HAWASSA UNIVERSITY Bensa Daye Campus Department of Computer Science System and Network Administration (InTe3041)
1
System and Network Administration
Chapter One Introduction to System & Network Administration
2
System and Network Administration
Chapter Outlines
What is system? What is administration? What does a sysadmin do? The challenge The Goal of system and network administration Qualities Principles Standard/Best practices Sysadmin Operating system
3
System and Network Administration
What is system administration?
What is system? A group of interacting, interrelated, or interdependent elements that together form a complex whole.
4
System and Network Administration
…..a system
In the context of this class, we generally consider computer-human systems consisting of
5
the computer(s) the network the user(s) the organization’s goals and policies
System and Network Administration
Parts of the Computer System
Computer systems have four parts Hardware Software Data User
1B-6
System and Network Administration
…and administration?
Merriam Webster: administer, v: to manage or supervise the execution, use, or conduct of
In this regard, the main issues are the following: • System plan and design • Resource management(checking and repair ) • Fault diagnosis handing
7
System and Network Administration
System administration
Is a set of functions that:
Provides support services Ensures reliable operations Promotes efficient use of the system Ensures that prescribed service-quality objectives are met
System administration functions includes installation, configuration, and maintenance of network equipment and computer systems.
Network equipment switches, routers, DHCP, DNS servers, etc. Computer systems database, email server, web server
Is the branch of engineering that is responsible for maintaining reliable computer systems in a multiuser environment
A person who works a system administration is called system administrator, or sys admin, sysad
8
System and Network Administration
Systems Administration…
Morning of systems/software. Performing backups of data. Applying operating system updates, and configuration changes. Installing and configuring new hardware/software. Adding/deleting/creating/modifying user account information, resetting passwords, etc. Answering technical queries. Automating operations Responsibility for security. Responsibility for documenting the configuration of the system. Troubleshooting any reported problem or reported problems. System performance tuning. Keeping the network up and running 9
System and Network Administration
The Goal of System Administration
Ensuring the systems are running efficiently and effectively. Supervise system functionality. Every system must work and be connected to the network. Create backups on media, better if automatic backup. Create and install desktop and servers.
Create users and assign to them customizable Graphical User Interface.
Update systems for the maximum performance Share system resources for the maximum network flow share disks between heterogenous systems in the better position share printers to save superfluous investment
Systems starts up and shutdowns properly Allocating disks spaces and relocating quotas when the needs grows 10
System and Network Administration
The Goal of Network Administration
To ensures that the users of networks receive the information and technically serves with quality of services they expect Network administration means the management of network infrastructures devices (such as router and switches) Network administration compromises of 3 majors groups: Network provisioning its consists of planning and design of network which is done by engineer. Network operations it consists of fault, configurations, traffic, all type of management and it is done by plant facilities group. Its is nerve center of network management operations. Network maintenance :
its consists of all type of installations and maintenance work. System and Network Administration Slide #11
System and Network Administration Slide #12
Responsibilities of the Network Administrator
As a network administrator, your tasks generally fall into the following areas: Designing and planning the network Setting up the network Maintaining the network
13
Adding new host machines to the network Administering network security Administering network services, name services, and electronic mail Troubleshooting network problems
Expanding the network System and Network Administration
The Job of a System Administrator
What exactly does a System Administrator do?
14
System and Network Administration
The Job of …..
What exactly does a System Administrator do? no precise job description often learned by experience “makes things run” often known as IT support, Operator, Network Administrator, System Programmer, System Manager, Service Engineer, Site Reliability Engineer etc
15
System and Network Administration
What sysadmins do?
User account management Hardware management Perform filesystem backups, restores Install and configure new software and services Keep systems and services operating Maintain documentation Audit security Help users, performance tuning, and more!
16
System and Network Administration
1. User Management
Is Defining the rights of organizational members to information in the organization
Involves a wide range of functionality such as adding/deleting users, controlling user activity through permissions, managing user roles, updating permissions when users change roles, defining authentication policies, managing external user stores and manual/automatic logout, and resetting passwords.
Challenge: managing large number of users Commonly organized into groups(users with similar privileges) E.g. all faculty members in the computer science department access to mailing list Active directory in windows provides centralized user management and access control for computers.
17
System and Network Administration
1. User Management…
Any user management system has the following basic components: Users: Users are consumers who interact with your organizational applications, databases, and other systems. A user can be a person, a device, or another application/program within or outside of the organization's network. Because users interact with internal systems and access data, organizations need to define which data and functionality each user can access by assigning permissions. Permissions: A permission is a delegation of authority or a right that is assigned to a user or a group of users to perform an action on a system. Permissions can be granted to or revoked from a user, user group, or user role automatically or by a system administrator. For example, if a user has the permission to log in to a system, the permission to log out is automatically granted as well. User roles: A user role is a grouping of permissions. In addition to assigning individual permissions to users, admins can create user roles and assign those roles to users. For example, you might create user roles called VP, Manager, and Employee, each of which has a different set of permissions, and then assign those roles to users based on their position in the company. Then, if you need to modify the permissions of all your managers, you can simply modify the Manager user role, and all the users with that role will have their permissions updated automatically. 18
System and Network Administration
1. User Management…
Creating user accounts
User Ids
Home directories (quotas, drive capacities) Default startup files (paths) Permissions, group memberships, accounting and restrictions Communicating policies and procedures Disabling / removing user accounts Consistency requires automation Username and UID namespace management Home directory backups and quotas Removing user accounts
19
Consistency requires automation Remove everything, not just homedir and passwd System and Network Administration
2. Hardware Management
Adding and removing hardware
Hardware evaluation and purchase System configuration and settings Capacity planning
Configuration, cabling, etc. Device driver's installation Scheduling downtimes and notifying users
How many servers? How much bandwidth, disk space?
Data Center management
Power, racks, environment (cooling, fire alarm)
Slide #20
System and Network Administration
3. Data Backups
Perhaps most important aspect! Backup strategy and policies
Installing backup software Performing backups and restores Monitoring backups
Scheduling: when and how often? Capacity planning Location: On-site vs off-site.
Checking logs Verifying media
Disaster recovery
Onsite/Offsite Periodic testing Multiple copies
Slide #21
System and Network Administration
4. Software Installation and Maintenance
Automated consistent OS installs Evaluation of software Finding and building open source software Purchase of commercial software Managing software installations
Distributing software to multiple hosts Package management Managing multiple versions of a software pkg
Patching and updating software Scheduling downtimes and notifying users Maintenance of multiple versions Slide #22
System and Network Administration
5. Troubleshooting
Problem discovery, diagnosis, and resolution
Problem identification
By user notification By log files or monitoring programs
Tracking and visibility
Often difficult
Ensure users know you’re working on problem
Finding the root cause of problems
Provide temporary solution if necessary Solve the root problem to permanently eliminate
Slide #23
System and Network Administration
6. Monitoring
Hardware and services functioning and operational Automatically monitor systems for
Log periodic rotation and backups Provides data for capacity planning
Problems (disk full, error logs, security) Performance (CPU, memory, disk, network)
Convince management of need for hardware
Two Kinds:
Reactive: Detecting and analyzing failures after they have occurred
Problem notifications, analyzing logs after failures(e.g. identifying modus operandi, affected system
Proactive: testing a system for specific issues before they occur
Vulnerability scanners(automatically identify/prioritize issues), penetration testing
Slide #24
System and Network Administration
7. Local Documentation
Administrative policies and procedures Backup media locations Hardware Location Description, configuration, connections Software Install media (or download location) Installation, build, and configuration details Patches installed Acceptable use policies Network setting 25
System and Network Administration
8. Security Concerns
System logging and audit facilities Evaluation and implementation Monitoring and analysis Traps, auditing and monitoring programs Unexpected or unauthorized use detection Monitoring of security advisories Security holes and weaknesses Live exploits
26
System and Network Administration
9. Helping Users
Request tracking system
Ensures that you don’t forget problems. Ensures users know you’re working on their problem; reduces interruptions, status queries. Lets management know what you’ve done.
User documentation and training
Acceptable Use Policies Document software, hardware (printers), etc.
Slide #27
System and Network Administration
You may need this!!!
28
System and Network Administration
Qualities of a Successful Sysadmin
Customer oriented
Technical knowledge
Ability to deal with interrupts, time pressure Communication skills Service provider, not system police Hardware, network, and software knowledge Debugging and troubleshooting skills
Time management
Automate everything possible. Ability to prioritize tasks: urgency and importance.
Slide #29
System and Network Administration
Principles of SA Simplicity
Choose the simplest solution that solves the entire problem.
Clarity
Choose a straightforward solution that’s easy to change, maintain, debug, and explain to other SAs.
Generality
Choose reusable solutions and open protocols.
Automation
Use software to replace human effort.
Communication
Be sure that you’re solving the right problems and that people know what you’re doing.
Basics First
30
Solve basic infrastructure problems before moving to advanced ones.
System and Network Administration
Standard “best practices” for system administration A.
B. C. D. E. F. G. H. I.
31
documentation backup and restore logging Disaster recovery plan automating repetitive tasks using scripting Announce user Add skill Never do anything you can’t back out of Use strong security mechanism
System and Network Administration
Documentation
Write what you have done Comment the scripts you write
32
System and Network Administration
Backup every thing
33
Strong back up policy Employ redundancy Don’t make a single point of failure
System and Network Administration
Check Your Log Files
34
Regularly check your log files for any errors and warnings, so they can alert you to problems before they become a threat to your servers and everything they support. Don’t ignore your log file
System and Network Administration
Perform disaster recovery plan
35
best disaster recovery plans are not designed for “if” something happens, but “when” something happens. what needs to be done Practice the plan and make sure that it is working properly
System and Network Administration
Automate anything you have to do more than three times and anything that is complicated
36
Capture your most clever commands in aliases, functions, and scripts – and give them meaningful names. Commit the complicated processes that you perform to scripts so that you don't have to figure out the steps required and the complex commands more than once. You'll save yourself a lot of time and effort over the long haul and have a much easier time if and when you need someone else to do the work for you.
