Professional Documents
Culture Documents
Megenagna campus
Department of computer sciences
COURSE TITLE: NETWORK AND SYSTEM ADMINISTRATION
BY: AGMAS G.
8/20/2022 AGMAS G. 1
Chapter 1
Chapter Objectives
Explore the world of the Network & System admin.
List the duties of the system admin.
List the skill set required of the system admin.
List a few personality traits of a typical system admin.
8/20/2022 SHEWAKENA G. 3
Introduction to System & Network Administration
What is System ?
A system is a collection of elements or components that are
organized for a common purpose.
A set of detailed methods, procedures and routines created to
carry out a specific activity, perform a duty, or solve a problem
All systems have inputs, outputs and feedback mechanisms
8/20/2022 SHEWAKENA G. 4
Con…
What is Network ?
A group of interconnected (via wire and/or wireless)
devices and peripherals that is capable of sharing software
and hardware resources among many users.
8/20/2022 SHEWAKENA G. 5
What is Network Administration ?
The terms network administration and system
administration exist separately; However, are used both
variously and inconsistently by industry and academics
Is the management of network infrastructure devices
(routers and switches)
8/20/2022 SHEWAKENA G. 6
Introduction to System and Network Administration...
What is System Administration ?
Is a branch of engineering mainly concerned with the
operational management of human-computer systems
An organized collaboration between humans and computers to
solve a problem or provide a service
Is the term used traditionally by mainframe and Unix engineers
to describe the management of computers whether they are
coupled by a network or not
8/20/2022 SHEWAKENA G. 7
Introduction to System and Network Administration...
Do you think System Administration is an Administrative Job?
Definitely, No It is an extremely demanding
engineer’s job, so that a System Administrator has know
to a bit of everything.
It requires a skill, technique, administration and socio-
psychological knowledge and wisdom
It has to know about hardware, software, user support,
diagnosis, repair and prevention of system threats
8/20/2022 SHEWAKENA G. 8
Introduction to System and Network Administration...
What is the Key Role of Network and System Administration?
It is to build hardware configuration and to configure software
systems
Network Administrator: a person who responsible to admin, manage
and maintain the network design, configuration and infrastructure
development.
System Administrator: a person who responsible to admin users,
maintaining system, create file systems, install software and other
related issues.
8/20/2022 SHEWAKENA G. 9
Introduction to System and Network Administration...
8/20/2022 SHEWAKENA G. 10
Introduction to System and Network Administration...
Responsibilities of the System Administrator
User Administration (Setup and Maintaining Account)
Maintaining System Verify that Peripherals are Working Properly
Quickly Arrange Repair for Hardware in occasion of Hardware Failure Monitor
System Performance
Create File Systems
Install Software
Create a Backup and Recover Policy
Monitor Network Communication
8/20/2022 SHEWAKENA G. 11
Con…
Update system as soon as new version of OS and application
software comes out
Implement the Policies for the use of the Computer System and Network
Setup Security Policies for users. A sysadmin must have a
strong grasp of computer security (e.g. firewalls and intrusion
detection systems)
Documentation in form of Internal Wiki
Password and Identity Management
8/20/2022 SHEWAKENA G. 12
Con…
System Administrators’ Code of Ethics
Professionalism:
It maintain professional conduct in the workplace and will not allow personal
feelings or beliefs.
Personal Integrity:
It avoid conflicts of interest and biases whenever possible.
Privacy:
It maintain and protect the confidentiality of any information to which the
sysadmin may have access.
Laws and Policies:
The sysadmin should educate himself and others on relevant laws, regulations,
and policies regarding the performance of his/her duties.
8/20/2022 SHEWAKENA G. 13
Con…
Communication
The sysadmin should communicate with management, users, and colleagues about computer
matters of mutual interest.
System Integrity
The sysadmin should strive to ensure the necessary integrity, reliability, and availability of the
systems Education I The sysadmin should continue to update and enhance my technical
knowledge and other work-related skills.
Responsibility to Computing Community:
The sysadmin should cooperate with the larger computing community to maintain the integrity
of network and computing resources
Social Responsibility:
The sysadmin should encourage the writing and adoption of relevant policies and laws
consistent with the ethical principles.
Ethical Responsibility:
The sysadmin should strive to build and maintain a safe, healthy, and productive workplace
8/20/2022 SHEWAKENA G. 14
System Administration
What is System Administration
Management of the System which Covers of
Computers
Hardware (CPU , Printer , Scanner etc.)
Software
Operating System
Application Software
Management Software (Database / Web / Email etc.)
Networks
Users
What do you understand by Management?
8/20/2022 SHEWAKENA G. 15
System Administration
Systems administration includes computer systems and the
ways people use them in an organization.
This requires a knowledge of
operating systems
applications,
hardware and software troubleshooting,
but also knowledge of the purposes for which people in the
organization use the computers.
8/20/2022 SHEWAKENA G. 16
What Is a Sysadmin?
In a “small company” the Sysadmin may be the entire
information technology staff.
The Sysadmin may do everything from telephone, to fax,
to computer management.
Sysadmin may have to order supplies, deal with users,
develop software, repair hardware, and laugh at the
CEO’s jokes!
8/20/2022 SHEWAKENA G. 17
What Is a Sysadmin?
In a large company the Sysadmin may be one member of a large
group.
May be responsible for one aspect of the data center
operation.
Programmers
Database Administrators
Network Administrators
Operators
May not even know what the CEO looks like.
8/20/2022 SHEWAKENA G. 18
Common Sysadmin Qualities
A Sysadmin is a customer service agent!
The Sysadmin must be
Able to communicate with technical and non-technical users.
be patient, and have a sense of humor.
Able to solve difficult technical problems.
Able to work in a group setting.
Must document activities in order to reproduce the results.
8/20/2022 SHEWAKENA G. 19
What Does a Sysadmin Do?
Plan and manage the machine room environment
design machine room; specify cooling, cabling, power
connections, and environmental controls (fire alarm, security)
Install and maintain operating system software, application
software, and patches.
Determine hardware and software pre-requisites, which patches
to install, which services to provide, and which services to
disable.
8/20/2022 SHEWAKENA G. 20
Cont.…
Schedule downtime to perform upgrades/patches, and test
devices and schedule downtime to manage devices.
Install and maintain user accounts; develop acceptable use
policy and login-name policy; determine password change
policies; install/configure/manage name services; and manage
licenses.
Determine disk quota policy/manage disk space, and monitor
log files.
8/20/2022 SHEWAKENA G. 21
Cont..
Train users on software and security.
Ensure that users have access to documentation.
Help users and provide help-desk support and problem tracking
system to answer user questions.
Configure network services:
printing, file sharing, name service.
determine file sharing needs and printing policies.
manage security for shared resources.
8/20/2022 SHEWAKENA G. 22
Cont.…
Install/maintain system devices, hardware/drivers; specify
supported devices; determine spares practices.
Install/configure/manage web servers, configure web access
agents
Configure and maintain business applications
web agents
e-mail
calendar software
order/problem tracking software
8/20/2022 SHEWAKENA G. 23
Cont.…
Install/configure/manage e-mail software
mail transfer agents.
mail readers.
Configure and manage system security
security for business applications,
read security mailing lists and CERT notifications,
install/configure "firewall" software to limit intruder access,
collect evidence in case of successful intrusion and clean up
after intrusion
8/20/2022 SHEWAKENA G. 24
Cont..
Configure and maintain connectivity between hosts
monitor connectivity
troubleshoot connectivity problems
investigate complaints of poor response
8/20/2022 SHEWAKENA G. 25
Cont..
Configure and maintain system backups,
determine backup strategy and policies, and
configure backup software
perform backups
monitor backup logs
check backup integrity
determine disaster survival plans
perform restores
8/20/2022 SHEWAKENA G. 26
Cont.…
Troubleshoot and repair system problems
Determine, locate, and repair/replace problem components
Document the system, and develop and maintain documentation
on local setup and local policies
8/20/2022 SHEWAKENA G. 27
8/20/2022 SHEWAKENA G. 28
Skills Required
Delegation and Time Management
Ethics
Ability to create/follow Policies and Procedures
Desire to learn
Customer Service Attitude
Knowledge of technical aspects
Hardware
Software
Problem Solving
8/20/2022 SHEWAKENA G. 29
Types of Administrators/Users
In a larger company, following may all be separate positions within a
computer support or Information Services (IS) department.
In a smaller group they may be shared by a few Sysadmins, or even a
single person.
