10 quick tips to make Version 1.

0
Linux networking easier August 14, 2008

By Jack Wallen
Networking is a must-have on all levels of computing. Be it home or corporate, networking is the one aspect of
computing that is, without a shadow of a doubt, a deal breaker. And with some help, the Linux operating system
can be the king of networking, in both ease of use and security. But that doesn't mean the average (and
sometimes even the above-average) user can't use some help. These tips should help make Linux networking go
a little more smoothly.

1 Make use of your /etc/hosts file

The hosts file is used for static host names and is a quick way to create networking shortcuts. One of the first
things I do on a Linux machine is add various machines to the /etc/hosts file. This saves me from having to type a
lot of IP addresses. The format of an address for this file is:
IP_ADDRESS NICKNAME
For example, if I use one machine for a backup location at IP address 192.168.1.101, I could enter:
192.168.1.101 backups
Now if I have to connect to that machine, say with secure shell, I can just type ssh -v -l username backups to
make the connection.

2 Keep out unwanted users with /etc/hosts.deny

Yet another helpful "hosts" file is the hosts.deny file. This file allows you to create access control based on client
or server names. This is helpful in many ways. You can block blacklist domains from gaining access to your
network or you can block certain users from gaining access to certain machines. But no matter how you use it, the
format is the same.
Let's say you want to block the domain bad.domain.name from gaining access to a machine. To do this, open up
the /etc/hosts.deny file (you will need either root or sudo privileges) and add:
ALL: bad.domain.name
to the bottom of the file. Save it and you're good to go.

3 Let WICD handle your wireless woes

I can't tell you how many times I have found myself banging my head against a server rack. For the longest time
Linux and wireless networking were simply not good bedfellows. But that is quickly becoming a thing of the past.
With modern distributions, wireless card detection has become a no-brainer. The issue now is encryption. Many
of the Linux wireless tools have trouble when any encryption is involved. But the WICD tool takes care of this.
Now, connecting to WPA or WPA2 encrypted wireless networks is simple. Add to that the amazingly easy GUI
employed by WICD and you can check one nasty headache off your list.

4 Download and install a front end for iptables

You can't assume that just because you are using Linux, you are secure. You still need some security. And the
best security you can have with Linux is iptables. The only problem with iptables is that it can be challenging
(especially for the new user). Fortunately, there are outstanding graphical front ends for iptables. One of the best
is Firestarter. This front end makes employing iptables a simple process, so you won't keep bypassing security
out of fear of the learning curve.

Page 1
Copyright ©2008 CNET Networks, Inc. All rights reserved.
For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/2001-6240-0.html
10 quick tips to make Linux networking easier

5 Get to know the command-line tools

Let's face it: If you're running Linux, there might be an instance where you will need to restart your network and
you won't have access to the GUI. In this particular case, knowing that /etc/rc.d/network restart will do the trick will
solve your problem. Of course, that is not the only networking command-line tool. You'll also want to know tools
like dhclient, traceroute, samba, ping, and netstat.

6 Hard-code your DNS server addresses

I don't know how many times I have had networking problems that pointed directly at missing DNS server
addresses. To this end, I have made it habit to hard-code my DNS servers into the /etc/resolv.conf file. The format
of the entries is:
nameserver IP_ADDRESS
where IP_ADDRESS is the address of your name server. You can have as many name servers listed as you
need.

7 Install ClamAV

If you run a mail server, an antivirus is essential. Even though you are running Linux and you know your mail
server is immune to 99.9999999% of the viruses in the wild, that doesn't mean all those clients that download mail
from your server are immune. With this in mind, you will make your administrating life far easier if you install an
antivirus like ClamAV onto your Linux mail server. It will give you peace of mind and enough security to ensure
that your users most likely won't come knocking at your office door demanding retribution.

8 Know how to configure an IP address manually

Yes, there are GUI tools for this. And yes, they all work very well. But as you will eventually find if you administer
any operating system long enough, it's never bad to have backup tools to help you do your job. And one of the
best backup tools for Linux networking is the ifconfig command. Not only will this command return to you (with no
arguments) your network card information, it will also allow you to configure your network card manually. This is
done like so:
/sbin/ifconfig eth0 192.168.1.10 netmask 255.255.255.0 broadcast 192.168.1.255
Of course, you will want to plug in your particular information as it applies to the above.

9 Get to know your /etc/interfaces (Ubuntu) or /etc/sysconfig/network-scripts (Red

Hat/Fedora) file(s)

This file (or files) is where the information for each network interface is stored. The format for this file is:
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

auto eth1
iface eth1 inet dhcp

Page 2
Copyright ©2008 CNET Networks, Inc. All rights reserved.
For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/2001-6240-0.html
10 quick tips to make Linux networking easier

auto eth2
iface eth2 inet dhcp

auto ath0
iface ath0 inet dhcp

auto wlan0
iface wlan0 inet dhcp

As you can see above, all of my interfaces are set up for dhcp. This is my laptop, which goes with me
everywhere, so dhcp is a necessity. But what if I use the wired interface in only one location? For that, I can hard-
code the information here under the eth0 interface like so (for Ubuntu):

iface eth0 inet static

address 192.168.1.10
netmask 255.255.255.0
broadcast 192.168.1.255
network 192.168.1.104
gateway 192.168.1.1

Or like so (For Red Hat/Fedora):

DEVICE=eth0
BOOTPROTO=static
BROADCAST=192.168.1.255
IPADDR=192.168.1.10
NETMASK=255.255.255.0
NETWORK=192.168.1.104.0
ONBOOT=yes

Again, you would plug in all the information suited to your network and your device.

10 Don't forget smbpasswd when setting up Samba

Nearly every time clients come to me with Samba issues, the problem is that they haven't added the user and a
password with smbpasswd. Without doing this, the user will not be able to authenticate to the Samba server. And
when using smbpasswd to add a new user, you have to add the "-a" switch like so:
smbpasswd -a USERNAME
After you hit Enter, you will be asked for the users' password (twice). NOTE: You must have root access (or sudo)
to pull this off.

These 10 quick tips should help make various aspects of Linux networking easier. You never know when you'll
wind up having to rely on the command line or you'll need to enlist the help of a graphical front end for iptables.
Now, if you do, you should be good to go.

Page 3
Copyright ©2008 CNET Networks, Inc. All rights reserved.
For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/2001-6240-0.html
10 quick tips to make Linux networking easier

Additional resources

TechRepublic's Downloads RSS Feed

Sign up for the Downloads at TechRepublic newsletter
Sign up for our IT Leadership Newsletter
Check out all of TechRepublic's free newsletters
10 ways to make Linux boot faster
10 keyboard shortcuts to improve your Linux experience
10 things to consider when choosing a Linux distribution

Version history
Version: 1.0
Published: August 14, 2008

Tell us what you think

TechRepublic downloads are designed to help you get your job done as painlessly and effectively as possible.
Because we're continually looking for ways to improve the usefulness of these tools, we need your feedback.
Please take a minute to drop us a line and tell us how well this download worked for you and offer your
suggestions for improvement.

Thanks!

—The TechRepublic Content Team

Page 4
Copyright ©2008 CNET Networks, Inc. All rights reserved.
For more downloads and a free TechRepublic membership, please visit http://techrepublic.com.com/2001-6240-0.html