All N and S

Admas University
Megenagna campus
Department of computer sciences
COURSE TITLE: NETWORK AND SYSTEM ADMINISTRATION
BY: AGMAS G.
8/20/2022 AGMAS G. 1
Chapter 1
Chapter Objectives
Explore the world of the Network & System admin.
List the duties of the system admin.
List the skill set required of the system admin.
List a few personality traits of a typical system admin.
8/20/2022 SHEWAKENA G. 3
Introduction to System & Network Administration
What is System ?
A system is a collection of elements or components that are
organized for a common purpose.
 A set of detailed methods, procedures and routines created to
carry out a specific activity, perform a duty, or solve a problem
All systems have inputs, outputs and feedback mechanisms
Con…
What is Network ?
A group of interconnected (via wire and/or wireless)
devices and peripherals that is capable of sharing software
and hardware resources among many users.
What is Network Administration ?
The terms network administration and system
administration exist separately; However, are used both
variously and inconsistently by industry and academics
Is the management of network infrastructure devices
(routers and switches)
Introduction to System and Network Administration...
What is System Administration ?
Is a branch of engineering mainly concerned with the
operational management of human-computer systems
An organized collaboration between humans and computers to
solve a problem or provide a service
Is the term used traditionally by mainframe and Unix engineers
to describe the management of computers whether they are
coupled by a network or not
Do you think System Administration is an Administrative Job?
Definitely, No It is an extremely demanding
engineer’s job, so that a System Administrator has know
to a bit of everything.
It requires a skill, technique, administration and socio-
psychological knowledge and wisdom
It has to know about hardware, software, user support,
diagnosis, repair and prevention of system threats
What is the Key Role of Network and System Administration?
It is to build hardware configuration and to configure software
systems
Network Administrator: a person who responsible to admin, manage
and maintain the network design, configuration and infrastructure
development.
System Administrator: a person who responsible to admin users,
maintaining system, create file systems, install software and other
related issues.
Responsibilities of the Network Administrator:

 Designing and Planning the Network
Setting up the Network
Maintaining the Network
Expanding the Network
Responsibilities of the System Administrator
User Administration (Setup and Maintaining Account)
Maintaining System Verify that Peripherals are Working Properly
Quickly Arrange Repair for Hardware in occasion of Hardware Failure Monitor
System Performance
Create File Systems
Install Software
Create a Backup and Recover Policy
 Monitor Network Communication
Con…
Update system as soon as new version of OS and application
software comes out
Implement the Policies for the use of the Computer System and Network
Setup Security Policies for users. A sysadmin must have a
strong grasp of computer security (e.g. firewalls and intrusion
detection systems)
Documentation in form of Internal Wiki
Password and Identity Management
Con…
System Administrators’ Code of Ethics
Professionalism:
It maintain professional conduct in the workplace and will not allow personal
feelings or beliefs.
Personal Integrity:
It avoid conflicts of interest and biases whenever possible.
Privacy:
It maintain and protect the confidentiality of any information to which the
sysadmin may have access.
Laws and Policies:
The sysadmin should educate himself and others on relevant laws, regulations,
and policies regarding the performance of his/her duties.
Con…
Communication
The sysadmin should communicate with management, users, and colleagues about computer
matters of mutual interest.
System Integrity
The sysadmin should strive to ensure the necessary integrity, reliability, and availability of the
systems Education I The sysadmin should continue to update and enhance my technical
knowledge and other work-related skills.
Responsibility to Computing Community:
The sysadmin should cooperate with the larger computing community to maintain the integrity
of network and computing resources
Social Responsibility:
The sysadmin should encourage the writing and adoption of relevant policies and laws
consistent with the ethical principles.
Ethical Responsibility:
The sysadmin should strive to build and maintain a safe, healthy, and productive workplace
System Administration
 What is System Administration
 Management of the System which Covers of
Computers
Hardware (CPU , Printer , Scanner etc.)
Software
Operating System
Application Software
Management Software (Database / Web / Email etc.)
Networks
Users
 What do you understand by Management?
System Administration
Systems administration includes computer systems and the
ways people use them in an organization.
This requires a knowledge of
 operating systems
 applications,
 hardware and software troubleshooting,
but also knowledge of the purposes for which people in the
organization use the computers.
What Is a Sysadmin?
In a “small company” the Sysadmin may be the entire
information technology staff.
The Sysadmin may do everything from telephone, to fax,
to computer management.
Sysadmin may have to order supplies, deal with users,
develop software, repair hardware, and laugh at the
CEO’s jokes!
What Is a Sysadmin?
In a large company the Sysadmin may be one member of a large
group.
May be responsible for one aspect of the data center
operation.
 Programmers
 Database Administrators
 Network Administrators
 Operators
May not even know what the CEO looks like.
Common Sysadmin Qualities
A Sysadmin is a customer service agent!
The Sysadmin must be
 Able to communicate with technical and non-technical users.
 be patient, and have a sense of humor.
 Able to solve difficult technical problems.
 Able to work in a group setting.
 Must document activities in order to reproduce the results.
What Does a Sysadmin Do?
Plan and manage the machine room environment
design machine room; specify cooling, cabling, power
connections, and environmental controls (fire alarm, security)
Install and maintain operating system software, application
software, and patches.
Determine hardware and software pre-requisites, which patches
to install, which services to provide, and which services to
disable.
Cont.…
Schedule downtime to perform upgrades/patches, and test
devices and schedule downtime to manage devices.
Install and maintain user accounts; develop acceptable use
policy and login-name policy; determine password change
policies; install/configure/manage name services; and manage
licenses.
Determine disk quota policy/manage disk space, and monitor
log files.
Cont..
Train users on software and security.
Ensure that users have access to documentation.
Help users and provide help-desk support and problem tracking
system to answer user questions.
Configure network services:
 printing, file sharing, name service.
 determine file sharing needs and printing policies.
 manage security for shared resources.
Cont.…
Install/maintain system devices, hardware/drivers; specify
supported devices; determine spares practices.
Install/configure/manage web servers, configure web access
agents
Configure and maintain business applications
web agents
e-mail
calendar software
order/problem tracking software
Cont.…
 Install/configure/manage e-mail software
mail transfer agents.
mail readers.
 Configure and manage system security
security for business applications,
read security mailing lists and CERT notifications,
install/configure "firewall" software to limit intruder access,
collect evidence in case of successful intrusion and clean up
after intrusion
Cont..
Configure and maintain connectivity between hosts
monitor connectivity
troubleshoot connectivity problems
investigate complaints of poor response
Cont..
Configure and maintain system backups,
 determine backup strategy and policies, and
 configure backup software
 perform backups
 monitor backup logs
 check backup integrity
 determine disaster survival plans
 perform restores
Cont.…
 Troubleshoot and repair system problems
 Determine, locate, and repair/replace problem components
 Document the system, and develop and maintain documentation
on local setup and local policies
Skills Required
Delegation and Time Management
Ethics
Ability to create/follow Policies and Procedures
Desire to learn
Customer Service Attitude
Knowledge of technical aspects
Hardware
Software
Problem Solving
Types of Administrators/Users
 In a larger company, following may all be separate positions within a
computer support or Information Services (IS) department.
 In a smaller group they may be shared by a few Sysadmins, or even a
single person.
Database Administrator
Network Administrator
Security Administrator
Web Administrator
Technical support
computer operator
Cont.…
A database administrator (DBA) maintains a database system, and is
responsible for the integrity of the data and the efficiency and
performance of the system.
A network administrator maintains network infrastructure such as
switches and routers, and diagnoses problems with these or with the
behavior of network-attached computers.
A security administrator is a specialist in computer and network
security, including the administration of security devices such as
firewalls, as well as consulting on general security measures.
Cont.…
Web administrator maintains web server services (such as
IIS or Apache) that allow for internal or external access to
web sites.
Tasks include
 managing multiple sites,
 administering security,
 configuring necessary components and software.
 Responsibilities may also include software change
management.
Cont..
Technical support staff respond to individual users' difficulties with
computer systems, provide instructions
sometimes training,
diagnose and solve common problems.
A computer operator performs routine maintenance and upkeep,
such as
changing backup tapes or replacing failed drives in a RAID array. S
such tasks usually require physical presence in the room with the
computer;
while less skilled than Sysadmin tasks require a similar level of trust,
since the operator has access to possibly sensitive data.
Booting and Shutting Down
Roadmap
Bootstrapping
Boot Loaders
Startup/Init Scripts
Reboot & Shutdown
Q&A
Bootstrapping (simplified version)
BIOS Boot Loader Kernel Initialization
init
Runs scripts from Spawns Spawns

/etc/rc[0-6].d/ getty processes Xdm/gdm processes
login login
BIOS
Basic Input/output System
Contains information about the machine’s configuration.
Eg. IDE controller, NIC
PC knows which device to boot from via BIOS
PC tries to run code from the MBR (Master boot record ), ie. 1st
512 bytes, of the disk
MBR tells the PC to load the boot loader from certain disk
partition
The boot loader loads the kernel
Boot Loaders – LILO(Linux Loaser)
Traditional and stable ◦ other=/dev/hdb1
/etc/lilo.conf ◦ label=Windows
◦ boot=/dev/hda ◦ table=/dev/hdb
◦ root=/dev/hda1 To install it
◦ timeout=5 ◦ $ lilo
◦ image=/boot/vmlinuz-
2.6.20 lilo must be run after every
◦ label=Linux reconfiguration
◦ read-only
LILO continued,
LILO is a boot loader for Linux and was the default boot
loader for most Linux distribution in the years after a
popularity of loadlin.
To day many operating systems uses GRUB (GRand Unified