System and Network Administration
Keep users informed
37
When you server are down for maintenance? New services added? Inform how long it take to resolve the problem Always let users know when to expect upgrades or changes
System and Network Administration
Never stop picking new skills
38
“if you are not moving ahead, you are falling backward” Always be looking for new things to learn
System and Network Administration
Never do anything you can’t back out of
39
For changes, you should always have a back out plan Undo the change possible? Make backup copies of files you’re about to edit
System and Network Administration
Implement Strong Security
40
Less privilege principle, a role-based security system, monitoring critical services, and conducting vulnerability and penetration testing. Also, watch for any signs of a break-in
System and Network Administration
Use a request system. receive too many requests to remember them all Customers know what you’re doing You know what you’re doing. Manage quick requests right Team organize/ shield /day2day+project tasks Handle emergencies quickly. Use request system to avoid interruptions. Policies How do people get help? What is the scope of responsibility for SA team? What is our definition of emergency? Start every host in a known state. System and Network Administration Slide #41
Good working practices are the threads that tie together the tasks performed by the Sysadmin. Good practices make tasks easier to reproduce, preserve system security/robustness, and maintain system functionality. System administrator involves managing details.
42
Knowing how a system is configured, what patches have been applied, what services the system needs or provides, and any number of other items is a tremendous aid in solving problems.
System and Network Administration
Avoid
using root or administrator as much as possible. Use a less privileged account, for which mistakes will be less drastic. Avoid using wildcard characters, such as the asterisk (*), when running as root or administrator. Make it a habit to create backup copies of files before you edit. Allow plenty of time to complete the tasks you need to perform.
43
System and Network Administration
Look
for answers in manuals, newsgroups, and archive of mailing lists. Usually “google” helps for most common problems. Use controlled trial and error for diagnosis. Listen to people who tell us there is a problem. It might be true. Write down problems and solutions in a log book, and write down experiences. Take responsibilities for our actions. Remember to tidy things up regularly. After learning something new, ask yourself “How does this apply to my work?”
44
System and Network Administration
Administration Challenges • System administration is not just about installing operating systems. • It is about planning and designing an efficient community of computers so that real users will be able to get their jobs done. That means: 1. 2. 3. 4. 5. 6. 7.
Designing a network which is logical and efficient. Deploying large numbers of machines which can be easily upgraded later. Deciding what services are needed. Planning and implementing adequate security. Providing a comfortable environment for users. Developing ways of fixing errors and problems which occur. Keeping track of and understanding how to use the enormous amount of knowledge which increases every year.
System and Network Administration Slide #45
Administration Challenges…
Need Broad knowledge of hardware and software To balance conflicting requirements Short-term vs. long-term needs End-user vs. organizational requirements Service provider vs. police model To work well and efficiently under pressure 24x7 availability Flexibility, tolerance, and patience Good communication skills People think of sysadmins only when things don't work! 46
System and Network Administration
Administration Challenges….
Requires: Breadth of knowledge: operating system concepts TCP/IP networking Experience programming ... Depth of knowledge: certain OS flavor specific service (DNS, E-Mail, Databases, Content-Delivery, ...) specific implementation/vendor (Oracle, Hadoop, Apache, Cisco, ...) specific are of expertise (security, storage, network, data center, ...) .. 47
System and Network Administration
Types of Administrators/Users
In a larger company, following may all be separate positions within a computer support or Information Services (IS) department.
In a smaller group they may be shared by a few sysadmins, or even a single person.
48
Database Administrator
Network Administrator
Security Administrator
Web Administrator
Technical support
computer operator
System and Network Administration
Types of Administrators/Users
A database administrator (DBA) maintains a database system, and is responsible for the integrity of the data and the efficiency and performance of the system.
A network administrator maintains network infrastructure such as switches and routers, and diagnoses problems with these or with the behavior of network-attached computers.
A security administrator is a specialist in computer and network security, including the administration of security devices such as firewalls, as well as consulting on general
security measures. 49
System and Network Administration
Types of Administrators/Users…
A web administrator maintains web server services (such as IIS or Apache) that allow
for internal or external access to web sites. Tasks include managing multiple sites, administering security, and configuring necessary components and software. Responsibilities may also include software change management.
Technical support staff respond to individual users' difficulties with computer systems, provide instructions and sometimes training, and diagnose and solve common problems.
A computer operator performs routine maintenance and upkeep, such as changing backup tapes or replacing failed drives in a RAID array. Such tasks usually require physical presence in the room with the computer; and while less skilled than sysadmin tasks require a similar level of trust, since the operator has access to possibly sensitive data.
50
System and Network Administration
Operating System supporting Administration
51
System and Network Administration
You want to be a sys Admin
?
U need to dig this course with me 52
System and Network Administration
1
Network Administration
Objectives 2
Workstations 3
A workstation is a client computer that is used to run applications and is connected to a server from which it obtains data shared with other computers.
Servers: Connecting Computer Systems 4
Network Server Environment 5
Client/Server Environment 6
Server Farm 7
Client-Server Interaction 8
Network Operating Systems 9
Windows OS 10
UNIX Types 11
Popular versions of Linux include the following:
Red Hat Linux OpenLinux Corel Linux Slackware Debian GNU/Linux SuSE Linux
Apple 12
Service Applications and Protocols 13
TCP/IP Based Services 14
Evolution of Network Management 15
Network Management Requirements 16
Network Management Model 17
SNMP and CMIP Standards 18
Components of the Organization Model 19
The network management station (NMS) is usually a standalone workstation, but it may be implemented over several systems.
Centralized Network Management Architecture 20
Hierarchical Network Management Architecture 21
Distributed Network Management Architecture 22
Management Information Bases 23
Object Identifiers 24
SNMP Protocol: Understanding the Agent 25
SNMP Protocol: Understanding the Protocol 26
SNMP Protocol: Understanding the Management Entity 27
SNMP Protocol: Understanding Community Strings 28
Management Protocols and Features 29
Configuring SNMP 30
RMON 31
RMON MIB 32
The Syslog Facility 33
Summary 34
The functions of a workstation and a server The roles of various equipment in a client/server environment The development of Networking Operating Systems (NOS) An overview of the various Windows platforms An overview of some of the alternatives to Windows operating systems Reasons for network management The layers of OSI and network management model The type and application of network management tools The role that SNMP and CMIP play in network monitoring How management software gathers information and records problems How to gather reports on network performance
ASSOSA UNIVERSITY COLLEGE OF COMPUTING & INFORMATICS
Network and System Administration B.Sc. in Computer Science
Prepared by
[email protected]
Chapter One Introduction to System and Network Administration
What is a System Administrator? Someone who takes care of the systems others are using.
System Running smoothly and efficiently
Users able to work in Easy and Efficient Manner
Sysadmin .sig file
“My job is like an airplane pilot's -- When I'm doing it well, you might not even notice me, but my mistakes are often quite
spectacular.” Source: Unknown
System Administration Tasks ❏
User Management
❏
Hardware Management
❏
Software Management
❏
System Monitoring & Troubleshooting
❏
Documentation & Help Desk
❏
Backups
❏
Automation, Planning, Policies, and Auditing
❏
Firefighting!!!
The Good… ❏ Lots of variety
❏ Challenging ❏ Fulfilling
❏ Pays well ❏ Very employable
The Bad… ❏ Annoying at times ❏Users ❏Management
❏Vendor Tech Support
❏ Long hours
❏ May not be your only job
Code of Ethics ❏ Professionalism
❏ System Integrity
❏ Personal Integrity
❏ Education
❏ Privacy
❏ Responsibility to Computing Community
❏ Laws and Policies
❏ Social Responsibility
❏ Communication
❏ Ethical Responsibility
Overview of the OSs
Introduction to Linux
UNIX •
Unix is a multi-user, multi-tasking operating system.
•
You can have many users logged into a system simultaneously, each running many programs.
•
It's the kernel's job to keep each process and user separate and to regulate access to system hardware, including cpu, memory, disk and other I/O devices.
Introduction to Linux
History of UNIX • First Version was created in Bell Labs in 1969.
• Some of the Bell Labs programmers who had worked on this project, Ken Thompson, Dennis Ritchie, Rudd Canaday, and Doug McIlroy designed and implemented the first version of the Unix File System on a PDP-7 along with a few utilities. It was given the name UNIX by Brian Kernighan. • 00:00:00 Hours, Jan 1, 1970 is time zero for UNIX. It is also called as epoch.
Introduction to Linux
…Cont’d •
1973 Unix is re-written mostly in C, a new language developed by
Dennis Ritchie.
•
Being written in this high-level language greatly decreased the
effort needed to port it to new machines.
Introduction to Linux
…Cont’d •
1977 There were about 500 Unix sites world-wide.
•
1980 BSD 4.1 (Berkeley Software Development)
•
1983 SunOS, BSD 4.2, System V
•
1988 AT & T and Sun Microsystems jointly develop System V Release 4 (SVR4). This later developed into UnixWare and Solaris 2.
•
1991 Linux was originated.
Introduction to Linux
What is LINUX • Linux is a free Unix-type operating system originally created by Linus Torvalds with the assistance of developers around the world.
• It originated in 1991 as a personal project of Linus Torvalds, a Finnish graduate student.
• The Kernel version 1.0 was released in 1994 and today the most recent stable version is 2.6.9
• Developed under the GNU General Public License , the source code for Linux is freely available to everyone.
Introduction to Linux
LINUX Distributions • Mandrake: http://www.mandrakesoft.com/ • RedHat: http://www.redhat.com/ • Fedora: http://fedora.redhat.com/ • SuSE/Novell: http://www.suse.com/ • Debian: http://www.debian.org/
Introduction to Linux
UNIX Structure
Introduction to Linux
UNIX File System
Unix-like Systems vs Windows Systems ❏ They are two different types of operating systems used in computers. ❏ Unix-like systems, such as Linux and macOS, are based on the Unix operating system. ❏ They are known for their stability, security, and open-source nature. ❏ Unix-like systems use a command-line interface, which can be more
difficult to learn for beginners, but allows for more advanced control and automation of tasks.
