunOS, Solaris, BSDI, AIX, HP-UX, Digital UNIX, Linux, and others. The first edition was practical, entertaining, and full of useful scripts, tips, and warnings. This edition is all those things -- and more.
If you are a UNIX system administrator or user in this security-conscious age, you need this book. It's a practical guide that spells out, in readable and entertaining language, the threats, the system vulnerabilities, and the countermeasures you can adopt to protect your UNIX system, network, and Internet connection. It's complete -- covering both host and network security -- and doesn't require that you be a programmer or a UNIX guru to use it.
Practical UNIX & Internet Security describes the issues, approaches, and methods for implementing security measures. It covers UNIX basics, the details of security, the ways that intruders can get into your system, and the ways you can detect them, clean up after them, and even prosecute them if they do get in. Filled with practical scripts, tricks, and warnings, Practical UNIX & Internet Security tells you everything you need to know to make your UNIX system as secure as it possible can be.
Contents include:
* Part I: Computer Security Basics. Introduction and security policies.
* Part II: User Responsibilities. Users and their passwords, groups, the superuser, the UNIX filesystem, and cryptography.
* Part III: System Administrator Responsibilities. Backups, defending accounts, integrity checking, log files, programmed threats, physical security, and personnel security.
* Part IV: Network and Internet Security: telephone security, UUCP, TCP/IP networks, TCP/IP services, WWW, RPC, NIS, NIS+, Kerberos, and NFS.
* Part V: Advanced Topics: firewalls, wrappers, proxies, and secure programming.
* Part VI: Handling Security Incidents: discovering a breakin, U.S. law, and trust.
* VII: Appendixes. UNIX system security checklist, important files, UNIX processes, paper and electronic sources, security organizations, and table of IP services.
In the five years since the first edition of this classic book was published, Internet use has exploded. The commercial world has rushed headlong into doing business on the Web, often without integrating sound security technologies and policies into their products and methods. The security risks--and the need to protect both business and personal data--have never been greater. We've updated "Building Internet Firewalls" to address these newer risks.
What kinds of security threats does the Internet pose? Some, like password attacks and the exploiting of known security holes, have been around since the early days of networking. And others, like the distributed denial of service attacks that crippled Yahoo, E-Bay, and other major e-commerce sites in early 2000, are in current headlines.
Firewalls, critical components of today's computer networks, effectively protect a system from most Internet security threats. They keep damage on one part of the network--such as eavesdropping, a worm program, or file damage--from spreading to the rest of the network. Without firewalls, network security problems can rage out of control, dragging more and more systems down.
Like the bestselling and highly respected first edition, "Building Internet Firewalls," 2nd Edition, is a practical and detailed step-by-step guide to designing and installing firewalls and configuring Internet services to work with a firewall. Much expanded to include Linux and Windows coverage, the second edition describes:
Firewall technologies: packet filtering, proxying, network address translation, virtual private networks
Architectures such as screening routers, dual-homed hosts, screened hosts, screenedsubnets, perimeter networks, internal firewalls
Issues involved in a variety of new Internet services and protocols through a firewall
Email and News
Web services and scripting languages (e.g., HTTP, Java, JavaScript, ActiveX, RealAudio, RealVideo)
File transfer and sharing services such as NFS, Samba
Remote access services such as Telnet, the BSD "r" commands, SSH, BackOrifice 2000
Real-time conferencing services such as ICQ and talk
Naming and directory services (e.g., DNS, NetBT, the Windows Browser)
Authentication and auditing services (e.g., PAM, Kerberos, RADIUS);
Administrative services (e.g., syslog, SNMP, SMS, RIP and other routing protocols, and ping and other network diagnostics)
Intermediary protocols (e.g., RPC, SMB, CORBA, IIOP)
Database protocols (e.g., ODBC, JDBC, and protocols for Oracle, Sybase, and Microsoft SQL Server)
The book's complete list of resources includes the location of many publicly available firewall construction tools.
A classic O'Reilly title since 1993, sendmail now covers Versions 8.10 through 8.14 of this email routing program, including dozens of new features, options, and macros. This edition also takes a more nuts-and-bolts approach than its predecessors. It includes both an administration handbook and a reference guide that provide you with clear options for installing, configuring and managing sendmail's latest versions and companion programs.