Database Administrator
Network Administrator
Security Administrator
Web Administrator
Technical support
computer operator
8/20/2022 SHEWAKENA G. 30
Cont.…
A database administrator (DBA) maintains a database system, and is
responsible for the integrity of the data and the efficiency and
performance of the system.
A network administrator maintains network infrastructure such as
switches and routers, and diagnoses problems with these or with the
behavior of network-attached computers.
A security administrator is a specialist in computer and network
security, including the administration of security devices such as
firewalls, as well as consulting on general security measures.
8/20/2022 SHEWAKENA G. 31
Cont.…
Web administrator maintains web server services (such as
IIS or Apache) that allow for internal or external access to
web sites.
Tasks include
managing multiple sites,
administering security,
configuring necessary components and software.
Responsibilities may also include software change
management.
8/20/2022 SHEWAKENA G. 32
Cont..
Technical support staff respond to individual users' difficulties with
computer systems, provide instructions
sometimes training,
diagnose and solve common problems.
A computer operator performs routine maintenance and upkeep,
such as
changing backup tapes or replacing failed drives in a RAID array. S
such tasks usually require physical presence in the room with the
computer;
while less skilled than Sysadmin tasks require a similar level of trust,
since the operator has access to possibly sensitive data.
8/20/2022 SHEWAKENA G. 33
Booting and Shutting Down
8/20/2022 SHEWAKENA G. 34
Roadmap
Bootstrapping
Boot Loaders
Startup/Init Scripts
Reboot & Shutdown
Q&A
8/20/2022 SHEWAKENA G. 35
Bootstrapping (simplified version)
BIOS Boot Loader Kernel Initialization
init
login login
8/20/2022 SHEWAKENA G. 36
BIOS
Basic Input/output System
Contains information about the machine’s configuration.
Eg. IDE controller, NIC
PC knows which device to boot from via BIOS
PC tries to run code from the MBR (Master boot record ), ie. 1st
512 bytes, of the disk
MBR tells the PC to load the boot loader from certain disk
partition
The boot loader loads the kernel
8/20/2022 SHEWAKENA G. 37
Boot Loaders – LILO(Linux Loaser)
Traditional and stable ◦ other=/dev/hdb1
/etc/lilo.conf ◦ label=Windows
◦ boot=/dev/hda ◦ table=/dev/hdb
◦ root=/dev/hda1 To install it
◦ timeout=5 ◦ $ lilo
◦ image=/boot/vmlinuz-
2.6.20 lilo must be run after every
◦ label=Linux reconfiguration
◦ read-only
8/20/2022 SHEWAKENA G. 38
LILO continued,
LILO is a boot loader for Linux and was the default boot
loader for most Linux distribution in the years after a
popularity of loadlin.
8/20/2022 SHEWAKENA G. 39
Boot Loaders – LILO (cont)
At LILO prompt
◦LILO: linux init=/sbin/init also called
init
◦LILO: linux init=/bin/bash
◦LILO: linux root=/dev/hda5
◦LILO: linux single
8/20/2022 SHEWAKENA G. 40
Boot Loaders – GRUB
GRand Unified Boot loader
Default on Red Hat and SuSe
Read configuration file at boot time
Understand filesystems and kernel executable formats
◦ ie. Only need to know the device, disk partition and kernel filename
◦ GRUB device (hd0,0) → /dev/hda1 or /dev/sda1
8/20/2022 SHEWAKENA G. 41
Boot Loaders – GRUB (cont)
/boot/grub/grub.conf
◦ default=0
◦ timeout=5
◦ splashimage=(hd0,0)/boot/grub/splash.xpm.gz
◦ title CentOS (2.6.18-8.el5)
◦ root (hd0,0)
◦ kernel /boot/vmlinuz-2.6.18-8.el5 ro root=LABEL=/
◦ initrd /boot/initrd-2.6.18-8.el5.img
◦ title Windows
◦ rootnoverify (hd1,0)
◦ chainloader +1
8/20/2022 SHEWAKENA G. 42
Boot Loaders – GRUB (cont)
At the splash screen
◦ Hit ‘a’ and type “ single” to boot to single-user mode
◦ Hit ‘c’ to enter command-line mode
◦ To boot other OSes that aren’t in grub.conf
◦ Display system information
◦ Press TAB to see possible commands
8/20/2022 SHEWAKENA G. 43
Kernel Initialization
A program itself(after GRUB loaded the kernel to the RAM kernel start to initialize the memory )
/vmlinuz or /boot/vmlinuz
Two-stage loading process
initrd (init RAM disk)
A transient root filesystem in RAM before a real root filesystem is available
Eg. It is used to install file system modules into the kernel
The real root filesystem
Device detection and configuration
You tell the kernel what to expect
The kernel probes the H/W itself
Kernel threads creation
Eg. init (a user process), kjournald, kswapd
8/20/2022 SHEWAKENA G. 44
Single-user mode
A manual mode after kernel initialization and before running startup
scripts
“single” is passed to init, sulogin is run instead
Most system processes are not running
Users can’t log in, except root
/ is mounted read-only
$ mount -o rw,remount /
Check/repair the disk if there are disk problems
$ fsck -y /dev/sda1
Run ‘exit’ to exit single-user mode
8/20/2022 SHEWAKENA G. 45
Startup/Init Scripts
After Kernel initialization, a process called init is created with PID 1
init runs startup scripts (normal shell scripts) to perform specific
tasks, eg.
Setting the hostname, time zone, etc
Checking and mouting the disks
Configuring network interfaces
Starting up daemons and network services
8/20/2022 SHEWAKENA G. 46
Startup/Init Scripts (cont)
Startup scripts (rc files) are run based on run levels
◦ 0 the level in which the system is completely shut down
◦ 1 single-user mode
◦ 2 multiuser mode w/out NFS
◦ 3 full multiuser mode
◦ 4 unused
◦ 5 X11
◦ 6 reboot level
Starts with run level 0 to the default run level (usually 3)
/etc/inittab tells init what to do at each level
To find out which run level the system is current in
◦ $ runlevel
8/20/2022 SHEWAKENA G. 47
Startup/Init Scripts (cont)
init runs the scripts from /etc/rc.d/rc[0-6].d/
◦ /etc/rc.d/rc0/K25sshd → /etc/init.d/sshd
◦ /etc/rc.d/rc3/S55sshd → /etc/init.d/sshd
Each server/daemon provides a master script
◦ Stored in /etc/init.d
◦ Understands the arguments: start, stop, restart
◦ /etc/init.d/sshd start
run level 0 → 3
◦ /etc/rc.d/rc3/S* start
run level 3 → 0
◦ /etc/rc.d/rc0/K* stop
Pretty ugly!
8/20/2022 SHEWAKENA G. 48
Startup/Init Scripts (cont)
Use chkconfig instead. Eg.
◦ $ chkconfig --add sshd
◦ $ chkconfig --del sshd
8/20/2022 SHEWAKENA G. 49
Reboot & Shutdown
To reboot
◦ $ shutdown -r now
◦ $ reboot
◦ $ telinit 6
To halt
◦ $ shutdown -h now
◦ $ halt
◦ $ telinit 0
◦ $ poweroff
8/20/2022 SHEWAKENA G. 50
Reboot & Shutdown (cont)
To shutdown gracefully
◦ $ shutdown -h +15 “Shutdown in 15 mins”
8/20/2022 SHEWAKENA G. 51
Super user
On a Unix system, the superuser refers to a
privileged account with unrestricted access to all
files and commands.
The username of this account is root.
Many administrative tasks and their associated
commands require superuser status.
8/20/2022 SHEWAKENA G. 52
Cont..
There are two ways to become the superuser.
The first is to log in as root directly.
The second way is to execute the command su while logged in to
another user account.
The su command may be used to change one's current account
to that of a different user after entering the proper password.
It takes the username corresponding to the desired account as
its argument; root is the default when no argument is provided.
$ su
Password: Not echoed
8/20/2022 SHEWAKENA G. 53
Cont..
You may exit from the superuser account with exit or Ctrl-
D.
You may suspend the shell and place it in the background
with the suspend command;
you can return to it later using fg.
8/20/2022 SHEWAKENA G. 54
Boot process
The normal boot process has these main phases:
Basic hardware detection (memory, disk, keyboard,
mouse, and the like).
Executing the firmware system initialization program
(happens automatically).
Locating and running the initial boot program (by the
firmware boot program),
usually from a predetermined location on disk.
This program may perform additional hardware checks prior to
loading the kernel.
8/20/2022 SHEWAKENA G. 55
Cont..
Locating and starting the Unix kernel (by the first-stage boot
program).
The kernel image file to execute may be determined automatically
or via input to the boot program.
