2013/04/08

The topics you need to know if you want to become a Linux Administrator (Part 2)

To start the blog I'm going to be listing the topics that I think are the most important to know if you want to become a Linux Admin. (Part 2 / 2)

(This continues the list from part 1).


5. Log files. One of the most important tools to help you in your ever lasting battle against evil users and hackers. We'll go through the purpose of log files, how and why you should check them often and different tools that'll make the log file browsing easier.


6. Passwords and password policies. A password is often the only way to authenticate a user and it's the first thing someone trying to gain access to an account will attack. That's why it's very important to maintain strong passwords and a strong password policy. This means having long passwords, atleast 15 characters, numbers and letters, and changing passwords often. I recommend changing once a month and to use Password Phrases instead of random sequences. For example, create a massive database with words like "GreenPanda", "OrangeGorilla", "PurpleBird" with accompanying easy to remember pictures (cute cartoon pictures works best). Then every month when the passwords are about to expire your system automatically choose new passwords for every employee and then prints them out on paper. These passwords will then be sent by internal mail in a closed and glued envelope to the correct employee. The passwords will look something like this: "BlackDragon7OrangeGorilla4" with a picture of a black cartoon dragon, the number 7, a orange gorilla and the number 4 after each other. Your company will have to learn this memory technique but it's very simple. Simply imagine your Pass Phrase on something, for example a field with green grass and a big sun. On the field stands a Black Dragon (that looks like the accompanying picture) and next to it jumps the number 7, happily and cute. Then we have the Orange Gorilla who waves and grins cheerily at you. And last we have the number 4 who shyly blows a kiss towards you. Doing this memory exercise and imagining the pictures will make it very easy to memorize a secure and non-guessable password. The letter itself will have a note saying "Shred this letter after you've learned it, don't save it" but won't have any name or other identifiable information on it. Only the envelope will have the name of the employee on it.  

7. Tripwire, Chkrootkit, RKHunter, Malware removal, penetration testing and Backtrack. These are all names of different softwares that'll help you enhance the security on your hosts. Master them and you'll be able to not only make your hosts more secure but also remove malware if you or your users ever get infected. Penetration testing is something you'll want to know how to perform because as often as possible (atleast every 3 months on hosts that haven't been changed or updated, and every time you make big changes to your hosts or install new servers on the network) so you'll be able to find your weaknesses before someone else does.

8. Anti virus software and anti spam software, ClamAV and spamassassin. Anti Virus protection might not be that important for a properly secured linux host but for anyone using a Windows Computer or recieving mail the anti virus software is very important. With ClamAV searching your fileservers and mail and Spamassassin removing spam before they reach your users you're making sure that your network won't be passing on anything bad to users who might get infected by it.

# - Databases:
1. MySQL.
2. MariaDB.
3. NoSQL.

# - Daemons, services:
1. SSH. Often attacked by crackers, learn how to secure it and set it up properly.
2. FTP server. Also often attacked by crackers. Learn how to use virtual users and virtual directories inside a chrooted jail.
3. HTTP daemons like Apache2 and Nginx. How to set them up, how to integrate them into the network and how to secure them.
4. VPN. VPN stands for Virtual Private Network and will let your users securly connect to your network from anywhere in the world. This gives them access to network shares, network printers etc, without anyone being able to eaves drop or steal the information being transmitted.

# - Programming:
1. Bash scripting (and the use of the Shell). Almost all of your Linux administration will be performed via the shell and command line interface. So it's very important to learn and master the Linux shell. By learning bash scripting you'll be able to more efficently administrate your host and automate tasks that you find yourself performing often.
2. Regular Expressions. Invaluable when working with your scripts and input/output.
3. Python scripting, focusing on Linux administration. Same here, knowing enough python to be able to cook up simple scripts that'll help you in your daily Linux Administration tasks will save you a lot of time and make your job easier. Python is really easy and fast to learn, if you ever only going to learn one language, learn Python.
4. Perl scriping, focusing on Linux administration. Same reasons as for the Python scripting but Perl is a bit more advanced and a bit harder to learn.
5. PHP, HTML, CSS, JQuery, AJAX and JavaScript. Even though you're mostly going to be working with the backend of your network, most things still need to interact with your users and that's where this knowledge comes in. If you know enough about PHP, HTML, CSS, JQuery, Ajax and JavaScript to easily cook up interfaces for your services, it'll not only become a lot cheaper, it'll also get done a lot faster if you do it yourself instead of outsourcing it and you get to customize it exactly like you want it. So even though this feels more like knowledge for people working with the frontend this is still good knowledge to have.


# - Misc:
1. The different Linux Shells. Learn Bash first, and after that take a look on the other different shells that you might encounter as you administer your Linux servers.
2. Man pages. These are manual pages for all your softwares on your hosts. If you want to get more information about one of your commands or software just type "man nameofsoftware" like "man useradd".
3. RSync. Very important to know, a properly and often updated backup WILL save your ass one day, trust me on that.
4. Cron jobs. This is also very good to know, combine cron jobs with your home made scripts and your linux hosts will administer themselfs.
5. Chroot Jails. These jails lock users or software inside their own little bubble which they can't get out from. This is important to maintain security on your hosts. If a daemon or user gets compromised they can't steal any other information than what the daemon or user has access too. This makes sure to mitigate the damage your network or business will suffer from the intrusion.

