3. What is a System Administrator?
Someone who takes care of the systems others are using.
System Running
smoothly and efficiently
Users able to work in
Easy and Efficient Manner
4. Sysadmin .sig file
“My job is like an airplane pilot's -- When
I'm doing it well, you might not even notice
me, but my mistakes are often quite
spectacular.”
Source: Unknown
5. System Administration Tasks
❏ User Management
❏ Hardware Management
❏ Software Management
❏ System Monitoring & Troubleshooting
❏ Documentation & Help Desk
❏ Backups
❏ Automation, Planning, Policies, and Auditing
❏ Firefighting!!!
6. The Good…
❏Lots of variety
❏Challenging
❏Fulfilling
❏Pays well
❏Very employable
7. The Bad…
❏Annoying at times
❏Users
❏Management
❏Vendor Tech Support
❏Long hours
❏May not be your only job
8. Code of Ethics
❏Professionalism
❏Personal Integrity
❏Privacy
❏Laws and Policies
❏Communication
❏System Integrity
❏Education
❏Responsibility to Computing
Community
❏Social Responsibility
❏Ethical Responsibility
10. UNIX
Introduction to Linux
• Unix is a multi-user, multi-tasking operating system.
• You can have many users logged into a system simultaneously,
each running many programs.
• It's the kernel's job to keep each process and user separate and to
regulate access to system hardware, including cpu, memory, disk
and other I/O devices.
11. History of UNIX
Introduction to Linux
• First Version was created in Bell Labs in 1969.
• Some of the Bell Labs programmers who had worked on this
project, Ken Thompson, Dennis Ritchie, Rudd Canaday, and Doug
McIlroy designed and implemented the first version of the Unix File
System on a PDP-7 along with a few utilities. It was given the name
UNIX by Brian Kernighan.
• 00:00:00 Hours, Jan 1, 1970 is time zero for UNIX. It is also called as
epoch.
12. …Cont’d
Introduction to Linux
• 1973 Unix is re-written mostly in C, a new language developed by
Dennis Ritchie.
• Being written in this high-level language greatly decreased the
effort needed to port it to new machines.
13. …Cont’d
Introduction to Linux
• 1977 There were about 500 Unix sites world-wide.
• 1980 BSD 4.1 (Berkeley Software Development)
• 1983 SunOS, BSD 4.2, System V
• 1988 AT & T and Sun Microsystems jointly develop System V Release
4 (SVR4). This later developed into UnixWare and Solaris 2.
• 1991 Linux was originated.
14. What is LINUX
Introduction to Linux
• Linux is a free Unix-type operating system originally created by
Linus Torvalds with the assistance of developers around the world.
• It originated in 1991 as a personal project of Linus Torvalds, a
Finnish graduate student.
• The Kernel version 1.0 was released in 1994 and today the most
recent stable version is 2.6.9
• Developed under the GNU General Public License , the source
code for Linux is freely available to everyone.
15. LINUX Distributions
Introduction to Linux
• Mandrake: http://www.mandrakesoft.com/
• RedHat: http://www.redhat.com/
• Fedora: http://fedora.redhat.com/
• SuSE/Novell: http://www.suse.com/
• Debian: http://www.debian.org/
18. Unix-like Systems vs Windows Systems
❏ They are two different types of operating systems used in computers.
❏ Unix-like systems, such as Linux and macOS, are based on the Unix
operating system.
❏ They are known for their stability, security, and open-source nature.
❏ Unix-like systems use a command-line interface, which can be more
difficult to learn for beginners, but allows for more advanced control
and automation of tasks.
19. …Cont’d
❏ On the other hand, Windows systems are developed by Microsoft and
are known for their user-friendly interface and compatibility with a
wide range of software.
❏ Windows systems are more widely used in personal computers, and are
often the go-to choice for businesses that use Microsoft Office
applications and other Windows-specific software.
❏ There are also differences in the way these operating systems handle
file systems, networking, and security. Unix-like systems often use a
hierarchical file system, while Windows systems use a drive-letter
system.
20. …cont’d
❏ Ultimately, the choice between Unix-like systems and Windows systems
depends on the needs of the user.
❏ Unix-like systems are favored by programmers, developers, and
researchers who need a stable and secure system that is easily
customizable.
❏ Windows systems are favored by general users and businesses that
require compatibility with Microsoft Office applications and other
Windows-specific software.
21. Linux Distributions and UIs
In addition to these
distributions, there are
many other options
available, each with its
own unique features and
focus. The UIs available
on Linux include
GNOME, KDE, Xfce,
LXDE, and others.
22. Linux Operations Review
➔ File system navigation: move from one directory to another directory (cd)
➔ File management: creating, copying, moving, and deleting files.
➔ Package management: install, update, and remove software packages
➔ Process management: managing processes, such as "ps" to list
running processes, "kill" to terminate a process
➔ User management:creation and management of user accounts
➔ Networking:Linux offers a range of networking commands for configuring
network settings, such as "ifconfig" to display network interface
information
23. File system Hierarchy and Standard
The File system Hierarchy Standard (FHS) is a standard that defines the structure of the file system on Linux and
other Unix-like operating systems.
★ Here is a brief overview of the file system hierarchy and standard in Linux:
1. / (root): The root directory of the file system, which contains all other directories and files.
2. /bin: Contains executable files that are necessary for the system to function, such as basic system utilities
like "ls", "cd", and "cp".
3. /etc: Contains system configuration files, such as configuration files for networking, users, and system
services.
4. /home: Contains user home directories, which are used to store user-specific files and configuration
settings.
5. /dev: Contains device files, which are used to represent hardware devices in the system.
6. /proc: Contains virtual files that provide information about system resources, such as memory usage and
CPU usage.
24. Single-rooted hierarchy
● A single-rooted hierarchy is a type of file system hierarchy in which all
directories and files are arranged in a tree-like structure with a single
root directory.
● This means that all files and directories can be accessed relative to the
root directory
● Unix/Linux file systems are a good example of a single-rooted
hierarchy.
25. Seamless file systems
● file systems that integrate multiple physical or virtual storage devices
into a single logical file system.
● This allows users to access data stored on different devices as if they
were stored in a single location, without needing to know the details of
the underlying storage architecture.
● Some examples of seamless file systems include Distributed File System
(DFS) and GlusterFS.
26. Extensible file system
● A file system that can be extended or modified without requiring
significant changes to the underlying file system architecture.
● This allows the file system to adapt to changing storage requirements
and accommodate new features or technologies.
● One example of an extensible file system is the Extended File System
(ext) used by many Linux distributions.
27. Some examples of file system standards
● File Allocation Table (FAT): A file system standard used by many older versions of
Windows and DOS.
● New Technology File System (NTFS): A file system standard used by modern versions of
Windows.
● Extended File System (ext): A file system standard used by many Linux distributions.
● Universal Disk Format (UDF): A file system standard used for optical media such as DVDs
and Blu-ray discs.
● Hierarchical File System (HFS): A file system standard used by macOS.
● Apple File System (APFS): A file system standard used by modern versions of macOS
and iOS.
28. …Cont’d
● Network File System (NFS): A file system standard used for sharing files
between computers on a network.
● Common Internet File System (CIFS): A file system standard used for
sharing files between computers on a network, primarily in Windows
environments.
29. Essential Shell Commands
❏ Here are some essential shell commands that are commonly used:
❏ cd: Change directory. Used to navigate the file system by changing
the current working directory.
❏ ls: List files. Used to display the contents of a directory, including files
and subdirectories.
❏ mkdir: Make directory. Used to create a new directory.
❏ rmdir: Remove directory. Used to delete an empty directory.
❏ rm: Remove. Used to delete a file or directory (with the "-r" option).
30. ...Cont’d
❏ cp: Copy. Used to copy files or directories.
❏ mv: Move. Used to move files or directories.
❏ cat: Concatenate. Used to display the contents of a file
❏ echo: Used to display a message on the screen or to redirect output
to a file.
31. …Cont’d
❏ pwd: Print working directory. Used to display the current working
directory.
❏ ps: Process status. Used to display information about running processes.
❏ top: Used to display real-time information about system processes.
