[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Your favorite server apps (firewall, DHCP, etc.)

On Mon, 28 Feb 2011 09:48:49 -0600
Jason Hsu <jhsu802701@jasonhsu.com> wrote:

> Since I'm looking for a job as a Linux IT consultant, I need a
> portfolio of favorite server applications - firewall, DHCP server,
> mail server, print server, etc.  Just as I have favorite distros for
> the desktop (Puppy Linux, Linux Mint, antiX/Swift Linux) and favorite
> desktop applications (like OpenOffice and Sylpheed), I should have
> favorite server applications.
> 
> I can tell you about one application I don't like: the Firehol
> firewall program.  It's pre-installed in antiX Linux.  Every time I
> boot up or start this program, I get an error message about
> get-iana.sh.  I did a Google search and tried some of the suggestions
> I found but still couldn't get Firehol working properly.  I'd rather
> use something that doesn't require so much tweaking.  I'm looking for
> an alternative for Swift Linux (www.swiftlinux.org, the distro I
> started).
> 

In view of the first sentence above, throw away your firewall apps and
learn to use iptables directly. It is of such importance as a network
troubleshooting tool that you need to be fluent in reading an existing
script and adding logging lines in appropriate places. Remember, if
someone else is writing your firewall script, you don't know what it is
doing. You only get away with 'not so much tweaking' if you're a user,
not if you're an admin.

I'd recommend mc as a file manager and text editor. A server won't
usually have a GUI, that's a Windows thing, and I find mc more
generally useful than ls and cd (while using them when appropriate).
And I'm willing to court unpopularity by admitting I absolutely loathe
vi and its children. Hey, Windows 7 still has Edlin...
http://en.wikipedia.org/wiki/Edlin

There are lightweight DNS servers and caches, but if you expect to deal
with networks generally, get to know BIND. Learn to link it to dhcp3
(no, it's not done by default) as an exercise in remote updating and
associated permissions.

Learn at least one mail server well. I've used Postfix in the past, but
I've used the Debian default of exim4 for some years now. As an
exercise, find out how to drop SMTP connections from specified country
codes in the HELO and/or sender address.

Learn how to set up an OpenLDAP address book, and either MySQL or
postgresql with PHP and Apache, then link the address book to web
pages. Many email clients can use LDAP address books, but few can
update them. I'll shock everyone by admitting I like phpmyadmin for
dealing with MySQL. I can't remember the last time I drove MySQL from
the command line.

Learn Samba, from creating an anonymous-access file share up to
integration with Windows domain controllers and clients. It's Samba
that deals with printer sharing in a mixed network, while CUPS is the
actual server.

You are ambitious, perhaps? Try compiling FreeRADIUS with SSL support
(Debian doesn't do that, due to OpenSSL licensing) and using it to
secure a wireless network. Then you'll know why some people use Windows
servers. Another reason is the Outlook-Exchange system, with an LDAP
Global Address List that you don't have to build from scratch.

As to size, my system is under 2GB, with bzipped backups not quite
fitting on a CD. It's currently running on a five year old (new
hard drive) HP workstation, with half a gig of RAM. That's lightweight
enough for me. The current Windows Small Business Server wants a 60GB
system partition and a minimum 8GB of RAM. Of course, it does much more
than my Debian box, but not any more of what I actually want done.

-- 
Joe
Reply to: