Module 5

373 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
373
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Telnet is the main Internet protocol for creating a connection with a remote machine. It gives the user the opportunity to be on one computer system and do work on another, which may be across the street or thousands of miles away. Tenet provides and error-free connection. Telnet will be covered in depth further in chapter eight and chapter nine as it relates specifically to Windows 2000 and Linux.
  • The X.500 standards address how information is stored in the directory and how users and computer systems access that information. Security of data, the naming model, and the replication of directory data between servers are all defined by X.500. X.500 specifications define the directory structure as an inverted tree, and the database is hierarchical. An X.500-compliant directory service uses Directory Access Protocol (DAP), which is discussed next.
  • The current version of LDAP is LDAPv3. LDAPv3 offers several major improvements over earlier LDAP versions. Enhanced security is a primary focus of the new version. LDAPv3 supports Secure Sockets Layer (SSL) encryption between client and server and enables X.509 certificate authentication. LDAPv3 also enables the server to refer the LDAP client to another server if it is not able to answer the client's query.
  • Module 5

    1. 1. IT Essentials II Network Operating Systems Chapter 5 Overview of Network Services
    2. 2. Network Services <ul><li>Called </li></ul><ul><ul><li>Services </li></ul></ul><ul><ul><ul><li>Windows 2000 </li></ul></ul></ul><ul><ul><li>Daemons </li></ul></ul><ul><ul><ul><li>Linux </li></ul></ul></ul><ul><ul><li>NetWare Loadable Modules (NLMs) </li></ul></ul><ul><ul><ul><li>Novell </li></ul></ul></ul><ul><li>Less are set “on” by default as they are susceptible to attacks </li></ul>NFS File sharing SNMP Network administration DHCP Automatic network address configuration DNS,LDAP Directory services (Internet) telnet Remote administration SMTP, POP3, IMAP Internet mail FTP, TFTP File transfer HTTP World wide web server TCP/IP protocol Service
    3. 3. Remote Access Services <ul><li>Popular uses </li></ul><ul><ul><li>Connecting branch offices to one another </li></ul></ul><ul><ul><li>Access to the network after business hours </li></ul></ul><ul><ul><li>Access for telecommuters </li></ul></ul><ul><ul><li>Access to the corporate network for mobile users </li></ul></ul><ul><ul><li>Access to network resources for clients and partners </li></ul></ul>
    4. 4. Telnet Services <ul><li>Main Internet protocol for remote connection </li></ul><ul><li>Provides error-free connection </li></ul><ul><li>Beware of: </li></ul><ul><ul><li>Hacking </li></ul></ul><ul><ul><li>Password guessing </li></ul></ul><ul><ul><li>‘ Denial of Service’ attack </li></ul></ul><ul><ul><li>Packet sniffing </li></ul></ul><ul><li>Secure SHell (SSH) is more secure </li></ul>
    5. 5. Configuring remote access for a client <ul><li>Point-to-Point Protocol (PPP) </li></ul><ul><ul><li>PPP daemon (pppd) must be installed </li></ul></ul><ul><li>Can be configured in two ways </li></ul><ul><ul><li>Text-based PPP configuration </li></ul></ul><ul><ul><li>GUI Dialer PPP Configuration </li></ul></ul><ul><li>Connecting using ISDN </li></ul><ul><li>Connecting via DSL and Cable modem Service </li></ul>
    6. 6. Controlling remote access rights <ul><li>Firewalls configured by </li></ul><ul><ul><li>Manually </li></ul></ul><ul><ul><li>GUI tools </li></ul></ul><ul><ul><li>Website configuration </li></ul></ul><ul><li>TCP wrappers </li></ul><ul><ul><li>two files that are used to configure the TCP Wrappers, </li></ul></ul><ul><ul><ul><li>/etc/hosts.allow </li></ul></ul></ul><ul><ul><ul><li>/etc/hosts.deny </li></ul></ul></ul><ul><li>Passwords </li></ul><ul><ul><li>Should be sent using SSH </li></ul></ul><ul><li>File Permissions </li></ul><ul><ul><li>Can be used to specify general permissions </li></ul></ul>
