Network Services

527 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
527
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
8
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Network Services

  1. 1. Network Services CSCI N321 – System and Network Administration Copyright © 2000, 2007 by Scott Orr and the Trustees of Indiana University
  2. 2. Section Overview <ul><li>Client-Server Model </li></ul><ul><li>Network Ports, Services and Daemons </li></ul><ul><li>Network Protocols </li></ul><ul><li>Viewing Active Ports </li></ul><ul><li>Common Server Daemons </li></ul>
  3. 3. References <ul><li>Linux System Administration </li></ul><ul><ul><ul><li>Chapter 18 (pgs. 305-332) </li></ul></ul></ul><ul><ul><ul><li>Optional: Chapters 20 & 21 </li></ul></ul></ul><ul><li>CQU 85321 System Administration Course </li></ul><ul><li>Textbook </li></ul><ul><li>Chapter 16 </li></ul><ul><li>Lectures </li></ul><ul><li>2002 #16 </li></ul>
  4. 4. TCP/IP Protocol Stack Physical Layer (media) Link Layer (Device Drivers) Network Layer (IP) Transport Layer (TCP,UDP) Application (FTP, HTTP, DNS)
  5. 5. Client-Server Model Server Client Listens for incoming requests Makes a request Request fulfilled
  6. 6. Network Ports <ul><li>Enables processes to communicate with each other across a network </li></ul><ul><li>64K possible ports </li></ul><ul><li>Privileged ports </li></ul><ul><ul><li>< 1024 reserved for system use only </li></ul></ul><ul><ul><li>Correspond to well-known services </li></ul></ul><ul><ul><li>/etc/services </li></ul></ul>
  7. 7. /etc/services <ul><li>Service-name port/protocol aliases </li></ul><ul><li>Examples: </li></ul><ul><li>ssh 22/tcp </li></ul><ul><li>smtp 25/tcp mail </li></ul><ul><li>www 80/tcp http www-http </li></ul><ul><li>imaps 993/tcp </li></ul><ul><li>syslog 514/udp </li></ul>
  8. 8. Running Network Servers <ul><li>Stand-alone Daemon </li></ul><ul><ul><li>Each started via rc script </li></ul></ul><ul><ul><li>Always running </li></ul></ul><ul><ul><li>Listens (binds) to the service port </li></ul></ul><ul><ul><li>Uses resources even when idle </li></ul></ul><ul><li>inetd “Super-daemon” </li></ul><ul><ul><li>Listens to many ports </li></ul></ul><ul><ul><li>Starts daemon when request is received </li></ul></ul><ul><ul><li>Daemon shuts down when finished </li></ul></ul><ul><ul><li>/etc/inetd.conf </li></ul></ul>
  9. 9. /etc/inetd.conf <ul><li>service_name: Service name </li></ul><ul><li>sock_type: </li></ul><ul><ul><li>stream (tcp) </li></ul></ul><ul><ul><li>dgram (udp) </li></ul></ul><ul><ul><li>raw (direct IP) </li></ul></ul><ul><li>proto : protocol used ( /etc/protocol ) </li></ul><ul><li>flags : wait, nowait </li></ul><ul><li>user : User to run daemon as </li></ul><ul><li>server_path : Full path to daemon program </li></ul><ul><li>args : Command line arguments to daemon </li></ul>
  10. 10. Xinetd <ul><li>Replacement for inetd </li></ul><ul><li>Enhancements </li></ul><ul><ul><li>Access Control </li></ul></ul><ul><ul><li>Resource based limits </li></ul></ul><ul><ul><li>Logging (Success and Failure) </li></ul></ul><ul><li>Default: /etc/xinetd.conf </li></ul><ul><li>Service Specific: /etc/xinetd.d </li></ul>