Bootloader) as a default boot loader but still LILO is
widely used.
Boot Loaders – LILO (cont)
At LILO prompt
◦LILO: linux init=/sbin/init also called
init
◦LILO: linux init=/bin/bash
◦LILO: linux root=/dev/hda5
◦LILO: linux single
Boot Loaders – GRUB
GRand Unified Boot loader
Default on Red Hat and SuSe
Read configuration file at boot time
Understand filesystems and kernel executable formats
◦ ie. Only need to know the device, disk partition and kernel filename
◦ GRUB device (hd0,0) → /dev/hda1 or /dev/sda1
To install GRUB (for the very first time)

◦ $ grub-install ‘(hd0,0)’
◦ Edit /boot/grub/grub.conf
Boot Loaders – GRUB (cont)
/boot/grub/grub.conf
◦ default=0
◦ timeout=5
◦ splashimage=(hd0,0)/boot/grub/splash.xpm.gz
◦ title CentOS (2.6.18-8.el5)
◦ root (hd0,0)
◦ kernel /boot/vmlinuz-2.6.18-8.el5 ro root=LABEL=/
◦ initrd /boot/initrd-2.6.18-8.el5.img
◦ title Windows
◦ rootnoverify (hd1,0)
◦ chainloader +1
Boot Loaders – GRUB (cont)
At the splash screen
◦ Hit ‘a’ and type “ single” to boot to single-user mode
◦ Hit ‘c’ to enter command-line mode
◦ To boot other OSes that aren’t in grub.conf
◦ Display system information
◦ Press TAB to see possible commands
Kernel Initialization
A program itself(after GRUB loaded the kernel to the RAM kernel start to initialize the memory )
 /vmlinuz or /boot/vmlinuz
Two-stage loading process
 initrd (init RAM disk)
 A transient root filesystem in RAM before a real root filesystem is available
 Eg. It is used to install file system modules into the kernel
 The real root filesystem
Device detection and configuration
 You tell the kernel what to expect
 The kernel probes the H/W itself
Kernel threads creation
 Eg. init (a user process), kjournald, kswapd
Single-user mode
A manual mode after kernel initialization and before running startup
scripts
“single” is passed to init, sulogin is run instead
Most system processes are not running
Users can’t log in, except root
/ is mounted read-only
 $ mount -o rw,remount /
Check/repair the disk if there are disk problems
 $ fsck -y /dev/sda1
Run ‘exit’ to exit single-user mode
Startup/Init Scripts
After Kernel initialization, a process called init is created with PID 1
init runs startup scripts (normal shell scripts) to perform specific
tasks, eg.
Setting the hostname, time zone, etc
Checking and mouting the disks
Configuring network interfaces
Starting up daemons and network services
Startup/Init Scripts (cont)
Startup scripts (rc files) are run based on run levels
◦ 0 the level in which the system is completely shut down
◦ 1 single-user mode
◦ 2 multiuser mode w/out NFS
◦ 3 full multiuser mode
◦ 4 unused
◦ 5 X11
◦ 6 reboot level
Starts with run level 0 to the default run level (usually 3)
/etc/inittab tells init what to do at each level
To find out which run level the system is current in
◦ $ runlevel
init runs the scripts from /etc/rc.d/rc[0-6].d/
◦ /etc/rc.d/rc0/K25sshd → /etc/init.d/sshd
◦ /etc/rc.d/rc3/S55sshd → /etc/init.d/sshd
Each server/daemon provides a master script
◦ Stored in /etc/init.d
◦ Understands the arguments: start, stop, restart
◦ /etc/init.d/sshd start
run level 0 → 3
◦ /etc/rc.d/rc3/S* start
run level 3 → 0
◦ /etc/rc.d/rc0/K* stop
Pretty ugly!
Use chkconfig instead. Eg.
◦ $ chkconfig --add sshd
◦ $ chkconfig --del sshd
Before that, need to add/modify /etc/init.d/sshd

◦ # chkconfig: 2345 55 25
◦ sshd should be started/stopped at run level 2, 3, 4 and 5 with the start priority of 55 and the stop priority of 25
Reboot & Shutdown
To reboot
◦ $ shutdown -r now
◦ $ reboot
◦ $ telinit 6
To halt
◦ $ shutdown -h now
◦ $ halt
◦ $ telinit 0
◦ $ poweroff
Reboot & Shutdown (cont)
To shutdown gracefully
◦ $ shutdown -h +15 “Shutdown in 15 mins”
Super user
On a Unix system, the superuser refers to a
privileged account with unrestricted access to all
files and commands.
The username of this account is root.
Many administrative tasks and their associated
commands require superuser status.
Cont..
There are two ways to become the superuser.
The first is to log in as root directly.
 The second way is to execute the command su while logged in to
another user account.
 The su command may be used to change one's current account
to that of a different user after entering the proper password.
It takes the username corresponding to the desired account as
its argument; root is the default when no argument is provided.
$ su
Password: Not echoed
Cont..
You may exit from the superuser account with exit or Ctrl-
D.
You may suspend the shell and place it in the background
with the suspend command;
you can return to it later using fg.
Boot process
The normal boot process has these main phases:
Basic hardware detection (memory, disk, keyboard,
mouse, and the like).
Executing the firmware system initialization program
(happens automatically).
Locating and running the initial boot program (by the
firmware boot program),
usually from a predetermined location on disk.
This program may perform additional hardware checks prior to
loading the kernel.
Cont..
Locating and starting the Unix kernel (by the first-stage boot
program).
The kernel image file to execute may be determined automatically
or via input to the boot program.
The kernel initializes itself and then performs final, high-level
hardware checks, loading device drivers and/or kernel modules as
required.
The kernel starts the init process, which in turn starts system
processes (daemons) and initializes all active subsystems. When
everything is ready, the system begins accepting user logins.
Challenges System & Network Administration
There are three key challenges in introducing these global frameworks:
Security includes never-ending management of a series of threats that are
steadily increasing.
With the proliferation of IoT devices expected over the next few years,
along with the complexities of private and virtual clouds, more users,
more mobile devices, and an increasing volume of endpoints, network
administrators will continue to struggle to stay ahead of hackers.
Consumer-specific security threats, such as malware focused on
smartphones will continue to threaten the global network as a whole.
Challenges System & Network Administration
Monitoring and maintenance of global networks will become increasingly important.
Because we lack integrated reporting and alert capabilities, network administrators will
continue to struggle with how to monitor a widening volume of traffic.
Machine learning algorithms and artificial intelligence may provide the key to network
monitoring the various applications and the global delivery of static and dynamic content.
Network performance management will include managing beyond bandwidth, packet