# - How to stay up to date with the job market.
1. While you're learning about becoming a Linux Administrator continually search through all the IT job ads and save the requirements they list. Save this information in two different columns ranked by often they appear in ads. In the first column you add "must have" knowledge and in the second column you add "good to know" knowledge. The must have should be your priority to learn and master and then good to know knowledge should consist of knowledge that will make you resume stand out and be better than your competitors. 


This list lists some of the more important topics needed to become a Linux Admin and we'll go through them all. But we'll also cover more topics not listed here so make sure you subscribe to the blog and check in regularly.

The topics you need to know if you want to become a Linux Administrator

To start the blog I'm going to be listing the topics that I think are the most important to know if you want to become a Linux Admin. (Part 1 / 2)


These topics involves everything from performing maintenance on your Servers, to managing the users on the network to making sure the copy machine works.

Some topics will be a bit vague because the topic itself is very broad and involves a lot of information and once we get to that topic in the blog we'll go into a lot more detail about it.

The topics will also be numbered based on importance and what I think you should be starting out with when you want to learn how to become a Linux administrator. So to make it easier for yourself follow the numbers because some things are easier to learn if you have some background knowledge about other topics (like knowing the basics about CentOS before you start messing with networking and SELinux). These are not the only things that'll be discussed in this blog but these are the topics I personally think you should focus on and then when you know this you can start to explore the other topics discussed in this blog.

The List:


# - Servers, distros:

1. CentOS (and Red Hat Enterprise Linux).

1. Ubuntu server or Debian.

2. Gentoo.

3. Slackware.

# - Desktop, distros:

1. Fedora.

2. Ubuntu (or any Ubuntu-based distro, like Linux Mint, more on this when we get to this topic) or Debian.

3. OpenSUSE.

4. Archlinux.

# - Networking:

1. Basic networking, like what is TCP/IP, how do computers communicate with each other, how do I monitor a network, how to I create different local networks inside the network.

2. File servers, what are they, how do they work, why are they important and how do I secure them?

3. Network printers, how do I set up a network printer and how do I secure it?

4. Routers and hardware firewalls, for example CISCO Routers.

5. Centralized authentication and administration of many hosts.

6. Network security, what do I need, how should it be set up, why is it important?

7. Proxies, like Squid. Why should I use one and how do they work?



# - Security:

1. SELinux, very important that you learn this as soon as possible because it really enhances your security AND it's easier if you learn how to implement it while also learning about servers and daemons instead of learning about daemons and THEN learning about SELinux, because it takes some time to fully learn and understand the principles behind SELinux.

2. SSH Aliases. SSH is the primary way that you'll be administrating your linux based servers and if you have made aliases for every host together with SSH keys you're much more secure, both against brute force attacks and people looking behind your shoulder when you're logging in.

3. Users and groups. Learn to properly add users to groups and it'll be a lot easier to manage your users on your hosts. For example by adding every employee from the accounting department to the group "Accounting". Then the user has access to every file and folder that the group has access to, saving both time and trouble because you know it won't be any permission problems and you can't forget to give the user access to something important.

4. Setuid, Setgid and file permissions. Properly set permissions on files and folders reduces the the ability for your users to access things they shouldn't.


(This list continues in part 2).


Hello and welcome!

Hello reader!


Do you have plans to become a Linux Administrator but you have no idea where to start? Well look no further! This blog is for you.

In this blog I'll collect, list and link to information regarding different servers, CentOS (and indirectly Red Hat Enterprise Linux (RHEL)) and Ubuntu will be my primary focus but we'll also take a look at Gentoo, OpenSUSE, Archlinux and other distros that you might stumble upon in your future work as a Linux Admin.

We'll also learn how to secure our servers with IPTables, SELinux and Tripwire being the most important. But we'll also look at Denyhosts, fail2ban and other intrustion prevention systems. Penetration testing is also something that'll be discussed in this blog. Why, you might ask. Simple, if we don't know how the bad guys tries to gain access to our systems then we don't know how to stop them.

Who is this blog for?

The short answer is: Anyone.
Long answer: It doesn't matter if you're a HR trying to find out what qualities your new employee should have or if you're a senior Linux Administrator wanting to know if your knowledge is up to date, or simply a fresh new college student thinking of pursuing a career in Linux Administration!
We'll go through it all, how and where to start learning about linux administration, what the best practices today are for administrating your Linux based system, how to do it and where to find more information.

Who is the person behind the blog?

I am a 20-something freshman in a Scandinavian College who myself wants to become a Linux Administrator. Because of that I started to collect information about how I would be able to become a Linux admin. After I had collected dozen of websites, hundreds of different topics I thought could be relevant if I wanted to pursue this career I thought to myself: "If I want to know how to become a Linux Administrator, surely others want to know it too?". That led me to start this blog where I'll collect websites and other resources for you so that you can easily find the information you need, in one place, for free.

This means that we'll take this journey together and can learn from each other. This is different from other tech blogs because I'll actually be learning the same things that you, the reader, will and that makes sure that the information posted here is up-to-date, works and is easy to understand!