❏ sudo: Superuser do. Used to execute commands with administrative
privileges.
❏ ssh: Secure shell, used to connect to remote system over a secure
network connection
❏ tar: Tape archive. Used to create and extract compressed archive files.
32. Advanced Shell Features
Shell scripting is a powerful tool for automating tasks on Linux and other Unix-
like systems.
Here are some advanced shell features that can help users create more
powerful and efficient shell scripts:
★ Variables: Variables are used to store values that can be used later in a
script. Variables can be set using the "=" operator, such as "name=John".
To use the value of a variable, it can be referenced by using "$"
followed by the variable name, such as "$name".
33. …cont’d
● Input/output redirection: Input/output redirection allows users to redirect
the input or output of a command to a file or another command. The ">"
operator is used to redirect the output of a command to a file, while the
"<" operator is used to redirect the input of a command from a file. For
example: "ls > file.txt".
● These are just a few of the many advanced shell features that are
available on Linux and other Unix-like systems. By mastering these
features, users can create powerful and efficient shell scripts to automate
tasks and improve their workflow.
35. User and Group
In Linux and other Unix-like systems, users and groups are used to manage access
to system resources such as files and directories.
❏ Users: A user is a person who accesses the system and performs tasks.
➢ Each user is identified by a unique username and has their own home
directory, which is used to store their personal files and configurations.
❏ Groups: A group is a collection of users who share common permissions and
access to system resources.
➢ Each group is identified by a unique group name and has a group ID
(GID).
36. User Private Group Scheme
❏ The User Private Group (UPG) scheme is a security model used in Linux
and other Unix-like systems to provide each user with their own private
group.
❏ Under this scheme, when a new user is created, a new group is also
created with the same name as the user and the user is added to that
group.
❏ This ensures that each user has their own private group and that their
files and directories are not accessible by other users by default.
37. User and Group Administration
❏ In Linux and other Unix-like systems, user administration and group
administration are important tasks that system administrators perform to
manage users and groups.
A. User administration: involves creating, modifying, and deleting user
accounts.
B. Group Administration: Group administration involves creating,
modifying, and deleting groups.
38. Linux Commands
adduser: create new user account. eg. sudo adduser cs. After this command we
will fill like password, full name and so on..
Optional
sudo : to use admin
privilege/root
cs: username
1002: user & group ID (UID)
39. passwd: to change password. Sudo passwd cs
Addgroup: to create new group on the system
userdel/deluser:
Delete user account
Usermod:
Modify user account
eg . change username, adduser to
another group etc..
Eg. to delete user account cs
Eg to change username cs to jack
sudo deluser cs
sudo usermod -l jack cs
40. gpasswd: to change group account password, to remove group account
passwd and many other function by adding --options.
Add user cs to group sysadmin
41. To remove sysadmin Password
groupmod : used to modify group account eg. rename group sysadmin to cstutorial
usermod : used to modify user account
Read for detail user and group administration!
old username
username
42. Password Aging and Default User Files
➔ Password aging: Password aging is a security feature in Linux and other Unix-
like systems that forces users to change their passwords periodically.
◆ Password expiration: Password expiration is the process of forcing users to
change their passwords after a certain period of time.
● This can be configured using the "chage" command, which sets the
password expiry date for a user.
44. …Cont’d
➔ Default user files: Default user files are files that are created
automatically when a new user account is created.
◆ The following are some of the key default user files:
● Bash profile: contains environment variables, aliases, and other
settings.
● Bashrc: used to set system-wide environment variables, aliases,
and other settings. And it is found in /etc
● Home directory: created automatically for each user account.
45. Managing files and folder permission
❏ In Linux and other Unix-like systems, managing file and folder permissions is an
important task that system administrators need to perform to ensure system
security and control access to system resources.
❏ Here is an overview of how to manage file and folder permissions:
1. File permissions: File permissions are used to control access to individual files.
■ The following are the three types of file permissions:
● Read permission: Allows the user to read the contents of the file.
● Write permission: Allows the user to modify the contents of the file.
● Execute permission: Allows the user to execute the file if it is a program or a
script.
46. ….Cont’d
➔ Each file permissions represented by
Read = r
Write = w
Execute = x
Or a number from 0 -7
The file permissions are represented by a series of
numbers or letters. The first character indicates the type of
file (d for directory, - for a regular file, and l for a symbolic
link), followed by three sets of permissions for the owner,
group, and other users.
48. …Cont’d
2. Folder permissions: are used to control access to directories and the files they
contain.
◆ The following are the three types of folder permissions:
● Read permission: Allows the user to list the contents of the folder.
● Write permission: Allows the user to create, delete, and modify files and folders
within the directory.
● Execute permission: Allows the user to access the contents of the folder.
⍈ The folder permissions are also represented by a series of
numbers or letters, similar to file permissions.
49. …Cont’d
3. Managing file and folder permissions: The following are some of the key commands
used to manage file and folder permissions:
i. chmod: Used to change file and folder permissions.
ii. chown: Used to change the owner of a file or folder.
iii. chgrp: Used to change the group of a file or folder.
Assume we have a file called test.txt and cs4thyear folder
The first rwx is for owner of the folder, the second r-x is for group and the third r-x for guest
Linux
command
50. …Cont’d
❏ The chmod command is the most commonly used command for managing file and folder
permissions.
❏ It can be used to add or remove permissions, set permissions for the owner, group, or
other users, and set permissions using numeric or symbolic modes.
❏ Numeric mode: from 0 to 7
❏ Symbolic mode: r w x
51. Managing File Ownership
❖ system administrators need to perform to ensure system security and control
access to system resources.
❖ Here is an overview of how to manage file ownership:
➢ File ownership: File ownership refers to the user and group that are associated with a file.
➢ Managing file ownership: The following are some of the key commands used to manage file
ownership:
■ chown: Used to change the owner of a file or folder.
■ chgrp: Used to change the group of a file or folder.
The chown and chgrp commands are used to change the ownership of a file or folder. The syntax of the
commands is as follows: (next slide)
52. …cont’d
General Syntax:
OR
➔ The first command changes the owner of
the file to the specified user,
➔ while the second command changes both
the owner and the group of the file to the
specified user and group.
chgrp command is used to change
the group of a file or folder.
Read for detail and try practical!
53. Controlling Access to files (ACLs)
❖ Are an additional mechanism for controlling access to files and folders.
❖ ACLs are used in conjunction with file and folder permissions.
➢ key commands used to manage file and folder permissions and ACLs:
● chmod: Used to change file and folder permissions.
● chown: Used to change the owner of a file or folder.
● chgrp: Used to change the group of a file or folder.
● setfacl: Used to set ACLs on files and folders.
● getfacl: Used to view ACLs on files and folders.
54. …Cont’d
General Syntax:
To give full permission(read, write and execute) for user kemal to file a.txt
For further example, you can get the writing syntax of ACLs
Setfacl --help
Quiz(3%)
1. Write linux command to give read only permission for user john to file1.txt using ACLs
56. Managing Disk Quotas
❏ disk quotas are used to limit the amount of disk space that users and groups
can use on a file system.
❏ This is an important feature for system administrators who need to manage
disk space usage and prevent users from filling up the file system.
A. Enabling disk quotas: Disk quotas must be enabled on a file system before they can be used
This is typically done by editing the file system /etc/fstab file and adding the usrquota and/or
grpquota options to the mount options for the file system. For example:
This line enables user and group quotas on the /home file system
57. …Cont’d
B. Setting up quotas: Once disk quotas are enabled, quotas must be set up for individual users or
groups. This is done using the edquota command. The syntax of the command is as follows:
OR
58. …Cont’d
C. Monitoring quotas: Once quotas are set up, they can be monitored using the quota command.
The syntax of the command is as follows:
OR
This command displays the current disk usage and quota limits for the specified user or
group.
59. …Cont’d
D. Adjusting quotas: Quotas can be adjusted using the edquota command. The administrator can
edit the quota configuration file for a user or group to increase or decrease their quota limits.