…Cont’d ❏ On the other hand, Windows systems are developed by Microsoft and
are known for their user-friendly interface and compatibility with a wide range of software. ❏ Windows systems are more widely used in personal computers, and are often the go-to choice for businesses that use Microsoft Office applications and other Windows-specific software. ❏ There are also differences in the way these operating systems handle file systems, networking, and security. Unix-like systems often use a
hierarchical file system, while Windows systems use a drive-letter system.
…cont’d ❏ Ultimately, the choice between Unix-like systems and Windows systems depends on the needs of the user. ❏ Unix-like systems are favored by programmers, developers, and researchers who need a stable and secure system that is easily customizable.
❏ Windows systems are favored by general users and businesses that require compatibility with Microsoft Office applications and other Windows-specific software.
Linux Distributions and UIs In addition to these distributions, there are many other options
available, each with its own unique features and focus. The UIs available on Linux include GNOME, KDE, Xfce,
LXDE, and others.
Linux Operations Review ➔ File system navigation: move from one directory to another directory (cd) ➔ File management: creating, copying, moving, and deleting files. ➔ Package management: install, update, and remove software packages ➔ Process management: managing processes, such as "ps" to list running processes, "kill" to terminate a process
➔ User management:creation and management of user accounts ➔ Networking:Linux offers a range of networking commands for configuring network settings, such as "ifconfig" to display network interface information
File system Hierarchy and Standard The File system Hierarchy Standard (FHS) is a standard that defines the structure of the file system on Linux and other Unix-like operating systems. ★ Here is a brief overview of the file system hierarchy and standard in Linux:
1. / (root): The root directory of the file system, which contains all other directories and files. 2. /bin: Contains executable files that are necessary for the system to function, such as basic system utilities like "ls", "cd", and "cp". 3. /etc: Contains system configuration files, such as configuration files for networking, users, and system services. 4. /home: Contains user home directories, which are used to store user-specific files and configuration settings. 5. /dev: Contains device files, which are used to represent hardware devices in the system. 6. /proc: Contains virtual files that provide information about system resources, such as memory usage and CPU usage.
Single-rooted hierarchy ● A single-rooted hierarchy is a type of file system hierarchy in which all directories and files are arranged in a tree-like structure with a single root directory. ● This means that all files and directories can be accessed relative to the root directory
● Unix/Linux file systems are a good example of a single-rooted hierarchy.
Seamless file systems ● file systems that integrate multiple physical or virtual storage devices into a single logical file system. ● This allows users to access data stored on different devices as if they were stored in a single location, without needing to know the details of the underlying storage architecture.
● Some examples of seamless file systems include Distributed File System (DFS) and GlusterFS.
Extensible file system ● A file system that can be extended or modified without requiring significant changes to the underlying file system architecture. ● This allows the file system to adapt to changing storage requirements and accommodate new features or technologies. ● One example of an extensible file system is the Extended File System (ext) used by many Linux distributions.
Some examples of file system standards ●
File Allocation Table (FAT): A file system standard used by many older versions of Windows and DOS.
●
New Technology File System (NTFS): A file system standard used by modern versions of Windows.
●
Extended File System (ext): A file system standard used by many Linux distributions.
●
Universal Disk Format (UDF): A file system standard used for optical media such as DVDs
and Blu-ray discs. ●
Hierarchical File System (HFS): A file system standard used by macOS.
●
Apple File System (APFS): A file system standard used by modern versions of macOS
and iOS.
…Cont’d ● Network File System (NFS): A file system standard used for sharing files between computers on a network. ● Common Internet File System (CIFS): A file system standard used for sharing files between computers on a network, primarily in Windows environments.
Essential Shell Commands ❏ Here are some essential shell commands that are commonly used: ❏
cd: Change directory. Used to navigate the file system by changing the current working directory.
❏
ls: List files. Used to display the contents of a directory, including files and subdirectories.
❏
mkdir: Make directory. Used to create a new directory.
❏
rmdir: Remove directory. Used to delete an empty directory.
❏
rm: Remove. Used to delete a file or directory (with the "-r" option).
...Cont’d ❏
cp: Copy. Used to copy files or directories.
❏
mv: Move. Used to move files or directories.
❏
cat: Concatenate. Used to display the contents of a file
❏
echo: Used to display a message on the screen or to redirect output to a file.
…Cont’d ❏ pwd: Print working directory. Used to display the current working directory.
❏ ps: Process status. Used to display information about running processes.
❏ top: Used to display real-time information about system processes. ❏ sudo: Superuser do. Used to execute commands with administrative privileges.
❏ ssh: Secure shell, used to connect to remote system over a secure network connection
❏ tar: Tape archive. Used to create and extract compressed archive files.
Advanced Shell Features Shell scripting is a powerful tool for automating tasks on Linux and other Unixlike systems.
Here are some advanced shell features that can help users create more powerful and efficient shell scripts:
★ Variables: Variables are used to store values that can be used later in a script. Variables can be set using the "=" operator, such as "name=John". To use the value of a variable, it can be referenced by using "$"
followed by the variable name, such as "$name".
…cont’d ● Input/output redirection: Input/output redirection allows users to redirect the input or output of a command to a file or another command. The ">" operator is used to redirect the output of a command to a file, while the " file.txt".
● These are just a few of the many advanced shell features that are available on Linux and other Unix-like systems. By mastering these features, users can create powerful and efficient shell scripts to automate tasks and improve their workflow.
Chapter Two Account and Security Administration
User and Group In Linux and other Unix-like systems, users and groups are used to manage access to system resources such as files and directories.
❏ Users: A user is a person who accesses the system and performs tasks. ➢ Each user is identified by a unique username and has their own home directory, which is used to store their personal files and configurations.
❏ Groups: A group is a collection of users who share common permissions and access to system resources. ➢ Each group is identified by a unique group name and has a group ID (GID).
User Private Group Scheme ❏ The User Private Group (UPG) scheme is a security model used in Linux and other Unix-like systems to provide each user with their own private group. ❏ Under this scheme, when a new user is created, a new group is also created with the same name as the user and the user is added to that
group. ❏ This ensures that each user has their own private group and that their files and directories are not accessible by other users by default.
User and Group Administration ❏ In Linux and other Unix-like systems, user administration and group administration are important tasks that system administrators perform to manage users and groups.
A. User administration: involves creating, modifying, and deleting user accounts.
B. Group Administration: Group administration involves creating, modifying, and deleting groups.
Linux Commands adduser: create new user account. eg. sudo adduser cs. After this command we will fill like password, full name and so on.. sudo : to use admin privilege/root cs: username
1002: user & group ID (UID)
Optional
passwd: to change password. Sudo passwd cs
userdel/deluser: Delete user account Usermod: Modify user account eg . change username, adduser to another group etc.. Eg. to delete user account cs
Addgroup: to create new group on the system
sudo deluser cs Eg to change username cs to jack sudo usermod -l jack cs
gpasswd: to change group account password, to remove group account passwd and many other function by adding --options.
Add user cs to group sysadmin
To remove sysadmin Password
usermod : used to modify user account
old username username
groupmod : used to modify group account eg. rename group sysadmin to cstutorial
Read for detail user and group administration!
Password Aging and Default User Files ➔ Password aging: Password aging is a security feature in Linux and other Unixlike systems that forces users to change their passwords periodically. ◆ Password expiration: Password expiration is the process of forcing users to
change their passwords after a certain period of time. ●
This can be configured using the "chage" command, which sets the password expiry date for a user.
Setting password and account period (days) using chage command
…Cont’d ➔ Default user files: Default user files are files that are created
automatically when a new user account is created. ◆ The following are some of the key default user files: ●
Bash profile: contains environment variables, aliases, and other settings.
●
Bashrc: used to set system-wide environment variables, aliases, and other settings. And it is found in /etc
●
Home directory: created automatically for each user account.
Managing files and folder permission ❏ In Linux and other Unix-like systems, managing file and folder permissions is an important task that system administrators need to perform to ensure system security and control access to system resources. ❏ Here is an overview of how to manage file and folder permissions:
1. File permissions: File permissions are used to control access to individual files. ■
The following are the three types of file permissions: ●
Read permission: Allows the user to read the contents of the file.
●
Write permission: Allows the user to modify the contents of the file.
●
Execute permission: Allows the user to execute the file if it is a program or a script.
….Cont’d ➔ Each file permissions represented by Read = r
Or a number from 0 -7
Write = w
The file permissions are represented by a series of
Execute = x
numbers or letters. The first character indicates the type of file (d for directory, - for a regular file, and l for a symbolic link), followed by three sets of permissions for the owner, group, and other users.
…Cont’d Default file
Directory file
Regular file (none folder files like .txt, .ppt, .docx, .sh )
…Cont’d 2. Folder permissions: are used to control access to directories and the files they contain. ◆ The following are the three types of folder permissions: ●
Read permission: Allows the user to list the contents of the folder.
●
Write permission: Allows the user to create, delete, and modify files and folders within the directory.
●
Execute permission: Allows the user to access the contents of the folder.
⍈ The folder permissions are also represented by a series of numbers or letters, similar to file permissions.
…Cont’d 3. Managing file and folder permissions: The following are some of the key commands Linux command
used to manage file and folder permissions:
i. chmod: Used to change file and folder permissions. ii. chown: Used to change the owner of a file or folder. iii. chgrp: Used to change the group of a file or folder. Assume we have a file called test.txt and cs4thyear folder
The first rwx is for owner of the folder, the second r-x is for group and the third r-x for guest
…Cont’d ❏ The chmod command is the most commonly used command for managing file and folder permissions. ❏ It can be used to add or remove permissions, set permissions for the owner, group, or
other users, and set permissions using numeric or symbolic modes. ❏ Numeric mode: from 0 to 7 ❏ Symbolic mode: r w x
Managing File Ownership ❖ system administrators need to perform to ensure system security and control access to system resources. ❖ Here is an overview of how to manage file ownership: ➢ File ownership: File ownership refers to the user and group that are associated with a file. ➢ Managing file ownership: The following are some of the key commands used to manage file ownership:
■ ■
chown: Used to change the owner of a file or folder. chgrp: Used to change the group of a file or folder.