The kernel initializes itself and then performs final, high-level
hardware checks, loading device drivers and/or kernel modules as
required.
The kernel starts the init process, which in turn starts system
processes (daemons) and initializes all active subsystems. When
everything is ready, the system begins accepting user logins.
8/20/2022 SHEWAKENA G. 56
Challenges System & Network Administration
There are three key challenges in introducing these global frameworks:
Security includes never-ending management of a series of threats that are
steadily increasing.
With the proliferation of IoT devices expected over the next few years,
along with the complexities of private and virtual clouds, more users,
more mobile devices, and an increasing volume of endpoints, network
administrators will continue to struggle to stay ahead of hackers.
Consumer-specific security threats, such as malware focused on
smartphones will continue to threaten the global network as a whole.
8/20/2022 SHEWAKENA G. 57
Challenges System & Network Administration
Monitoring and maintenance of global networks will become increasingly important.
Because we lack integrated reporting and alert capabilities, network administrators will
continue to struggle with how to monitor a widening volume of traffic.
Machine learning algorithms and artificial intelligence may provide the key to network
monitoring the various applications and the global delivery of static and dynamic content.
8/20/2022 SHEWAKENA G. 58
.
8/20/2022 SHEWAKENA G. 59
Chapter 2
INTRODUCING WINDOWS SERVER
AND CONTROLLING PROCESSES
9/1/2022 1
Objectives
Describe the editions of Windows Server 2008
Discuss core technologies
Explain the primary roles a Windows Server 2008 computer can fulfill
Describe the new and enhanced features of Windows Server 2008
9/1/2022 2
An Introduction to Operating Systems
An operating system (OS) is a set of basic programming instructions to
computer hardware, forming a layer of programming code on which
most other functions of the computer are built.
The kernel is the programming code that is the core of the operating
system.
Code is a general term that refers to instructions written in a computer
programming language.
Computer hardware consists of physical devices such as the central
processing unit (CPU), circuit boards, the monitor and keyboard, and
disk drives.
9/1/2022 3
Cont..
Two types of operating systems will be covered in this book:
Desktop operating system – installed on a personal computer (PC) type of
computer that is used by one person at a time, and that may or may not be
connected to a network.
Examples of installations are desktop computers, laptops, and
iMac computers
Server operating system – installed on a more powerful computer that is
connected to a network and enables multiple users to access information
such as e-mail, files, and software.
Examples of hardware with a server OS include traditional
server hardware, rack-mounted server hardware, and blade
servers.
9/1/2022 4
Cont..
Traditional server – often used by small or medium businesses
Usually consists of a monitor, CPU box, keyboard, and mouse
Rack-mounted server – CPU boxes mounted in racks(rack) that can
hold multiple servers
All servers often share one monitor and pointing device
Blade servers – looks like a card that fits into a blade enclosure
A blade enclosure is a large box with slots for blade servers
Medium and large organizations use blade servers to help conserve
space and to consolidate server management
9/1/2022 5
Tasks of Operating Systems
A basic task of an OS is to take care of input/output (I/O) functions, which
let other programs communicate with the computer hardware
Some examples of I/O tasks:
Handle input from the keyboard, mouse, and other input devices
Handle output to the monitor and printer
Handle remote communications using a modem
Manage network communications, such as for a local network and
the Internet
Control input/output for devices such as network interface card
Control information storage and retrieval using various types of disk
Enable multimedia use for voice and video composition or
reproduction, such as recording video from a camera or playing
music
9/1/2022 6
An Introduction to Operating Systems
9/1/2022 7
The Role of a Server Operating System
Hardware or Software? Server software is ambiguous; can run on multiple different platforms (i.e.
laptop)
Windows Server 2008 roles short summary:
File and Printer sharing
Web server
Routing and Remote Access Services (RRAS)
Domain Name System (DNS)
Dynamic Host Configuration Protocol (DHCP)
File Transfer Protocol (FTP) Server
Active Directory
Distributed File System (DFS)
Fax Server
9/1/2022 8
Windows Server 2008 Editions
Windows Server 2008 Standard Edition
Smaller organizations consisting of a few hundred users or less
Windows Server 2008 Enterprise Edition
Larger companies with more needs
Windows Server 2008 Datacenter Edition
Companies that run high powered servers with considerable resources
Windows Web Server 2008
Similar to Standard.
User base varies from small businesses to corporations with large
departments
9/1/2022 9
Windows 2008 Standard Edition
Up to 4 physical processors allowed
Available in 32-bit or 64-bit versions
32-bit version supports up to 4 GB of RAM, 64-bit version up to 32 GB
Lacks more advanced features, such as clustering
64-bit version can install one virtual instance of Server 2008 Standard
Edition with Hyper-V
9/1/2022 10
Windows Server 2008 Enterprise Edition
All the features of Standard Edition
Up to 8 physical processors
32-bit version supports 64 GB RAM; 64-bit version supports 2 TB
Can be clustered; up to 16 cluster nodes permitted
Hot-add memory
Four virtual instances per license with Hyper-V
9/1/2022 11
Windows Server 2008 Datacenter Edition
All the features of Enterprise Edition
Up to 32 physical processors in 32-bit version, 64 processors in 64-bit
Extra fault tolerance features: hot-add and hot-replace memory or CPU
Can’t be purchased as individual license, only through volume license or
through OEMs original equipment manufacturer(pre-installed)
Unlimited number of virtual instances
9/1/2022 12
Windows Web Server 2008
Designed to run Internet Information Services (IIS) 7.0
Hardware support similar to Standard Edition
Lacks many of the features present in other editions
Typically used when roles such as Active Directory or
Terminal Services are not required
9/1/2022 13
System Requirements (All editions)
Component Requirement
Processor Minimum: 1 GHz for x86 CPU or 1.4
GHz for x64 cpu
Recommended: 2 GHz or faster
Memory Minimum 512 MB RAM
Recommended: 2 GB RAM or more
Available disk space Minimum: 10 GB
Recommended: 40 GB or more
Additional drives DVD-ROM
Display and peripherals Super VGA or higher
Keyboard and mouse
9/1/2022 14
Windows Server 2008 Core Technologies
New Technology File System
Active Directory
Microsoft Management Console
Disk Management
File and printer sharing
Windows networking
Internet Information Services
9/1/2022 15
NTFS
New Technology File System
Successor to FAT/FAT32
Native support for long filenames, file and folder permissions,
support for large files and volumes, reliability, compression, and
encryption
Most significant is the added ability for more granular file access
control
9/1/2022 16
Active Directory
Provides a single point of administration of resources (Users,
groups, shared printers, etc.)
Provides centralized authentication and authorization of users to
network resources
Along with DNS, provides domain-naming services and
management for a Windows domain.
Enables administrators to assign system policies, deploy software
to client computers, and assign permissions and rights to users of
network resources
9/1/2022 17
Microsoft Management Console (MMC)
Creates a centralized management interface for
administrators
Uses snap-ins, which are designed to perform specific
administrative tasks (such as disk management or active
directory configuration)
Multiple snap-ins can be combined into a single MMC,
providing quicker access to commonly used tools
9/1/2022 18
Disk Management
Monitors disk and volume status
Initializes new disks
Creates and formats new volumes
Troubleshoots disk problems
Configures redundant disk configurations (RAID)
9/1/2022 19
File and Printer Sharing
Shadow copies
Disk quotas
Distributed File System (DFS)
Also possible to configure options that allow redundancy,
version control, and user storage restrictions.
9/1/2022 20
Windows Networking Concepts
The Workgroup Model
A small group of computers that share common roles, such as
sharing files or printers.
Also called a peer-to-peer network
Decentralized logons, security, and resource sharing
Easy to configure and works well for small groups of users (fewer
than 10)
A Windows Server 2008 server that participates in a workgroup
is referred to as a stand-alone server
9/1/2022 21
Windows Networking Concepts (cont.)