Overall, managing disk quotas is an important task in Linux and other Unix-
like systems that system administrators need to perform to manage disk space
usage and prevent users from filling up the file system. By enabling, setting up,
monitoring, and adjusting quotas, system administrators can effectively
manage disk usage and ensure that disk space is available for critical system
processes and applications.
61. File System
What is a File System?
❑ A file system is a way of organizing and managing files on a storage
device.
❑ Such as: a hard disk drive or solid-state drive
❑ It provides a logical structure for organizing files and directories.
❑ allows users to access and manage those files.
62. Types of File Systems
● FAT: The File Allocation Table (FAT)
○ widely-used file system that was originally developed for floppy disks and other small storage devices.
○ . It is still used today on some USB drives and other portable storage devices.
● NTFS: The New Technology File System (NTFS)
○ more advanced file system developed by Microsoft for use on Windows computers.
○ It supports larger file sizes, more efficient use of disk space, and better security features than FAT.
● EXT: The Extended File System (EXT)
○ file system used on Linux and other Unix-like operating systems
○ designed for use with the Linux kernel and provides features such as journaling and support for file
permissions.
63. …Cont’d
● APFS: The Apple File System (APFS)
○ a modern file system developed by Apple for use on its macOS, iOS, and other operating systems.
○ It is designed to be fast, secure, and efficient, and provides features such as encryption and
snapshotting.
64. File System Administration Tasks
● Partitioning: This involves dividing a hard drive or other storage device into multiple
partitions, each with its own file system.
● Formatting: Once a partition has been created, it needs to be formatted with a file system.
● Mounting: When a file system is mounted, it is made available for use by the operating
system and applications.
● Managing file permissions: File system administrators need to manage permissions for
files and directories, determining who has access to them and what actions they can
perform.
65. …Cont’d
• Monitoring disk usage: It's important to keep track of how much disk space is being
used and ensure that there is enough free space available for new files and
applications.
• Backing up and restoring data: Backing up important files and data is crucial for
preventing data loss in the event of a system failure or other disaster. File system
administrators need to develop and implement backup and recovery strategies to
ensure data can be restored if necessary.
66. ● fdisk is a command-line utility for partitioning disks on Linux systems. Here's how you can use it to partition
a disk:
○ Step1 Open terminal
○ Step2 write fdisk /dev/sdX , where X is the driver letter
○ Step3 fdisk will display a warning message about potentially destructive actions. Press "n" to create a
new partition.
○ Step4 Follow the prompts to specify the partition type, starting and ending sectors, and other details
about the new partition.
○ Step5 Repeat the process to create additional partitions as needed.
○ Step6 Once you have created all of the partitions you need, press "w" to write the changes to disk and
exit fdisk.
Partitioning disk with fdisk and parted
70. …Cont’d
● parted is another command-line utility for partitioning disks on Linux systems. Here's how you can use it to
partition a disk:
1. Open a terminal window and log in as the root user or use the sudo command to run parted with root privileges.
2. Type "parted /dev/sdX" to start parted, where "X" is the letter corresponding to the disk you want to partition. For
example, if you want to partition the first hard disk in the system, you would use "parted /dev/sda".
1. Repeat the process to create additional partitions as needed.
2. Once you have created all of the partitions you need, use the "quit" command to exit parted.
mkpart primary ext4 0% 20GB
3. Type mkpart <partition type> <file type> <starting sector> <ending sector>
72. ..Cont’d
To delete partition
Open Terminal
sudo fdisk /dev/sdx where x is partition name eg. /dev/sda
Enter d to delete partition
Enter partition number eg. if partition is at /dev/sda1 Enter 1
Enter w to write on the disk
quit
mkfs.ext4 /dev/sda1
73. …Cont’d
● Both fdisk and parted are powerful tools for partitioning disks, and can be used to
create complex partition layouts with multiple partitions of different types and sizes.
It's important to be careful when using these tools, as errors or mistakes can result in
data loss or other problems. Be sure to backup important data before making any
changes to disk partitions.
74. Creating a file system
● To create a new file system on a disk partition, you can use the mkfs
command followed by the type of file system you want to create (e.g., ext4,
xfs, btrfs, etc.) and the name of the partition you want to format.
This command will format the first partition on the first hard disk in the system with
the ext4 file system.
75. Mounting a file system
● To mount a file system, you first need to create a mount point (i.e., a directory
where the file system will be accessible). You can use the mkdir command to
create a new directory for this purpose.
76. Maintaining a file system
● To maintain a file system, there are several tools and commands available on
Linux systems.
• df: displays information about disk usage and available space on file systems
• du: displays information about disk usage of files and directories
• fsck: checks and repairs file system errors
• tune2fs: allows you to tune various parameters of an ext2, ext3, or ext4 file system
• xfs_repair: checks and repairs XFS file systems
78. Swap
● Swap is an area on a hard drive that is used as a virtual memory extension
when the physical memory (RAM) is full. Linux systems typically use a
dedicated swap partition or a swap file to provide this functionality.
● Creating a swap partition
1. Determine the size of the swap partition you need
2. Use a partitioning tool like fdisk or parted to create a new partition on your hard drive.
Make sure to set the partition type to "Linux swap" (type code 82).
3. Format the new partition with the mkswap command.
79. …Cont’d
To make the swap partition persistent across reboots, add an entry for it in the /etc/fstab file.
80. Determining disk usage with du and df
● du: used to estimate the space used by file and directories.
● df: used to display the amount of disk space available on file systems.
For further du and df usage, enter du –help and df --help
81. Configuring Disk Quota
● Disk quotas are a feature of the Linux file system that allows system
administrators to limit the amount of disk space a user or group can use.
● To configure disk quota,
Step 1: Enable Quota Support
go to /et/fstab and adding user and group quota
82. …Cont’d
mount -o remount /home
sudo apt-get install quota
/home 0 0 1000 2000 0 0 //edit the /etc/quotatab
sudo edquota cs //where cs is username
sudo repquota /home to monitor disk usage quota
In the fstab file, the number 2 specifies the order in which file systems are
checked for errors at boot time.
83. Logical volume management and RAID
❏ Logical Volume Management (LVM) and Redundant Array of Independent
Disks (RAID) are two technologies that can help manage and protect data on
Linux systems.
❏ Logical Volume Management (LVM)
❏ LVM is a technology that allows you to create logical volumes from multiple physical
volumes (such as hard drives or partitions), and manage them as a single, flexible
storage pool.
❏ With LVM, you can easily resize volumes, add or remove physical storage, and take
snapshots of volumes for backups or testing purposes.
84. In this diagram, we have three
physical disks at the bottom, disk 1
has three partitions (sky, green and
red colors), disk 2 has only one
partitions (red ones) and disk 3 has
two partitions (red and green).
There are two logical volume group
LV1 & LV2.
/boot directory found in disk 1
/ directory found in LV1 and LV1 can
access two partitions from Disk1 and
one partition from Disk 3
/home directory found in LV2 and LV2
uses one partition from each (three)
disks
85. Redundant Array of Independent Disks (RAID)
Stands for Redundant Array of Independent Disks.
It’s a technology that enables greater levels of performance,
reliability and/or large volumes when dealing with data.
How?? By concurrent use of two or more ‘hard disk drives’.
How Exactly?? Mirroring, Stripping (of data) and Error correction
techniques combined with multiple disk arrays give you the
reliability and performance.
86. RAID 0
It splits data among two or more disks.
Provides good performance.
Lack of data redundancy means there is no fail over
support with this configuration.
Used in read only NFS systems and gaming systems
87. RAID 0
In the diagram to the right, the odd blocks
are written to disk 0 and the even blocks to
disk 1 such that A1, A2, A3, A4, … would be
the order of blocks read if read sequentially
from the beginning.
88. RAID 1
RAID1 is ‘data mirroring’.
Two copies of the data are held on two physical disks,
and the data is always identical.
Twice as many disks are required to store the same data
when compared to RAID 0.
Array continues to operate so long as at least one drive is
functioning.
89. RAID 1
This type of RAID uses mirroring to copy
data across two or more hard drives,
providing redundancy in case of a
drive failure.
However, it requires at least two drives,
and you lose half of your available
storage capacity due to the mirroring.
