DEV Community

Florian Soare
Florian Soare

Posted on • Edited on

Some ideas to set up a Linux machine

These days a connection to a network is something to be done at any type of electronic terminal. As a helper, Linux can be the best solution in terms of ease of administration and security of a network configured with this operating system. Below are some ideas to set up a Linux terminal and I hope that they would help you configure, optimize, and troubleshoot problems that might occur on a network that has such a server.

1: Use the / etc / hosts file to mention the hosts there

The file is used for host static names and provides a quick way to create network shortcuts. One of the first things I do on a Linux machine is adding different machines to / etc / hosts. This saves me from having to enter a lot of IP addresses. The format of an address for this file is:

IP_ADDRESS NAME_OF_COMPUTER

For example, if I use a machine for a backup location at IP address 192.168.1.101, I could enter:

192.168.1.101 backup_computer

Now if I have to connect to that machine, say using SSH with "safe" shell, I can bring the machine into the console using the command:

ssh -v -l username backup_computer 

to make the connection and not

ssh -v -l username 192.168.1.101 

like the way the machine is called using its IP address directly.

2: Avoid unwanted names using /etc/hosts.deny

There is a host configuration file used to restrict - hosts.deny.
This file allows you to have access control based on the client or server name. This is useful in many ways. You can block blacklist domains from accessing your site or prevent certain users from gaining access to certain machines. But no matter how you use it, the format is the same.
Suppose you want to block the domain:

nume.baddomain.com

from accessing your device. To do this, open the /etc/hosts.deny file (you will need root or sudo privileges) and add this line to the bottom of the file:

ALL: name.baddomain.com

Save it and you'll be protected against connections using this domain name.

3: Download and install interface for iptables

You can not assume that just because you are using Linux, you are secure. You're more confident with it than other operating systems, but there's not such thing as too much security and you can add safety features to it. And the best security you can have with Linux is by using iptables (IP tables used by a FireWall). The only problem with iptables is that it can be a challenge (especially for the new user). Fortunately, there are graphical interfaces for iptables. One of the best interfaces that can be used successfully by you is the Firestarter. This interface makes iptables simple, so you do not get around the security of this operating system.

4: Skip over NFS (Network File System) and use Samba

You may be tempted to configure NFS for local file sharing. Do not do it.
NFS asks you to have too many open ports on your desktop or server. Instead, use Samba that is considerably stronger. With Samba, you are required to have only a minimum of open ports, so security is not such a big problem as NFS's.
In fact, Samba runs on TCP ports 139 and 445 and UDP ports 137 and 138. For NFS you will need UDP ports 111, 1039, 1047, 1048 and 2049 and TCP ports 111, 1039, 1047, 1048, and 2049. No reason to open security holes when Samba does a better work of sharing files that works great with other platforms and can even connect to Active Directory.

5: Remember smbpasswd when installing Samba

I have seen allot of Samba problems among users, the problem is that they did not add the user and a password with smbpasswd. Without doing so, the user will not be able to authenticate to the Samba Server. And when you use smbpasswd to add a new user, you need to add the "-a" switch, as appropriate:

smbpasswd -a USERNAME

Once you have pressed Enter, you will be prompted for the user's password (twice). NOTE: You must have root (or sudo) access to do so.

Top comments (0)