The Domain Model
Preferred for a network of more than 10 computers or a network that
requires centralized security and resource management
Requires at least one computer to be a domain controller
A domain controller is a Windows server that has Active Directory installed
and is responsible for allowing client computers access to domain resources
A member server is a Windows Server that’s in the management scope of a
domain but doesn’t have Active Directory installed
9/1/2022 22
Windows Networking Components
Network Interface
Composed of two parts; the network interface card (NIC) and the device driver
software
Network Protocol
Specifies the rules and format of communication between network devices
9/1/2022 23
Internet Information Services
Windows Server 2008 provides IIS 7.0
Modular design
Unused features aren’t available for attackers to exploit
Extensibility
Functionality is easily added via modular design
Manageability
Delegated administration; can assign control over some aspects of the website
to developers and content owners
Appcmd.exe provides the ability to manage IIS via scripts and batch files
9/1/2022 24
Windows Server 2008 Roles
Server role is a major function or service that a server performs
Role services add functions to main roles
Server features provide functions that enhance or support an
installed role or add a stand-alone function
A server can be configured for a single role or multiple roles
9/1/2022 25
Active Directory Certificate Services
A digital certificate is an electronic document containing
information about the certificate holder and the entity that
issued the certificate
The Active Directory Certificate Services role provides
services for creating, issuing, and managing digital
certificates
AD CS can include other server roles for managing
certificates
9/1/2022 26
Active Directory Domain Services
Active Directory Domain Services (AD DS) installs Active Directory
and turns Windows Server 2008 into a domain controller
Read Only Domain Controller (RODC)
Provides the same authentication and authorization services as a standard
domain controller
Changes cannot be made on an RODC directly
Updated periodically by replication from standard domain controllers
9/1/2022 27
Other Active Directory Related Roles
Active Directory Federation Services (AD FS)
Active Directory Lightweight Directory Services
(AD LDS)
Active Directory Rights Management Services (AD
RMS)
9/1/2022 28
Application Server
Provides high-performance integrated environment for
managing, deploying, and running client/server business
applications.
Applications for this role usually built with one or more of
the following technologies: IIS, ASP.NET, Microsoft .NET
Framework, COM+, and Message Queuing
9/1/2022 29
DHCP Server
Dynamic Host Configuration Protocol Server role
provides automatic IP address assignment and
configuration for client computers
Can provide default gateway address, DNS server
addresses, WINS server addresses, and other options
Windows Server 2008’s DHCP server role provides
support for IPv6
9/1/2022 30
DNS Server
DNS Server resolves the names of Internet computers
and computers that are members of a Windows
Domain to their assigned IP addresses.
When installing Active Directory, you can specify an
existing DNS server or install DNS on the same server
as Active Directory
9/1/2022 31
Fax Server
Provides tools to managed shared fax resources and allow users
to send and receive faxes
After the role is installed, you can
Manage users who have access to fax resources
Configure fax devices
Create rules for routing incoming and outgoing faxes
Monitor and log use of fax resources
9/1/2022 32
File Services
Provide high availability, reliable, shared storage to
Windows and other client OSs
Installing File Services role installs the File Server
service automatically
9/1/2022 33
Hyper-V
Provides services to create and manage virtual machines on a
Windows Server 2008 computer
A virtual machine is a software environment that simulates
the computer hardware an OS requires for installation
Installing an OS on a virtual machine is done using the same
methods used on a physical machine
9/1/2022 34
Network Policy and Access Services
Provides Routing and Remote Access Services (RRAS)
Other services that can be installed
◦ Network Policy Server (NPS)
◦ Health Registration Authority (HRA)
◦ Host Credential Authorization Protocol (HCAP)
9/1/2022 35
Print Services
Enables administrators to manage access to network printers
Installs Print Server by default
Internet Printing role service enables Web-based
management of network printers
Line Printer Daemon (LPD) role service provides compatibility
with Linux/UNIX clients
9/1/2022 36
Terminal Services
Enables users and administrators to control a Windows desktop remotely /
run applications hosted on a server remotely
Terminal server role permits up to two simultaneous remote desktop
sessions
Additional sessions require TS Licensing role service and license purchases
Other roles
TS Sessions Broker
TS Gateway
TS Web Access
9/1/2022 37
UDDI Services
Universal Description, Discovery, and Integration (UDDI) Services
enables administrators to manage, catalog, and share web services
Allows users to search for web services available to them
Gives developers a catalog of existing applications and development
work
9/1/2022 38
Web Server (IIS)
Consists of role services Web Server, management tools, and
FTP publishing
Secondary role services can be installed for additional
features
9/1/2022 39
Windows Deployment Services
Simplifies the installation of Windows over a network
Can install and remotely configure Windows Vista and Server
2008 systems
WDS is an improved version of Remote Installation Services
(RIS) found in Windows Server 2000 and 2003
9/1/2022 40
New Features in Windows Server 2008
1. Server Manager
2. Server Core
3. Hyper-V virtualization
4. Storage management enhancements
5. Networking enhancements
6. Network Access Protection
7. Windows Deployment Services
8. New Active Directory roles
9. Terminal Services enhancements
9/1/2022 41
Server Manager
I. Provides a single interface for installing, configuring, and
removing a variety of server roles and features on a server.
II. Summarizes server status and configuration
III. Includes tools to diagnose problems, manage storage, and
perform general configuration tasks
IV. Consolidates tools from Windows Server 2003
9/1/2022 42
Server Core
Has a minimum environment and lacks a full GUI
Can install the following server roles:
Active Directory Domain Services (AD DS)
Active Directory Lightweight Directory Services (AD LDS)
Dynamic Host Configuration Protocol (DHCP) Server
DNS Server
File Services
Print Server
Streaming Media Services
Web Server
Hyper-V
9/1/2022 43
Server Core (cont.)
Core supports additional features to enhance server roles:
Microsoft Failover Clustering
Network Load Balancing
Subsystem for UNIX-based Applications
Windows Backup
Multipath I/O
Removable Storage Management
Windows Bitlocker Drive Encryption
Simple Network Management Protocol (SNMP)
Windows Internet Naming Service (WINS)
Telnet client
Quality of Service (QOS)
9/1/2022 44
Server Core (cont.)
Server Core lacks the ability to install the following server
roles (and their optional features):
◦ Application Server
◦ Active Directory Rights Management Services
◦ Fax Server
◦ UDDI Services
◦ Windows Deployment Services
◦ Active Directory Certificate Services
◦ Network Policy and Access Services
◦ Terminal Services
◦ Active Directory Federation Services
9/1/2022 45
Server Core (cont.)
9/1/2022 46
Hyper-V
Virtualization isolates critical applications
Virtualization helps to consolidate multiple physical servers into a singular server
Using a virtual machine increases the ease of backing up essential servers
Updates or changes to an OS can be made on a virtual machine to test stability before being
applied to a production machine
Reduces the need for physical devices in educational environments
9/1/2022 47
Hyper-V (cont.)
Hyper-V Requirements:
◦ 64-bit version of Windows Server 2008 Standard, Enterprise, or Datacenter Edition
◦ A server running a 64-bit processor with virtualization support and hardware data
execution protection.
◦ Enough free memory and disk space to run virtual machines and store virtual hard
drives. Virtual machines use the same amount of memory and disk space resources as a
physical machine.
9/1/2022 48
Hyper-V (cont.)
9/1/2022 49
Storage Management Enhancements
Share and Storage Management MMC Snap-in
File Server Resource Manager
Windows Server Backup
Other improvements include:
◦ Storage Explorer
◦ SMB 2.0
◦ Remote boot support
9/1/2022 50
Networking Enhancements
Improved support for IPv6
DHCPv6
Load balancing
Redesigned TCP/IP stack
Improved performance, error-detection, and recovery
Virtual Private Networking
Secure Socket Tunneling Protocol (SSTP)
9/1/2022 51
Network Access Protection
Ensures computers are equipped with required security features
Enables monitoring of anti-virus software and firewall settings
If a computer does not meet all requirements defined by an
administrator, it can be restricted automatically from accessing
certain network resources
Can force computers to update themselves
9/1/2022 52
Windows Deployment Services
Updates Remote Installation Services
Allows unattended installation of Windows OSs
WDS can multicast deployment of disk images, reducing network
bandwidth required
Includes tools to customize the Windows OS for deployment
9/1/2022 53
New Active Directory Roles
Active Directory Lightweight Directory Services (AD LDS)
Provides tighter integration for applications that require large amounts
of data retrieval. Does not require a domain controller or domain
Active Directory Federation Services (AD FS)
Provides Single Sign-On for users of an organization to access internal
resources as well as external resources inside of a partner organization
Active Directory Rights Management Services (AD RMS)
Helps the author of a document decide how a document can be used
or modified, and deny unauthorized users access
9/1/2022 54
Terminal Services Enhancements
RemoteApp
Rather than accessing a program on a server through remote
desktop, the application appears as if it is actually running locally
Terminal Services Web Access (TS Web Access)
Allows users to access applications through a web browser,
requiring no additional software for the client if running Vista
Can list available RemoteApp programs
Allows secure, encrypted connections using Secure HTTP
(HTTPS) without the need for a VPN
9/1/2022 55
Control Process
9/1/2022 56
Control process
Will give you a list of the processes running on your system.