90. RAID 5
RAID 5 is an ideal combination of good
performance, good fault tolerance and high
capacity and storage efficiency.
An arrangement of parity and CRC to help
rebuilding drive data in case of disk failures.
“Distributed Parity” is the key word here.
91. In this diagram parity code is
distributed across each disk.
92. RAID 10
Combines RAID 1 and RAID 0.
Which means having the
pleasure of both - good
performance and good failover
handling.
Also called ‘Nested RAID’.
93. Implementations
Software based RAID:
● Software implementations are provided by many Operating
Systems.
● A software layer sits above the disk device drivers and provides
an abstraction layer between the logical drives(RAIDs) and
physical drives.
● Server's processor is used to run the RAID software.
● Used for simpler configurations like RAID0 and RAID1.
94. Hardware based RAID:
• A hardware implementation of
RAID requires at least a
special-purpose RAID
controller.
• On a desktop system this may
be built into the motherboard.
• Processor is not used for
RAID calculations as a
separate controller present.
A PCI-bus-based, IDE/ATA hard disk
RAID
controller, supporting levels 0, 1, and
01.
96. TCP/IP Basics
● TCP/IP (Transmission Control Protocol/Internet Protocol) is a set of
networking protocols used for communication over the internet.
● TCP/IP protocol suite provides end-to-end connectivity that enables
data to be transmitted reliably over a network.
99. …Cont’d
TCP is a connection-oriented protocol that provides reliable
data transmission.
ensuring that the data is delivered without errors and in the
correct order.
It establishes a connection between two devices and manages
the flow of data between them.
TCP also handles congestion control, which helps to prevent
network congestion by slowing down the rate at which data is
transmitted.
100. …Cont’d
IP is a connectionless protocol that provides addressing and
routing services.
IP packets contain:-
Source address
Destination address
Source Address:- is an address of a device which intended to
send data and Destination address is address of a device that
intended to receive data.
101. …Cont’d
Together, TCP and IP form the basis of the internet protocol suite,
and are used to transmit data over the internet.
Other protocols in the TCP/IP suite include UDP (User Datagram
Protocol),
which is a connectionless protocol that provides fast but
unreliable data transmission,
ICMP (Internet Control Message Protocol), which is used for
network diagnostics and troubleshooting.
102. TCP/IP Applications
Web Browsing
E-mail
File Sharing
Video Streaming
It is a critical component of the internet and is used
by billions of devices worldwide to communicate
with each other.
103. IP
● Responsible for end to end transmission
● Sends data in individual packets
● Maximum size of packet is determined by the networks
○ Fragmented if too large
● Unreliable
○ Packets might be lost, corrupted, duplicated, delivered out of order
104. IP addresses
● 4 bytes
○ e.g. 10.141.5.19
○ Each device normally gets one (or more)
○ In theory there are about 4 billion available
● But…
105. Routing
● How does a device know where to send a packet?
○ All devices need to know what IP addresses are on directly attached networks
○ If the destination is on a local network, send it directly there
106. …Cont’d
● If the destination address isn’t local
○ Most non-router devices just send everything to a single local router
○ Routers need to know which network corresponds to each possible IP address
107. Allocation of addresses
● Controlled centrally by ICANN
○ Fairly strict rules on further delegation to avoid wastage
■ Have to demonstrate actual need for them
● Organizations that got in early have bigger allocations than they really
need
108. IP packets
● Source and destination addresses
● Protocol number
○ 1 = ICMP, 6 = TCP, 17 = UDP
● Various options
○ e.g. to control fragmentation
● Time to live (TTL)
○ Prevent routing loops
109. ARP : Address Resolution Protocol
● ARP provides mapping
32bit IP address <-> 48bit MAC address
128.97.89.153 <-> 00-C0-4F-48-47-93
● ARP cache
maintains the recent mappings from IP addresses to MAC addresses
Protocol
1. ARP request broadcast on Ethernet
2. Destination host ARP layer responds
110. DHCP
● Dynamic Host Configuration Protocol
○ Used to tell a computer what IP address to use
○ Device broadcasts a request from IP 0.0.0.0
■ If it had an IP address before, asks for the same one again
○ Server (or relay) on local network responds telling it which to
use (or ignores it, or tells it go away)
■ “Lease time” telling it how long that IP will be valid for
■ Device requests renewal of lease after ¾(?) elapsed
111. Configuring Linux Box as Router
Configuring a Linux box for networking involves several steps.
setting up network interfaces,
configuring IP addresses,
and setting up routing.
112. …cont’d
1. Identify network interfaces: Check the available network interfaces on the Linux box
using the “ ip link show “ Command.
2. Configure network interfaces: Edit the interface configuration files located in the
auto eth0
iface eth0 inet dhcp //to set dhcp address
/etc/network/interfaces
113. …cont’d
1. Identify network interfaces: Check the available network interfaces on the Linux box
using the “ ip link show “ Command.
2. Configure network interfaces: Edit the interface configuration files located in the
auto eth0
iface eth0 inet static //to set static address
address 192.168.0.2
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1
/etc/network/interfaces
114. …cont’d
3. Configure DNS: Edit the “/etc/resolv.conf” file to add the DNS server IP addresses.
For example, to add the Google DNS servers, add the following lines:
nameserver 8.8.8.8
nameserver 8.8.4.4
Name servers translate the domain name into an IP address, connecting
information that's easy for humans to understand with information that's easy for
computers to understand
115. …cont’d
4. Configure routing: Use the “ip route” command to configure routing. For example,
to add a default route through the gateway with IP address 192.168.0.1, use the
following command:
ip route add default via 192.168.0.1
5.Test network connectivity: Test network connectivity by pinging other devices on the
network or the internet. For example, to ping Google's DNS server, use the following
command:
ping 8.8.8.8
116. Configuring a Linux Box as a Router
● What is router?
A router is a device that connects two or more packet-switched networks
or subnetworks.
Configuring a Linux box as a router involves several steps,
including enabling IP forwarding, configuring network interfaces,
and setting up routing.
117. General guide
1. Enable IP forwarding: IP forwarding allows the Linux box to forward packets between
network interfaces. to enable IP forwarding, edit the “/etc/sysctl.conf” file and
uncomment the following line:
net.ipv4.ip_forward=1
then run
sudo sysctl -p /etc/sysctl.conf to apply the change
118. …Cont’d
2. Configure network interface For example, if the Linux box has two
network interfaces, eth0 and eth1, with IP addresses 192.168.1.1 and
192.168.2.1, respectively, edit the “/etc/network/interfaces” file and
add the following lines: auto eth0
iface eth0 inet static
address 192.168.1.1
netmask 255.255.255.0
auto eth1
iface eth1 inet static
address 192.168.2.1
netmask 255.255.255.0
119. …Cont’d
3. Configure NAT: Network Address Translation (NAT) allows the Linux box to translate
private IP addresses used on the local network to a public IP address used on the
internet. To configure NAT, use the following commands:
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables-save | sudo tee /etc/iptables/rules.v4
This will configure NAT for outgoing traffic on the eth0 interface.
120. …Cont’d
4. Configure routing: Use the “ ip route ” command to configure routing. For example, to
add a route to the 192.168.2.0/24 network through the eth1 interface, use the following
command:
sudo ip route add 192.168.2.0/24 dev eth1
This command allow eth1 will provide address for hosts from
192.160.2.0 – 192.168.2.255
121. …Cont’d
4. Test network connectivity: Test network connectivity by pinging other devices on the
network or the internet
ping 192.168.2.x, where x is a number from 0 -255
122. Configuring a Web Server (Apache)
What is web server?
Web server is a computer where the web content is stored. Basically web server
is used to host the web sites but there exists other web servers also such as
gaming, storage, FTP, email etc.
Web site is collection of web pages while web server is a software that respond to
the request for web resources.
124. Configure Apache server
1. Installing Apache
sudo apt install apache2
2. Configure Apache
By goto /etc/apach2 direrctory configure the following line:
apach2.conf
ports.conf
sites-available/default
3. Create web content inside /var/www/html
125. …Cont’d
4. Deploy web contents
Making it accessible to web server . Web content file have correct file permissions
and file ownership.
http://192.168.1.100
IP address of web server
126. What is DNS? And how it work?
DNS Server (BIND)
The Domain Name System (DNS) is the phonebook of the Internet.