    7. 7. Remote administration to Linux <ul><li>Text-Mode Logins </li></ul><ul><ul><li>Logging into a system via Telnet or SSH </li></ul></ul><ul><ul><li>$ ssh hostname -l jsmith </li></ul></ul><ul><li>Remote Administration Protocols SNMP </li></ul><ul><li>Samba Web Administration Tool (SWAT) </li></ul><ul><ul><li>Web-based tool that is used to administer a Samba server </li></ul></ul><ul><li>Webmin </li></ul><ul><ul><li>Another Web-based remote administration tool. </li></ul></ul>
    8. 8. Directory Services <ul><li>A database that organizes files in a hierarchical structure </li></ul><ul><li>A directory service identifies all resources on a network and makes them accessible to users and applications </li></ul><ul><li>Provides system administrators with centralized control of all users and resources across the entire network </li></ul><ul><li>Benefits </li></ul><ul><ul><li>Data can be easily organized </li></ul></ul><ul><ul><li>Data can be easily secured </li></ul></ul><ul><ul><li>Data can be easily located and accessed </li></ul></ul>
    9. 9. Directory Services Standards <ul><li>Allows compatibility with other platforms and directory services </li></ul><ul><li>X.500 – Electronic Directory Service (EDS) standards </li></ul><ul><li>Structure defined as an upside down tree </li></ul><ul><li>Database is hierarchical </li></ul><ul><li>Three main components </li></ul><ul><ul><li>Directory System Agent (DSA) </li></ul></ul><ul><ul><ul><li>Manages the data </li></ul></ul></ul><ul><ul><li>Directory User Agent (DUA) </li></ul></ul><ul><ul><ul><li>Gives user access </li></ul></ul></ul><ul><ul><li>Directory Information Base (DIB) </li></ul></ul><ul><ul><ul><li>Acts as the central database for storage </li></ul></ul></ul>
    10. 10. Directory Services Standards <ul><li>Directory Access Protocol (DAP) used by X.500 compliant directory service </li></ul><ul><ul><li>Enables DUA to communicate with the DSA </li></ul></ul><ul><ul><li>Defines how users – search, read, add, delete and modify entries </li></ul></ul><ul><li>Lightweight Directory Access Protocol (LDAP) </li></ul><ul><ul><li>Subset of DAP that simplifies access to X.500 directories </li></ul></ul><ul><ul><li>Uses less resources </li></ul></ul><ul><ul><li>Easier to maintain </li></ul></ul>
    11. 11. Windows 2000’s Active Directory <ul><li>Information stored in: </li></ul><ul><ul><li>Active Directory Database </li></ul></ul><ul><ul><ul><li>Actual directory </li></ul></ul></ul><ul><ul><li>Active Directory Log Files </li></ul></ul><ul><ul><ul><li>Records changes </li></ul></ul></ul><ul><ul><li>Shared System Volume </li></ul></ul><ul><ul><ul><li>Contains scripts and group policy objects </li></ul></ul></ul><ul><li>Domain </li></ul><ul><ul><li>Hierarchical domain tree </li></ul></ul><ul><ul><li>Represents a security and administrative boundary </li></ul></ul><ul><li>Organizational Units (OUs) </li></ul><ul><ul><li>Organises resources within a domain </li></ul></ul><ul><ul><li>Authority can be delegated </li></ul></ul>
    12. 12. Windows 2000’s Active Directory <ul><li>Domain Controller (DC) </li></ul><ul><ul><li>Must be one server configured in each domain </li></ul></ul><ul><li>Replication </li></ul><ul><ul><li>Synchronizing data between DCs </li></ul></ul><ul><li>Security </li></ul><ul><ul><li>All objects have an ACL </li></ul></ul><ul><li>Permissions </li></ul><ul><ul><li>Assigned </li></ul></ul><ul><ul><li>Inherited </li></ul></ul><ul><li>Must be a DNS server on every Windows 2000 network </li></ul><ul><li>Runs only on Windows 2000 </li></ul><ul><li>Information can be exchanged with other LDAP directory services </li></ul>