loss, or latency.
Network administrators must be able to continuously monitor in real-time across a
distributed global network, troubleshoot IP-based applications, and assess network
readiness for new services before implementing them.
.
Chapter 2
INTRODUCING WINDOWS SERVER
AND CONTROLLING PROCESSES
9/1/2022 1
Objectives
Describe the editions of Windows Server 2008
Discuss core technologies
Explain the primary roles a Windows Server 2008 computer can fulfill
Describe the new and enhanced features of Windows Server 2008
9/1/2022 2
An Introduction to Operating Systems
An operating system (OS) is a set of basic programming instructions to
computer hardware, forming a layer of programming code on which
most other functions of the computer are built.
The kernel is the programming code that is the core of the operating
system.
Code is a general term that refers to instructions written in a computer
programming language.
Computer hardware consists of physical devices such as the central
processing unit (CPU), circuit boards, the monitor and keyboard, and
disk drives.
9/1/2022 3
Cont..
Two types of operating systems will be covered in this book:
Desktop operating system – installed on a personal computer (PC) type of
computer that is used by one person at a time, and that may or may not be
connected to a network.
Examples of installations are desktop computers, laptops, and
iMac computers
Server operating system – installed on a more powerful computer that is
connected to a network and enables multiple users to access information
such as e-mail, files, and software.
Examples of hardware with a server OS include traditional
server hardware, rack-mounted server hardware, and blade
servers.
9/1/2022 4
Cont..
Traditional server – often used by small or medium businesses
Usually consists of a monitor, CPU box, keyboard, and mouse
Rack-mounted server – CPU boxes mounted in racks(rack) that can
hold multiple servers
All servers often share one monitor and pointing device
Blade servers – looks like a card that fits into a blade enclosure
A blade enclosure is a large box with slots for blade servers
Medium and large organizations use blade servers to help conserve
space and to consolidate server management
9/1/2022 5
Tasks of Operating Systems
A basic task of an OS is to take care of input/output (I/O) functions, which
let other programs communicate with the computer hardware
Some examples of I/O tasks:
Handle input from the keyboard, mouse, and other input devices
Handle output to the monitor and printer
Handle remote communications using a modem
Manage network communications, such as for a local network and
the Internet
Control input/output for devices such as network interface card
Control information storage and retrieval using various types of disk
Enable multimedia use for voice and video composition or
reproduction, such as recording video from a camera or playing
music
9/1/2022 6
An Introduction to Operating Systems
General tasks for all operating systems
9/1/2022 7
The Role of a Server Operating System
Hardware or Software? Server software is ambiguous; can run on multiple different platforms (i.e.
laptop)
Windows Server 2008 roles short summary:
File and Printer sharing
Web server
Routing and Remote Access Services (RRAS)
Domain Name System (DNS)
Dynamic Host Configuration Protocol (DHCP)
File Transfer Protocol (FTP) Server
Active Directory
Distributed File System (DFS)
Fax Server
9/1/2022 8
Windows Server 2008 Editions
Windows Server 2008 Standard Edition
Smaller organizations consisting of a few hundred users or less
Windows Server 2008 Enterprise Edition
Larger companies with more needs
Windows Server 2008 Datacenter Edition
Companies that run high powered servers with considerable resources
Windows Web Server 2008
Similar to Standard.
User base varies from small businesses to corporations with large
departments
9/1/2022 9
Windows 2008 Standard Edition
Up to 4 physical processors allowed
Available in 32-bit or 64-bit versions
32-bit version supports up to 4 GB of RAM, 64-bit version up to 32 GB
Lacks more advanced features, such as clustering
64-bit version can install one virtual instance of Server 2008 Standard
Edition with Hyper-V
9/1/2022 10
Windows Server 2008 Enterprise Edition
All the features of Standard Edition
Up to 8 physical processors
32-bit version supports 64 GB RAM; 64-bit version supports 2 TB
Can be clustered; up to 16 cluster nodes permitted
Hot-add memory
Four virtual instances per license with Hyper-V
9/1/2022 11
Windows Server 2008 Datacenter Edition
All the features of Enterprise Edition
Up to 32 physical processors in 32-bit version, 64 processors in 64-bit
Extra fault tolerance features: hot-add and hot-replace memory or CPU
Can’t be purchased as individual license, only through volume license or
through OEMs original equipment manufacturer(pre-installed)
Unlimited number of virtual instances
9/1/2022 12
Windows Web Server 2008
Designed to run Internet Information Services (IIS) 7.0
Hardware support similar to Standard Edition
Lacks many of the features present in other editions
Typically used when roles such as Active Directory or
Terminal Services are not required
9/1/2022 13
System Requirements (All editions)
Component Requirement
Processor Minimum: 1 GHz for x86 CPU or 1.4
GHz for x64 cpu
Recommended: 2 GHz or faster
Memory Minimum 512 MB RAM
Recommended: 2 GB RAM or more
Available disk space Minimum: 10 GB
Recommended: 40 GB or more
Additional drives DVD-ROM
Display and peripherals Super VGA or higher
Keyboard and mouse
9/1/2022 14
Windows Server 2008 Core Technologies
New Technology File System
Active Directory
Microsoft Management Console
Disk Management
File and printer sharing
Windows networking
Internet Information Services
9/1/2022 15
NTFS
New Technology File System
Successor to FAT/FAT32
Native support for long filenames, file and folder permissions,
support for large files and volumes, reliability, compression, and
encryption
Most significant is the added ability for more granular file access
control
9/1/2022 16
Active Directory
Provides a single point of administration of resources (Users,
groups, shared printers, etc.)
Provides centralized authentication and authorization of users to
network resources
Along with DNS, provides domain-naming services and
management for a Windows domain.
Enables administrators to assign system policies, deploy software
to client computers, and assign permissions and rights to users of
network resources
9/1/2022 17
Microsoft Management Console (MMC)
Creates a centralized management interface for
administrators
Uses snap-ins, which are designed to perform specific
administrative tasks (such as disk management or active
directory configuration)
Multiple snap-ins can be combined into a single MMC,
providing quicker access to commonly used tools
9/1/2022 18
Disk Management
Monitors disk and volume status
Initializes new disks
Creates and formats new volumes
Troubleshoots disk problems
Configures redundant disk configurations (RAID)
9/1/2022 19
File and Printer Sharing
Shadow copies
Disk quotas
Distributed File System (DFS)
Also possible to configure options that allow redundancy,
version control, and user storage restrictions.
9/1/2022 20
Windows Networking Concepts
The Workgroup Model
A small group of computers that share common roles, such as
sharing files or printers.
Also called a peer-to-peer network
Decentralized logons, security, and resource sharing
Easy to configure and works well for small groups of users (fewer
than 10)
A Windows Server 2008 server that participates in a workgroup
is referred to as a stand-alone server
9/1/2022 21
Windows Networking Concepts (cont.)
The Domain Model
Preferred for a network of more than 10 computers or a network that
requires centralized security and resource management
Requires at least one computer to be a domain controller
A domain controller is a Windows server that has Active Directory installed
and is responsible for allowing client computers access to domain resources
A member server is a Windows Server that’s in the management scope of a
domain but doesn’t have Active Directory installed
9/1/2022 22
Windows Networking Components
Network Interface
Composed of two parts; the network interface card (NIC) and the device driver
software
Network Protocol
Specifies the rules and format of communication between network devices
Network Client and Server Software