When users type domain names such as ‘google.com’ or ‘facebook.com’ into web browsers,
DNS is responsible for finding the correct IP address for those sites.
Browsers then use those addresses to communicate with origin servers or CDN edge
servers to access website information.
129. Configuring DNS server
Install BIND: Install the BIND DNS server using the package manager for the Linux
distribution being used.
Configure BIND: Edit the BIND configuration files located in the “/etc/bind”
directory to configure the server.
sudo apt-get install bind9
named.conf
named.conef.options
named.conf.local
130. Cont’d
Set up DNS zones: Set up DNS zones for the domain names being served by the
DNS server.
There are two types of DNS zones:
Forward Zone:- map domain name to ip address
Reverse Zone:- map ip address to domain name
131. Options
• Go to /etc/bind folder and edit named.conf.options file
recursion yes;
listen-on {your server IP address;};
allow-transfer {none;} //to disable zone transfer by default
forwarders {
your nameserver or google nameserver (8.8.8.8/IP address);
};
132. Forward Zone Configuration
• Go to /etc/bind folder and edit named.conf.local file
//Forward Zone;
zone “asu.edu.et” IN {
type master;
file “/etc/bind/db.asu.edu.et”;
};
133. Reverse Zone Configuration
• Go to /etc/bind folder and edit named.conf.local file
//Reverse Zone;
zone “56.168.192.in-addr.arpa” IN {
type master;
file “/etc/bin/56.168.192”; //if your IP address is 192.168.56.x
};
134. Cont’d
Create db.asu.edu.et file inside /etc/bind
; BIND data for local loopback interface
$TTL 1h
@ IN SOA ns1.asu.edu.et. admin.asu.edu.et. (
1 ; Serial
1h ; Refresh
15m ; Retry
1w ; Expire
1h ; Minimum TTL
)
@ IN NS ns1.asu.edu.et.
ns1 IN A 192.168.56.10
www IN A 192.168.56.10
ftp IN A 192.168.56.10
135. Cont’d
Create db.56.168.192 file inside /etc/bind
; BIND reverse data for local loopback interface
$TTL 1h
@ IN SOA ns1.asu.edu.et. admin.asu.edu.et. (
1 ; Serial
1h ; Refresh
15m ; Retry
1w ; Expire
1h ; Minimum TTL
)
@ IN NS ns1.asu.edu.et.
10 IN PTR ns1.asu.edu.et
10 IN PTR www.asu.edu.et
10 IN PTTR ftp.asu.edu.et
136. Cont’d
After all, restart bind9 by writing the following command:
sudo service bind9 restart or
sudo /etc/init.d/named restart
Then nslookup www.asu.edu.et or ftp.asu.edu.et or ns1.asu.edu.et
dig www.asu.edu.et or ftp.asu.edu.et or ns1.asu.edu.et
nslookup 192.168.56.10
dig 192.168.56.10
reverse lookup
137. Reading Assignment
Address Resolution Protocol (ARP)
Network Address Translation (NAT)
Basic Network commands in Linux (ping,dig,ifconfig,ip a, ip addr, ip
link show, nslookup, netstat, and soon….)
Packet sniffing tool (Wireshark and tcpdump)
138. Mail Server
A mail server transfers and delivers email messages between two or more mail
clients.
140. Mail Transfer Agent (MTA)
A mail Transfer Agent (MTA) is a software application that is responsible for the
routing and delivery of email messages between mail servers.
142. Configuring a Mail Transfer Agent (MTA) postfix
1. Install postfix : sudo apt install postfix
2. Configure Postfix
main.cf: This file contains global configuration settings for Postfix
master.cf: This file contains the service definitions for Postfix
3. Some of the important settings that need to be configured include the mail
server hostname, the mail server domain name, and the mail server network
settings.
After configuration restart postfix
sudo service postfix restart
144. What is Server and its function?
A server is a computer program or device that provides
services to other programs or devices, called clients.
A server is designed to be more powerful and reliable than a
typical desktop computer
A server functions by receiving requests from client devices,
processing those requests, and sending back a response.
145. Web server: A web server stores and delivers web pages, images, and other
content to users who request it through a web browser.
Popular Web Servers
Apache
Nginx
Mail server: A mail server is responsible for sending and receiving email
messages.
Popular Mail Servers
Postfix
Exim
Microsoft Exchange
Types of server
146. File server: A file server stores and manages files, allowing users to access them
from various devices.
Popular File Servers
Window file server
Samba (for Linux)
Database server: manages databases and allows multiple users to access and
modify data at the same time.
Popular Database Servers
MySQL
Oracle
Microsoft SQL server
…Cont’d
147. DNS server: resolves domain names into IP addresses, allowing computers
to communicate with each other over the internet.
Popular DNS Servers
BIND
Microsoft DNS
Proxy server: acts as an intermediary between clients and servers,
Allowing clients to access resources on the internet without revealing their IP addresses.
It can also be used to improve performance by caching frequently accessed resources.
…Cont’d
148. Application server: Provides an environment in which applications can run.
It manages resources such as memory and CPU usage and provides services such as:
Security and
transaction management
Popular Application Servers
Apache Tomcat
JBoss.
…Cont’d
150. general steps
Choose the application server software
Prepare the operating system
Install the application server software
Configure the application server
Deploy applications
Manage the application server
151. DHCP, DNS, and Telnet
DHCP, DNS, and Telnet are all network services that are commonly
used in modern networks.
Here is a comparison of these services with other network operating
system (NOS) setups of the corresponding services:
Next Slide
152. DHCP
Windows Server: DHCP
service is provided through
the DHCP Server role in
Windows Server.
It can be installed and
configured using the DHCP
console.
Linux: DHCP is provided by a
variety of open source
packages like ISC DHCP,
dnsmasq, and dhcpd.
153. DNS
Windows Server: DNS service is
provided through the DNS Server
role in Windows Server. It can be
installed and configured using the
DNS console.
Linux: DNS is provided by a variety of
open source packages like BIND,
dnsmasq, and PowerDNS.
154. Telnet
Windows Server: Telnet service is
provided through the Telnet Server role
in Windows Server.
It can be installed and
configured using the Telnet
console.
Linux: Telnet is provided by the Telnet
package, which can be installed and
configured using a command-line
interface.
155. …Cont’d
● In general, the setup of these services
is similar across different NOS platforms.
However, there may be differences in
the specific configuration options
available, the management interfaces
used to configure the services, and the
default settings for each service.
● Additionally, different NOS platforms
may include additional features or
functionality that are not available in
other platforms, depending on the
specific needs of the network.
156. SSH Client and Server
Secure Shell - SSH
There are a number of tools that can be used to remotely connect to hosts.
The secure shell or ssh is a collection of tools using a secure protocol for
communications with remote Linux computers.
The communication is between SSH Client and SSH Server.
Communication is encrypted.
Before data exchange begins the communication channel will be encrypted
157. …cont’d
Configuration file is found in /etc/ssh.
• Public and Private Keys
• Are used for encryption and authentication
• Both Communication parties require Private and Public Keys for
sending data and verification.
To install ssh
sudo apt-get install openssh-server openssh-client
159. RSA and DSA Encryption Algorithms
RSA = Rivest–Shamir–Adleman one of the first encryption algorithms.
The encryption key is public and is different from the decryption key which is private.
Because of this the encryption is called asymmetric encryption
RSA is relatively slow and is not used to encrypt bulk data
It is mostly used to exchange keys
SSH uses RSA encryption
161. SSH
the user on cs has to accept the server’s RSA key (public key)
• The key will be stored in ~/.ssh/known_hosts file
• For subsequent logins, confirmation is not request
163. SCP – Secured Copy
SCP copies files from remote host to local host or vice versa.