The chown and chgrp commands are used to change the ownership of a file or folder. The syntax of the commands is as follows:
(next slide)
…cont’d General Syntax:
➔ The first command changes the owner of the file to the specified user, OR
➔ while the second command changes both the owner and the group of the file to the specified user and group.
chgrp command is used to change the group of a file or folder.
Read for detail and try practical!
Controlling Access to files (ACLs) ❖ Are an additional mechanism for controlling access to files and folders. ❖ ACLs are used in conjunction with file and folder permissions. ➢ key commands used to manage file and folder permissions and ACLs: ●
chmod: Used to change file and folder permissions.
●
chown: Used to change the owner of a file or folder.
●
chgrp: Used to change the group of a file or folder.
●
setfacl: Used to set ACLs on files and folders.
●
getfacl: Used to view ACLs on files and folders.
…Cont’d General Syntax:
To give full permission(read, write and execute) for user kemal to file a.txt
For further example, you can get the writing syntax of ACLs Setfacl --help Quiz(3%) 1. Write linux command to give read only permission for user john to file1.txt using ACLs
…Cont’d To view ACLs
Managing Disk Quotas ❏ disk quotas are used to limit the amount of disk space that users and groups can use on a file system. ❏ This is an important feature for system administrators who need to manage disk space usage and prevent users from filling up the file system. A. Enabling disk quotas: Disk quotas must be enabled on a file system before they can be used This is typically done by editing the file system /etc/fstab file and adding the usrquota and/or grpquota options to the mount options for the file system. For example:
This line enables user and group quotas on the /home file system
…Cont’d B. Setting up quotas: Once disk quotas are enabled, quotas must be set up for individual users or groups. This is done using the edquota command. The syntax of the command is as follows:
OR
…Cont’d C. Monitoring quotas: Once quotas are set up, they can be monitored using the quota command. The syntax of the command is as follows:
OR
This command displays the current disk usage and quota limits for the specified user or group.
…Cont’d D. Adjusting quotas: Quotas can be adjusted using the edquota command. The administrator can edit the quota configuration file for a user or group to increase or decrease their quota limits.
Overall, managing disk quotas is an important task in Linux and other Unixlike systems that system administrators need to perform to manage disk space
usage and prevent users from filling up the file system. By enabling, setting up, monitoring, and adjusting quotas, system administrators can effectively manage disk usage and ensure that disk space is available for critical system processes and applications.
Chapter Three File System and Management of Data storage
File System What is a File System?
❑ A file system is a way of organizing and managing files on a storage device.
❑ Such as: a hard disk drive or solid-state drive ❑ It provides a logical structure for organizing files and directories. ❑ allows users to access and manage those files.
Types of File Systems ● FAT: The File Allocation Table (FAT) ○
widely-used file system that was originally developed for floppy disks and other small storage devices.
○
. It is still used today on some USB drives and other portable storage devices.
● NTFS: The New Technology File System (NTFS) ○
more advanced file system developed by Microsoft for use on Windows computers.
○
It supports larger file sizes, more efficient use of disk space, and better security features than FAT.
● EXT: The Extended File System (EXT) ○
file system used on Linux and other Unix-like operating systems
○
designed for use with the Linux kernel and provides features such as journaling and support for file permissions.
…Cont’d ● APFS: The Apple File System (APFS) ○
a modern file system developed by Apple for use on its macOS, iOS, and other operating systems.
○
It is designed to be fast, secure, and efficient, and provides features such as encryption and
snapshotting.
File System Administration Tasks ● Partitioning: This involves dividing a hard drive or other storage device into multiple partitions, each with its own file system.
● Formatting: Once a partition has been created, it needs to be formatted with a file system. ● Mounting: When a file system is mounted, it is made available for use by the operating system and applications.
● Managing file permissions: File system administrators need to manage permissions for files and directories, determining who has access to them and what actions they can perform.
…Cont’d •
Monitoring disk usage: It's important to keep track of how much disk space is being used and ensure that there is enough free space available for new files and applications.
•
Backing up and restoring data: Backing up important files and data is crucial for preventing data loss in the event of a system failure or other disaster. File system
administrators need to develop and implement backup and recovery strategies to ensure data can be restored if necessary.
Partitioning disk with fdisk and parted ● fdisk is a command-line utility for partitioning disks on Linux systems. Here's how you can use it to partition a disk:
○
Step1 Open terminal
○
Step2 write
○
Step3 fdisk will display a warning message about potentially destructive actions. Press "n" to create a
fdisk /dev/sdX
, where X is the driver letter
new partition.
○
Step4 Follow the prompts to specify the partition type, starting and ending sectors, and other details
about the new partition.
○
Step5 Repeat the process to create additional partitions as needed.
○
Step6 Once you have created all of the partitions you need, press "w" to write the changes to disk and exit fdisk.
..Cont’d
sda has 3 partitions: sda1,sda2,sda5
sdb has no partitions
create partitions in disk sdb
to ceate new partition
…Cont’d
now, primary partition sdb1 created from disk sdb
…Cont’d ● parted is another command-line utility for partitioning disks on Linux systems. Here's how you can use it to partition a disk:
1. 2.
Open a terminal window and log in as the root user or use the sudo command to run parted with root privileges. Type "parted /dev/sdX" to start parted, where "X" is the letter corresponding to the disk you want to partition. For example, if you want to partition the first hard disk in the system, you would use "parted /dev/sda".\
3. Type mkpart
mkpart primary ext4 0% 20GB 1. 2.
Repeat the process to create additional partitions as needed. Once you have created all of the partitions you need, use the "quit" command to exit parted.
…Cont’d
Newly created partition
..Cont’d To delete partition Open Terminal sudo fdisk /dev/sdx where x is partition name eg. /dev/sda Enter d to delete partition Enter partition number eg. if partition is at /dev/sda1 Enter 1 Enter w to write on the disk quit
mkfs.ext4 /dev/sda1
…Cont’d ● Both fdisk and parted are powerful tools for partitioning disks, and can be used to create complex partition layouts with multiple partitions of different types and sizes. It's important to be careful when using these tools, as errors or mistakes can result in data loss or other problems. Be sure to backup important data before making any changes to disk partitions.
Creating a file system ● To create a new file system on a disk partition, you can use the mkfs command followed by the type of file system you want to create (e.g., ext4, xfs, btrfs, etc.) and the name of the partition you want to format.
This command will format the first partition on the first hard disk in the system with the ext4 file system.
Mounting a file system ● To mount a file system, you first need to create a mount point (i.e., a directory where the file system will be accessible). You can use the mkdir command to create a new directory for this purpose.
Maintaining a file system ● To maintain a file system, there are several tools and commands available on Linux systems. •
df: displays information about disk usage and available space on file systems
•
du: displays information about disk usage of files and directories
•
fsck: checks and repairs file system errors
•
tune2fs: allows you to tune various parameters of an ext2, ext3, or ext4 file system
•
xfs_repair: checks and repairs XFS file systems
…Cont’d
Check disk usage on /home directory
Display disk free space with human readable format
Swap ● Swap is an area on a hard drive that is used as a virtual memory extension when the physical memory (RAM) is full. Linux systems typically use a dedicated swap partition or a swap file to provide this functionality. ● Creating a swap partition 1. Determine the size of the swap partition you need
2. Use a partitioning tool like fdisk or parted to create a new partition on your hard drive. Make sure to set the partition type to "Linux swap" (type code 82).
3. Format the new partition with the mkswap command.
…Cont’d
To make the swap partition persistent across reboots, add an entry for it in the /etc/fstab file.
Determining disk usage with du and df ● du: used to estimate the space used by file and directories. ● df: used to display the amount of disk space available on file systems. For further du and df usage, enter du –help and df --help
Configuring Disk Quota ● Disk quotas are a feature of the Linux file system that allows system administrators to limit the amount of disk space a user or group can use. ● To configure disk quota, Step 1: Enable Quota Support go to /et/fstab and adding user and group quota
…Cont’d mount -o remount /home sudo apt-get install quota /home 0 0 1000 2000 0 0 //edit the /etc/quotatab sudo edquota cs //where cs is username sudo repquota /home to monitor disk usage quota In the fstab file, the number 2 specifies the order in which file systems are checked for errors at boot time.
Logical volume management and RAID ❏ Logical Volume Management (LVM) and Redundant Array of Independent Disks (RAID) are two technologies that can help manage and protect data on Linux systems. ❏ Logical Volume Management (LVM) ❏ LVM is a technology that allows you to create logical volumes from multiple physical volumes (such as hard drives or partitions), and manage them as a single, flexible
storage pool. ❏ With LVM, you can easily resize volumes, add or remove physical storage, and take snapshots of volumes for backups or testing purposes.
In this diagram, we have three physical disks at the bottom, disk 1
has three partitions (sky, green and red colors), disk 2 has only one partitions (red ones) and disk 3 has two partitions (red and green). There are two logical volume group LV1 & LV2. /boot directory found in disk 1
/ directory found in LV1 and LV1 can access two partitions from Disk1 and one partition from Disk 3
/home directory found in LV2 and LV2 uses one partition from each (three) disks
Redundant Array of Independent Disks (RAID) Stands for Redundant Array of Independent Disks. It’s a technology that enables greater levels of performance,
reliability and/or large volumes when dealing with data. How?? By concurrent use of two or more ‘hard disk drives’.
How Exactly?? Mirroring, Stripping (of data) and Error correction
techniques combined with multiple disk arrays give you the
reliability and performance.
RAID 0
It splits data among two or more disks.
Provides good performance.
Lack of data redundancy means there is no fail over
support with this configuration.
Used in read only NFS systems and gaming systems
RAID 0
In the diagram to the right, the odd blocks are written to disk 0 and the even blocks to disk 1 such that A1, A2, A3, A4, … would be the order of blocks read if read sequentially from the beginning.