Network client sends requests to a server to access network resources
Network server software receives requests for shared network resources and makes
those resources available to a network client
9/1/2022 23
Internet Information Services
Windows Server 2008 provides IIS 7.0
Modular design
Unused features aren’t available for attackers to exploit
Extensibility
Functionality is easily added via modular design
Manageability
Delegated administration; can assign control over some aspects of the website
to developers and content owners
Appcmd.exe provides the ability to manage IIS via scripts and batch files
9/1/2022 24
Windows Server 2008 Roles
Server role is a major function or service that a server performs
Role services add functions to main roles
Server features provide functions that enhance or support an
installed role or add a stand-alone function
A server can be configured for a single role or multiple roles
9/1/2022 25
Active Directory Certificate Services
A digital certificate is an electronic document containing
information about the certificate holder and the entity that
issued the certificate
The Active Directory Certificate Services role provides
services for creating, issuing, and managing digital
certificates
AD CS can include other server roles for managing
certificates
9/1/2022 26
Active Directory Domain Services
Active Directory Domain Services (AD DS) installs Active Directory
and turns Windows Server 2008 into a domain controller
Read Only Domain Controller (RODC)
Provides the same authentication and authorization services as a standard
domain controller
Changes cannot be made on an RODC directly
Updated periodically by replication from standard domain controllers
9/1/2022 27
Other Active Directory Related Roles
Active Directory Federation Services (AD FS)
Active Directory Lightweight Directory Services
(AD LDS)
Active Directory Rights Management Services (AD
RMS)
9/1/2022 28
Application Server
Provides high-performance integrated environment for
managing, deploying, and running client/server business
applications.
Applications for this role usually built with one or more of
the following technologies: IIS, ASP.NET, Microsoft .NET
Framework, COM+, and Message Queuing
9/1/2022 29
DHCP Server
Dynamic Host Configuration Protocol Server role
provides automatic IP address assignment and
configuration for client computers
Can provide default gateway address, DNS server
addresses, WINS server addresses, and other options
Windows Server 2008’s DHCP server role provides
support for IPv6
9/1/2022 30
DNS Server
DNS Server resolves the names of Internet computers
and computers that are members of a Windows
Domain to their assigned IP addresses.
When installing Active Directory, you can specify an
existing DNS server or install DNS on the same server
as Active Directory
9/1/2022 31
Fax Server
Provides tools to managed shared fax resources and allow users
to send and receive faxes
After the role is installed, you can
Manage users who have access to fax resources
Configure fax devices
Create rules for routing incoming and outgoing faxes
Monitor and log use of fax resources
9/1/2022 32
File Services
Provide high availability, reliable, shared storage to
Windows and other client OSs
Installing File Services role installs the File Server
service automatically
9/1/2022 33
Hyper-V
Provides services to create and manage virtual machines on a
Windows Server 2008 computer
A virtual machine is a software environment that simulates
the computer hardware an OS requires for installation
Installing an OS on a virtual machine is done using the same
methods used on a physical machine
9/1/2022 34
Network Policy and Access Services
Provides Routing and Remote Access Services (RRAS)
Other services that can be installed
◦ Network Policy Server (NPS)
◦ Health Registration Authority (HRA)
◦ Host Credential Authorization Protocol (HCAP)
9/1/2022 35
Print Services
Enables administrators to manage access to network printers
Installs Print Server by default
Internet Printing role service enables Web-based
management of network printers
Line Printer Daemon (LPD) role service provides compatibility
with Linux/UNIX clients
9/1/2022 36
Terminal Services
Enables users and administrators to control a Windows desktop remotely /
run applications hosted on a server remotely
Terminal server role permits up to two simultaneous remote desktop
sessions
Additional sessions require TS Licensing role service and license purchases
Other roles
 TS Sessions Broker
 TS Gateway
 TS Web Access
9/1/2022 37
UDDI Services
Universal Description, Discovery, and Integration (UDDI) Services
enables administrators to manage, catalog, and share web services
Allows users to search for web services available to them
Gives developers a catalog of existing applications and development
work
9/1/2022 38
Web Server (IIS)
Consists of role services Web Server, management tools, and
FTP publishing
Secondary role services can be installed for additional
features
9/1/2022 39
Windows Deployment Services
Simplifies the installation of Windows over a network
Can install and remotely configure Windows Vista and Server
2008 systems
WDS is an improved version of Remote Installation Services
(RIS) found in Windows Server 2000 and 2003
9/1/2022 40
New Features in Windows Server 2008
1. Server Manager
2. Server Core
3. Hyper-V virtualization
4. Storage management enhancements
5. Networking enhancements
6. Network Access Protection
7. Windows Deployment Services
8. New Active Directory roles
9. Terminal Services enhancements
9/1/2022 41
Server Manager
I. Provides a single interface for installing, configuring, and
removing a variety of server roles and features on a server.
II. Summarizes server status and configuration
III. Includes tools to diagnose problems, manage storage, and
perform general configuration tasks
IV. Consolidates tools from Windows Server 2003
9/1/2022 42
Server Core
 Has a minimum environment and lacks a full GUI
 Can install the following server roles:
Active Directory Domain Services (AD DS)
Active Directory Lightweight Directory Services (AD LDS)
Dynamic Host Configuration Protocol (DHCP) Server
DNS Server
File Services
Print Server
Streaming Media Services
Web Server
Hyper-V
9/1/2022 43
Server Core (cont.)
 Core supports additional features to enhance server roles:
Microsoft Failover Clustering
Network Load Balancing
Subsystem for UNIX-based Applications
Windows Backup
Multipath I/O
Removable Storage Management
Windows Bitlocker Drive Encryption
Simple Network Management Protocol (SNMP)
Windows Internet Naming Service (WINS)
Telnet client
Quality of Service (QOS)
9/1/2022 44
Server Core (cont.)
Server Core lacks the ability to install the following server
roles (and their optional features):
◦ Application Server
◦ Active Directory Rights Management Services
◦ Fax Server
◦ UDDI Services
◦ Windows Deployment Services
◦ Active Directory Certificate Services
◦ Network Policy and Access Services
◦ Terminal Services
◦ Active Directory Federation Services
9/1/2022 45
Server Core (cont.)
9/1/2022 46
Hyper-V
Virtualization isolates critical applications
Virtualization helps to consolidate multiple physical servers into a singular server
Using a virtual machine increases the ease of backing up essential servers
Updates or changes to an OS can be made on a virtual machine to test stability before being
applied to a production machine
Reduces the need for physical devices in educational environments
9/1/2022 47
Hyper-V (cont.)
Hyper-V Requirements:
◦ 64-bit version of Windows Server 2008 Standard, Enterprise, or Datacenter Edition
◦ A server running a 64-bit processor with virtualization support and hardware data
execution protection.
◦ Enough free memory and disk space to run virtual machines and store virtual hard
drives. Virtual machines use the same amount of memory and disk space resources as a
physical machine.
9/1/2022 48
Hyper-V (cont.)
9/1/2022 49
Storage Management Enhancements
Share and Storage Management MMC Snap-in
File Server Resource Manager
Windows Server Backup
Other improvements include:
◦ Storage Explorer
◦ SMB 2.0
◦ Remote boot support
9/1/2022 50
Networking Enhancements
Improved support for IPv6
DHCPv6
Load balancing
Redesigned TCP/IP stack
Improved performance, error-detection, and recovery
Virtual Private Networking
Secure Socket Tunneling Protocol (SSTP)
9/1/2022 51
Network Access Protection
Ensures computers are equipped with required security features
Enables monitoring of anti-virus software and firewall settings
If a computer does not meet all requirements defined by an
administrator, it can be restricted automatically from accessing
certain network resources
Can force computers to update themselves
9/1/2022 52
Windows Deployment Services
Updates Remote Installation Services
Allows unattended installation of Windows OSs
WDS can multicast deployment of disk images, reducing network
bandwidth required
Includes tools to customize the Windows OS for deployment
9/1/2022 53
New Active Directory Roles
Active Directory Lightweight Directory Services (AD LDS)
Provides tighter integration for applications that require large amounts
of data retrieval. Does not require a domain controller or domain
Active Directory Federation Services (AD FS)
Provides Single Sign-On for users of an organization to access internal
resources as well as external resources inside of a partner organization
Active Directory Rights Management Services (AD RMS)
Helps the author of a document decide how a document can be used
or modified, and deny unauthorized users access
9/1/2022 54
Terminal Services Enhancements
RemoteApp
Rather than accessing a program on a server through remote
desktop, the application appears as if it is actually running locally
Terminal Services Web Access (TS Web Access)
Allows users to access applications through a web browser,
requiring no additional software for the client if running Vista
Can list available RemoteApp programs
Allows secure, encrypted connections using Secure HTTP
(HTTPS) without the need for a VPN
9/1/2022 55
Control Process
9/1/2022 56
Control process
 Will give you a list of the processes running on your system.
 With no options, ps will list processes that belong to the
current user and have a controlling terminal.
9/1/2022 57
PID, PPID, UID, GID
In Linux, an executable stored on disk is called a program, and a
program loaded into memory and running is called a process.
When a process is started, it is given a unique number called process
ID (PID) that identifies that process to the system.
If you ever need to kill a process, for example, you can refer to it by
its PID.
9/1/2022 58
Cont..
Each process is assigned a parent process ID (PPID) that tells which
process started it.
The PPID is the PID of the process’s parent.
For example, if process1 with a PID of 101 starts a process named
process2, then process2 will be given a unique PID, such as 3240, but
it will be given the PPID of 101.
It’s a parent-child relationship.
A single parent process may spawn several child processes, each
with a unique PID but all sharing the same PPID.
9/1/2022 59
Cont..
Unix-like operating systems identify users within the kernel by a
value called a user identifier, often abbreviated to UID or User ID.
The UID, along with the GID and other access control criteria, is used
to determine which system resources a user can access.
The password file maps textual usernames to UIDs, but in the
kernel, only UID's are used.
9/1/2022 60
Cont..
The effective UID (euid) of a process is used for most access checks. It
is also used as the owner for files created by that process.
GID:
A group identifier, often abbreviated to GID, is a numeric value used
to represent a specific group.
The range of values for a GID varies amongst different systems;
at the very least, a GID can be between 0 and 32,767, with one
restriction: the login group for the superuser must have GID 0.
9/1/2022 61
Priority and nice value
•Nice Sets the priority for a process.
•nice -20 is the maximum priority (only administrative users can
assign negative priorities), nice 20 is the minimum priority.
•You must be root to give a process a higher priority, but you can
always lower the priority of your own processes...
•Example:
• nice -20 make Would execute make and it would run at maximum
priority.
9/1/2022 62
Priority vs. nice
•The difference is that PR is a real priority of a process at the moment
inside of the kernel and NI is just a hint for the kernel what the
priority the process should have.
•In most cases PR value can be computed by the following formula:
• PR = 20 + NI.
• Thus the process with niceness 3 has the priority 23 (20 + 3) and the
process with niceness -7 has the priority 13 (20 - 7).
9/1/2022 63
Cont..
• You can check the first by running command nice -n 3 top.
• It will show that top process has NI 3 and PR 23.
• But for running nice -n -7 top in most Linux systems you need to
have root privileges because actually the lower PR value is the
higher actual priority is.
9/1/2022 64
Signals, process states, etc.
A signal is a software interrupt,

a way to communicate information to a process about the state of other
processes, the operating system, and hardware.
A signal is an interrupt in the sense that it can change the flow of