• It works behind ssh
Copy file (in this case /home/cs) from remote computer to local
computer(to the directory /home/dnsuser/Desktop)
scp username@serveraddress:/filepath destinationfolder
164. Setting up Passwordless SSH
Also known as public-key based authentication
Example = Giving access to an Ubuntu desktop on a server using public-keys
Step 1 – Generate Key Pair on Your computer using ssh-keygen command
ssh-keygen -t rsa
• Default key length is 2048 bits. To be more secured, increase the bit length
• ssh-keygen –t rsa -b 4096 increases the length to 4096 bits
• When asked to choose filename, press Enter key to select the default file
165. Setting up Passwordless SSH
Type Passphrase, at least 20 characters long.
• Press Enter if you don’t want to use pass phrase
• The pass phrase is used to encrypt the private key
• The two keys will be saved separately
167. Setting up Passwordless SSH
Step 2 – Upload Your Public Key to Remote Linux Server
Send the files using the ssh-copy-id command
for uploading id, it ask server password
169. FTP (File Transfer Protocol) is a network protocol used for transferring
files between computers on a network.
Setting up a FTP server typically involves the following steps:
o Choose an FTP server software
FileZilla Server
ProFTPD and
vsftpd.
Install the FTP server software:
o Follow the installation instructions provided by the FTP server software vendor.
FTP
170. Configure the FTP server
o After the installation is complete, configure the FTP server to meet your needs.
o This may involve setting up user accounts, configuring security settings, and adjusting
performance settings.
Create and manage FTP users
o Set up FTP user accounts and permissions to control who can access the FTP server
and what files they can access
FTP
171. Test the FTP server
o Test the FTP server by connecting to it using a FTP client software like FileZilla or
WinSCP.
FTP
To install VSFTP server
sudo apt install vsftpd -y
Star and enable the service
sudo services vsftpd start Or sudo systemctl start vsftpd
sudo services vsftpd enable Or sudo systemctl enable vsftpd
172. If you have a firewall enabled
FTP
sudo ufw allow 20/tcp
sudo ufw allow 21/tcp
To check your firewall status
sudo ufw status
174. To Connect with remote server
…Cont’d
ftp <Server Address> lcd /home/dnsuser
cd /home/cs
To change pwd to local
machine
To change pwd to remote
machine
175. To upload file from local machine to remote server
…Cont’d
176. SAMBA: Linux and Windows File and Printer Sharing
SAMBA is an open-source software suite that allows Linux and
Unix-based systems to communicate and share resources with
Windows-based systems.
It provides file and print services that enable Linux and Unix-based
systems to act as Windows file and printer servers.
178. …Cont’d
To install Samba Server
sudo apt install samba samba-common python3-dnspython
sudo apt install samba
OR
For latest Linux distro
sudo ufw allow 445/tcp
sudo ufw allow 139/tcp
Samba server uses 137-139 and 445 ports
179. Configure SAMBA
To configure samba server go to /etc/samba and edit smb.conf
There are two types of file sharing in samba server.
Unsecure Anonymous and
Secure file sharing
180. Anonymous file Sharing
Step 1. create shared samba directory.
sudo mkdir –p /anonymous_shares
Step 2. set file and folder permissions for newly created folder
sudo chmod –R 775 / anonymous_shares
Step 3. make the file and folder ownerless
sudo chown –R nobody:nogroup / anonymous_shares
181. …Cont’d
Go to /etc/samba file and edit smb.conf
[Anonymous]
comment = Anonymous file sharing
path = / anonymous_shares
browsable = yes
writeable = yes
guest ok = yes
read only = no;
force user = nobody;
182. Secure file Sharing
Step 1. create shared samba directory.
sudo mkdir –p /Secure_shares
Step 2. adduser to smbgroup //assume we have user account named cs
sudo smbpasswd –a cs //enter new network password and confirm
Step 3. assign cs to own Secure_shares folder
sudo chown –R cs /Secure_shares
183. …Cont’d
Go to /etc/samba file and edit smb.conf
[Secure-Shares]
comment = Secure file sharing
path = / Secure_shares
browsable = yes
writeable = yes
guest ok = no
read only = no;
185. What does mean network service?
o Network services refer to the various services and protocols that are used to
enable
communication and data transfer between devices on a network.
o Examples of network services include
email,
file sharing,
remote access,
domain name resolution, and
network printing.
o These services are typically provided by servers on the network and can be
accessed by clients using appropriate software or protocols.
187. Network services such as
DHCP,
DNS,
FTP,
email servers, and others need to be properly configured with the appropriate settings
and parameters.
This includes defining IP address ranges, domain names, access
controls, security settings, and other configuration options specific to
each service.
Service Configuration
188. It is essential to monitor network services to ensure their availability and
optimal performance.
Monitoring involves
regularly checking the status of services
monitoring resource utilization
responding to any issues or failures promptly
Various monitoring tools and techniques can be employed, such as
system logs, performance monitoring tools, and network monitoring
systems.
Service Monitoring
189. Network services need to be secured to protect against:
unauthorized access,
data breaches,
and other security risks.
This involves implementing appropriate:
access controls,
encryption,
authentication mechanisms,
and firewalls.
Security Management
190. Network administrators need to be proficient in troubleshooting network
service issues.
This includes
diagnosing and resolving connectivity problems,
service disruptions, performance issues,
and addressing any service-related errors or failures.
Regular maintenance tasks such as software updates, configuration backups, and
periodic service restarts are also part of effective service management.
Troubleshooting and Maintenance
191. Managing network services requires anticipating future growth and
ensuring that the infrastructure can handle increased demands.
Capacity planning involves
assessing current and future needs,
estimating resource requirements, and
scaling services accordingly.
Capacity Planning
This includes monitoring network traffic patterns, analyzing resource utilization, and planning for
hardware and software upgrades when necessary.
192. Proper documentation of network services, including configurations,
procedures, and troubleshooting guidelines, is essential for effective
management.
Documentation and Documentation Management
193. Maintenance Troubleshooting:
Common System and Network Problems
Maintenance troubleshooting involves identifying and resolving
common system and network problems.
common system and network problems
Connectivity Issues
Slow Performance
Application Errors
Hardware Failures
Security Breaches
DNS and IP Addressing Issues
Printing Issues and Wireless Network Problems
194. Developing General Strategies
● Planning and Requirements Gathering
● Scalability and Flexibility
● Security Considerations
● Modularity and Reusability
● Testing and Quality Assurance
● Documentation and Knowledge Management
● User Training and Support
● Regular Maintenance and Updates
● Monitoring and Performance Optimization
● Continuous Improvement
195. Resolve Boot Problems
Check Hardware Connections:
Ensure that all hardware components, such as hard drives, memory modules, and
cables, are properly connected.
Verify Boot Device Priority:
Access the system BIOS or UEFI settings and confirm that the correct boot device is
selected as the primary boot option.
For example, ensure that the hard drive containing the operating system is set as the
first boot device.
196. …cont’d
Check Boot Order
If there are multiple operating systems or bootable devices, verify the boot order to
ensure the system is attempting to boot from the correct device.
Adjust the boot order if necessary.
Repair Master Boot Record (MBR) or Bootloader:
Use recovery tools or installation media to repair the MBR or bootloader,
which are responsible for initiating the boot process.
This can help resolve issues caused by corrupted boot records.
197. …cont’d
Use Safe Mode or Recovery Mode:
Booting the system in Safe Mode or Recovery Mode can help identify and resolve
boot problems by starting the system with minimal drivers and services.
198. Backup and Restore Data and System Volume:
Data Backup
Regularly back up important data to external storage devices, cloud storage, or
network drives.
Use backup software or built-in backup utilities to create scheduled backups or
perform manual backups.
199. …Cont’d
System Image Backup
Create a system image backup that captures the entire system volume, including the
operating system, installed applications, and system settings.
This allows for a complete restoration of the system in case of data loss or system
failure.
200. …Cont’d
File-Level Restore
For data recovery at the file level, use backup software or manual methods to
selectively restore specific files or folders from the backup.
This is useful when only specific files are lost or corrupted.
201. …Cont’d
System Restore Point
If your operating system supports it, use the System Restore feature to restore the
system to a previous state when it was functioning properly.
This can help resolve issues caused by recent system changes or updates.
202. …Cont’d
System Recovery or Reinstallation
In severe cases where the system volume is heavily damaged or corrupted, you may
need to perform a system recovery or reinstall the operating system
Use installation media or recovery partitions to initiate the recovery process, following
the instructions provided by the operating system.