The sendmail program has withstood the test of time because of its ability to solve the mail-routing needs of all sites large or small, complex or simple. But it's also difficult to configure and even more difficult to understand. That's why this book has proven valuable since the dawn of email. With it, you will be able to configure the program to meet any need, so that you never again have to call in a sendmail guru to bail you out.
sendmail includes the following sections:
* Some Basics is especially useful for people new to the program. It covers the basic concepts underlying mail delivery and the roles sendmail plays in that delivery
* Administration covers all aspects of handling sendmail, from downloading and installing new releases to managing mailing lists and aliases
* Configuration Reference contains a heavily cross-referenced guide for configuring and tuning sendmail. Every arcane detail of sendmail is listed alphabetically
* Appendices contain more detail about sendmail than you may ever need
This edition also includes new material on SSL and AUTH and a new chapter on Mitlers. If you're interested in what has changed since the last edition, one appendix categorizes the many improvements of sendmail's intervening versions by chapter, complete with references to the appropriate sections and page numbers in the book.
With sendmail, system administrators, programmers, network engineers, and even inexperienced users will be able to match this challenging but necessary utility to the needs of their network.
TCP/IP Network Administration, 2nd Edition is a complete guide to setting up and running a TCP/IP network for administrators of networks of systems or users of home systems that access the Internet. It starts with the fundamentals: what the protocols do and how they work, how addresses and routing are used to move data through the network, and how to set up your network connection.
Beyond basic setup, this new second edition discusses advanced routing protocols (RIPv2, OSPF, and BGP) and the gated software package that implements them. It also provides a tutorial on how to configure important network services, including PPP, SLIP, sendmail, Domain Name Service (DNS), BOOTP and DHCP configuration servers, and some simple setups for NIS and NFS. There are also chapters on troubleshooting and security. In addition, this book is a command and syntax reference for several important packages, including pppd, dip, gated, named, dhcpd, and sendmail.
Contents include:
* Overview of TCP/IP
* Delivering the Data
* Network Services
* Getting Started
* Basic Configuration
* Configuring the Interface
* Configuring Routing
* Configuring DNS Name Service
* Configuring Network Servers
* sendmail
* Troubleshooting TCP/IP
* Network Security
* Internet Information Resources
Appendixes include: dip, pppd and chat reference; a gated reference; a named reference; a dhcpd reference; and a sendmail reference
Covers Linux, BSD, and System V TCP/IP implementations.
DNS and BIND discusses one of the Internet's fundamental building blocks: the distributed host information database that's responsible for translating names into addresses, routing mail to its proper destination, and many other services. As the authors write in the preface, if you're using the Internet, you're already using DNS -- even if you don't know it.
The third edition covers BIND 4.9, on which most commercial products are currently based, and BIND 8, which implements many important new features and will be the basis for the next generation of commercial name servers. It also covers topics like DNS security (greatly improved with BIND 8.1), asynchronous notification of changes to a zone, dynamic updates, and programming with Perl's Net::DNS module.
Whether you're an administrator involved with DNS on daily basis, or a user who wants to be more informed about the Internet and how it works, you'll find that this book is essential reading.
Topics include:
* What DNS does, how it works, and when you need to use it
* How to find your own place in the Internet's name space
* Setting up name servers
* Using MX records to route mail
* Configuring hosts to use DNS name servers
* Subdividing domains (parenting)
* Securing your name server: restricting who can query your server, preventing unauthorized zone transfers, avoiding bogus name servers, etc.
* Mapping one name to several servers for load sharing
* Troubleshooting: using nslookup, reading debugging output, common problems
* DNS programming, using the resolver library and Perl's Net::DNS module
sed & awk describes two text processing programs that are mainstays of the UNIX programmer's toolbox. sed is a "stream editor" for editing streams of text that might be too large to edit as a single file, or that might be generated on the fly as part of a larger data processing step. The most common operation done with sed is substitution, replacing one block of text with another. awk is a complete programming language. Unlike many conventional languages, awk is "data driven" -- you specify what kind of data you are interested in and the operations to be performed when that data is found. awk does many things for you, including automatically opening and closing data files, reading records, breaking the records up into fields, and counting the records. While awk provides the features of most conventional programming languages, it also includes some unconventional features, such as extended regular expression matching and associative arrays. sed & awk describes both programs in detail and includes a chapter of example sed and awk scripts. This edition covers features of sed and awk that are mandated by the POSIX standard. This most notably affects awk, where POSIX standardized a new variable, CONVFMT, and new functions, toupper() and tolower(). The CONVFMT variable specifies the conversion format to use when converting numbers to strings (awk used to use OFMT for this purpose). The toupper() and tolower() functions each take a (presumably mixed case) string argument and return a new version of the string with all letters translated to the corresponding case. In addition, this edition covers GNU sed, newly available since the first edition. It also updates the first edition coverage of Bell Labs nawk and GNU awk (gawk), covers mawk, an additional freely available implementation of awk, and briefly discusses three commercial versions of awk, MKS awk, Thompson Automation awk (tawk), and Videosoft (VSAwk).