More often than not, the words "sendmail configuration" strike dread in the hearts of sendmail and system administrators--and not without reason. sendmail configuration languages are as complex as any other programming languages, but used much more infrequently--only when sendmail is installed or configured. The average system administrator doesn't get enough practice to truly master this inscrutable technology.Fortunately, there's help. The sendmail Cookbook provides step-by-step solutions for the administrator who needs to solve configuration problems fast. Say you need to configure sendmail to relay mail for your clients without creating an open relay that will be abused by spammers. A recipe in the Cookbook shows you how to do just that. No more wading through pages of dense documentation and tutorials and creating your own custom solution--just go directly to the recipe that addresses your specific problem.Each recipe in the sendmail Cookbook outlines a configuration problem, presents the configuration code that solves that problem, and then explains the code in detail. The discussion of the code is critical because it provides the insight you need to tweak the code for your own circumstances.The sendmail Cookbook begins with an overview of the configuration languages, offering a quick how-to for downloading and compiling the sendmail distribution. Next, you'll find a baseline configuration recipe upon which many of the subsequent configurations, or recipes, in the book are based. Recipes in the following chapters stand on their own and offer solutions for properly configuring important sendmail functions such as: Delivering and forwarding mail Relaying Masquerading Routing mail Controlling spam Strong authentication Securing the mail transport Managing the queue Securing sendmail sendmail Cookbook is more than just a new approach to discussing sendmail configuration. The book also provides lots of new material that doesn't get much coverage elsewhere--STARTTLS and AUTH are given entire chapters, and LDAP is covered in recipes throughout the book. But most of all, this book is about saving time--something that most system administrators have in short supply. Pick up the sendmail Cookbook and say good-bye to sendmail dread.

"A system administrator's guide to heterogeneous networking"-- Cover.

Computer security is an ongoing process, a relentless contest between system administrators and intruders. A good administrator needs to stay one step ahead of any adversaries, which often involves a continuing process of education. If you're grounded in the basics of security, however, you won't necessarily want a complete treatise on the subject each time you pick up a book. Sometimes you want to get straight to the point. That's exactly what the new Linux Security Cookbook does. Rather than provide a total security solution for Linux computers, the authors present a series of easy-to-follow recipes--short, focused pieces of code that administrators can use to improve security and perform common tasks securely.The Linux Security Cookbook includes real solutions to a wide range of targeted problems, such as sending encrypted email within Emacs, restricting access to network services at particular times of day, firewalling a webserver, preventing IP spoofing, setting up key-based SSH authentication, and much more. With over 150 ready-to-use scripts and configuration files, this unique book helps administrators secure their systems without having to look up specific syntax. The book begins with recipes devised to establish a secure system, then moves on to secure day-to-day practices, and concludes with techniques to help your system stay secure.Some of the "recipes" you'll find in this book are: Controlling access to your system from firewalls down to individual services, using iptables, ipchains, xinetd, inetd, and more Monitoring your network with tcpdump, dsniff, netstat, and other tools Protecting network connections with Secure Shell (SSH) and stunnel Safeguarding email sessions with Secure Sockets Layer (SSL) Encrypting files and email messages with GnuPG Probing your own security with password crackers, nmap, and handy scripts This cookbook's proven techniques are derived from hard-won experience. Whether you're responsible for security on a home Linux system or for a large corporation, or somewhere in between, you'll find valuable, to-the-point, practical recipes for dealing with everyday security issues. This book is a system saver.

If you are a network administrator, you're under a lot of pressure to ensure that mission-critical systems are completely safe from malicious code, buffer overflows, stealth port scans, SMB probes, OS fingerprinting attempts, CGI attacks, and other network intruders. Designing a reliable way to detect intruders before they get in is an essential--but often overwhelming--challenge. Snort, the defacto open source standard of intrusion detection tools, is capable of performing real-time traffic analysis and packet logging on IP network. It can perform protocol analysis, content searching, and matching. Snort can save countless headaches; the new Snort Cookbook will save countless hours of sifting through dubious online advice or wordy tutorials in order to leverage the full power of SNORT.Each recipe in the popular and practical problem-solution-discussion O'Reilly cookbook format contains a clear and thorough description of the problem, a concise but complete discussion of a solution, and real-world examples that illustrate that solution. The Snort Cookbook covers important issues that sys admins and security pros will us everyday, such as: installation optimization logging alerting rules and signatures detecting viruses countermeasures detecting common attacks administration honeypots log analysis But the Snort Cookbook offers far more than quick cut-and-paste solutions to frustrating security issues. Those who learn best in the trenches--and don't have the hours to spare to pore over tutorials or troll online for best-practice snippets of advice--will find that the solutions offered in this ultimate Snort sourcebook not only solve immediate problems quickly, but also showcase the best tips and tricks they need to master be security gurus--and still have a life.