With no options, ps will list processes that belong to the
current user and have a controlling terminal.
9/1/2022 57
PID, PPID, UID, GID
In Linux, an executable stored on disk is called a program, and a
program loaded into memory and running is called a process.
When a process is started, it is given a unique number called process
ID (PID) that identifies that process to the system.
If you ever need to kill a process, for example, you can refer to it by
its PID.
9/1/2022 58
Cont..
Each process is assigned a parent process ID (PPID) that tells which
process started it.
The PPID is the PID of the process’s parent.
For example, if process1 with a PID of 101 starts a process named
process2, then process2 will be given a unique PID, such as 3240, but
it will be given the PPID of 101.
It’s a parent-child relationship.
A single parent process may spawn several child processes, each
with a unique PID but all sharing the same PPID.
9/1/2022 59
Cont..
Unix-like operating systems identify users within the kernel by a
value called a user identifier, often abbreviated to UID or User ID.
The UID, along with the GID and other access control criteria, is used
to determine which system resources a user can access.
The password file maps textual usernames to UIDs, but in the
kernel, only UID's are used.
9/1/2022 60
Cont..
The effective UID (euid) of a process is used for most access checks. It
is also used as the owner for files created by that process.
GID:
A group identifier, often abbreviated to GID, is a numeric value used
to represent a specific group.
The range of values for a GID varies amongst different systems;
at the very least, a GID can be between 0 and 32,767, with one
restriction: the login group for the superuser must have GID 0.
9/1/2022 61
Priority and nice value
•Nice Sets the priority for a process.
•nice -20 is the maximum priority (only administrative users can
assign negative priorities), nice 20 is the minimum priority.
•You must be root to give a process a higher priority, but you can
always lower the priority of your own processes...
•Example:
• nice -20 make Would execute make and it would run at maximum
priority.
9/1/2022 62
Priority vs. nice
•The difference is that PR is a real priority of a process at the moment
inside of the kernel and NI is just a hint for the kernel what the
priority the process should have.
•In most cases PR value can be computed by the following formula:
• PR = 20 + NI.
• Thus the process with niceness 3 has the priority 23 (20 + 3) and the
process with niceness -7 has the priority 13 (20 - 7).
9/1/2022 63
Cont..
• You can check the first by running command nice -n 3 top.
• It will show that top process has NI 3 and PR 23.
• But for running nice -n -7 top in most Linux systems you need to
have root privileges because actually the lower PR value is the
higher actual priority is.
9/1/2022 64
Signals, process states, etc.
9/1/2022 65
Cont..
Signals may also be delivered in an unpredictable way, out of
sequence with the program due to the fact that signals may originate
outside of the currently executing process.
Another way to view signals is that it is a mechanism for
handling asynchronous events.
As opposed to synchronous events, which is when a standard
program executes iterative, that is, one line of code following
another.
9/1/2022 66
Cont..
Asynchronous events occur when portions of the program
execute out of order.
Asynchronous events typically occur due to external
events originating at the hardware or operating system; the
signal, itself, is the way for the operating system to
communicate these events to the processes so that the
process can take appropriate action.
9/1/2022 67
Cont..
How we use signals
Signals are used for a wide variety of purposes in Unix
programming, and we've already used them in smaller
contexts.
For example, when we are working in the shell and wish to
"kill all cat programs" we type the command:
9/1/2022 68
Cont..
#> killall cat The killall command will send a signal to all
processes named cat that says "terminate."
The actually signal being sent is SIGTERM,
whose purposes is to communicate a termination request to a
given process,
but the process does not actually have to terminate … more on
that later.
9/1/2022 69
1. Periodic process
1. What is cron?
Cron is a standard Unix utility that is used to schedule commands
for automatic execution at specific intervals.
For instance, you might have a script that produces web statistics
that you want to run once a day automatically at 5:00 AM.
Commands involving cron are referred to as "cron jobs.
9/1/2022 70
Cont..
Cron in the Account Control Center
The ACC has a built-in interface for cron. We recommend that all
customers use the ACC cron interface, although advanced users may
use cron manually.
9/1/2022 71
Chapter Summary
A server is defined more by the software installed on hardware as
opposed to the hardware in use. In many cases, a client OS can
behave as a server.
Windows Server 2008 is available in four editions: Standard,
Enterprise, Datacenter, and Windows Web Server 2008
Core technologies in Windows Server 2008 include NTFS, Active
Directory, MMC, disk management, file and printer sharing,
networking components, and IIS
Windows Server 2008 updates previously available services with
additional functionality, while adding several new services.
9/1/2022 72
.
9/1/2022 73
9/1/2022 74
Chapter three
THE FILE SYSTEM
9/30/2022 1
Contents
What is file system
Types of file system
9/30/2022 2
File System
File system is a method for storing and organizing computer files and
the data they contain to make it easy to find and access them.
Most file systems make use of an underlying data storage device such
as Hard Disks that offers access to an array of fixed-size blocks which
is the smallest logical amount of disk space that can be allocated to
hold a file.
File systems typically have directories which associate file names with
files, usually by connecting the file name to an index in a file allocation
table of some sort, such as the FAT in a DOS file system, or an incode
in a Unix-like file system.
9/30/2022 3
File System
File names are simple strings, and per-file Metadata is maintained
which is the bookkeeping information, typically associated with
each file within a file system.
Metadata could contain file attributes such as file size, data and
time of creation or modification of the file, owner of the file,
access permissions etc.
9/30/2022 4
Types of File System
File system types can be classified into
disk file systems,
network file systems ()
flash file systems.
A disk file system is a file system designed for the storage of files on a data storage device,
most commonly a disk drive e.g. FAT, NTFS, etx2, ext3 etc.
A network file system is a file system that acts as a client for a remote file access protocol,
providing access to files on a server e.g. NFS(Network File System), SMB(Server Message Block)
etc.
A flash file system is a file system designed for storing files on flash memory devices.
9/30/2022 5
File System and OS
Operating systems provide a file system, as a file system is an integral part of any
modern operating system.
Windows Operating system supports FAT and NTFS File Systems
Linux popularly supports ext2 and ext3 File Systems
Other flavors of Operating Systems may support other File Systems like UFS in many
UNIX Operating Systems and HFS in MAC OS X.
All Operating Systems provide a user interface like Command Line (CLI) or File
Browser to access and manage File System information.
9/30/2022 6
FAT DOS/Windows File System
The File Allocation Table (FAT) file system was initially developed for DOS
Operating System and was later used and supported by all versions of
Microsoft Windows.
It was an evolution of Microsoft's earlier operating system MS-DOS and
was the predominant File System in Windows versions like 95, 98, ME etc.
All the latest versions of Windows still support FAT file system although it
may not be popular.
FAT had various versions like FAT12, FAT16 and FAT32. Successive versions
of FAT were named after the number of bits in the table: 12, 16 and 32.
9/30/2022 7
Windows File System
9/30/2022 8
File System in Linux
Linux supports many different file systems,
but common choices for the system disk include the ext family (such as ext2 and
ext3), XFS, JFS and Reiser FS.
The ext3 or third extended file system is a journaled file system and is the default
file system for many popular Linux distributions .
It is an upgrade of its predecessor ext2 file system and among other things it has
added the journouling feature.
A journaling file system is a file system that logs changes to a journal (usually a
circular log in a dedicated area) before committing them to the main file system.
Such file systems are less likely to become corrupted in the event of power failure
or system crash.
9/30/2022 9
FAT
FAT == File Allocation Table
FAT is located at the top of the volume.
two copies kept in case one becomes damaged.
Cluster size is determined by the size of the volume.
9/30/2022 10
Volume size V.S. Cluster size
Drive Size Cluster Size Number of Sectors
--------------------------------------- -------------------- ---------------------------
512MB or less 512 bytes 1
513MB to 1024MB(1GB) 1024 bytes (1KB) 2
1025MB to 2048MB(2GB) 2048 bytes (2KB) 4
2049MB and larger 4096 bytes (4KB) 8
9/30/2022 11
FAT block indexing
9/30/2022 12
FAT Limitations
Entry to reference a cluster is 16 bit
Thus at most 2^16=65,536 clusters accessible.
Partitions are limited in size to 2~4 GB.
Too small for today’s hard disk capacity!
For partition over 200 MB, performance degrades rapidly.
Wasted space in each cluster increases.
9/30/2022 13
FAT32
Enhancements over FAT
More efficient space usage
◦ By smaller clusters.