the program
when a signal is delivered to a process, the process will stop what
its doing, either handle or ignore the signal, or in some cases
terminate, depending on the signal.
9/1/2022 65
Cont..
Signals may also be delivered in an unpredictable way, out of
sequence with the program due to the fact that signals may originate
outside of the currently executing process.
Another way to view signals is that it is a mechanism for
handling asynchronous events.
As opposed to synchronous events, which is when a standard
program executes iterative, that is, one line of code following
another.
9/1/2022 66
Cont..
Asynchronous events occur when portions of the program
execute out of order.
Asynchronous events typically occur due to external
events originating at the hardware or operating system; the
signal, itself, is the way for the operating system to
communicate these events to the processes so that the
process can take appropriate action.
9/1/2022 67
Cont..
How we use signals
Signals are used for a wide variety of purposes in Unix
programming, and we've already used them in smaller
contexts.
For example, when we are working in the shell and wish to
"kill all cat programs" we type the command:
9/1/2022 68
Cont..
#> killall cat The killall command will send a signal to all
processes named cat that says "terminate."
The actually signal being sent is SIGTERM,
whose purposes is to communicate a termination request to a
given process,
but the process does not actually have to terminate … more on
that later.
9/1/2022 69
1. Periodic process
1. What is cron?
Cron is a standard Unix utility that is used to schedule commands
for automatic execution at specific intervals.
For instance, you might have a script that produces web statistics
that you want to run once a day automatically at 5:00 AM.
Commands involving cron are referred to as "cron jobs.
9/1/2022 70
Cont..
Cron in the Account Control Center
The ACC has a built-in interface for cron. We recommend that all
customers use the ACC cron interface, although advanced users may
use cron manually.
9/1/2022 71
Chapter Summary
A server is defined more by the software installed on hardware as
opposed to the hardware in use. In many cases, a client OS can
behave as a server.
Windows Server 2008 is available in four editions: Standard,
Enterprise, Datacenter, and Windows Web Server 2008
Core technologies in Windows Server 2008 include NTFS, Active
Directory, MMC, disk management, file and printer sharing,
networking components, and IIS
Windows Server 2008 updates previously available services with
additional functionality, while adding several new services.
9/1/2022 72
.
9/1/2022 73
9/1/2022 74
Chapter three
THE FILE SYSTEM
9/30/2022 1
Contents
What is file system
Types of file system
9/30/2022 2
File System
File system is a method for storing and organizing computer files and
the data they contain to make it easy to find and access them.
Most file systems make use of an underlying data storage device such
as Hard Disks that offers access to an array of fixed-size blocks which
is the smallest logical amount of disk space that can be allocated to
hold a file.
File systems typically have directories which associate file names with
files, usually by connecting the file name to an index in a file allocation
table of some sort, such as the FAT in a DOS file system, or an incode
in a Unix-like file system.
9/30/2022 3
File System
File names are simple strings, and per-file Metadata is maintained
which is the bookkeeping information, typically associated with
each file within a file system.
Metadata could contain file attributes such as file size, data and
time of creation or modification of the file, owner of the file,
access permissions etc.
9/30/2022 4
Types of File System
File system types can be classified into
disk file systems,
network file systems ()
flash file systems.
A disk file system is a file system designed for the storage of files on a data storage device,
most commonly a disk drive e.g. FAT, NTFS, etx2, ext3 etc.
A network file system is a file system that acts as a client for a remote file access protocol,
providing access to files on a server e.g. NFS(Network File System), SMB(Server Message Block)
etc.
A flash file system is a file system designed for storing files on flash memory devices.
9/30/2022 5
File System and OS
Operating systems provide a file system, as a file system is an integral part of any
modern operating system.
Windows Operating system supports FAT and NTFS File Systems
Linux popularly supports ext2 and ext3 File Systems
Other flavors of Operating Systems may support other File Systems like UFS in many
UNIX Operating Systems and HFS in MAC OS X.
All Operating Systems provide a user interface like Command Line (CLI) or File
Browser to access and manage File System information.
9/30/2022 6
FAT DOS/Windows File System
The File Allocation Table (FAT) file system was initially developed for DOS
Operating System and was later used and supported by all versions of
Microsoft Windows.
It was an evolution of Microsoft's earlier operating system MS-DOS and
was the predominant File System in Windows versions like 95, 98, ME etc.
All the latest versions of Windows still support FAT file system although it
may not be popular.
FAT had various versions like FAT12, FAT16 and FAT32. Successive versions
of FAT were named after the number of bits in the table: 12, 16 and 32.
9/30/2022 7
Windows File System
NTFS New Technology File System

NTFS or the NT File System was introduced with the Windows NT operating
system.
NTFS allows ACL-based permission control which was the most important
feature missing in FAT File System.
Later versions of Windows like Windows 2000, Windows XP, Windows Server
2003, Windows Server 2008, and Windows Vista also use NTFS.
NTFS has several improvements over FAT such as security access control lists
(ACL) and file system journaling.
9/30/2022 8
File System in Linux
Linux supports many different file systems,
but common choices for the system disk include the ext family (such as ext2 and
ext3), XFS, JFS and Reiser FS.
The ext3 or third extended file system is a journaled file system and is the default
file system for many popular Linux distributions .
It is an upgrade of its predecessor ext2 file system and among other things it has
added the journouling feature.
A journaling file system is a file system that logs changes to a journal (usually a
circular log in a dedicated area) before committing them to the main file system.
Such file systems are less likely to become corrupted in the event of power failure
or system crash.
9/30/2022 9
FAT
FAT == File Allocation Table
FAT is located at the top of the volume.
two copies kept in case one becomes damaged.
Cluster size is determined by the size of the volume.
9/30/2022 10
Volume size V.S. Cluster size
Drive Size Cluster Size Number of Sectors
--------------------------------------- -------------------- ---------------------------
512MB or less 512 bytes 1
513MB to 1024MB(1GB) 1024 bytes (1KB) 2
1025MB to 2048MB(2GB) 2048 bytes (2KB) 4
2049MB and larger 4096 bytes (4KB) 8
9/30/2022 11
FAT block indexing
9/30/2022 12
FAT Limitations
Entry to reference a cluster is 16 bit
Thus at most 2^16=65,536 clusters accessible.
Partitions are limited in size to 2~4 GB.
Too small for today’s hard disk capacity!
For partition over 200 MB, performance degrades rapidly.
Wasted space in each cluster increases.
Two copies of FAT…

 still susceptible to a single point of failure!
9/30/2022 13
FAT32
Enhancements over FAT
More efficient space usage
◦ By smaller clusters.
◦ Why is this possible? 32 bit entry…
More robust and flexible
◦ root folder became an ordinary cluster chain, thus it can be located anywhere
on the drive.
◦ back up copy of the file allocation table.
◦ less susceptible to a single point of failure.
9/30/2022 14
NTFS
MFT == Master File Table
◦ Analogous to the FAT
Design Objectives
1) Fault-tolerance
 Built-in transaction logging feature.
2) Security
 Granular (per file/directory) security support.
3) Scalability
 Handling huge disks efficiently.
9/30/2022 15
NTFS
Scalability
◦ NTFS references clusters with 64-bit addresses.
◦ Thus, even with small sized clusters, NTFS can map disks up to sizes that we
won't likely see even in the next few decades.
Reliability
◦ Under NTFS, a log of transactions is maintained so that CHKDSK can roll back
transactions to the last commit point in order to recover consistency within
the file system.
◦ Under FAT, CHKDSK checks the consistency of pointers within the directory,
allocation, and file tables.
9/30/2022 16
NTFS
It allows you to access files on remote hosts in exactly the same way
you would access local files.
NFS offers a number of useful features:
Data accessed by all users can be kept on a central host, with
clients mounting this directory at boot time.
For example, you can keep all user accounts on one host and
have all hosts on your network mount /home from that host.
If NFS is installed beside NIS, users can log into any system and
still work on one set of files.
9/30/2022 17
Cont..
Data consuming large amounts of disk space can be kept
on a single host.
For example, all files and programs relating to LaTeX and
METAFONT can be kept and maintained in one place.
Administrative data can be kept on a single host.
There is no need to use rcp to install the same stupid file
on 20 different machines.
9/30/2022 18
NTFS Metadata Files
Name MFT Description
$MFT Master File Table
$MFTMIRR Copy of the first 16 records of the MFT
$LOGFILE Transactional logging file
$VOLUME Volume serial number, creation time, and dirty flag
$ATTRDEF Attribute definitions
. Root directory of the disk
$BITMAP Cluster map (in-use vs. free)
$BOOT Boot record of the drive
$BADCLUS Lists bad clusters on the drive
$QUOTA User quota
$UPCASE Maps lowercase characters to their uppercase version
9/30/2022 19
NTFS : MFT record
9/30/2022 20
MFT record for directory
9/30/2022 21
Application~ File System Interaction
Process Open file
control table File descriptors
block (system-wide) (Metadata) File system
info
File
descriptors
Open Directories
file
pointer ..
array
.
File data
9/30/2022 22
open(file…) under the hood
1. Search directory structure for fd = open( FileName, access)
the given file path
2. Copy file descriptors into in-
memory data structure PCB Allocate & link up
data structures
3. Create an entry in system-
wide open-file-table
Open
Directory look up
4. Create an entry in PCB file
table by file path
5. Return the file pointer to
user
Metadata File system on disk
9/30/2022 23
read(file…) under the hood
read( fd, userBuf, size )
PCB
Find open file
descriptor
Open
file read( fileDesc, userBuf, size )
table
Logical  phyiscal
Metadata read( device, phyBlock, size )