A guide to Linux networking covers such topics as TCP/IP, Apache, Samba, connecting with a serial line, running inetd superservers, logging in remotely, and setting up a nameserver.

FreeBSD and OpenBSD are increasingly gaining traction in educational institutions, non-profits, and corporations worldwide because they provide significant security advantages over Linux. Although a lot can be said for the robustness, clean organization, and stability of the BSD operating systems, security is one of the main reasons system administrators use these two platforms.There are plenty of books to help you get a FreeBSD or OpenBSD system off the ground, and all of them touch on security to some extent, usually dedicating a chapter to the subject. But, as security is commonly named as the key concern for today's system administrators, a single chapter on the subject can't provide the depth of information you need to keep your systems secure.FreeBSD and OpenBSD are rife with security "building blocks" that you can put to use, and Mastering FreeBSD and OpenBSD Security shows you how. Both operating systems have kernel options and filesystem features that go well beyond traditional Unix permissions and controls. This power and flexibility is valuable, but the colossal range of possibilities need to be tackled one step at a time. This book walks you through the installation of a hardened operating system, the installation and configuration of critical services, and ongoing maintenance of your FreeBSD and OpenBSD systems.Using an application-specific approach that builds on your existing knowledge, the book provides sound technical information on FreeBSD and Open-BSD security with plenty of real-world examples to help you configure and deploy a secure system. By imparting a solid technical foundation as well as practical know-how, it enables administrators to push their server's security to the next level. Even administrators in other environments--like Linux and Solaris--can find useful paradigms to emulate.Written by security professionals with two decades of operating system experience, Mastering FreeBSD and OpenBSD Security features broad and deep explanations of how how to secure your most critical systems. Where other books on BSD systems help you achieve functionality, this book will help you more thoroughly secure your deployments.

qmail has quietly become one of the most widely used applications on the Internet today. It's powerful enough to handle mail for systems with millions of users--Like Yahoo! Mail and Hotmail, while remaining compact and manageable enough for the smallest Unix- and Linux-based PC systems. Its component design makes it easy to extend and customize while keeping its key functions secure, so it's no wonder that adoption of qmail continues at a rapid pace.The downside? Apparently none. Except that qmail's unique design can be disorienting to those familiar with other popular MTAs (Mail Transfer Agents). If you're coming from sendmail, for instance, you might have trouble recasting your problems and solutions in qmail terms. qmail first helps you establish a "qmail frame of mind," then explores the installation, configuration, administration, and extension of this powerful MTA. Whether you're installing from scratch or managing mailing lists with thousands of users, qmail provides detailed information about how to make qmail do precisely what you wantqmail concentrates on common tasks like moving a sendmail setup to qmail, or setting up a "POP toaster," a system that provides mail service to a large number of users on other computers sending and retrieving mail remotely. The book also fills crucial gaps in existing documentation, detailing exactly what the core qmail software does.Topics covered include: Installation and configuration, including patching qmail Moving from sendmail to qmail Handling locally and remotely originated messages Managing virtual domains Logging qmail activity Tuning qmail performance Running multiple copies of qmail on the same computer Mailing list setup and management Integrating the qmail MTA with POP and IMAP delivery Filtering out spam and viruses If you need to manage mailing lists, large volumes of mail, or simply find sendmail and other MTAs too complicated, qmail may be exactly what's called for. Our new guide, qmail, will provide the guidance you need to build an email infrastructure that performs well, makes sense, and is easy to maintain.

