This book is a collection of guides for performing computer networking and security tasks in Linux. By following the guides you will be able to setup users and permissions on server, configure network interfaces, test Internet software, encrypt files for secure communications, observe and perform network security attacks, and deploy a variety of network services. Almost all tasks are performed using command-line software on a Linux operating system, specifically Ubuntu, and so there are several chapters introducing you to features of Linux. Also, as networking tasks usually involve multiple computers, a virtual networking solution is introduced and used throughout the book, allowing you to perform all tasks on your own computer (even if you don’t yet have Linux installed).
This chapter provides some context for this book, as well as outlining the best ways to make use of the book.
Most of the guides in this book have been developed over years of teaching data communications, networking and security subjects at a university level. In 2006, while given the task of lecturing on data networking, cryptography and security, I quickly realised the need for new, relevant, hands-on tasks that students could undertake to enhance their understanding of the theory and concepts being taught. A number of factors, including my past experience, lack of physical networking equipment, and large amount of freely available material, meant Linux was a appropriate platform for the practical tasks.
While at the time (and more so today) there were many good guides for using Linux for network and security, I had to adapt them to suit the background of the students (specifically, they had no prior experience in Linux, networking or security). The guides I wrote, which drew heavily upon other peoples work, focused on how to perform specific tasks in a simple manner.
When developing the guides I released them to students as handouts, via the university learning management system (i.e. Moodle), and eventually published most of them on my personal website sandilands.info/sgordon/. Unfortunately, since 2015 I haven’t spent enough time updating that website. As a few new guides had been developed that were not on my website, and some of the existing guides became outdated, in 2018 I decided to collect all of them into this book.
This book is intended for people who want (or need) to learn practical computer networking and security skills, as well as Linux. The main focus Information Technology (IT) or Computer Science (CS) undergraduate (Bachelor) and postgraduate (Masters) students that are taking introductory, advanced or in some cases specialised subjects in: computer networking, data communications, IT security, cryptography, and related areas.
While the purpose of this book is learning how to perform networking and security tasks, you can also use it to learn the Linux command line. However, if you really want to learn Linux in depth, there are better sources of information (see Section 1.2.6).
Educators can use this book to accompany lab/practical/workshop classes, asking students to complete tasks from selected chapters, and set assessment items that require students to build upon the tasks presented in this book. Note however that this book cannot be used by lecturers as a textbook ...
The most important message of this chapter is that this book is not intended to teach you about network and security. That is, it does not cover the theory and concepts; it only covers tools and techniques to perform a specific set of tasks (that hopefully demonstrate the theory and concepts). You can’t use this book as a textbook if you are studying networking or security. This book is essentially a lab manual, or a collection of how-to guides. It assumes you already know the theory and concepts, and need to put them into practice.
If you are a student learning networking and/or security, then you either need good lectures (and accompanying lecture notes, videos etc.) or a separate textbook. You need to learn the theory and concepts, before the guides in this book will make any sense. Section 1.2.6 lists a small selection of additional resources you could use to support your learning.
A good textbook will explain things, and discuss different solutions to problems. In many cases this book does not attempt to explain steps used (it just presents the steps you should use) and usually only presents a single approach (focusing on simplicity, rather than performance or security).
In summary, this book does:
Now you know what the purpose of this book is, and have decided it may be of value to you, read on for hints on how to use the book.
Most of the chapters are independent of each other, so you can almost jump to whichever chapter is necessary or of interest. However there are some chapters that are necessary, or should be skipped, depending on your background. A rough grouping of chapters is:
The following is guidance on the order in which chapters could be used:
While there is some dependence among the remaining chapters, you can study them in any order, jumping to others only when you don’t know the necessary tools and techniques.
Most of the guides show examples of commands to perform specific tasks (and sometimes the output of those commands). It is important to recognise that these are just examples. Blindly copying the commands may not achieve the desired outcome for you. Often you will need to modify the command to suit your particular environment (e.g. changing options or file names, performing the commands in different directories). You should try to understand all of the arguments and options used in each command. If they are not self-explanatory, then read the related text, or try the manual (Chapter 4).
Also note that the output of commands shown in this book may not exactly match the output you see. While most of the commands and corresponding output have been tested (with copy-and-paste of command/output to avoid errors), sometimes the testing occurred some time ago. As a result, different versions of the software may be used, producing different output. Also, some of the tasks are expected to produce different outputs (e.g. generating random numbers, encrypting).
When following the examples in this book, you should take care to understand the command before running it, and to understand the expected output before determining if the command has been successful or not.
Some sections include YouTube video demonstrations, as well as written examples. Note that the video demos and the written demos may not be the same. The videos may have been recorded at a different time, and therefore using a different setup than the written instructions. However in most cases both the written and video demos will illustrate the same concepts.
Chapter 4 explains the format of the commands and output used throughout this book. Common acronyms are defined at the start of this book.
The homepage for this book is:
The book is available to read as either HTML or PDF:
The two formats have almost identical content, as they are generated from the same LATEXsource. The main difference is that YouTube videos are embedded in the HTML version, while only a link is given in the PDF version.