◦ Why is this possible? 32 bit entry…
More robust and flexible
◦ root folder became an ordinary cluster chain, thus it can be located anywhere
on the drive.
◦ back up copy of the file allocation table.
◦ less susceptible to a single point of failure.
9/30/2022 14
NTFS
MFT == Master File Table
◦ Analogous to the FAT
Design Objectives
1) Fault-tolerance
Built-in transaction logging feature.
2) Security
Granular (per file/directory) security support.
3) Scalability
Handling huge disks efficiently.
9/30/2022 15
NTFS
Scalability
◦ NTFS references clusters with 64-bit addresses.
◦ Thus, even with small sized clusters, NTFS can map disks up to sizes that we
won't likely see even in the next few decades.
Reliability
◦ Under NTFS, a log of transactions is maintained so that CHKDSK can roll back
transactions to the last commit point in order to recover consistency within
the file system.
◦ Under FAT, CHKDSK checks the consistency of pointers within the directory,
allocation, and file tables.
9/30/2022 16
NTFS
It allows you to access files on remote hosts in exactly the same way
you would access local files.
NFS offers a number of useful features:
Data accessed by all users can be kept on a central host, with
clients mounting this directory at boot time.
For example, you can keep all user accounts on one host and
have all hosts on your network mount /home from that host.
If NFS is installed beside NIS, users can log into any system and
still work on one set of files.
9/30/2022 17
Cont..
Data consuming large amounts of disk space can be kept
on a single host.
For example, all files and programs relating to LaTeX and
METAFONT can be kept and maintained in one place.
Administrative data can be kept on a single host.
There is no need to use rcp to install the same stupid file
on 20 different machines.
9/30/2022 18
NTFS Metadata Files
Name MFT Description
$MFT Master File Table
$MFTMIRR Copy of the first 16 records of the MFT
$LOGFILE Transactional logging file
$VOLUME Volume serial number, creation time, and dirty flag
$ATTRDEF Attribute definitions
. Root directory of the disk
$BITMAP Cluster map (in-use vs. free)
$BOOT Boot record of the drive
$BADCLUS Lists bad clusters on the drive
$QUOTA User quota
$UPCASE Maps lowercase characters to their uppercase version
9/30/2022 19
NTFS : MFT record
9/30/2022 20
MFT record for directory
9/30/2022 21
Application~ File System Interaction
Process Open file
control table File descriptors
block (system-wide) (Metadata) File system
info
File
descriptors
Open Directories
file
pointer ..
array
.
File data
9/30/2022 22
open(file…) under the hood
1. Search directory structure for fd = open( FileName, access)
the given file path
2. Copy file descriptors into in-
memory data structure PCB Allocate & link up
data structures
3. Create an entry in system-
wide open-file-table
Open
Directory look up
4. Create an entry in PCB file
table by file path
5. Return the file pointer to
user
Metadata File system on disk
9/30/2022 23
read(file…) under the hood
read( fd, userBuf, size )
PCB
Find open file
descriptor
Open
file read( fileDesc, userBuf, size )
table
Logical phyiscal
9/30/2022 24
Types of Linux file systems
9/30/2022 25
1. Ordinary files
is a file on the system that contains data, text, or program
instructions.
Used to store your information, such as some text you have written
or an image you have drawn.
This is the type of file that you usually work with.
Always located within/under a directory file.
Do not contain other files.
In long-format output of ls -l, this type of file is specified by the “-”
symbol.
9/30/2022 26
2. Directories –
Directories store both special and ordinary files.
For users familiar with Windows or Mac OS, UNIX directories are
equivalent to folders
A directory file contains an entry for every file and subdirectory
that it houses.
If you have 10 files in a directory, there will be 10 entries in the
directory.
Each entry has two components.
(1) The Filename
(2) A unique identification number for the file or directory
(called the inode number)
9/30/2022 27
3. Special Files –
Used to represent a real physical device such as a
printer, tape drive or terminal, used for Input/Ouput
(I/O) operations.
Device or special files are used for device
Input/Output(I/O) on UNIX and Linux systems.
9/30/2022 28
4. Pipes
– UNIX allows you to link commands together using a
pipe.
The pipe acts a temporary file which only exists to hold
data from one command until it is read by another.
A Unix pipe provides a one-way flow of data.
The output or result of the first command sequence is
used as the input to the second command sequence.
9/30/2022 29
5. Sockets –
A Unix socket (or Inter-process communication socket) is
a special file which allows for advanced inter-process
communication.
A Unix Socket is used in a client-server application
framework. In essence, it is a stream of data, very similar
to network stream (and network sockets), but all the
transactions are local to the filesystem.
In long-format output of ls -l, Unix sockets are marked by
“s” symbol.
.
9/30/2022 30
6. Symbolic Link
Symbolic link is used for referencing some other file of the file
system.
Symbolic link is also known as Soft link.
It contains a text form of the path to the file it references.
To an end user, symbolic link will appear to have its own name, but
when you try reading or writing data to this file, it will instead
reference these operations to the file it points to.
If we delete the soft link itself , the data file would still be there.
If we delete the source file or move it to a different location,
symbolic file will not function properly
9/30/2022 31
Log files and syslog
Syslog is a way for network devices to send event messages
to a logging server – usually known as a Syslog server.
System logs deal primarily with the functioning of the
Ubuntu system, not necessarily with additional applications
added by users.
Examples include authorization mechanisms, system
daemons, system messages, and the all-encompassing
system log itself, syslog.
9/30/2022 32
.
9/30/2022 33
9/30/2022 34
CHAPTER FOUR
Group 1
Group 3 is a
member
Group 2 of Group 1
Group 3
User 2
Printer Group Engineering
User 1 (Domain Local) (Global Group)
User 1
Engineering
User 2
Printer ACL
Domain A Domain B
User1 Group 2
Group 1 Accountants
Accountants
(Global Group) Domain C
User 1
Group 1
Printer ACL
Accountants
9/30/2022 31
9/30/2022 32
Chapter 5:
System Backups and Recovery
10/2/2022 AGMAS G. 1
Chapter Goals
Understanding the importance of backups.
Understand the issues associated with backups.
Understand backup strategies and scheduling.
Understand the basics of backup devices.
Understand the basics of backup media.
Understand the various types of backup software.
10/2/2022 AGMAS G. 2
Introduction
A systems administrator can design and create
a good backup system for a company.
The system will ensure the files and data will be
safe and easy to restore.
10/2/2022 AGMAS G. 3
What is a Backup?
Backup is an additional copy of data that can be used for restore
and recovery purposes
The Backup copy is used when the primary copy is lost or
corrupted
This Backup copy can be created by:
Simply coping data (there can be one or more copies)
Mirroring data (the copy is always updated with whatever is written to the
primary copy)
10/2/2022 AGMAS G. 4
Potential losses
Your laptop gets stolen.
Your disk fails catastrophically
Your data center gets burgled
Your data center burns down
Your off-line storage company goes out of business
The police search your house and take all your computer
equipment and storage devices/media
HOW MUCH DATA DO YOU LOSE?
10/2/2022 AGMAS G. 5
What to Backup?
Which Files Should Be Backed Up?
Applications?
Configuration Files?
User files?
Log files?
10/2/2022 AGMAS G. 6
Cont..
Generally, full backups of everything are easiest to manage,
but backup of system files is creating extra work for
yourself.
Possibly full dump when installed, then again after
patches/upgrades.
Backup of just user files is not enough.
Should dump the log files, and configuration
information.
10/2/2022 AGMAS G. 7
Why Backup is important?
10/2/2022 AGMAS G. 8
Why Backup is important?
Disaster Recovery
Restores production data to an operational state after
disaster
Operational
Restore data in the event of data loss or logical corruptions
that may occur during routine processing
Archival
Preserve transaction records, email, and other business work
products for regulatory compliance
10/2/2022 AGMAS G. 9
How Often Should Backups Be Performed?
◦Need to determine what level of data loss is acceptable:
Web sales? - need very fine grain backups.
Banking/Insurance? - very fine grain.
Research and development? - fine to medium grain.
University? - medium grain.
Mom and Pop? - coarse grain.
10/2/2022 AGMAS G. 10
Developing a backup strategy
10/2/2022 AGMAS G. 11
Best strategy
A backup copy should be taken at the same time everyday to ensure
the files are safe and secure.
The backup copies need to be kept in a safe and secure
location so they cannot be damaged or deleted.
Make sure that the backup copy is updated regularly and
that you can restore backed-up files if the files become lost,
damaged or deleted.
10/2/2022 AGMAS G. 12
Backup Strategy and Scheduling
1. Volume/Calendar Backup
The volume/calendar backup strategy calls for a full system backup once a
month.