203. Using Event Viewer
Using Event Viewer for Troubleshooting Connectivity
Event Viewer is a tool available in Windows operating systems
that allows you to view and analyze system events.
including those related to connectivity issues
207. Troubleshooting Connectivity
Check Physical Connections
Ensure that network cables, Ethernet ports, or Wi-Fi adapters
are properly connected and functioning.
Check Physical Connections
Restart your modem, router, and any other network devices to
clear temporary glitches and re-establish connections.
208. …Cont’d
Verify IP Configuration
Check the IP configuration settings of your network adapter to
ensure they are correct.
Use the command prompt and type "ipconfig" to view the IP
address, subnet mask, gateway, and DNS settings.
210. …Cont’d
Ping and Trace Route
Use the ping command to check connectivity to specific IP
addresses or domain names.
Trace route can help identify network hops and pinpoint
where the connectivity issue may be occurring.
tracert www.asu.edu.et
212. Overview of Systems Security
Systems security refers to the protection of computer systems and
networks from
unauthorized access or use,
disclosure
disruption,
modification, or destruction
213. Critical Components of systems security
Access Control
Network Security
Operating System Security
Data Protection
Incident Response
Security Auditing and Monitoring
Security Policies and Procedures
214. Overview of Application Security
Application security focuses on protecting software applications from
vulnerabilities and attacks throughout their lifecycle.
It involves implementing security controls and best practices to identify,
prevent, and mitigate security risks.
215. key aspects of Application security
Secure Coding Practices
Authentication and Authorization
Input Validation
Session Management
Secure Configuration
Encryption and Data Protection
Security Testing
Secure Software Development Lifecycle (SDLC)
Regular Updates and Patching
Security Awareness and Training
216. Login Security
Login security refers to the measures and practices implemented to ensure the
integrity and confidentiality of user login credentials and the authentication process.
It aims to protect user accounts from unauthorized access and mitigate the risks
associated with compromised or weak login credentials.
217. key aspects of login security
Strong Password Policies
Multi-Factor Authentication (MFA)
Account Lockouts and Brute Force Protection
Secure Login Forms: Use secure protocols like HTTPS to encrypt login credentials during transit
Password Storage and Hashing: Avoid storing passwords in plaintext or using weak encryption
methods.
Account Recovery and Password Reset
User Account Management: regular review and removal of inactive or unused accounts
218. Boot Loader security (LILO and GRUB)
Boot Loader Security refers to the measures taken to protect the boot
loader, which is the software responsible for loading the operating system
during the boot process.
Two popular boot loaders in the Linux ecosystem are
LILO (Linux Loader) and
GRUB (GRand Unified Bootloader).
219. Some aspects of boot loader security for LILO and GRUB
Protecting Boot Loader Configuration Files
Boot loaders like LILO and GRUB have configuration files (e.g., /etc/lilo.conf for LILO and
/boot/grub/grub.cfg for GRUB) that contain important settings and options.
Ensure that these files are not accessible by unauthorized users, as they can modify boot
settings and potentially compromise the system.
Set appropriate file permissions to restrict access.
220. …cont’d
Password Protection
Both LILO and GRUB support password protection to prevent unauthorized modifications
to boot settings or unauthorized access to certain boot options.
By setting a password, you can restrict access to the boot loader configuration and
prevent unauthorized changes.
221. …cont’d
Secure Boot
GRUB supports Secure Boot, which is a feature that verifies the digital signatures of boot
components to ensure their integrity and protect against boot-level attacks or
unauthorized modifications.
Secure Boot uses cryptographic keys to verify the authenticity of boot components
before loading them
222. …cont’d
Boot Loader Backup
It is important to regularly back up the boot loader configuration and related files to
ensure you can restore them in case of accidental modifications, system failures, or
security breaches.
This allows you to recover the boot loader configuration and maintain the integrity of the
boot process.
223. …cont’d
System Updates
Keep your boot loader software up to date with the latest security patches and updates.
This helps to address any vulnerabilities or weaknesses that may be discovered in the
boot loader software over time.
Regularly check for updates from the official sources and follow best practices for
applying updates.
224. …cont’d
Physical Security
Protect the physical hardware that runs the boot loader and the system itself.
Restrict physical access to the system to authorized personnel only.
Unauthorized physical access could allow an attacker to modify the boot loader or boot
process, compromising the system's security.
225. …cont’d
Monitoring and Auditing
Implement logging and monitoring mechanisms to capture and analyze boot loader
activities and events.
This includes monitoring changes to boot loader configuration files, tracking boot-related
errors, and reviewing log files for any suspicious activities.
226. TCP Wrappers Configuration
TCP Wrappers is a host-based access control system that allows you to
control access to network services based on various criteria such as
o IP addresses,
o domain names, and
o client requests.
It provides an additional layer of security by filtering incoming network
connections and allowing or denying access based on defined rules.
227. …Cont’d
To install TCP Wrappers
sudo yum install tcp_wrappers
/etc/hosts.allow and
/etc/hosts.deny
Once the installation is complete, configure
sudo dnf install tcp_wrappers
OR
228. …Cont’d
/etc/hosts.allow file contains the list of allowed or non-allowed hosts or
networks.
It means that we can both allow or deny connections to network
services by defining access rules in this file
/etc/hosts.deny file contains the list of hosts or networks that are not
allowed to access your Linux server.
229. …Cont’d
The typical syntax to define an access rule is:
daemon_list : client_list : option : option ...
Where,
daemon_list - The name of a network service such as SSH, FTP, http etc.
clients_list - The comma separated list of valid hostnames, IP addresses or
network addresses.
options - An optional action that specifies something to be done whenever a rule
is matched.
230. …Cont’d
Rules to Remember
The access rules in the /etc/hosts.allow file are applied first. They takes
precedence over rules in /etc/hosts.deny file
Therefore, if access to a service is allowed in /etc/hosts.allow file, and a rule
denying access to that same service in /etc/hosts.deny is ignored.
231. Restrict Access To Linux Servers Using TCP Wrappers
The recommended approach to secure a Linux server is to block all
incoming connections, and allow only a few specific hosts or networks.
To do so, edit /etc/hosts.deny
Add the following line. This line refuses connections to ALL services and ALL networks.
ALL: ALL
232. Allow and Deny hosts
add the following line in /etc/hosts.allow file
sshd: 192.168.43.192 #Allow a single host for SSH service
sshd: 192.168.43.0/255.255.255.0 #Allow a /24 prefix for SSH
vsftpd: 192.168.43.192 #Allow a single host for FTP
vsftpd: 192.168.43.0/255.255.255.0 #Allow a /24 prefix for FTP
vsftpd: asu.cs.et #Allow a single host for FTP
233. Iptables Firewalling
Introduction to Linux
• Iptables is a powerful firewall utility for Linux systems that allows you
to set up and manage network packet filtering rules.
• Understanding Firewall Basics
Packet filtering
Network ports
Protocols (TCP, UDP), and
IP addresses.
• Ensure that your Linux kernel has built-in support for iptables.
234. common scenarios in which iptables to Configure Firewall
Introduction to Linux
Allow Incoming SSH Connections
iptables -A INPUT -p tcp --dport 22 -s 192.168.1.0/24 -j ACCEPT
Block Incoming HTTP Requests
iptables -A INPUT -p tcp --dport 80 -j DROP
Allow Outgoing DNS Queries
iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
Read and exercise for detail iptables firewalling
235. Packet Filtering
Introduction to Linux
• Packet filtering is a fundamental technique used in network security
to selectively allow or block network traffic based on predefined
criteria.
• It involves inspecting individual packets as they pass through a
network device, such as a firewall or router, and making decisions
about whether to permit or deny them.
236. Cont’d
Introduction to Linux
key concepts related to packet filtering
Access Control Lists (ACLs)
Source and Destination IP Address Filtering
Port-Based Filtering
Protocol Filtering
Stateful Packet Filtering
Implicit Deny Rule: default rule
Logging: capability to log denied packets or specific events for monitoring, analysis, and troubleshooting purposes.