  11. 11. /etc/xinetd.conf defaults { instances = 60 log_type = SYSLOG authpriv log_on_success = HOST PID log_on_failure = HOST cps = 25 30 } includedir /etc/xinetd.d
  12. 12. Example xinetd service /etc/xinetd.d/imaps: service imaps { disable = no socket_type = stream wait = no user = root server = /usr/local/sbin/imapd groups = yes flags = REUSE IPv6 }
  13. 13. Windows Service Management <ul><li>Microkernel – Everything a service </li></ul><ul><li>Administrative tools -> Services </li></ul><ul><li>Service Options </li></ul><ul><ul><li>Startup Type: Automatic, Manual, Disabled </li></ul></ul><ul><ul><li>Log On: Which user to run service as </li></ul></ul><ul><ul><li>Recovery: What to do on failure </li></ul></ul><ul><ul><li>Dependencies: Which services does this one depend upon </li></ul></ul>
  14. 14. Windows Service Recovery <ul><li>Settings for: </li></ul><ul><ul><li>First Failure </li></ul></ul><ul><ul><li>Second Failure </li></ul></ul><ul><ul><li>Subsequent Failures </li></ul></ul><ul><li>Counter Reset (Days) </li></ul><ul><li>Options: </li></ul><ul><ul><li>Take no Action </li></ul></ul><ul><ul><li>Restart the Service </li></ul></ul><ul><ul><li>Run a program </li></ul></ul><ul><ul><li>Restart the Computer </li></ul></ul>
  15. 15. Network Protocols <ul><li>Service request/response syntax </li></ul><ul><li>Often uses English commands </li></ul><ul><li>Request For Comments (RFC) </li></ul><ul><ul><li>Documentation for protocols and practices </li></ul></ul><ul><ul><li>Each revision its own number </li></ul></ul><ul><ul><li>May have a second classification </li></ul></ul><ul><ul><ul><li>For Your Information (FYI) </li></ul></ul></ul><ul><ul><ul><li>Best Common Practices (BCP) </li></ul></ul></ul><ul><ul><ul><li>Standards (STD) </li></ul></ul></ul>
  16. 16. Viewing Active Ports <ul><li>netstat –a – Ports in use </li></ul><ul><ul><li>Source/destination addresses and ports </li></ul></ul><ul><ul><li>Protocol used </li></ul></ul><ul><ul><li>State </li></ul></ul><ul><ul><ul><li>LISTEN </li></ul></ul></ul><ul><ul><ul><li>ESTABLISHED </li></ul></ul></ul><ul><li>lsof –i :service – Process using port </li></ul><ul><li>tcpdump – View network traffic </li></ul>
  17. 17. Resource Sharing Daemons <ul><li>Network File System (NFS) </li></ul><ul><ul><li>nfsd </li></ul></ul><ul><ul><li>mountd </li></ul></ul><ul><li>Line Printing Daemon ( lpd ) </li></ul><ul><li>Samba </li></ul><ul><ul><li>smbd – Microsoft file and print sharing </li></ul></ul><ul><ul><li>nmbd – Microsoft name resolution </li></ul></ul>
  18. 18. Internet Daemons <ul><li>telnetd – Remote Access </li></ul><ul><li>ftpd – File transfer </li></ul><ul><li>Berkeley-R Daemons </li></ul><ul><li>sshd – Secure Shell </li></ul><ul><li>Electronic Mail </li></ul><ul><ul><li>sendmail/postfix – Receiving email </li></ul></ul><ul><ul><li>imapd , popd – Remote email access </li></ul></ul><ul><li>httpd – Web </li></ul>
  19. 19. Infrastructure Daemons <ul><li>named – DNS </li></ul><ul><li>dhcpd – Dynamic Host Config Protocol </li></ul><ul><li>nisd/ldapd – Directory Services </li></ul><ul><li>fingerd – User information </li></ul><ul><li>xntpd – System time synchronization </li></ul><ul><li>routed / gated – Routing </li></ul><ul><li>Firewall </li></ul>

×