An incremental backup is performed once a week for files that change often.
Daily incremental backups catch files that have changed since the last daily
backup.
A typical schedule would be to perform the full (level 0) backup one Sunday a
month, and weekly level 3 backups every Sunday of the month.
Daily level 5 backups would be performed Monday through Saturday.
This would require eight complete sets of media (one monthly tape, one weekly
tape, and six daily tapes)
10/2/2022 AGMAS G. 13
Backup Strategy and Scheduling
Grandfather/Father/Son Backup
The grandfather/father/son backup strategy is similar to the volume/calendar strategy.
The major difference between the two schemes is that the grandfather/father/son method
incorporates a one-month archive in the backup scheme. This eliminates the problem of
overwriting a tape before completing a more recent backup of the file system.
Implementing the grandfather/father/son strategy requires performing a full (level 0) dump
once a month to new media.
Once a week, an incremental (level 3) backup must be performed that captures all files
changed since the last weekly backup.
This weekly backup should also be saved on new media.
Each day an incremental level 5 backup must be performed to capture files that have changed
since the last daily backup.
The daily backups reuse the tapes written one week earlier
10/2/2022 AGMAS G. 14
Backup Devices
Backup devices must exhibit the following traits:
◦ User ability to write data to the device.
◦ Media capable of storing the data for long periods.
◦ Support of standard system interconnects.
◦ Support of reasonable input/output throughput.
10/2/2022 AGMAS G. 15
Backup Devices
Tape Backup Devices Optical Backup Devices
◦ Cartridge Tape Drive Magneto-optical Backup Devices
◦ 8-mm Tape Drive
Disk Systems As Backup Devices
◦ Digital Audio Tape Drive
◦ RAID Disk Arrays
◦ Linear Tape Open
◦ Problems with Disks As Backup
◦ Digital Linear Tape Devices
◦ Jukebox/Stacker Systems
High-Density Removable Media
Backups
10/2/2022 AGMAS G. 16
Backup Devices
Tape backup devices are probably the most common backup media in use.
◦ The media is relatively inexpensive, the performance is reasonable, the data
formats are standardized, and tape drives are easy to use.
◦ These factors combined make magnetic tape backups an attractive option.
◦ Most current-generation tape drives offer “native” mode and compressed
mode storage capabilities.
◦ Generally, the manufacturers claim a 2:1 compression ratio, but this value
may vary based on the data to be stored.
◦ Binaries (images, compiled programs, audio files, and so on) may not be
significantly smaller when compressed, whereas text files may compress
very well.
10/2/2022 AGMAS G. 17
Tape Backup Devices
Cartridge Tape Drive
Cartridge tape drives store between 10 Mb and several Gb of data on
a small tape cartridge.
Most cartridge tape systems use SCSI interconnections to the host
system.
These devices support data transfer rates up to 5 Mb per second. The
actual transfer rate from the tape drive memory to the tape media is
typically about 500 Kb per second.
“low” end, the 8-mm drives do not use data compression to store the
data on tape. “high” end, advanced intelligent tape drives incorporate
compression hardware and improved recording techniques to increase
the amount of information that can be stored on the tape.
10/2/2022 AGMAS G. 18
Cont..
8-mm Tape Drive
These tape drives are also small and fast, and use relatively inexpensive tape media.
The 8-mm media can hold between 2 and 100 GB of data, depending on the drive
model and type of tape in use.
The 8-mm drives use the SCSI bus as the system interconnection.
Low-density 8-mm drives can store 2.2 Gb of information on tape. and transfer data
to the tape at 250 Kb per second. High-density 8-mm drives can store up to 80 GB of
information on a tape at a 16 MB/second.
10/2/2022 AGMAS G. 19
Tape Backup Devices
Digital Audio Tape Drive
Digital audio tape (DAT) drives are small, fast, and use relatively inexpensive
tape media. Typical DAT media can hold between 2 and 40 GB of data.
Although manufacturers of DAT devices have announced the end-of-life for
these products, they will remain in use for many years.
The various densities available on DAT drives are due to data compression. A
standard DAT drive can write 2 Gb of data to a tape. By using various data
compression algorithms, and various lengths of tape, manufacturers have
produced drives that can store between 2 and 40 GB of data on a tape.
DAT drives use SCSI bus interconnections to the host system, and typically
offer 3 MB/second throughput.
10/2/2022 AGMAS G. 20
Tape Backup Devices
Linear Tape Open
A consortium of Hewlett Packard, IBM, and Seagate developed
the LTO technology. LTO encompasses two formats: the Ultrium,
a high-capacity solution, and Acela's format, a fast-access
format. The two formats use different tape drives, and tape
cartridges.
LTO Ultrium drives can store up to 100 Gb of data on a single
tape cartridge at 16 Mb/second.
10/2/2022 AGMAS G. 21
Tape Backup Devices
Digital Linear Tape
Digital linear tape (DLT) backup devices are also relatively new on the backup market.
These tape devices offer huge data storage capabilities, high transfer rates, and small
(but somewhat costly) media.
Digital linear tape drives can store up to 110 Gb of data on a single tape cartridge.
Transfer rates of 11 Mb/second are possible on high-end Super-DLT drives, making
them very attractive at sites with large on-line storage systems.
Where 8-mm and DAT tapes cost (roughly) $15 per tape, the LTO, AIT, and DLT tapes
can run as much as $150 each. However, when the tape capacity is factored into the
equation, the costs of these high-capacity tapes become much more reasonable.
Consider an 8-mm tape that holds (up to) 14 Gb on average versus a LTO cartridge,
which can hold 100 Gb of data!
10/2/2022 AGMAS G. 22
Tape Backup Devices
Jukebox/Stacker Systems
Jukebox or stacker systems combine an automated mechanism with one or
more tape drives.
Stackers are sequential tape systems. Tapes are stacked in a hopper, and
the tape drive starts by loading the tape at the bottom of the stack. When
the tape is full, it is ejected, and the next tape is loaded from the stack.
Many stackers do not have the capability to load a specific tape in the
drive. Instead, these stackers simply cycle (sequentially) through the tapes
until the last tape is reached. At this point they can either start the cycle
over again or wait for a new group of tapes to be loaded into the hopper.
10/2/2022 AGMAS G. 23
Tape Backup Devices
Jukebox/Stacker Systems
Unlike stackers, jukebox systems employ multiple tape drives, and special
“robotic” hardware to load and unload the tapes.
Jukebox systems require special software to control the robotics. The
software keeps track of the content of each tape and builds an index to allow
the user to quickly load the correct tape on demand.
Each tape is “labeled” with a bar-code decal (or something similar), and the
mechanism contains a label reader that keeps track of what tape is in the
drive.
Many commercially available backup software packages allow the use of
jukebox systems to permit backup automation.
10/2/2022 AGMAS G. 24
Optical Backup Devices
Optical Backup Devices
Recently, optical storage devices have become another economical means
of backing up mass storage systems.
Compact disk read-only-memory devices (CD-ROM) are useful for long-
term archive of information.
Although the name implies that these are read-only devices, recent
technology has made it possible to mass market the devices that create
the encoded CD-ROM media.
These CD-ROM writers (also called CD-recordables) make it possible to
consider CD-ROM as a backup device. More recent versions of this
technology have produced rewritable CD-ROMs (CD-RW or CDR).
10/2/2022 AGMAS G. 25
Optical Backup Devices
Optical Backup Devices
One of the major decisions in choosing a backup device is the ability of the medium to store
information for long periods.
CD-ROM media offer excellent data survivability.
Another advantage to the CD-ROM is the availability of reliable data transportability between
systems. This reliability is possible due to the CD-ROM’s adherence to industry standardized data
formats.
Along with these advantages, the CD-ROM offers a few unique disadvantages. The foremost
disadvantage to the CD-ROM as a backup device is the setup cost to create a CD. Setting up and
creating a CD is a time-intensive operation.
Some small sites may decide to back up to CD-ROM rewritable (CDR) media. The CDR format allows
the reuse of optical media, thereby reducing the cost of backing up to optical devices.
Unfortunately, the CDR is still a low-density solution, providing a mere 650 Mb of storage per disk.
The setup and record time for CDR is comparable to CD-ROM media, making CDR less attractive for
backups at large sites.
10/2/2022 AGMAS G. 26
Magneto-Optical Backup Devices
Magneto-optical Backup Devices
Optical storage systems and associated media are typically
expensive. They are also relatively slow devices. Consequently,
optical storage systems are rarely used as backup devices at large
sites.