    13. 13. Novell’s Network Directory Service (NDS) <ul><li>NDS introduced in V4 </li></ul><ul><li>Hierarchical </li></ul><ul><li>Inverted tree </li></ul><ul><li>Two basic objects </li></ul><ul><ul><li>Container </li></ul></ul><ul><ul><li>Leaf </li></ul></ul><ul><li>Permissions assigned to containers </li></ul><ul><li>Can also run on </li></ul><ul><ul><li>NetWare 4 and 5 </li></ul></ul><ul><ul><li>Windows NT and 2000 </li></ul></ul><ul><ul><li>IBM AIX and O/S390 </li></ul></ul><ul><ul><li>Caldera OpenLinux </li></ul></ul><ul><ul><li>SCO UNIX </li></ul></ul><ul><ul><li>Sun Solaris </li></ul></ul>
    14. 14. Network Information Service (NIS) <ul><li>Daemon must be loaded </li></ul><ul><li>Often works with NFS </li></ul><ul><li>Structure consists of: </li></ul><ul><ul><li>NIS Server </li></ul></ul><ul><ul><ul><li>Changes made here </li></ul></ul></ul><ul><ul><ul><li>Copies database to slaves </li></ul></ul></ul><ul><ul><li>NIS Slaves </li></ul></ul><ul><ul><ul><li>Provide information to clients </li></ul></ul></ul><ul><ul><ul><li>Provide load balancing </li></ul></ul></ul><ul><ul><li>NIS Clients </li></ul></ul><ul><li>If configured during install </li></ul><ul><ul><li>Provide NIS domain name </li></ul></ul><ul><ul><li>Provide IP address </li></ul></ul><ul><li>If configured after install </li></ul><ul><ul><li>Use linuxconf utility on client </li></ul></ul>
    15. 15. Other NOS Services <ul><li>Intranets </li></ul><ul><ul><li>Accessible only from inside of the company </li></ul></ul><ul><li>Extranets </li></ul><ul><ul><li>Accessible from outside of the company </li></ul></ul><ul><li>Automating tasks with scripts services </li></ul><ul><ul><li>Visual Basic script (VBScript), JavaScript, Linux shell scripting, Pearl, PHP, TCL, REXX, and Python </li></ul></ul><ul><li>Domain Name Service (DNS) </li></ul><ul><ul><li>Translate names into IP addresses </li></ul></ul><ul><li>Dynamic Host Configuration Protocol (DHCP) </li></ul><ul><ul><li>Gives automatic network configuration </li></ul></ul><ul><li>Domains </li></ul><ul><ul><li>Represents a security and administrative boundary </li></ul></ul>
    16. 16. Other NOS Services <ul><li>Printing </li></ul><ul><ul><li>Use print servers to manage printing </li></ul></ul><ul><ul><li>Use “first in, first out” (FIFO) priority </li></ul></ul><ul><li>File sharing </li></ul><ul><ul><li>Windows File Sharing </li></ul></ul><ul><ul><li>Network File Sharing (NFS) </li></ul></ul><ul><li>Web services </li></ul><ul><ul><li>Microsoft's Internet Information Services (IIS) </li></ul></ul><ul><ul><li>Apache Web Server </li></ul></ul><ul><ul><li>HyperText Transfer Protocol (HTTP) </li></ul></ul><ul><ul><li>HyperText Markup Language (HTML) </li></ul></ul><ul><ul><li>HyperText Transfer Protocol Secure (HTTPS) </li></ul></ul>
    17. 17. Mail Servers <ul><li>Comprised of: </li></ul><ul><ul><li>Mail transfer agent (MTA) </li></ul></ul><ul><ul><ul><li>Receive mail and forward </li></ul></ul></ul><ul><ul><li>Mail user agent (MAU) </li></ul></ul><ul><ul><ul><li>Microsoft Outlook </li></ul></ul></ul><ul><ul><ul><li>Eudora </li></ul></ul></ul><ul><ul><ul><li>Pine </li></ul></ul></ul><ul><ul><li>Mail delivery agent (MDA) </li></ul></ul><ul><ul><ul><li>Delivers mail to correct box </li></ul></ul></ul><ul><li>Other features </li></ul><ul><ul><li>Web interface programs </li></ul></ul><ul><ul><ul><li>Web based e-mail </li></ul></ul></ul><ul><ul><li>LDAP </li></ul></ul><ul><ul><ul><li>Provides address book sharing </li></ul></ul></ul>
    18. 18. FTP (File Transfer Protocol) <ul><li>Allows users to download or upload files </li></ul><ul><li>Session orientated </li></ul><ul><li>Accessed through GUI programs or CLI </li></ul>ftp <hostname or IP> Establish connection bye Exit service put <local-file> Upload get <remote-file> Download cd <remote-directory> Change remote directory lcd <local-directory> Change local directory Command Action
    19. 19. Virtual Private Networking <ul><li>Gives secure access to the company Intranet over the Internet </li></ul><ul><li>Relies on: </li></ul><ul><ul><li>Encryption software </li></ul></ul><ul><ul><li>Usernames </li></ul></ul><ul><ul><li>passwords </li></ul></ul>
    20. 20. Questions?

    ×