RAID 1 RAID1 is ‘data mirroring’.
Two copies of the data are held on two physical disks,
and the data is always identical. Twice as many disks are required to store the same data
when compared to RAID 0. Array continues to operate so long as at least one drive is
functioning.
RAID 1
This type of RAID uses mirroring to copy data across two or more hard drives, providing redundancy in case of a
drive failure.
However, it requires at least two drives,
and you lose half of your available storage capacity due to the mirroring.
RAID 5
RAID 5 is an ideal combination of good performance, good fault tolerance and high capacity and storage efficiency.
An arrangement of parity and CRC to help rebuilding drive data in case of disk failures.
“Distributed Parity” is the key word here.
In this diagram parity code is distributed across each disk.
RAID 10 Combines RAID 1 and RAID 0.
Which means having the pleasure of both - good performance and good failover handling. Also called ‘Nested RAID’.
Implementations Software based RAID: ●
Software implementations are provided by many Operating Systems.
●
A software layer sits above the disk device drivers and provides an abstraction layer between the logical drives(RAIDs) and physical drives.
●
Server's processor is used to run the RAID software.
●
Used for simpler configurations like RAID0 and RAID1.
Hardware based RAID:
•
• • A PCI-bus-based, IDE/ATA hard disk RAID controller, supporting levels 0, 1, and 01.
A hardware implementation of RAID requires at least a special-purpose RAID controller. On a desktop system this may be built into the motherboard. Processor is not used for RAID calculations as a separate controller present.
Chapter Four TCP/IP Networking
TCP/IP Basics ● TCP/IP (Transmission Control Protocol/Internet Protocol) is a set of networking protocols used for communication over the internet. ● TCP/IP protocol suite provides end-to-end connectivity that enables data to be transmitted reliably over a network.
OSI and Protocol Stack
Network Access
TCP/IP Protocol Suites
…Cont’d
TCP is a connection-oriented protocol that provides reliable data transmission.
ensuring that the data is delivered without errors and in the
correct order.
It establishes a connection between two devices and manages the flow of data between them.
TCP also handles congestion control, which helps to prevent network congestion by slowing down the rate at which data is transmitted.
…Cont’d
IP is a connectionless protocol that provides addressing and routing services.
IP packets contain: Source address Destination address
Source Address:- is an address of a device which intended to send data and Destination address is address of a device that
intended to receive data.
…Cont’d
Together, TCP and IP form the basis of the internet protocol suite, and are used to transmit data over the internet.
Other protocols in the TCP/IP suite include UDP (User Datagram
Protocol),
which is a connectionless protocol that provides fast but unreliable data transmission,
ICMP (Internet Control Message Protocol), which is used for network diagnostics and troubleshooting.
TCP/IP Applications
Web Browsing
E-mail
File Sharing
Video Streaming It is a critical component of the internet and is used
by billions of devices worldwide to communicate with each other.
IP ●
Responsible for end to end transmission
●
Sends data in individual packets
●
Maximum size of packet is determined by the networks ○
●
Fragmented if too large
Unreliable ○
Packets might be lost, corrupted, duplicated, delivered out of order
IP addresses ●
●
4 bytes ○
e.g. 10.141.5.19
○
Each device normally gets one (or more)
○
In theory there are about 4 billion available
But…
Routing ●
How does a device know where to send a packet? ○
All devices need to know what IP addresses are on directly attached networks
○
If the destination is on a local network, send it directly there
…Cont’d ●
If the destination address isn’t local ○
Most non-router devices just send everything to a single local router
○
Routers need to know which network corresponds to each possible IP address
Allocation of addresses ●
Controlled centrally by ICANN ○
Fairly strict rules on further delegation to avoid wastage
■ ●
Have to demonstrate actual need for them
Organizations that got in early have bigger allocations than they really
need
IP packets ●
Source and destination addresses
●
Protocol number ○
●
Various options ○
●
1 = ICMP, 6 = TCP, 17 = UDP
e.g. to control fragmentation
Time to live (TTL) ○
Prevent routing loops
ARP : Address Resolution Protocol ●
ARP provides mapping 32bit IP address 48bit MAC address 128.97.89.153 00-C0-4F-48-47-93
●
ARP cache maintains the recent mappings from IP addresses to MAC addresses
Protocol 1.
ARP request broadcast on Ethernet
2.
Destination host ARP layer responds
DHCP ●
Dynamic Host Configuration Protocol ○
Used to tell a computer what IP address to use
○
Device broadcasts a request from IP 0.0.0.0 ■
○
If it had an IP address before, asks for the same one again
Server (or relay) on local network responds telling it which to use (or ignores it, or tells it go away) ■
“Lease time” telling it how long that IP will be valid for
■
Device requests renewal of lease after ¾(?) elapsed
Configuring Linux Box as Router
Configuring a Linux box for networking involves several steps. setting up network interfaces,
configuring IP addresses,
and setting up routing.
…cont’d 1.
Identify network interfaces: Check the available network interfaces on the Linux box using the “ ip link show “ Command.
2.
Configure network interfaces: Edit the interface configuration files located in the /etc/network/interfaces auto eth0 iface eth0 inet dhcp //to set dhcp address
…cont’d 1.
Identify network interfaces: Check the available network interfaces on the Linux box using the “ ip link show “ Command.
2.
Configure network interfaces: Edit the interface configuration files located in the /etc/network/interfaces auto eth0 iface eth0 inet static //to set static address address 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255 gateway 192.168.0.1
…cont’d 3. Configure DNS: Edit the “/etc/resolv.conf” file to add the DNS server IP addresses. For example, to add the Google DNS servers, add the following lines: nameserver 8.8.8.8 nameserver 8.8.4.4
Name servers translate the domain name into an IP address, connecting information that's easy for humans to understand with information that's easy for computers to understand
…cont’d 4. Configure routing: Use the “ip route” command to configure routing. For example, to add a default route through the gateway with IP address 192.168.0.1, use the following command:
ip route add default via 192.168.0.1
5.Test network connectivity: Test network connectivity by pinging other devices on the network or the internet. For example, to ping Google's DNS server, use the following command: ping 8.8.8.8
Configuring a Linux Box as a Router ●
What is router?
A router is a device that connects two or more packet-switched networks or subnetworks.
Configuring a Linux box as a router involves several steps, including enabling IP forwarding, configuring network interfaces, and setting up routing.
General guide 1. Enable IP forwarding: IP forwarding allows the Linux box to forward packets between network interfaces. to enable IP forwarding, edit the “/etc/sysctl.conf” file and uncomment the following line: net.ipv4.ip_forward=1 then run sudo sysctl -p /etc/sysctl.conf to apply the change
…Cont’d 2. Configure network interface For example, if the Linux box has two network interfaces, eth0 and eth1, with IP addresses 192.168.1.1 and
192.168.2.1, respectively, edit the “/etc/network/interfaces” file and add the following lines:
auto eth0 iface eth0 inet static address 192.168.1.1 netmask 255.255.255.0 auto eth1 iface eth1 inet static address 192.168.2.1 netmask 255.255.255.0
…Cont’d 3. Configure NAT: Network Address Translation (NAT) allows the Linux box to translate private IP addresses used on the local network to a public IP address used on the internet. To configure NAT, use the following commands:
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE sudo iptables-save | sudo tee /etc/iptables/rules.v4 This will configure NAT for outgoing traffic on the eth0 interface.
…Cont’d 4. Configure routing: Use the “ ip route ” command to configure routing. For example, to add a route to the 192.168.2.0/24 network through the eth1 interface, use the following command:
sudo ip route add 192.168.2.0/24 dev eth1
This command allow eth1 will provide address for hosts from 192.160.2.0 – 192.168.2.255
…Cont’d 4. Test network connectivity: Test network connectivity by pinging other devices on the network or the internet
ping 192.168.2.x, where x is a number from 0 -255
Configuring a Web Server (Apache)
What is web server?
Web server is a computer where the web content is stored. Basically web server
is used to host the web sites but there exists other web servers also such as gaming, storage, FTP, email etc.
Web site is collection of web pages while web server is a software that respond to the request for web resources.
…Cont’d
Configure Apache server 1.
Installing Apache
sudo apt install apache2 2. Configure Apache By goto /etc/apach2 direrctory configure the following line:
apach2.conf
ports.conf
sites-available/default 3.
Create web content inside /var/www/html
…Cont’d 4. Deploy web contents
Making it accessible to web server . Web content file have correct file permissions and file ownership. http://192.168.1.100 IP address of web server
DNS Server (BIND)
What is DNS? And how it work?
The Domain Name System (DNS) is the phonebook of the Internet. When users type domain names such as ‘google.com’ or ‘facebook.com’ into web browsers, DNS is responsible for finding the correct IP address for those sites. Browsers then use those addresses to communicate with origin servers or CDN edge
servers to access website information.
DNS Server (BIND)
How DNS work?
Configuring DNS server Install BIND: Install the BIND DNS server using the package manager for the Linux distribution being used. sudo apt-get install bind9
Configure BIND: Edit the BIND configuration files located in the “/etc/bind” directory to configure the server. named.conf named.conef.options named.conf.local
Cont’d Set up DNS zones: Set up DNS zones for the domain names being served by the DNS server.
