12-15-2006, 04:19 AM
As a quick rundown of some tools you may find useful:
rpm -- the Redhat Package Manager, this tool controls installing and removing packages on the system, as well as telling you what's installed, if any parts are damaged, and a host of other useful actions. You may not use it often, but it is worth knowing about. rpm is good at getting a package installed on the system once the package is present and all dependencies are satisfied, but getting to that point can be a pain for some things. Yum is the answer to that pain.
yum -- Yellowdog Updater Modified, a smart frontend for rpm that can download a package, and any dependencies, for you. Packages can often be installed simply by doing "yum install <package>", after which yum will tell you what package (& version) you're installing, and list any packages it wants to install to satisfy dependencies. Depending on the package and what features were enabled by the person who built it, you can occasionally get a very long list of required dependencies (my best was ~25 packages to satisfy dependencies of the 1 package I requested).
netstat -- you may know this one from Windows, but Linux netstat is far more featureful. Use it to know what connections you have up and what servers are listening. Note that the way the Linux firewall works, a server can be listening, but unable to receive connections. Thus, a socket in a LISTENING state may not be dangerous.
lsof -- LiSt Open Files. This tool shows you all open file and socket descriptors of the processes it reports on. When run as an unprivileged user, lsof is usually only able to report the descriptors of the user who ran it. When run as root, you can see every file descriptor on the system. This can be useful for figuring out which process is holding a file or socket open. Note that netstat can (with the right options) also show you which process owns a socket.
iptables -- userland command line tool to read and manipulate the kernel firewall. As Kylearan says, the firewall should be activated by default. You can use this tool to verify that, and to perform fine-grained modifications if, for example, you decide you want to expose a port to the outside world. Note that some distributions do not save your firewall rules at shutdown, but instead regenerate the rules at next boot. Therefore, modifications to your ruleset may be lost at shutdown.
This list is by no means comprehensive, and is intended primarily to give you the names of the utilities you will want. You can look up their options in their respective manual pages (via man) or texinfo pages (via info). Many websites host HTML versions of these documents, so you may also be able to find the information you need via Google. Often, the most difficult part of a new task is finding the name of the tool(s) which perform that task, after which you can usually find plenty of people to explain how to use it.
For RedHat based distributions such as Fedora Core, you can often find a wealth of settings in the files under /etc/sysconfig. Be sure to create backups before changing anything.
rpm -- the Redhat Package Manager, this tool controls installing and removing packages on the system, as well as telling you what's installed, if any parts are damaged, and a host of other useful actions. You may not use it often, but it is worth knowing about. rpm is good at getting a package installed on the system once the package is present and all dependencies are satisfied, but getting to that point can be a pain for some things. Yum is the answer to that pain.
yum -- Yellowdog Updater Modified, a smart frontend for rpm that can download a package, and any dependencies, for you. Packages can often be installed simply by doing "yum install <package>", after which yum will tell you what package (& version) you're installing, and list any packages it wants to install to satisfy dependencies. Depending on the package and what features were enabled by the person who built it, you can occasionally get a very long list of required dependencies (my best was ~25 packages to satisfy dependencies of the 1 package I requested).
netstat -- you may know this one from Windows, but Linux netstat is far more featureful. Use it to know what connections you have up and what servers are listening. Note that the way the Linux firewall works, a server can be listening, but unable to receive connections. Thus, a socket in a LISTENING state may not be dangerous.
lsof -- LiSt Open Files. This tool shows you all open file and socket descriptors of the processes it reports on. When run as an unprivileged user, lsof is usually only able to report the descriptors of the user who ran it. When run as root, you can see every file descriptor on the system. This can be useful for figuring out which process is holding a file or socket open. Note that netstat can (with the right options) also show you which process owns a socket.
iptables -- userland command line tool to read and manipulate the kernel firewall. As Kylearan says, the firewall should be activated by default. You can use this tool to verify that, and to perform fine-grained modifications if, for example, you decide you want to expose a port to the outside world. Note that some distributions do not save your firewall rules at shutdown, but instead regenerate the rules at next boot. Therefore, modifications to your ruleset may be lost at shutdown.
This list is by no means comprehensive, and is intended primarily to give you the names of the utilities you will want. You can look up their options in their respective manual pages (via man) or texinfo pages (via info). Many websites host HTML versions of these documents, so you may also be able to find the information you need via Google. Often, the most difficult part of a new task is finding the name of the tool(s) which perform that task, after which you can usually find plenty of people to explain how to use it.
For RedHat based distributions such as Fedora Core, you can often find a wealth of settings in the files under /etc/sysconfig. Be sure to create backups before changing anything.