237. Port Forwarding
Introduction to Linux
Port forwarding (also known as port redirection) and Network Address Translation
(NAT) with IP masquerading are techniques used to enable communication between
devices on a private network and external networks, such as the internet.
These techniques are commonly employed in network setups where multiple devices
share a single public IP address.
238. Cont’d
Introduction to Linux
Port Forwarding/Redirection: Port forwarding allows inbound network traffic to reach a
specific device or service within a private network by redirecting traffic from a specific
port on the public IP address to a designated internal IP address and port.
It is typically used to enable external access to services running on devices within the
private network.
239. how port forwarding works?
Introduction to Linux
1. A request comes in from an external network to the public IP address and a specific
port
2. The router or firewall receives the request and checks its port forwarding
configuration.
3. Based on the configured rules, the router/firewall forwards the incoming traffic to the
designated internal IP address and port.
241. NAT/IP Masquerading:
Introduction to Linux
Network Address Translation (NAT) is a technique that allows multiple devices
within a private network to share a single public IP address when connecting to
external networks.
IP masquerading is a specific form of NAT that dynamically translates the
private IP addresses of devices to the public IP address when they access the
internet.
242. how NAT/IP Masquerading works?
Introduction to Linux
1. Devices within the private network send outgoing requests to access resources on the
internet.
2. The router or firewall performing NAT replaces the source IP addresses of the outgoing
packets with its own public IP address.
3. Responses from external servers are sent back to the router/firewall's public IP address.
4. The router/firewall performs reverse translation, replacing its public IP address with the
original private IP address, and forwards the response packet to the appropriate internal
device.
243. Packet-Processing Model
Introduction to Linux
The packet-processing model refers to the sequence of steps that a network
device, such as a router or firewall, follows when processing an incoming or
outgoing network packet.
The model outlines the stages involved in handling a packet from the moment it
enters the device to the point where it is forwarded or discarded.
While the exact implementation may vary across different network devices
244. General packet-processingmodel
Introduction to Linux
1. Packet Reception: The network device receives the incoming packet on one of its
interfaces
2. Packet Decapsulation: If the received packet is encapsulated within a data link layer
protocol, such as Ethernet, the device decapsulates the packet to extract the network
layer protocol packet, such as IP or IPv6.
3. Packet Classification: The device examines the packet's headers to determine its
destination and purpose.
245. …Cont’d
Introduction to Linux
4. Security Checks: The packet is evaluated for any security-related policies, such as
firewall rules, access control lists (ACLs), or intrusion detection/prevention systems.
5. Quality of Service (QoS) Handling: If the device supports QoS, it may apply QoS
policies to prioritize or shape the traffic based on predefined rules..
6. Network Address Translation (NAT): If the packet requires Network Address
Translation, such as in the case of private-to-public IP translation, the device performs
the necessary modifications to the packet's source or destination IP addresses.
246. …Cont’d
Introduction to Linux
7. Routing: The device looks up the packet's destination IP address in its routing table
to determine the next-hop interface or the appropriate routing path.
8. Forwarding Decision: Based on the routing lookup, the device makes a forwarding
decision, determining the outgoing interface or the appropriate forwarding path for
the packet.
9. Packet Forwarding: The device forwards the packet out through the determined
interface or path towards its destination.
10. Packet Egress: The packet is transmitted out of the device's interface onto the
network medium for delivery to the next hop or the final destination.
248. Intrusion Detection
Introduction to Linux
Intrusion Detection is a security mechanism designed to detect
and respond to unauthorized or malicious activities on a
computer system or network.
It involves monitoring network traffic, system logs, and other
data sources to identify potential security breaches or
abnormal behavior.
249. Different Types Intrusion
Unauthorized Access
o This occurs when an attacker gains unauthorized access to a system or network without proper
authentication or permissions.
Denial of Service (DoS)
o In a DoS attack, the attacker overwhelms a system, network, or service with a flood of traffic or
resource requests, making it inaccessible to legitimate users.
Distributed Denial of Service (DDoS)
o Similar to DoS, DDoS attacks involve multiple systems or devices working together to overwhelm
a target with an enormous amount of traffic.
The attacker controls a botnet (a network of compromised devices) to launch the attack.
Introduction to Linux
250. …Cont’d
Malware Attacks
o Malware refers to malicious software designed to gain unauthorized access,
disrupt system operations, or steal sensitive information.
Common types of malware include viruses, worms, Trojans, ransomware, spyware,
and adware.
Malware can be distributed through email attachments, malicious websites,
infected software, or removable media.
Introduction to Linux
251. …Cont’d
Phishing and Social Engineering
Phishing involves tricking individuals into revealing sensitive information,
such as login credentials or financial details, by impersonating a trusted
entity through fraudulent emails, websites, or messages.
Insider Threats
Insider threats involve individuals within an organization misusing their
authorized access to compromise systems, steal data, or cause harm.
Introduction to Linux
252. Types of Intrusion Detection(IDS)
Network-based Intrusion Detection System (NIDS)
o NIDS monitors network traffic, analyzes network packets, and looks for patterns or
signatures associated with known attacks or suspicious activities.
Host-based Intrusion Detection System (HIDS)
o HIDS monitors the activities and events occurring on individual host systems.
Introduction to Linux
Reading Assignment: Linux Intrusion Detection System (LIDS)
254. Overview of Analytical system administration
Analytical system administration explores the use of data analysis and
analytical techniques to improve
○system administration processes
○identify performance issues and
○ make informed decisions in managing computer systems and networks.
255. System Observation
System observation refers to the practice of monitoring and observing
computer systems and networks to gather information about their
performance,
behavior, and
usage patterns.
256. …Cont’d
System observation can be performed using a variety of techniques and
tools, including:
Monitoring Tools
System Logs
Network Monitoring
User Activity Monitoring
Performance Testing
257. …Cont’d
System observation serves several purposes, including
Identifying performance issues and bottlenecks to optimize system
performance.
Detecting and mitigating security incidents or abnormal system behavior.
Planning for system capacity and scalability.
Assessing the impact of software or configuration changes on system
behavior.
Understanding user behavior and usage patterns to improve user experience.
258. Evaluation methods and problems
Evaluation methods are used to assess the performance, effectiveness, and
quality of systems, processes, or solutions.
They provide valuable insights and feedback that can guide decision-making,
improvements, and future planning.
259. Common Evaluation Methods
╠ Surveys and Questionnaires
Interviews
Observations
Focus Groups
Case Studies
Usability Testing
Performance Metrics and Key Performance Indicators (KPIs)
Expert Review
Comparative Analysis and Benchmarking
╠ Cost-Benefit Analysis
260. Faults
Faults in the context of system administration refer to unexpected or abnormal conditions
that occur within a computer system or network, resulting in system failures, errors, or
malfunctions.
Faults can arise from various sources, including
hardware failures,
software bugs,
configuration errors,
network issues,
human error.
261. Common Type of Faults
Hardware Faults
Software Faults
Configuration Faults
Network Faults
Power Faults
Human Errors
262. Deterministic and stochastic Behaviors
Deterministic Behavior
refers to a system or process that produces the same output or result
for a given set of inputs or conditions.
In other words, the outcome is completely predictable and follows a
specific cause-and-effect relationship.
In a deterministic system, there is no randomness or uncertainty
involved, and the same inputs always yield the same outputs.
263. …Cont’d
Examples of deterministic behavior:
Mathematical equations
Programming algorithms
Digital circuits
264. …Cont’d
Stochastic Behavior
refers to a system or process that exhibits randomness or uncertainty
in its outcomes.
Unlike deterministic behavior, the same inputs or conditions may result
in different outputs.
Stochastic systems involve probabilistic elements and are influenced
by random factors, making it impossible to precisely predict the exact
outcome.
265. …Cont’d
Examples of Stochastic behavior:
Random number generation
Weather forecasting
Stock market fluctuations
In many real-world systems, both deterministic and stochastic elements may be present.
Understanding and analyzing the interplay between deterministic and stochastic behavior is essential
in many fields, including physics, engineering, computer science, and finance, to make accurate
predictions, optimize processes, and manage risks.