Various example files are referred to in this book, e.g. example source code or configuration files. You can download selected source files by browsing:
https://sandilands.info/nsl/source/
Alternatively, all source files can be downloaded in a single zip or tgz archive.
This book is a lab manual, not a textbook. To learn about networking and security there are many other good sources. Here are just a few.
For a number of reasons (including content, history of usage, availability to students), I have used textbooks by William Stallings in teaching networking and security. While they are not perfect for all audiences, they generally have good technical coverage of topics of interest. As an alternative, Behrouz Forouzan has textbooks with similar content, but sometimes in a simpler style, as Stallings. There are of course many other textbooks from different authors and publishers that provide introductions to networking, security and cryptography.
Some of the books I have used extensively or partly in teaching and learning of networking and security are listed below. You can find details via the publishers or searching online or your library.
On Linux, my favourite and recommended textbook is:
There are of course many free resources on Linux (see Section 1.2.6).
The textbooks listed in Section 1.2.6 can normally be purchased in a book store or borrowed from the library. Many of them are updated every few years to cover new technologies and offer additional resources and questions. However for some topics the theory and concepts have not changed for many years. There are other, usually older textbooks that cover these topics equally well as those listed above. And for a few select books the authors/publishers have made the books free to download as a PDF online. Below are a few free textbooks that I can recommend. There are also many websites that list free textbooks, such as Wikibooks, Open Textbook Library and OpenStax, but I haven’t used them sufficiently to recommend any specific books. They are worth browsing.
For Linux, there are many resources freely available online. A web search for “free Linux book”, or for specific commands or using the man page (Section 4.2.4) is probably the best starting point. Here are just a few books:
Content from some of the past subjects I have taught is available from my personal website. This includes lecture notes, handouts, videos on YouTube, some assessment items, and often many hand worked examples. While some of the content may be getting old, and was for a specific set of students, it may be a useful resource if you are willing to explore. They most recent versions of the relevant subjects are (for the lecture content and videos, follow the link to “Topics and Lecture Material”):
You can also find a list of other presentations and reports on related topics, but must use the file name to identify the content.
Videos from older subjects, as well as many shorter videos on Linux, networking and security are available on my YouTube channel.
The contents of this book have been developed for teaching at two universities:
This book would not have been possible without the support from these universities, especially the freedom to develop materials around Linux, including virtnet, and making those material freely available outside the university.
The students that have been forced to use the guides have provided the most valuable feedback. Each term/year I needed to update the materials based on the questions they asked and errors they identified.
Numerous questions, comments and suggestions have been received by people outside of the universities, especially regarding virtnet, YouTube videos and Linux guides. While there have been many negative comments (especially on YouTube), the encouraging comments I received in the early days provided motivation to continue to create guides which form the content of this book.
This book is far from perfect. Below are some obvious limitations that I apologise for in advance.
This book has arisen from a collection of guides that I have created over many years. Over that time I have used different tools, styles and approaches. So when seeing all the guides together in this book there is a noticeable lack of cohesiveness. For example, the style of writing and formatting in one chapter may be noticeable different from another. There may be unnecessary repetition across chapters. Some chapters are simple guides (follow the instructions), while others include detailed explanations. These limitations are primarily due to my lack of time and effort in preparing the book. As new versions are released I hope to improve on this, but in reality, some chapters most likely will remain standalone for some time.
Almost all examples in this book use Internet Protocol (IP) version 4. There is almost no mention of IPv6. There is no attempt to illustrate how to do something with both versions. This is a significant limitation of the book if you are looking to build new networks, but not so important if you are learning about networking.
Many of the guides in this book were developed to accompany theory and concepts of introductory data communications, networking and security. While IPv6 is important and becoming much more widespread, I find it easier to teach networking starting with IPv4. With students being overloaded with many new concepts, I avoid adding extra confusion with the details of both IPv4 and IPv6. Therefore almost all of my examples use IPv4, with the passing mention of IPv6. I assume students will learn IPv6 in subsequent classes.
In the future I would like to add examples relevant to IPv6 (e.g. network interface configuration, routing).
In Linux there are often multiple different tools that can be used to perform similar tasks. That is a good thing: it allows selection of your preferred tool depending on your specific situation. I demonstrate tools that I have learnt over time, and luckily, most of those tools are quite common. However things change, and new, more popular tools become available. One significant case that may be evident in this book is the commands ifconfig and ip. ifconfig has been used for a long time for configuration network interfaces. I use it throughout this book. However ip has been developed as a replacement (of ifconfig as well as other tools such as route and netstat). ip is much more powerful, but has a significantly different syntax. If you are interested in Linux network administration, then you are recommended to learn ip.
If you find an error in this book, including bugs in the examples, then please let me know. If you are a student of mine, then use my standard contact details. Otherwise, send an email to:
Feedback or suggestions are also welcome at the above address.
This book is licensed under a Creative Commons Attribution 4.0 International License, except where noted below:
While not necessary, if you use content from this book, or use this book in teaching, then feel free to send an email to nsl@sandilands.info letting me know of the use.