Table of Contents
Introduction.
I. BASIC OPERATION.
1. Startup and Shutdown.
Introduction. Outlining the Five-Step Boot Process. Step 1:
Firmware—Hardware Self-Recognition. Step 2: Bootloader—Loading the
OS. Step 3: Kernel—Initialization and Control Transfer. Step 4:
Init and Initialization Scripts. Step 5: Over to the
Admin—Miscellaneous Wrap-Up. Shutting Down and Generally Changing
init Levels. The Red Hat Boot Sequence as Displayed by dmesg. The
Solaris Boot Sequence as Displayed by mesg. Best Practices. Online
References. Endnotes.
2. Managing Disk Hardware.
Introduction. Physical Devices. OS-Independent Hardware
Communication Standards. Know Your System. Adding/Removing Disks
(and Other Devices). Best Practices. Online References.
Endnotes.
3. Filesystem Administration.
Introduction. Dividing Disk Space Wisely. More About Filesystems.
Administering Local Filesystems. Administering Local Filesystems.
Removable Storage Media. Best Practices. Online References.
Endnotes.
4. User Administration.
Definitions: Identity, Entity, Capability. Storing Basic User
Information Locally. Sharing User (and Other) Information over the
Network. Creating Accounts. Removing Accounts. Best Practices.
Online References. Endnotes.
5. Getting on the Network.
Introduction. TCP/IP. Best Practices. Online References.
6.
Logging.
Introduction. Standard Unix System Logging: syslog. Timekeeping:
ntp. Configuring Your Site's Logging Security. Application Logging
through syslog. Application-Specific Logging outside syslog.
Standard System Logging outside syslog. Cross-Platform syslog
Alternatives. Log Analysis and Reporting. Best Practices. Online
References. Endnotes.
7. Authentication.
Introduction. What Is Authentication? Overview of UNIX Password
Authentication. Good Passwords and Bad Passwords. Basic UNIX
Password Implementations. Password Cracking. Network Information
System (NIS). Alternate UNIX Password Algorithms. Alternate
Authentication Schemes. Ssh and Authentication. Integrating with
PAM. The ident Server and Authentication. Best Practices.
References.
8. Securing a System for Rollout.
You Must Harden the System. Patching: Process and Policy. Why You
Must Do More Than Patch. Auditing Services. Secure Network Daemon
Replacements. Auditing Passwords. Automating Linux/UNIX Lockdown
with Bastille Linux. Automating Solaris?UNIX Lockdown with Other
Tools. Best Practices. Resources. Endnotes.
9. Day-to-Day System
Management.
Overview. The Proactive Administrator. Reactive Administration.
Best Practices. Online References.
II. CRITICAL SUBSYSTEMS.
10. The X Window System.
Introduction. The X Directory Structure. Navigating the X
Distribution. Not-So-Basic Basics. Security. Customizing the
Environment (as a User). The System-wide X Environment.
References.
11. Name Service (DNS).
Introduction. The Client (a.k.a the Resolver). The Name Server.
Tools and Troubleshooting. Best Practices. Online Resources.
12.
Mail.
The Unix Mail Process. The sendmail MTA Package. Unix Mail Clients.
Server Topics. Best Practices. Online Resources.
13. File
Sharing.
Overview of File Sharing. Setting Up NFS. Setting Up Samba. Best
Practices. Online References.
14. Printing.
Introduction. Printing Spooling System. Printing Under System V.
Printing Under BSD. Printing Under LPRng. Printing Under CUPS. Best
Practices. Online Resources.
15. Basic Web Services
(Server-Side).
Introduction. Providing Basic Web Services. Obtaining and
Installing Apache. Configuring Apache. Server-Side Includes.
Configuring MIME. CGI Scripts. Adding Features with Apache Modules.
Running a chrooted Web Server. References. Best Practices.
16.
Backups.
Introduction. Components and Criteria for a Backup. Backup and
Restore. Best Practices. Online Resources. Summary.
III. APPLICATIONS AND TOOLS.
17. Open Source Software Management.
Introduction. Building Source Distributions. Managing Your Software
Installations. Endnotes.
18. Databases.
Introduction. Databases in General. Choosing a Database Vendor.
Oracle Database Overview. Conclusion.
19. Automation.
Introduction. Scripting. Scheduled and Periodic Processes.
Automated Configuration Management with cfengine. Tips for
Improving Automation Technique.
20. Advanced Web
Services.
Providing Advanced Web Services. Scripting Languages. Databases.
Languages. Security. After the Fact.