Get physical block to sysBuf
Buffer copy to userBuf
cache
Disk device driver
9/30/2022 24
Types of Linux file systems
9/30/2022 25
1. Ordinary files
is a file on the system that contains data, text, or program
instructions.
Used to store your information, such as some text you have written
or an image you have drawn.
This is the type of file that you usually work with.
Always located within/under a directory file.
Do not contain other files.
In long-format output of ls -l, this type of file is specified by the “-”
symbol.
9/30/2022 26
2. Directories –
Directories store both special and ordinary files.
For users familiar with Windows or Mac OS, UNIX directories are
equivalent to folders
A directory file contains an entry for every file and subdirectory
that it houses.
If you have 10 files in a directory, there will be 10 entries in the
directory.
Each entry has two components.
(1) The Filename
(2) A unique identification number for the file or directory
(called the inode number)
9/30/2022 27
3. Special Files –
Used to represent a real physical device such as a
printer, tape drive or terminal, used for Input/Ouput
(I/O) operations.
Device or special files are used for device
Input/Output(I/O) on UNIX and Linux systems.
9/30/2022 28
4. Pipes
– UNIX allows you to link commands together using a
pipe.
The pipe acts a temporary file which only exists to hold
data from one command until it is read by another.
A Unix pipe provides a one-way flow of data.
The output or result of the first command sequence is
used as the input to the second command sequence.
9/30/2022 29
5. Sockets –
A Unix socket (or Inter-process communication socket) is
a special file which allows for advanced inter-process
communication.
A Unix Socket is used in a client-server application
framework. In essence, it is a stream of data, very similar
to network stream (and network sockets), but all the
transactions are local to the filesystem.
In long-format output of ls -l, Unix sockets are marked by
“s” symbol.
.
9/30/2022 30
6. Symbolic Link
Symbolic link is used for referencing some other file of the file
system.
Symbolic link is also known as Soft link.
It contains a text form of the path to the file it references.
To an end user, symbolic link will appear to have its own name, but
when you try reading or writing data to this file, it will instead
reference these operations to the file it points to.
If we delete the soft link itself , the data file would still be there.
If we delete the source file or move it to a different location,
symbolic file will not function properly
9/30/2022 31
Log files and syslog
Syslog is a way for network devices to send event messages
to a logging server – usually known as a Syslog server.
System logs deal primarily with the functioning of the
Ubuntu system, not necessarily with additional applications
added by users.
Examples include authorization mechanisms, system
daemons, system messages, and the all-encompassing
system log itself, syslog.
9/30/2022 32
.
9/30/2022 33
9/30/2022 34
CHAPTER FOUR
Managing User, Computer and Group Accounts
9/30/2022 PREPARED BY SHEWAKENA. 1

Managing Users, Computers, and Groups
User accounts
◦ Creation, maintenance, passwords
Group accounts
◦ Assign network rights and permissions to multiple users
◦ Support e-mail distribution lists
Computer accounts
◦ Active Directory tools and utilities used to create and maintain
computer accounts
2
9/30/2022 PREPARED BY SHEWAKENA.

Computer Accounts
To access Windows 2008 domain a computer needs an account
Joining a domain creates a computer account object in the AD
Each computer account has SID (other security principals, such

as users and groups have SIDs as well)

User Accounts
To access Windows 2008 network a user needs an account
Account determines 3 factors:

- when a user may log on
- where within the domain/workgroup
- what privilege level a user is assigned

User Accounts
Each account has SID that serves as security credentials
Any object trying to access resource must do it through a user account
Windows 2008 has 2 types of accounts:
local
domain

Interactive Logon Process
Interactive Logon – a process to verify user’s credentials for
logon to a Win2008 computer
for local account – it’s checked against the local user account
database.
Domain account – using encryption process, user credentials
are verified at a DC, and after successful authentication a
logon key/logon token is granted for the session

Network Authentication Process
Process of verifying user’s credentials to allow access to
network resources
When a user attempts to access a resources, user’s
credentials and session key/token are compared against
resources’ ACL(Access-Lists) list to grant access

Local Accounts
Supported on all Windows 2000, 2003 and 2008 systems except DCs
(on member servers participating in domains and on standalone
systems participating in workgroups )
Maintained on the local system, not distributed to other systems
Local user account authenticates the user for local machine access
only; access to resources on other computers is not supported.
Built-in local accounts: Guest; Administrator

Domain User Accounts
Permit access throughout a domain and provide centralized user
administration through AD
Created within a domain container in AD database and propagated
to all other DCs
Once authenticated against AD database using GC, a user obtains
an access token for the logon session, which determines
permissions to all resources in the domain

Creating User Accounts
Domain accounts names must be unique within the domain,

although the same logon name can be used on several systems with
local logon.
Logon names are not case sensitive, must not contain more than
20 chars, and must not contain: +,*,?,<,>,/,\,[,],:,;.
Passwords are case sensitive, must be secure – not easy to guess

Copying, Moving, Disabling and Renaming User Accounts
Renaming account doesn’t affect any of the user account

properties, except the name.
Accounts can be moved from one container to another
Disabled accounts can’t be accessed
When account is copied, most properties are copied, except the
username, full name, password, logon hours, address/phone info,
organization info, the Account is disabled option, and user rights
and permissions.

Deleting User and Computer Accounts
Deleting account – permanently removes it, and all if its group
memberships, permissions and user rights. The new account with
the same name has different SID and GUID
Disabling an account may be a better option!
Administrator and Guest can be renamed, but not deleted

Understanding User Account Properties
As with all AD objects, user accounts have a number of
associated properties or attributes
Once the account is created, those properties maybe
modified using Computer Management tool (local
accounts) or AD Users and Computers (domain accounts)

Group Accounts
Group – AD objects that contain users, computers and other entities.
(have SIDS)
Groups are used for easier management of users/computers/resources
Access token identifies groups to which a users belongs/rights assigned
2 Types of groups:
1.Distribution group for e-mail
2.Security groups to assign limited permission to groups that need access
to resources or to deny access

Example of Access Token

Group Accounts
Rights and privileges are assigned at the group level
Groups can be nested (membership by inheritance)
User’s rights and privileges through group memberships are

cumulative

Group/User relationship
Group 1
Group 3 is a
member
Group 2 of Group 1
Group 3

Group Scope
Scope of influence (or scope)
Reach of a group for gaining access to resources in Active
Directory
Types of groups and associated scopes:
• Local
• Domain local
• Global
• Universal

Local Groups
Local security group
 Used to manage resources on a stand-alone computer that is
not part of a domain and on member servers in a domain (non-
DCs)
Create using the Local Users and Groups MMC snap-in

Domain Local Groups
Domain local security group
Used when Active Directory is deployed
Manage resources in a domain
Give global groups from the same and other domains access to
those resources
Scope of a domain local group
Domain in which the group exists
Can convert a domain local group to a universal group

Domain Local Groups

Domain Local Group Example
Domain C
Domain B
Domain A
User 2
Printer Group Engineering
User 1 (Domain Local) (Global Group)
User 1
Engineering
User 2
Printer ACL
Printer Group - Print

Global Groups
Contain user accounts from a single domain
Can also be set up as a member of a domain local group in the same or
another domain
Broader scope than domain local groups
Can be nested
Typical use:
Add accounts that need access to resources in the same or in another
domain
Make the global group in one domain a member of a domain local group in
the same or another domain

Nested Global Groups

Global Group Example
Domain A Domain B
User1 Group 2
Group 1 Accountants
Accountants
(Global Group) Domain C
User 1
Group 1
Printer ACL
Accountants

Universal Groups
Universal security groups
◦ Span domains and trees
Can include
◦ User accounts from any domain
◦ Global groups from any domain
◦ Other universal groups from any domain
Guidelines to help simplify how you plan to use groups

Universal Groups

Group Strategy
Put users into global domain group. A global group can be thought
of as an Accounts group.
Put resources into domain local (or machine local) groups. A local
group can be thought of as a Resource group.
Put a global group into any domain local (or machine local) group in
the forest
Assign permissions for accessing resources to the domain local (or
machine local) groups that contain them
Use Universal groups to grant access to resources in multi-domain
environments where access is needed across domain trees.

Default User Account Membership
Built-in groups are automatically created in Windows
Server 2008 to reflect most common attributes and tasks
Domain Users/Users
Domain Admins/Administrators

Special Groups
EVERYONE
Network
Interactive
Service
System
Authenticated Users
SELF
CREATOR OWNER
.
9/30/2022 31
9/30/2022 32
Chapter 5:
System Backups and Recovery
10/2/2022 AGMAS G. 1
Chapter Goals
Understanding the importance of backups.
Understand the issues associated with backups.
Understand backup strategies and scheduling.
Understand the basics of backup devices.
Understand the basics of backup media.
Understand the various types of backup software.
10/2/2022 AGMAS G. 2
Introduction
A systems administrator can design and create
a good backup system for a company.
The system will ensure the files and data will be
safe and easy to restore.
10/2/2022 AGMAS G. 3
What is a Backup?
Backup is an additional copy of data that can be used for restore
and recovery purposes
The Backup copy is used when the primary copy is lost or
corrupted
This Backup copy can be created by:
Simply coping data (there can be one or more copies)
Mirroring data (the copy is always updated with whatever is written to the
primary copy)
10/2/2022 AGMAS G. 4
Potential losses
Your laptop gets stolen.
Your disk fails catastrophically
Your data center gets burgled
Your data center burns down
Your off-line storage company goes out of business
The police search your house and take all your computer
equipment and storage devices/media
HOW MUCH DATA DO YOU LOSE?
10/2/2022 AGMAS G. 5
What to Backup?
Which Files Should Be Backed Up?
Applications?
Configuration Files?
User files?
Log files?
10/2/2022 AGMAS G. 6
Cont..
Generally, full backups of everything are easiest to manage,
but backup of system files is creating extra work for
yourself.
Possibly full dump when installed, then again after
patches/upgrades.
Backup of just user files is not enough.
Should dump the log files, and configuration
information.
10/2/2022 AGMAS G. 7
Why Backup is important?
Protect the database from numerous types of failures