There are two types of DNS zones:
Forward Zone:- map domain name to ip address
Reverse Zone:- map ip address to domain name
Options •
Go to /etc/bind folder and edit named.conf.options file
recursion yes; listen-on {your server IP address;};
allow-transfer {none;} //to disable zone transfer by default forwarders { your nameserver or google nameserver (8.8.8.8/IP address);
};
Forward Zone Configuration •
Go to /etc/bind folder and edit named.conf.local file
//Forward Zone; zone “asu.edu.et” IN {
type master; file “/etc/bind/db.asu.edu.et”; };
Reverse Zone Configuration •
Go to /etc/bind folder and edit named.conf.local file
//Reverse Zone; zone “56.168.192.in-addr.arpa” IN {
type master; file “/etc/bin/56.168.192”; //if your IP address is 192.168.56.x };
Cont’d Create db.asu.edu.et file inside /etc/bind ; BIND data for local loopback interface $TTL 1h @ IN SOA ns1.asu.edu.et. admin.asu.edu.et. ( 1 ; Serial 1h ; Refresh 15m ; Retry 1w ; Expire 1h ; Minimum TTL ) @ IN NS ns1.asu.edu.et. ns1 IN A 192.168.56.10 www IN A 192.168.56.10 ftp IN A 192.168.56.10
Cont’d Create db.56.168.192 file inside /etc/bind ; BIND reverse data for local loopback interface $TTL 1h @ IN SOA ns1.asu.edu.et. admin.asu.edu.et. ( 1 ; Serial 1h ; Refresh 15m ; Retry 1w ; Expire 1h ; Minimum TTL ) @ IN NS ns1.asu.edu.et. 10 IN PTR ns1.asu.edu.et 10 IN PTR www.asu.edu.et 10 IN PTTR ftp.asu.edu.et
Cont’d After all, restart bind9 by writing the following command: sudo service bind9 restart or sudo /etc/init.d/named restart Then nslookup www.asu.edu.et or ftp.asu.edu.et or ns1.asu.edu.et dig www.asu.edu.et or ftp.asu.edu.et or ns1.asu.edu.et
nslookup 192.168.56.10 dig 192.168.56.10
reverse lookup
Reading Assignment Address Resolution Protocol (ARP) Network Address Translation (NAT) Basic Network commands in Linux (ping,dig,ifconfig,ip a, ip addr, ip
link show, nslookup, netstat, and soon….) Packet sniffing tool (Wireshark and tcpdump)
Mail Server A mail server transfers and delivers email messages between two or more mail
clients.
Components of Mail Server
Mail Transfer Agent (MTA) A mail Transfer Agent (MTA) is a software application that is responsible for the
routing and delivery of email messages between mail servers.
…Cont’d Examples of MTA Sendmail Postfix Fetchmail Qmail
exim
Configuring a Mail Transfer Agent (MTA) postfix 1.
Install postfix : sudo apt install postfix
2.
Configure Postfix main.cf: This file contains global configuration settings for Postfix master.cf: This file contains the service definitions for Postfix
3. Some of the important settings that need to be configured include the mail server hostname, the mail server domain name, and the mail server network settings.
After configuration restart postfix
sudo service postfix restart
Chapter Five Installation of Application Server and Management
What is Server and its function? A server is a computer program or device that provides
services to other programs or devices, called clients.
A server is designed to be more powerful and reliable than a typical desktop computer
A server functions by receiving requests from client devices, processing those requests, and sending back a response.
Types of server
Web server: A web server stores and delivers web pages, images, and other content to users who request it through a web browser.
Popular Web Servers
Apache Nginx
Mail server: A mail server is responsible for sending and receiving email messages.
Popular Mail Servers
Postfix Exim Microsoft Exchange
…Cont’d
File server: A file server stores and manages files, allowing users to access them from various devices.
Popular File Servers
Window file server Samba (for Linux)
Database server: manages databases and allows multiple users to access and
modify data at the same time.
Popular Database Servers MySQL
Oracle Microsoft SQL server
…Cont’d
DNS server: resolves domain names into IP addresses, allowing computers to communicate with each other over the internet.
Popular DNS Servers BIND Microsoft DNS
Proxy server: acts as an intermediary between clients and servers,
Allowing clients to access resources on the internet without revealing their IP addresses.
It can also be used to improve performance by caching frequently accessed resources.
…Cont’d
Application server: Provides an environment in which applications can run.
It manages resources such as memory and CPU usage and provides services such as:
Security and transaction management
Popular Application Servers Apache Tomcat JBoss.
Installation of Application Server and Management
general steps Choose the application server software Prepare the operating system Install the application server software Configure the application server Deploy applications
Manage the application server
DHCP, DNS, and Telnet
DHCP, DNS, and Telnet are all network services that are commonly used in modern networks.
Here is a comparison of these services with other network operating system (NOS) setups of the corresponding services:
Next Slide
DHCP
Windows Server: DHCP
Linux: DHCP is provided by a
service is provided through
variety of open source
the DHCP Server role in
packages like ISC DHCP,
Windows Server.
dnsmasq, and dhcpd.
It can be installed and
configured using the DHCP console.
DNS
Windows Server: DNS service is
Linux: DNS is provided by a variety of
provided through the DNS Server
open source packages like BIND,
role in Windows Server. It can be
dnsmasq, and PowerDNS.
installed and configured using the DNS console.
Telnet
Windows Server:
Telnet service is
Linux: Telnet is provided by the Telnet
provided through the Telnet Server role
package, which can be installed and
in Windows Server.
configured using a command-line
It can be installed and configured using the Telnet console.
interface.
…Cont’d ●
In general, the setup of these services is similar across different NOS platforms.
●
Additionally, different NOS platforms may include additional features or functionality that are not available in
However, there may be differences in
other platforms, depending on the
the specific configuration options
specific needs of the network.
available, the management interfaces used to configure the services, and the default settings for each service.
SSH Client and Server Secure Shell - SSH There are a number of tools that can be used to remotely connect to hosts.
The secure shell or ssh is a collection of tools using a secure protocol for communications with remote Linux computers. The communication is between SSH Client and SSH Server. Communication is encrypted. Before data exchange begins the communication channel will be encrypted
…cont’d Configuration file is found in /etc/ssh. • Public and Private Keys •
Are used for encryption and authentication
•
Both Communication parties require Private and Public Keys for sending data and verification.
To install ssh sudo apt-get install openssh-server openssh-client
…cont’d • Public and Private Keys
RSA and DSA Encryption Algorithms
RSA = Rivest–Shamir–Adleman one of the first encryption algorithms.
The encryption key is public and is different from the decryption key which is private. Because of this the encryption is called asymmetric encryption
RSA is relatively slow and is not used to encrypt bulk data It is mostly used to exchange keys
SSH uses RSA encryption
SSH
To logout type exit
SSH
the user on cs has to accept the server’s RSA key (public key)
• The key will be stored in ~/.ssh/known_hosts file • For subsequent logins, confirmation is not request
SSH
You can login from windows to Linux
Server using ssh
SCP – Secured Copy
SCP copies files from remote host to local host or vice versa. •
It works behind ssh
Copy file (in this case /home/cs) from remote computer to local computer(to the directory /home/dnsuser/Desktop) scp username@serveraddress:/filepath destinationfolder
Setting up Passwordless SSH
Also known as public-key based authentication
Example = Giving access to an Ubuntu desktop on a server using public-keys
Step 1 – Generate Key Pair on Your computer using ssh-keygen command
ssh-keygen -t rsa • Default key length is 2048 bits. To be more secured, increase the bit length • ssh-keygen –t rsa -b 4096 increases the length to 4096 bits
• When asked to choose filename, press Enter key to select the default file
Setting up Passwordless SSH
Type Passphrase, at least 20 characters long. • Press Enter if you don’t want to use pass phrase • The pass phrase is used to encrypt the private key • The two keys will be saved separately
Setting up Passwordless SSH
Setting up Passwordless SSH Step 2 – Upload Your Public Key to Remote Linux Server Send the files using the ssh-copy-id command
for uploading id, it ask server password
Setting up Passwordless SSH Step 3 – try login without password
FTP FTP (File Transfer Protocol) is a network protocol used for transferring files between computers on a network. Setting up a FTP server typically involves the following steps: o
Choose an FTP server software FileZilla Server
ProFTPD and
vsftpd.
Install the FTP server software: o
Follow the installation instructions provided by the FTP server software vendor.
FTP Configure the FTP server o
After the installation is complete, configure the FTP server to meet your needs.
o
This may involve setting up user accounts, configuring security settings, and adjusting
performance settings.
Create and manage FTP users o
Set up FTP user accounts and permissions to control who can access the FTP server
and what files they can access
FTP Test the FTP server o
Test the FTP server by connecting to it using a FTP client software like FileZilla or WinSCP. To install VSFTP server
sudo apt install vsftpd -y Star and enable the service
sudo services vsftpd start
Or sudo systemctl start vsftpd
sudo services vsftpd enable
Or sudo systemctl enable vsftpd
FTP If you have a firewall enabled sudo ufw allow 20/tcp sudo ufw allow 21/tcp To check your firewall status
sudo ufw status
Check status of FTP server
…Cont’d To Connect with remote server ftp
To change pwd to local machine lcd /home/dnsuser
To change pwd to remote machine cd /home/cs
…Cont’d To upload file from local machine to remote server
SAMBA: Linux and Windows File and Printer Sharing SAMBA is an open-source software suite that allows Linux and Unix-based systems to communicate and share resources with Windows-based systems. It provides file and print services that enable Linux and Unix-based systems to act as Windows file and printer servers.
…Cont’d
Linux Windows
Shared folder
…Cont’d To install Samba Server
sudo apt install samba samba-common python3-dnspython OR
sudo apt install samba sudo ufw allow 445/tcp sudo ufw allow 139/tcp
For latest Linux distro Samba server uses 137-139 and 445 ports
Configure SAMBA To configure samba server go to /etc/samba and edit smb.conf
There are two types of file sharing in samba server. Unsecure Anonymous and Secure file sharing
Anonymous file Sharing Step 1. create shared samba directory.
sudo mkdir –p /anonymous_shares Step 2. set file and folder permissions for newly created folder sudo chmod –R 775 / anonymous_shares Step 3. make the file and folder ownerless sudo chown –R nobody:nogroup / anonymous_shares
…Cont’d Go to /etc/samba file and edit smb.conf [Anonymous] comment = Anonymous file sharing path = / anonymous_shares
browsable = yes writeable = yes guest ok = yes read only = no; force user = nobody;
Secure file Sharing
Step 1. create shared samba directory. sudo mkdir –p /Secure_shares Step 2. adduser to smbgroup //assume we have user account named cs
sudo smbpasswd –a cs //enter new network password and confirm Step 3. assign cs to own Secure_shares folder sudo chown –R cs /Secure_shares
…Cont’d Go to /etc/samba file and edit smb.conf [Secure-Shares] comment = Secure file sharing path = / Secure_shares
browsable = yes writeable = yes guest ok = no read only = no;
Chapter SIX Managing Network Services
What does mean network service? o Network services refer to the various services and protocols that are used to enable
communication and data transfer between devices on a network.
o Examples of network services include email, file sharing, remote access, domain name resolution, and network printing.
o
These services are typically provided by servers on the network and can be accessed by clients using appropriate software or protocols.
key aspects of managing network services
Service Configuration Network services such as
DHCP,
DNS, FTP,
email servers, and others need to be properly configured with the appropriate settings and parameters.