Pv6 Essentials discusses all aspects of IPv6, the protocol that will be used increasingly in our IP-based networks. IPv4, probably the most important networking standard in use, is growing old. It was developed almost 30 years ago and isn't able to cope with the requirements of tomorrow's networks. IPv6 is the evolution of IPv4. The two protocols are expected to coexist in our networks for many years to come. Many interoperability and transition mechanisms have been developed to ensure a smooth transition. Topics covered in this book include : The IPv6 header, Extension headers, and everything you need to know about the extended 128-bit address format ; ICMPv6 and its functions, such as neighbor and router discovery, autoconfiguration, Path MTU discovery, and multicast group management ; Security elements available in IPv6 and the IPSEC framework ; Description of QoS elements available in IPv6, including different QoS architectures ; Designs of sample networks and an overview of Mobile IPv6 ; Routing protocols such as RIPng, OSPFv3, BGP, and IS-IS. DHCP, DNS, SLP, HTTP, and other upper-layer protocols for IPv6. Interoperability and transition mechanisms and scenarios. Quick-start guide to using IPv6 on different operating systems, such as Sun Solaris, Linux, and Windows, and on routers IPv6 Essentials offers a well-organized introduction to IPv6 for experienced network professionals, as well as for administrators, managers, and executives. It explains the new features and functions of IPv6 and shows the protocol in action, including packet trace files. The book also provides an overview of where the market is, how to register IPv6 address space, and how to get started. Even if you don't plan to roll out IPv6 tomorrow, this book will help you to determine the right moment to integrate it into your corporate network strategy.

This text covers the 9.1.0 and 8.2.3 versions of BIND as well as the older 4.9 version. There's also more extensive coverage of NOTIFY, IPv6 forward and reverse mapping, transaction signatures, and the DNS Security Extensions.

Over 100 recipes for penetration testing using Metasploit and virtual machines Key Features Special focus on the latest operating systems, exploits, and penetration testing techniques Learn new anti-virus evasion techniques and use Metasploit to evade countermeasures Automate post exploitation with AutoRunScript Exploit Android devices, record audio and video, send and read SMS, read call logs, and much more Build and analyze Metasploit modules in Ruby Integrate Metasploit with other penetration testing tools Book Description Metasploit is the world's leading penetration testing tool and helps security and IT professionals find, exploit, and validate vulnerabilities. Metasploit allows penetration testing automation, password auditing, web application scanning, social engineering, post exploitation, evidence collection, and reporting. Metasploit's integration with InsightVM (or Nexpose), Nessus, OpenVas, and other vulnerability scanners provides a validation solution that simplifies vulnerability prioritization and remediation reporting. Teams can collaborate in Metasploit and present their findings in consolidated reports. In this book, you will go through great recipes that will allow you to start using Metasploit effectively. With an ever increasing level of complexity, and covering everything from the fundamentals to more advanced features in Metasploit, this book is not just for beginners but also for professionals keen to master this awesome tool. You will begin by building your lab environment, setting up Metasploit, and learning how to perform intelligence gathering, threat modeling, vulnerability analysis, exploitation, and post exploitation—all inside Metasploit. You will learn how to create and customize payloads to evade anti-virus software and bypass an organization's defenses, exploit server vulnerabilities, attack client systems, compromise mobile phones, automate post exploitation, install backdoors, run keyloggers, highjack webcams, port public exploits to the framework, create your own modules, and much more. What you will learn Set up a complete penetration testing environment using Metasploit and virtual machines Master the world's leading penetration testing tool and use it in professional penetration testing Make the most of Metasploit with PostgreSQL, importing scan results, using workspaces, hosts, loot, notes, services, vulnerabilities, and exploit results Use Metasploit with the Penetration Testing Execution Standard methodology Use MSFvenom efficiently to generate payloads and backdoor files, and create shellcode Leverage Metasploit's advanced options, upgrade sessions, use proxies, use Meterpreter sleep control, and change timeouts to be stealthy Who this book is for If you are a Security professional or pentester and want to get into vulnerability exploitation and make the most of the Metasploit framework, then this book is for you. Some prior understanding of penetration testing and Metasploit is required.