Increase Mean-Time-Between-Failures (MTBF)
Decrease Mean-Time-To-Recover (MTTR)
Minimize data loss
10/2/2022 AGMAS G. 8
Why Backup is important?
Disaster Recovery
Restores production data to an operational state after
disaster
Operational
Restore data in the event of data loss or logical corruptions
that may occur during routine processing
Archival
Preserve transaction records, email, and other business work
products for regulatory compliance
10/2/2022 AGMAS G. 9
How Often Should Backups Be Performed?
◦Need to determine what level of data loss is acceptable:
Web sales? - need very fine grain backups.
Banking/Insurance? - very fine grain.
Research and development? - fine to medium grain.
University? - medium grain.
Mom and Pop? - coarse grain.
10/2/2022 AGMAS G. 10
Developing a backup strategy
A backup strategy is determined by :

What data needs to be protected?
Which media to use for that protection?
How to protect the media itself?
You need to make sure that the company back-ups all
there files regularly so they are not lost is the system fails.
10/2/2022 AGMAS G. 11
Best strategy
A backup copy should be taken at the same time everyday to ensure
the files are safe and secure.
The backup copies need to be kept in a safe and secure
location so they cannot be damaged or deleted.
Make sure that the backup copy is updated regularly and
that you can restore backed-up files if the files become lost,
damaged or deleted.
10/2/2022 AGMAS G. 12
Backup Strategy and Scheduling
1. Volume/Calendar Backup
The volume/calendar backup strategy calls for a full system backup once a
month.
An incremental backup is performed once a week for files that change often.
Daily incremental backups catch files that have changed since the last daily
backup.
A typical schedule would be to perform the full (level 0) backup one Sunday a
month, and weekly level 3 backups every Sunday of the month.
Daily level 5 backups would be performed Monday through Saturday.
This would require eight complete sets of media (one monthly tape, one weekly
tape, and six daily tapes)
10/2/2022 AGMAS G. 13
Backup Strategy and Scheduling
Grandfather/Father/Son Backup
The grandfather/father/son backup strategy is similar to the volume/calendar strategy.
The major difference between the two schemes is that the grandfather/father/son method
incorporates a one-month archive in the backup scheme. This eliminates the problem of
overwriting a tape before completing a more recent backup of the file system.
Implementing the grandfather/father/son strategy requires performing a full (level 0) dump
once a month to new media.
Once a week, an incremental (level 3) backup must be performed that captures all files
changed since the last weekly backup.
This weekly backup should also be saved on new media.
Each day an incremental level 5 backup must be performed to capture files that have changed
since the last daily backup.
The daily backups reuse the tapes written one week earlier
10/2/2022 AGMAS G. 14
Backup Devices
Backup devices must exhibit the following traits:
◦ User ability to write data to the device.
◦ Media capable of storing the data for long periods.
◦ Support of standard system interconnects.
◦ Support of reasonable input/output throughput.
10/2/2022 AGMAS G. 15
Backup Devices
Tape Backup Devices Optical Backup Devices
◦ Cartridge Tape Drive Magneto-optical Backup Devices
◦ 8-mm Tape Drive
Disk Systems As Backup Devices
◦ Digital Audio Tape Drive
◦ RAID Disk Arrays
◦ Linear Tape Open
◦ Problems with Disks As Backup
◦ Digital Linear Tape Devices
◦ Jukebox/Stacker Systems
High-Density Removable Media
Backups
10/2/2022 AGMAS G. 16
Backup Devices
Tape backup devices are probably the most common backup media in use.
◦ The media is relatively inexpensive, the performance is reasonable, the data
formats are standardized, and tape drives are easy to use.
◦ These factors combined make magnetic tape backups an attractive option.
◦ Most current-generation tape drives offer “native” mode and compressed
mode storage capabilities.
◦ Generally, the manufacturers claim a 2:1 compression ratio, but this value
may vary based on the data to be stored.
◦ Binaries (images, compiled programs, audio files, and so on) may not be
significantly smaller when compressed, whereas text files may compress
very well.
10/2/2022 AGMAS G. 17
Tape Backup Devices
Cartridge Tape Drive
Cartridge tape drives store between 10 Mb and several Gb of data on
a small tape cartridge.
Most cartridge tape systems use SCSI interconnections to the host
system.
These devices support data transfer rates up to 5 Mb per second. The
actual transfer rate from the tape drive memory to the tape media is
typically about 500 Kb per second.
“low” end, the 8-mm drives do not use data compression to store the
data on tape. “high” end, advanced intelligent tape drives incorporate
compression hardware and improved recording techniques to increase
the amount of information that can be stored on the tape.
10/2/2022 AGMAS G. 18
Cont..
8-mm Tape Drive
These tape drives are also small and fast, and use relatively inexpensive tape media.
The 8-mm media can hold between 2 and 100 GB of data, depending on the drive
model and type of tape in use.
The 8-mm drives use the SCSI bus as the system interconnection.
Low-density 8-mm drives can store 2.2 Gb of information on tape. and transfer data
to the tape at 250 Kb per second. High-density 8-mm drives can store up to 80 GB of
information on a tape at a 16 MB/second.
10/2/2022 AGMAS G. 19
Tape Backup Devices
Digital Audio Tape Drive
Digital audio tape (DAT) drives are small, fast, and use relatively inexpensive
tape media. Typical DAT media can hold between 2 and 40 GB of data.
Although manufacturers of DAT devices have announced the end-of-life for
these products, they will remain in use for many years.
The various densities available on DAT drives are due to data compression. A
standard DAT drive can write 2 Gb of data to a tape. By using various data
compression algorithms, and various lengths of tape, manufacturers have
produced drives that can store between 2 and 40 GB of data on a tape.
DAT drives use SCSI bus interconnections to the host system, and typically
offer 3 MB/second throughput.
10/2/2022 AGMAS G. 20
Tape Backup Devices
Linear Tape Open
A consortium of Hewlett Packard, IBM, and Seagate developed
the LTO technology. LTO encompasses two formats: the Ultrium,
a high-capacity solution, and Acela's format, a fast-access
format. The two formats use different tape drives, and tape
cartridges.
LTO Ultrium drives can store up to 100 Gb of data on a single
tape cartridge at 16 Mb/second.
10/2/2022 AGMAS G. 21
Tape Backup Devices
Digital Linear Tape
Digital linear tape (DLT) backup devices are also relatively new on the backup market.
These tape devices offer huge data storage capabilities, high transfer rates, and small
(but somewhat costly) media.
Digital linear tape drives can store up to 110 Gb of data on a single tape cartridge.
Transfer rates of 11 Mb/second are possible on high-end Super-DLT drives, making
them very attractive at sites with large on-line storage systems.
Where 8-mm and DAT tapes cost (roughly) $15 per tape, the LTO, AIT, and DLT tapes
can run as much as $150 each. However, when the tape capacity is factored into the
equation, the costs of these high-capacity tapes become much more reasonable.
Consider an 8-mm tape that holds (up to) 14 Gb on average versus a LTO cartridge,
which can hold 100 Gb of data!
10/2/2022 AGMAS G. 22
Tape Backup Devices
Jukebox/Stacker Systems
Jukebox or stacker systems combine an automated mechanism with one or
more tape drives.
Stackers are sequential tape systems. Tapes are stacked in a hopper, and
the tape drive starts by loading the tape at the bottom of the stack. When
the tape is full, it is ejected, and the next tape is loaded from the stack.
Many stackers do not have the capability to load a specific tape in the
drive. Instead, these stackers simply cycle (sequentially) through the tapes
until the last tape is reached. At this point they can either start the cycle
over again or wait for a new group of tapes to be loaded into the hopper.
10/2/2022 AGMAS G. 23
Tape Backup Devices
Jukebox/Stacker Systems
Unlike stackers, jukebox systems employ multiple tape drives, and special
“robotic” hardware to load and unload the tapes.
Jukebox systems require special software to control the robotics. The
software keeps track of the content of each tape and builds an index to allow
the user to quickly load the correct tape on demand.
Each tape is “labeled” with a bar-code decal (or something similar), and the
mechanism contains a label reader that keeps track of what tape is in the
drive.
Many commercially available backup software packages allow the use of
jukebox systems to permit backup automation.
10/2/2022 AGMAS G. 24
Optical Backup Devices
Recently, optical storage devices have become another economical means
of backing up mass storage systems.
Compact disk read-only-memory devices (CD-ROM) are useful for long-
term archive of information.
Although the name implies that these are read-only devices, recent
technology has made it possible to mass market the devices that create
the encoded CD-ROM media.
These CD-ROM writers (also called CD-recordables) make it possible to
consider CD-ROM as a backup device. More recent versions of this
technology have produced rewritable CD-ROMs (CD-RW or CDR).
10/2/2022 AGMAS G. 25
One of the major decisions in choosing a backup device is the ability of the medium to store
information for long periods.
CD-ROM media offer excellent data survivability.
Another advantage to the CD-ROM is the availability of reliable data transportability between
systems. This reliability is possible due to the CD-ROM’s adherence to industry standardized data
formats.
Along with these advantages, the CD-ROM offers a few unique disadvantages. The foremost
disadvantage to the CD-ROM as a backup device is the setup cost to create a CD. Setting up and
creating a CD is a time-intensive operation.
Some small sites may decide to back up to CD-ROM rewritable (CDR) media. The CDR format allows
the reuse of optical media, thereby reducing the cost of backing up to optical devices.
Unfortunately, the CDR is still a low-density solution, providing a mere 650 Mb of storage per disk.
The setup and record time for CDR is comparable to CD-ROM media, making CDR less attractive for
backups at large sites.
10/2/2022 AGMAS G. 26
Magneto-Optical Backup Devices
Magneto-optical Backup Devices
Optical storage systems and associated media are typically
expensive. They are also relatively slow devices. Consequently,
optical storage systems are rarely used as backup devices at large
sites.
In contrast, magnetic tape (or disk) storage systems are
inexpensive and fast. Unfortunately, the media is bulky and
susceptible to damage and data loss.
By combining the two storage systems into a single system,
manufacturers have been able to provide fast, inexpensive, and
reliable backup systems.
10/2/2022 AGMAS G. 27
Cont.…
Many of the magneto-optical systems are hierarchical, meaning that they
keep track of how long a file has been in storage since the last modification.
Files that are not accessed or modified are often eligible to be stored on
the slower optical storage section of the system.
Frequently accessed files are maintained on the magnetic storage section
of these systems, which allows for faster access to files.
Most magneto-optical storage systems use standard SCSI bus system
interconnections. These systems can typically provide the same (or better)
data transfer rates as SCSI tape and disk systems.
10/2/2022 AGMAS G. 28
Disk Backup Devices
Disk Systems As Backup Devices
One problem involved in using tape devices for backups is the
(relatively) low data throughput rate.
If the operator had to back up several gigabytes or terabytes of
data daily, it would not take long to realize that tape drives are
not the best backup method.
Although optical backup devices offer high storage capacity, the
optical devices are often much slower than tape devices.
.
10/2/2022 AGMAS G. 29
Con..
One popular method of backing up large-scale systems is to make
backup copies of the data on several disk drives.
Disk drives are orders of magnitude faster than tape devices, and
therefore offer a solution to one of the backup problems on large-
scale systems.
However, disk drives are much more expensive than tapes.
Disk backups also consume large amounts of system resources.
For example, you would need 100 2-Gb disks to back up 100 2-
Gb disks. Fortunately, there are software applications and
hardware systems available to transparently perform this
function
10/2/2022 AGMAS G. 30
Disk Backup Devices
RAID Disk Arrays
◦ One operating mode of redundant arrays of inexpensive disks
(RAID) enables the system to make mirror image copies of all data
on backup disk drives.
◦ RAID disk arrays also allow data striping for high-speed data
access.
◦ Yet another mode stores the original data, as well as parity
information on the RAID disks. If a drive should fail, the parity
information may be used to recreate the data from the failed
drive.
10/2/2022 AGMAS G. 31
Cont.…
Problems with Disks As Backup Devices
◦ When tape devices are employed as the backup platform, it is a simple matter
to keep a copy of the backups off-site.
◦ When disk drives are employed as a backup media, the process of keeping a
copy of the backup media off-site becomes a bit more complicated (not to
mention much more expensive).
◦ In the case of a RAID disk array, the primary copy of the data is stored on
one disk, and the backup copy of the data is stored on another disk.
However, both disks are housed in a single box. This makes the task of
moving one drive off-site much more complicated
10/2/2022 AGMAS G. 32
Disk Backup Devices
◦ RAID disk arrays have recently been equipped with fiber channel interfaces.
◦ The fiber channel is a high-speed interconnect that allows devices to be located several
kilometers from the computer.
◦ By linking RAID disk arrays to systems via optical fibers, it is possible to have an exact copy of the data
at a great distance from the primary computing site at all times.
High-Density Removable Media Backups
◦ A relatively recent addition to the backup market is the high-density removable media drive.
◦ Examples of these devices include the Iomega ZIP and JAZ drives, and the Imation Super disk drives.
◦ These devices are capable of recording 100 Mb to 2 Gb of data on a removable medium that
resembles a floppy diskette.
◦ Until recently, UNIX could not make use of these high-density removable media devices.
◦ Many of these devices employ a parallel port interface. A few of them offer SCSI interfaces, allowing
them to be connected to the external SCSI port on a workstation.
10/2/2022 AGMAS G. 33
On-line storage
➲ Many companies offer on-line storage
 Amazon S3 service – pay by usage each month
 Dropbox – first 2 GB are free, then
 Carbonite - $59 per year, “unlimited”
 Gmail attachments
10/2/2022 AGMAS G. 34
Windows Backup Commands
Like its UNIX cousins, Windows provides a utility to perform file