IV. TOWARDS BETTER SYSADMIN.
21. Security.
Introduction. Why Worry? Dangers Presented by Complex Systems.
Building a Threat Model. Security Philosophy. Security Is Boring.
Configuration Management. Policy. Ethics. Summary. Best Practices.
Resources.
22. Intrusion Detection.
Introduction. The Network as a Threat Vector. Network Protocol
Concepts. Stacks. Exploiting the TCP/IP Protocol. Positive
Signatures. Negative Signatures. Snort. NIDS. Best Practices.
Online References.
23. Requirements Analysis and Performance
Monitoring.
Requirements Analysis. Performance Monitoring. Capacity Projection
and Planning. Best Practices. Online References. Reference.
24.
Working with People.
Getting Respect. What Users Want. Being a Proactive Administrator.
Dress for Success. Working with Other Admins. Conferences and
Associations. Documentation is Good. Management Decisions.
Obtaining Needed Resources. Good Syadmins Are Good Humans. You
Can't Please Everyone.
V. APPENDICES.
Appendix A. High-Level Installation Steps.
Before You Begin to Install a Machine. Step-by-Step Solaris 8
Installation. Step-by-Step Red Hat Linux 7.1
Installation.
Appendix B. Anatomy of a Filesystem.
Logical View of a Disk. Logical View of Partition. Logical View of
a Superblock. Logical View of a Directory. Logical View of a Inode
(Regular File). Using the Filesystem: Command Internals. Online
References. Endnotes.
Appendix C. User Creation
Checklist.
Fast Facts. Checklist.
Appendix D. Binary-Hex Notation
Summary.
Introduction. Representation. Collective Nouns. Decimal
Representation. Operating on Binary Strings. Subnets, netmasks, and
CIDR. Hexadecimal Notation. The Tool at Your Fingertips:
bc.
Appendix E. Cryptography in UNIX.
Introduction. Cryptographic Elements. Cryptographic Methods. Secure
Communication. Cryptographic Applications. Online References.
Books.
Appendix F. Handy Command Kit.
Handy Command List.
Appendix G. Reference Collection.
Periodicals. Mailing Lists. Professional Organizations. URLs.
Books.
IndexPromotional Information
The fourth edition of UNIX Unleashed will take a different tack
from previous editions and other UNIX books. It is readable as
though it is a series of lectures on individual topics from UNIX
Wizards. This different approach will take the reader through the
following topics: basic operation of the system and system
administration in its simplest form: managing users and disks,
starting up and shutting down the system, authenticating user
connections, and administering the X Window System; common
subsystems--the typical day-to-day tasks of system administration:
sharing files, providing basic Web services, printing, e-mail, and
backing up the system; and the UNIX toolset to make system
administration more reliable and more powerful.
About the Author
Robin Anderson began her involvement with computers
innocently enough with an Amiga, WordPerfect, and Infocom games. In
late 1993, she turned her hand to student consulting at the
University of MD, Baltimore County (UMBC), working with PCs, Macs,
VAXen, and, finally, UNIX machines.
After graduating with honors in Computer Science and History,
Robin remained at UMBC and is now a UNIX SysAdmin Specialist in OIT
(UMBC's Office of Information Technology). She also managed OIT's
Operations Support Staff and is a member of the Security Work
Group.
Robin developed and taught an undergraduate UNIX SysAdmin course
for UMBC's CS/EE department in 2000. She has earned two security
certifications from the SANS Institute: the GCUX (UNIX
Administrator, with honors) and the GCIH (Incident Handling). She
works with SANS to develop online exam materials and presentations,
and she recently taught SANS LevelOne security courses for UMBC's
Department of Professional Education and Training.
Andy Johnston was born in May of 1958. Most of the rest
has been improvisation. After teaching high school math, he became
a programmer. He worked for the State of Maryland making population
projections and lots of maps, and later for Computer Sciences
Corporation, where he worked on spacecraft-tracking software and
environmental modeling. One day, the UNIX system in which his
virtual fish swam suffered a drive crash, and he (quickly) became a
UNIX systems administrator. Andy provided system support for
several projects, including the International Ultraviolet Explorer.
In 1999, he took his current position at the University of
Maryland, Baltimore County (UMBC)Office of Information Technology
as a manager of UNIX support staff and IT security. Andy holds a
Bachelor's degree in Biology from Princeton University and a
Master's degree in Mathematics from UMBC. He has been involved at
various times in the Baltimore and Washington, D.C. SAGE groups and
has spoken at SANS conferences.