This includes defining IP address ranges, domain names, access
controls, security settings, and other configuration options specific to each service.
Service Monitoring It is essential to monitor network services to ensure their availability and optimal performance. Monitoring involves
regularly checking the status of services
monitoring resource utilization responding to any issues or failures promptly
Various monitoring tools and techniques can be employed, such as system logs, performance monitoring tools, and network monitoring systems.
Security Management Network services need to be secured to protect against: unauthorized access, data breaches, and other security risks.
This involves implementing appropriate:
access controls,
encryption,
authentication mechanisms,
and firewalls.
Troubleshooting and Maintenance Network administrators need to be proficient in troubleshooting network service issues. This includes diagnosing and resolving connectivity problems, service disruptions, performance issues, and addressing any service-related errors or failures.
Regular maintenance tasks such as software updates, configuration backups, and periodic service restarts are also part of effective service management.
Capacity Planning Managing network services requires anticipating future growth and ensuring that the infrastructure can handle increased demands. Capacity planning involves assessing current and future needs, estimating resource requirements, and scaling services accordingly.
This includes monitoring network traffic patterns, analyzing resource utilization, and planning for hardware and software upgrades when necessary.
Documentation and Documentation Management Proper documentation of network services, including configurations, procedures, and troubleshooting guidelines, is essential for effective management.
Maintenance Troubleshooting: Common System and Network Problems Maintenance troubleshooting involves identifying and resolving common system and network problems. common system and network problems Connectivity Issues Slow Performance Application Errors
Hardware Failures Security Breaches DNS and IP Addressing Issues Printing Issues and Wireless Network Problems
Developing General Strategies ● ● ● ● ● ● ● ● ● ●
Planning and Requirements Gathering Scalability and Flexibility Security Considerations
Modularity and Reusability Testing and Quality Assurance Documentation and Knowledge Management User Training and Support Regular Maintenance and Updates Monitoring and Performance Optimization Continuous Improvement
Resolve Boot Problems
Check Hardware Connections:
Ensure that all hardware components, such as hard drives, memory modules, and cables, are properly connected.
Verify Boot Device Priority: Access the system BIOS or UEFI settings and confirm that the correct boot device is selected as the primary boot option.
For example, ensure that the hard drive containing the operating system is set as the first boot device.
…cont’d
Check Boot Order If there are multiple operating systems or bootable devices, verify the boot order to ensure the system is attempting to boot from the correct device.
Adjust the boot order if necessary.
Repair Master Boot Record (MBR) or Bootloader:
Use recovery tools or installation media to repair the MBR or bootloader,
which are responsible for initiating the boot process.
This can help resolve issues caused by corrupted boot records.
…cont’d
Use Safe Mode or Recovery Mode: Booting the system in Safe Mode or Recovery Mode can help identify and resolve boot problems by starting the system with minimal drivers and services.
Backup and Restore Data and System Volume:
Data Backup
Regularly back up important data to external storage devices, cloud storage, or network drives.
Use backup software or built-in backup utilities to create scheduled backups or perform manual backups.
…Cont’d
System Image Backup Create a system image backup that captures the entire system volume, including the
operating system, installed applications, and system settings. This allows for a complete restoration of the system in case of data loss or system failure.
…Cont’d
File-Level Restore For data recovery at the file level, use backup software or manual methods to
selectively restore specific files or folders from the backup. This is useful when only specific files are lost or corrupted.
…Cont’d
System Restore Point If your operating system supports it, use the System Restore feature to restore the
system to a previous state when it was functioning properly. This can help resolve issues caused by recent system changes or updates.
…Cont’d
System Recovery or Reinstallation In severe cases where the system volume is heavily damaged or corrupted, you may
need to perform a system recovery or reinstall the operating system Use installation media or recovery partitions to initiate the recovery process, following the instructions provided by the operating system.
Using Event Viewer Using Event Viewer for Troubleshooting Connectivity Event Viewer is a tool available in Windows operating systems that allows you to view and analyze system events. including those related to connectivity issues
…Cont’d Event Viewer to troubleshoot connectivity problems
Open Event Viewer
Troubleshooting Connectivity
Check Physical Connections Ensure that network cables, Ethernet ports, or Wi-Fi adapters are properly connected and functioning.
Check Physical Connections Restart your modem, router, and any other network devices to
clear temporary glitches and re-establish connections.
…Cont’d
Verify IP Configuration Check the IP configuration settings of your network adapter to ensure they are correct. Use the command prompt and type "ipconfig" to view the IP address, subnet mask, gateway, and DNS settings.
…Cont’d
ipconfig /release
//to release ip address
ipconfig /renew
//to get new ip address
…Cont’d
Ping and Trace Route Use the ping command to check connectivity to specific IP addresses or domain names.
Trace route can help identify network hops and pinpoint where the connectivity issue may be occurring.
tracert www.asu.edu.et
Chapter Seven Systems Security
Overview of Systems Security
Systems security refers to the protection of computer systems and networks from unauthorized access or use,
disclosure
disruption,
modification, or destruction
Critical Components of systems security
Access Control
Network Security
Operating System Security
Data Protection
Incident Response
Security Auditing and Monitoring
Security Policies and Procedures
Overview of Application Security
Application security focuses on protecting software applications from vulnerabilities and attacks throughout their lifecycle.
It involves implementing security controls and best practices to identify, prevent, and mitigate security risks.
key aspects of Application security
Secure Coding Practices Authentication and Authorization Input Validation Session Management Secure Configuration Encryption and Data Protection Security Testing Secure Software Development Lifecycle (SDLC) Regular Updates and Patching Security Awareness and Training
Login Security
Login security refers to the measures and practices implemented to ensure the integrity and confidentiality of user login credentials and the authentication process.
It aims to protect user accounts from unauthorized access and mitigate the risks associated with compromised or weak login credentials.
key aspects of login security
Strong Password Policies
Multi-Factor Authentication (MFA)
Account Lockouts and Brute Force Protection
Secure Login Forms: Use secure protocols like HTTPS to encrypt login credentials during transit
Password Storage and Hashing: Avoid storing passwords in plaintext or using weak encryption methods.
Account Recovery and Password Reset
User Account Management: regular review and removal of inactive or unused accounts
Boot Loader security (LILO and GRUB)
Boot Loader Security refers to the measures taken to protect the boot loader, which is the software responsible for loading the operating system
during the boot process.
Two popular boot loaders in the Linux ecosystem are
LILO (Linux Loader) and
GRUB (GRand Unified Bootloader).
Some aspects of boot loader security for LILO and GRUB
Protecting Boot Loader Configuration Files Boot loaders like LILO and GRUB have configuration files (e.g., /etc/lilo.conf for LILO and
/boot/grub/grub.cfg for GRUB) that contain important settings and options. Ensure that these files are not accessible by unauthorized users, as they can modify boot
settings and potentially compromise the system. Set appropriate file permissions to restrict access.
…cont’d
Password Protection
Both LILO and GRUB support password protection to prevent unauthorized modifications to boot settings or unauthorized access to certain boot options.
By setting a password, you can restrict access to the boot loader configuration and prevent unauthorized changes.
…cont’d
Secure Boot
GRUB supports Secure Boot, which is a feature that verifies the digital signatures of boot components to ensure their integrity and protect against boot-level attacks or unauthorized modifications.
Secure Boot uses cryptographic keys to verify the authenticity of boot components
before loading them
…cont’d
Boot Loader Backup
It is important to regularly back up the boot loader configuration and related files to ensure you can restore them in case of accidental modifications, system failures, or security breaches.
This allows you to recover the boot loader configuration and maintain the integrity of the
boot process.
…cont’d
System Updates
Keep your boot loader software up to date with the latest security patches and updates.
This helps to address any vulnerabilities or weaknesses that may be discovered in the boot loader software over time.
Regularly check for updates from the official sources and follow best practices for
applying updates.
…cont’d
Physical Security
Protect the physical hardware that runs the boot loader and the system itself.
Restrict physical access to the system to authorized personnel only.
Unauthorized physical access could allow an attacker to modify the boot loader or boot process, compromising the system's security.
…cont’d
Monitoring and Auditing
Implement logging and monitoring mechanisms to capture and analyze boot loader activities and events.
This includes monitoring changes to boot loader configuration files, tracking boot-related errors, and reviewing log files for any suspicious activities.
TCP Wrappers Configuration
TCP Wrappers is a host-based access control system that allows you to control access to network services based on various criteria such as
o
IP addresses,
o
domain names, and
o
client requests.
It provides an additional layer of security by filtering incoming network connections and allowing or denying access based on defined rules.
…Cont’d
To install TCP Wrappers sudo yum install tcp_wrappers OR
sudo dnf install tcp_wrappers
Once the installation is complete, configure /etc/hosts.allow and
/etc/hosts.deny
…Cont’d
/etc/hosts.allow file contains the list of allowed or non-allowed hosts or networks.
It means that we can both allow or deny connections to network services by defining access rules in this file
/etc/hosts.deny file contains the list of hosts or networks that are not allowed to access your Linux server.
…Cont’d The typical syntax to define an access rule is: daemon_list : client_list : option : option ... Where, daemon_list - The name of a network service such as SSH, FTP, http etc. clients_list - The comma separated list of valid hostnames, IP addresses or network addresses. options - An optional action that specifies something to be done whenever a rule is matched.