In contrast, magnetic tape (or disk) storage systems are
inexpensive and fast. Unfortunately, the media is bulky and
susceptible to damage and data loss.
By combining the two storage systems into a single system,
manufacturers have been able to provide fast, inexpensive, and
reliable backup systems.
10/2/2022 AGMAS G. 27
Cont.…
Many of the magneto-optical systems are hierarchical, meaning that they
keep track of how long a file has been in storage since the last modification.
Files that are not accessed or modified are often eligible to be stored on
the slower optical storage section of the system.
Frequently accessed files are maintained on the magnetic storage section
of these systems, which allows for faster access to files.
Most magneto-optical storage systems use standard SCSI bus system
interconnections. These systems can typically provide the same (or better)
data transfer rates as SCSI tape and disk systems.
10/2/2022 AGMAS G. 28
Disk Backup Devices
Disk Systems As Backup Devices
One problem involved in using tape devices for backups is the
(relatively) low data throughput rate.
If the operator had to back up several gigabytes or terabytes of
data daily, it would not take long to realize that tape drives are
not the best backup method.
Although optical backup devices offer high storage capacity, the
optical devices are often much slower than tape devices.
.
10/2/2022 AGMAS G. 29
Con..
One popular method of backing up large-scale systems is to make
backup copies of the data on several disk drives.
Disk drives are orders of magnitude faster than tape devices, and
therefore offer a solution to one of the backup problems on large-
scale systems.
However, disk drives are much more expensive than tapes.
Disk backups also consume large amounts of system resources.
For example, you would need 100 2-Gb disks to back up 100 2-
Gb disks. Fortunately, there are software applications and
hardware systems available to transparently perform this
function
10/2/2022 AGMAS G. 30
Disk Backup Devices
RAID Disk Arrays
◦ One operating mode of redundant arrays of inexpensive disks
(RAID) enables the system to make mirror image copies of all data
on backup disk drives.
◦ RAID disk arrays also allow data striping for high-speed data
access.
◦ Yet another mode stores the original data, as well as parity
information on the RAID disks. If a drive should fail, the parity
information may be used to recreate the data from the failed
drive.
10/2/2022 AGMAS G. 31
Cont.…
Problems with Disks As Backup Devices
◦ When tape devices are employed as the backup platform, it is a simple matter
to keep a copy of the backups off-site.
◦ When disk drives are employed as a backup media, the process of keeping a
copy of the backup media off-site becomes a bit more complicated (not to
mention much more expensive).
◦ In the case of a RAID disk array, the primary copy of the data is stored on
one disk, and the backup copy of the data is stored on another disk.
However, both disks are housed in a single box. This makes the task of
moving one drive off-site much more complicated
10/2/2022 AGMAS G. 32
Disk Backup Devices
◦ RAID disk arrays have recently been equipped with fiber channel interfaces.
◦ The fiber channel is a high-speed interconnect that allows devices to be located several
kilometers from the computer.
◦ By linking RAID disk arrays to systems via optical fibers, it is possible to have an exact copy of the data
at a great distance from the primary computing site at all times.
High-Density Removable Media Backups
◦ A relatively recent addition to the backup market is the high-density removable media drive.
◦ Examples of these devices include the Iomega ZIP and JAZ drives, and the Imation Super disk drives.
◦ These devices are capable of recording 100 Mb to 2 Gb of data on a removable medium that
resembles a floppy diskette.
◦ Until recently, UNIX could not make use of these high-density removable media devices.
◦ Many of these devices employ a parallel port interface. A few of them offer SCSI interfaces, allowing
them to be connected to the external SCSI port on a workstation.
10/2/2022 AGMAS G. 33
On-line storage
➲ Many companies offer on-line storage
Amazon S3 service – pay by usage each month
Dropbox – first 2 GB are free, then
Carbonite - $59 per year, “unlimited”
Gmail attachments
10/2/2022 AGMAS G. 34
Windows Backup Commands
10/2/2022 AGMAS G. 35
10/2/2022 AGMAS G. 36
Windows Backup Commands
The Options menu under the Tools menu allows the operator to
determine the type of backup to be performed,
whether data should be verified after the backup is performed,
the amount of detail supplied in the log files, whether new media
should be used, backup scheduling, and other configuration
parameters for the backup utility.
10/2/2022 AGMAS G. 37
10/2/2022 AGMAS G. 38
Windows Backup Commands
10/2/2022 AGMAS G. 39
Cont..
Because this utility is based on the backup utility offered in the
consumer versions of Windows,
the Sysadmin at a commercial site may decide that the Windows
backup utility is not the first choice for backup software at the site.
Many third-party backup utilities are available for Windows
systems, including Amanda, Legato Networker, and the Veritas
backup suite.
10/2/2022 AGMAS G. 40
10/2/2022 AGMAS G. 41
Dealing with Specific Backup Issues
Certain aspects of successful backup and restore strategies require
special attention.
For instance, how could the operator restore the root file system if
the root disk had crashed and there was no way to boot the
system?
Many administrators are also concerned with how to automate
backups to minimize time investment while ensuring successful
backups.
Next, what happens if a backup requires 2 Gb of backup media, but
the backup device can write only 1 Gb to the media?
10/2/2022 AGMAS G. 42
Dealing with Specific Backup Issues
Restoring the Root File System
One of the most difficult problems faced when using restore is restoring
the root file system.
If the root file system is missing, it is not possible to boot the damaged
system, and there would not be a file system tree to restore to.
One way to accomplish a root file system reload is by booting the
system to the single-user state from the CD-ROM distribution media.
Another way to reload the root file system would be to boot the system
to the single-user state as a client of another system on the network.
Another method of restoring the root file system is to remove the disk
from the system, and attach it to a working system.
10/2/2022 AGMAS G. 43
Types of backup
Full: this transfers a copy of all the companies data within the
scope of the media , regardless of if the data was changed since the
last backup.
Differential: this backs up the files that since the last backup.
Incremental: only files that have changed since the backup will
be backed up.
10/2/2022 AGMAS G. 44
Summary
This chapter explored the commands that can be used to make
backup copies of system data, why it is important to make such
backup copies of data, and selected methods of avoiding data
loss due to natural or other disasters.
The authors hope that readers never have to use any of these
backup copies to restore the operation of their systems, but such
restorations are inevitable.
Good backups require a lot of time and attention, but having a
reliable copy of data is much more acceptable than the time and
expense of rebuilding a system without such backup copies.
10/2/2022 AGMAS G. 45
.
10/2/2022 AGMAS G. 46
10/2/2022 AGMAS G. 47
Chapter 6
The Domain Name System
Definitions.
DNS Naming Structure.
DNS Components.
How DNS Servers work.
DNS Organizations.
Summary.
10/2/2022
PREPARED BY: AGMAS G. 5
Subdomain Name
One domain is a sub-Domain of another if its
domain name ends in the other’s domain name
So abc.net.ye is a subdomain of
net.ye
ye
google.com is a subdomain of com.
Google .com
Yemen.net.ye is a domain
10/2/2022
PREPARED BY: AGMAS G. 12
The Resource Record
Your PC
ISP “Recursive” DNS server
Tell me the Address of
“www.google.com”
Your PC
ISP “Recursive” DNS server
Your PC
www.google.com web server
Here it is!
Your PC
Outbound Mail (SMTP) Server
…etc.
10/2/2022 PREPARED BY: AGMAS G.
Why do we need security?
Protect vital information while still allowing access to
those who need it
Trade secrets, medical records, etc.
Provide authentication and access control for resources
Ex: AFS
Guarantee availability of resources
Ex: 5 9’s (99.999% reliability)
information
10/2/2022 PREPARED BY: AGMAS G.
Information Security Services
Confidentiality
Integrity
Authentication
Nonrepudiation
Access Control
Availability 6
10
Internet
Perpetrator Victim
12
14
15
18
19
20
21
22
Packets
The Void
23
ISN, SRC=Alice
24
25
Malicious user
26
27
28
29
30
31
32
PROTECTION
DETECTION
RESPONSE
35
Digital Signatures
37
Internal
Network
Host
38
39
1
System Admin
2
Focus areas of system administration
3
…
4
…
5
…
6
…
7
…
8
…
9
…
10
…
11
…
12
..
13
…
14
…
15
System administration problems
Ineffective SW
Security
Internet connection
Lack of time
16
Problems in System Administration
17
…
18
…
19
…
20
OS for Sys Admin
Need to use some OS to make ideas concrete
Really only two choices: Windows and UNIX (and UNIX-like
OSes such as Linux)
Both are useful and common in the real world.
21
22
23