© 2004 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice

Installation & management of SUSE Enterprise Linux 8

Server setup Module 6

24.11

Module objectives

When completing SUSE Linux setup, the administrator should be aware of:

• Database server support

• Thin client server

• Authentication server

• Security

34.11

SUSE – Database server (1 of 2)

MySQL is supported by SUSE and Webmin:

44.11

SUSE – Database server (2 of 2)

PostgreSQL is supported by SUSE and Webmin:

54.11

SUSE – Database support

A wide number of commercial databases are supported on SUSE Linux including

•IBM DB2

•IBM Informix

• Oracle

•Sybase

64.11

SUSE – Thin client server (1 of 4)

SUSE can be used as a server for thin clients. Included in SLES8 are:

• Tftp server

• Dhcp server (with bootp support)

A typical thin client like the Linux Terminal Server must also be loaded. The LTSP package is available tin RPM format from www.ltsp.org

74.11

SUSE – Thin client server (2 of 4)

• Tftp is an insecure protocol

• Wrappers should be used to prevent remote sites from gaining access to a system

84.11

SUSE – Thin client server (3 of 4)

Dhcp can be easily managed from webmin:

94.11

SUSE – Thin client server (4 of 4)

104.11

SUSE – Authentication server

• PAM (Pluggable Authentication Manager) is an integrated package that manages accounts, passwords, authentication and sessions.

• SUSE (like Red Hat) uses PAM for authentication. PAM supports the following authentication systems:– Windows Domain authentication with Samba– LDAP Domain integration with Windows– NIS (and NIS+)– Unix/Linux passwords (with or without /etc/shadow)

114.11

SUSE – Security Monitor

Security Applications

• Argus

• Ethereal

• Mon

• Mtr

• Nmap

• Nagios

• Saint

• ntop

• Traffic-vis

• Nessus

• Snort

• tcpdump

Security monitor applications (1 of 3)

124.11

Security monitor applications (2 of 3)

The rich set of SUSE security applications fall into a number of categories:

• Passive network packet sniffers

• Intrusion Detection Systems

• Active network Probes

• Active Network Monitors

134.11

Security monitor applications (3 of 3)

Passive network packet sniffers

• Tcpdump – a real-time text based packet sniffer

• Ethereal – a real-time graphic based packet sniffer

• Argus – batch mode IP transaction analysis and archiving tool

• Traffic-vis - batch mode packet analysis and archiving tool

• Ntop – a web oriented net traffic analysis tool

144.11

Security monitor - Ethereal

Ethereal from the SUSE Console:

154.11

Security monitor – Intrusion detection(1 of 2)

Intrusion Detection Systems

• Snort - open source network intrusion detection system manageable with Webmin (3rd party module)

164.11

Security monitor – Intrusion detection(1 of 2)

Snort record of intrusion attempts (/var/log/snort/alert):

174.11

Security - Network probes

Active network probes (black hat/white hat utilities)

• Saint – Security Administrators Integrated Network Tool

• Nessus – a client/server security scanner; nessus emulates viral and port scanning attacks on remote systems

• Nmap – a comprehensive port scanner

• Mtr – Matt’s combines the functionality of traceroute with ping yielding a continuous display of network route efficiencies

184.11

Security – Network monitors

Active Network Monitors

• Nagios – replaced NetSaint, a comprehensive network management tool

• Mon – a background monitoring tool

• Webmin – in addition to managing almost everything in a Linux/Unix environment, webmin also has a built in monitoring tool

194.11

Security monitor – Nagios (1 of 3)

204.11

Security monitor – Nagios (2 of 3)

214.11

Security monitor – Nagios (3 of 3)

224.11

Security Monitor – Webmin

Webmin’s system monitoring capability:

234.11

SUSE – e-mail server (1 of 4)

• SUSE Enterprise server includes postfix rather than sendmail as its MTA.

• Postfix is functionally identical to sendmail but claims to be easier to configure.

• Postfix is just … different, but does the same job

You be the judge:

244.11

SUSE – e-mail server (2 of 4)

The postfix admin page on webmin:

254.11

SUSE – e-mail server (3 of 4)

The sendmail admin page on webmin:

264.11

SUSE – e-mail server (4 of 4)

POP & IMAP

• SUSE and Red Hat use imap-2001a-xx.rpm as a basis for IMAP and POP(2,3)

• Internet daemon use– SUSE uses inet– Red Hat uses xinet

274.11

SUSE – Domain Name Service

Both SUSE and Red Hat use bind9 for DNS service, Bind may be serviced by Webmin:

284.11

SUSE – File server

SUSE can act like a NAS server or as a NAS client

• Network File System (nfs)

• SNB shares (Samba)

• Gigabit Ethernet support

• Fiber optic network support (Fiber channel, ethernet over fiber, FDDI)

• Huge Disk arrays with LVM

294.11

SUSE

… and lots more!

Learning check