…Cont’d Rules to Remember The access rules in the /etc/hosts.allow file are applied first. They takes precedence over rules in /etc/hosts.deny file Therefore, if access to a service is allowed in /etc/hosts.allow file, and a rule denying access to that same service in /etc/hosts.deny is ignored.
Restrict Access To Linux Servers Using TCP Wrappers
The recommended approach to secure a Linux server is to block all incoming connections, and allow only a few specific hosts or networks. To do so, edit /etc/hosts.deny Add the following line. This line refuses connections to ALL services and ALL networks. ALL: ALL
Allow and Deny hosts add the following line in /etc/hosts.allow file sshd: 192.168.43.192 #Allow a single host for SSH service sshd: 192.168.43.0/255.255.255.0 #Allow a /24 prefix for SSH vsftpd: 192.168.43.192 #Allow a single host for FTP vsftpd: 192.168.43.0/255.255.255.0 #Allow a /24 prefix for FTP vsftpd: asu.cs.et #Allow a single host for FTP
Introduction to Linux Iptables Firewalling
•
Iptables is a powerful firewall utility for Linux systems that allows you to set up and manage network packet filtering rules.
•
Understanding Firewall Basics
•
Packet filtering Network ports Protocols (TCP, UDP), and IP addresses.
Ensure that your Linux kernel has built-in support for iptables.
Introduction to Linux common scenarios in which iptables to Configure Firewall Allow Incoming SSH Connections iptables -A INPUT -p tcp --dport 22 -s 192.168.1.0/24 -j ACCEPT Block Incoming HTTP Requests iptables -A INPUT -p tcp --dport 80 -j DROP Allow Outgoing DNS Queries
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT Read and exercise for detail iptables firewalling
Introduction to Linux Packet Filtering • Packet filtering is a fundamental technique used in network security
to selectively allow or block network traffic based on predefined criteria.
• It involves inspecting individual packets as they pass through a network device, such as a firewall or router, and making decisions about whether to permit or deny them.
Introduction to Linux Cont’d key concepts related to packet filtering Access Control Lists (ACLs) Source and Destination IP Address Filtering Port-Based Filtering Protocol Filtering Stateful Packet Filtering Implicit Deny Rule: default rule Logging: capability to log denied packets or specific events for monitoring, analysis, and troubleshooting purposes.
Introduction to Linux Port Forwarding Port forwarding (also known as port redirection) and Network Address Translation (NAT) with IP masquerading are techniques used to enable communication between devices on a private network and external networks, such as the internet. These techniques are commonly employed in network setups where multiple devices share a single public IP address.
Introduction to Linux Cont’d Port Forwarding/Redirection: Port forwarding allows inbound network traffic to reach a specific device or service within a private network by redirecting traffic from a specific port on the public IP address to a designated internal IP address and port.
It is typically used to enable external access to services running on devices within the private network.
Introduction to Linux how port forwarding works? 1.
A request comes in from an external network to the public IP address and a specific port
2. The router or firewall receives the request and checks its port forwarding configuration. 3. Based on the configured rules, the router/firewall forwards the incoming traffic to the designated internal IP address and port.
Introduction to Linux Example
Introduction to Linux NAT/IP Masquerading: Network Address Translation (NAT) is a technique that allows multiple devices within a private network to share a single public IP address when connecting to
external networks. IP masquerading is a specific form of NAT that dynamically translates the private IP addresses of devices to the public IP address when they access the
internet.
Introduction to Linux how NAT/IP Masquerading works? 1. Devices within the private network send outgoing requests to access resources on the internet. 2. The router or firewall performing NAT replaces the source IP addresses of the outgoing packets with its own public IP address. 3. Responses from external servers are sent back to the router/firewall's public IP address. 4. The router/firewall performs reverse translation, replacing its public IP address with the original private IP address, and forwards the response packet to the appropriate internal device.
Introduction to Linux Packet-Processing Model The packet-processing model refers to the sequence of steps that a network device, such as a router or firewall, follows when processing an incoming or outgoing network packet. The model outlines the stages involved in handling a packet from the moment it enters the device to the point where it is forwarded or discarded. While the exact implementation may vary across different network devices
Introduction to Linux
General packet-processing model 1.
Packet Reception: The network device receives the incoming packet on one of its interfaces
2.
Packet Decapsulation: If the received packet is encapsulated within a data link layer protocol, such as Ethernet, the device decapsulates the packet to extract the network layer protocol packet, such as IP or IPv6.
3.
Packet Classification: The device examines the packet's headers to determine its
destination and purpose.
Introduction to Linux …Cont’d 4.
Security Checks: The packet is evaluated for any security-related policies, such as firewall rules, access control lists (ACLs), or intrusion detection/prevention systems.
5.
Quality of Service (QoS) Handling: If the device supports QoS, it may apply QoS policies to prioritize or shape the traffic based on predefined rules..
6.
Network Address Translation (NAT): If the packet requires Network Address Translation, such as in the case of private-to-public IP translation, the device performs the necessary modifications to the packet's source or destination IP addresses.
Introduction to Linux …Cont’d 7.
Routing: The device looks up the packet's destination IP address in its routing table to determine the next-hop interface or the appropriate routing path.
8.
Forwarding Decision: Based on the routing lookup, the device makes a forwarding decision, determining the outgoing interface or the appropriate forwarding path for
the packet. 9.
Packet Forwarding: The device forwards the packet out through the determined interface or path towards its destination.
10. Packet Egress: The packet is transmitted out of the device's interface onto the network medium for delivery to the next hop or the final destination.
Introduction to Linux …Cont’d
Introduction to Linux Intrusion Detection
Intrusion Detection is a security mechanism designed to detect and respond to unauthorized or malicious activities on a computer system or network. It involves monitoring network traffic, system logs, and other data sources to identify potential security breaches or abnormal behavior.
Introduction to Linux Different Types Intrusion Unauthorized Access o
This occurs when an attacker gains unauthorized access to a system or network without proper authentication or permissions.
Denial of Service (DoS) o
In a DoS attack, the attacker overwhelms a system, network, or service with a flood of traffic or resource requests, making it inaccessible to legitimate users.
Distributed Denial of Service (DDoS) o
Similar to DoS, DDoS attacks involve multiple systems or devices working together to overwhelm a target with an enormous amount of traffic.
The attacker controls a botnet (a network of compromised devices) to launch the attack.
Introduction to Linux …Cont’d Malware Attacks o
Malware refers to malicious software designed to gain unauthorized access, disrupt system operations, or steal sensitive information.
Common types of malware include viruses, worms, Trojans, ransomware, spyware, and adware.
Malware can be distributed through email attachments, malicious websites, infected software, or removable media.
Introduction to Linux …Cont’d Phishing and Social Engineering
Phishing involves tricking individuals into revealing sensitive information, such as login credentials or financial details, by impersonating a trusted entity through fraudulent emails, websites, or messages.
Insider Threats
Insider threats involve individuals within an organization misusing their authorized access to compromise systems, steal data, or cause harm.
Introduction to Linux Types of Intrusion Detection(IDS) Network-based Intrusion Detection System (NIDS) o
NIDS monitors network traffic, analyzes network packets, and looks for patterns or
signatures associated with known attacks or suspicious activities.
Host-based Intrusion Detection System (HIDS) o
HIDS monitors the activities and events occurring on individual host systems.
Reading Assignment: Linux Intrusion Detection System (LIDS)
Chapter Eight Analytical system administration
Overview of Analytical system administration Analytical system administration explores the use of data analysis and analytical techniques to improve ○system administration processes ○identify performance issues and
○ make informed decisions in managing computer systems and networks.
System Observation System observation refers to the practice of monitoring and observing computer systems and networks to gather information about their
performance,
behavior, and
usage patterns.
…Cont’d System observation can be performed using a variety of techniques and tools, including: Monitoring Tools System Logs Network Monitoring
User Activity Monitoring Performance Testing
…Cont’d System observation serves several purposes, including Identifying performance issues and bottlenecks to optimize system
performance. Detecting and mitigating security incidents or abnormal system behavior. Planning for system capacity and scalability. Assessing the impact of software or configuration changes on system
behavior. Understanding user behavior and usage patterns to improve user experience.
Evaluation methods and problems Evaluation methods are used to assess the performance, effectiveness, and quality of systems, processes, or solutions.
They provide valuable insights and feedback that can guide decision-making, improvements, and future planning.
Common Evaluation Methods ╠ Surveys and Questionnaires
Expert Review
Interviews
Comparative Analysis and Benchmarking
Observations
╠ Cost-Benefit Analysis
Focus Groups Case Studies Usability Testing Performance Metrics and Key Performance Indicators (KPIs)
Faults Faults in the context of system administration refer to unexpected or abnormal conditions that occur within a computer system or network, resulting in system failures, errors, or malfunctions.
Faults can arise from various sources, including
hardware failures,
software bugs,
configuration errors, network issues, human error.
Common Type of Faults Hardware Faults Software Faults Configuration Faults
Network Faults Power Faults Human Errors
Deterministic and stochastic Behaviors Deterministic Behavior
refers to a system or process that produces the same output or result for a given set of inputs or conditions.
In other words, the outcome is completely predictable and follows a specific cause-and-effect relationship.
In a deterministic system, there is no randomness or uncertainty involved, and the same inputs always yield the same outputs.
…Cont’d Examples of deterministic behavior: Mathematical equations Programming algorithms Digital circuits
…Cont’d Stochastic Behavior
refers to a system or process that exhibits randomness or uncertainty in its outcomes.
Unlike deterministic behavior, the same inputs or conditions may result in different outputs.
Stochastic systems involve probabilistic elements and are influenced by random factors, making it impossible to precisely predict the exact outcome.
…Cont’d Examples of Stochastic behavior: Random number generation Weather forecasting Stock market fluctuations In many real-world systems, both deterministic and stochastic elements may be present. Understanding and analyzing the interplay between deterministic and stochastic behavior is essential in many fields, including physics, engineering, computer science, and finance, to make accurate
predictions, optimize processes, and manage risks.
Thanks!