system backups.
The Windows backup-and-restore utility (backup.exe) provides for
backups, and restores.
In backup mode, the operator is given the ability to select which disk
and/or files to back up, whether the local registry should be
dumped, whether the backup should use compression, and what
users may read the backup tape(s).
Otherwise, the “menu” of backup options available to the operator
is pretty limited.
10/2/2022 AGMAS G. 35
10/2/2022 AGMAS G. 36
The Options menu under the Tools menu allows the operator to
determine the type of backup to be performed,
whether data should be verified after the backup is performed,
the amount of detail supplied in the log files, whether new media
should be used, backup scheduling, and other configuration
parameters for the backup utility.
10/2/2022 AGMAS G. 37
10/2/2022 AGMAS G. 38
The Windows backup utility also provides the interface to the

restore function.
In restore mode, the utility displays a catalog of the tape,
allowing the user to select which files/directories need to be
restored.
The operator is also given the choice of where the file is to be
restored.
Although the GUI may simplify the setup of Windows backups, it
also limits the choices available to the operator.
10/2/2022 AGMAS G. 39
Cont..
Because this utility is based on the backup utility offered in the
consumer versions of Windows,
the Sysadmin at a commercial site may decide that the Windows
backup utility is not the first choice for backup software at the site.
Many third-party backup utilities are available for Windows
systems, including Amanda, Legato Networker, and the Veritas
backup suite.
10/2/2022 AGMAS G. 40
10/2/2022 AGMAS G. 41
Dealing with Specific Backup Issues
Certain aspects of successful backup and restore strategies require
special attention.
For instance, how could the operator restore the root file system if
the root disk had crashed and there was no way to boot the
system?
Many administrators are also concerned with how to automate
backups to minimize time investment while ensuring successful
backups.
Next, what happens if a backup requires 2 Gb of backup media, but
the backup device can write only 1 Gb to the media?
10/2/2022 AGMAS G. 42
Dealing with Specific Backup Issues
Restoring the Root File System
One of the most difficult problems faced when using restore is restoring
the root file system.
If the root file system is missing, it is not possible to boot the damaged
system, and there would not be a file system tree to restore to.
One way to accomplish a root file system reload is by booting the
system to the single-user state from the CD-ROM distribution media.
Another way to reload the root file system would be to boot the system
to the single-user state as a client of another system on the network.
Another method of restoring the root file system is to remove the disk
from the system, and attach it to a working system.
10/2/2022 AGMAS G. 43
Types of backup
Full: this transfers a copy of all the companies data within the
scope of the media , regardless of if the data was changed since the
last backup.
Differential: this backs up the files that since the last backup.
Incremental: only files that have changed since the backup will
be backed up.
10/2/2022 AGMAS G. 44
Summary
This chapter explored the commands that can be used to make
backup copies of system data, why it is important to make such
backup copies of data, and selected methods of avoiding data
loss due to natural or other disasters.
The authors hope that readers never have to use any of these
backup copies to restore the operation of their systems, but such
restorations are inevitable.
Good backups require a lot of time and attention, but having a
reliable copy of data is much more acceptable than the time and
expense of rebuilding a system without such backup copies.
10/2/2022 AGMAS G. 45
.
10/2/2022 AGMAS G. 46
10/2/2022 AGMAS G. 47
Chapter 6
The Domain Name System
10/2/2022 PREPARED BY: AGMAS G. 1

CONTENTS
Definitions.
DNS Naming Structure.
DNS Components.
How DNS Servers work.
DNS Organizations.
Summary.

DNS Definition
The “Domain Name System”

Created in 1983 by Paul Mockapetris (RFCs 1034 and
1035), modified, updated, and enhanced by many of
subsequent RFCs
The Internet users use DNS to reference anything by name on the
Internet
The mechanism by which Internet software translates names to
addresses and vice versa

DNS Definition …
IP assigns 32-bit addresses to hosts (interfaces)
Binary addresses are easy for computers to manage .
All applications use IP addresses through the TCP/IP protocol
software.
Difficult for humans to remember.
Domain names comprise a hierarchy so that names are unique,

easy to remember.

Domain Names
A domain name is the sequence of labels from a node to the
root, separated by dots (“.”s), read left to right
Example domain names:
ethiopia.net.ye
Yahoo.com
10/2/2022
PREPARED BY: AGMAS G. 5
Subdomain Name
One domain is a sub-Domain of another if its
domain name ends in the other’s domain name
So abc.net.ye is a subdomain of
net.ye
ye
google.com is a subdomain of com.

DNS Naming Structure
Top level domains TLDs defined by global authority
com,
org,
edu.
ccTLD: country code TLDs .
◦ Et,.uk,.us
2nd Level Domains.
net.ye
google.com
Top-Level Domains (TLDs)

Country Code Domains
Top level domains are US-centric .
Geographic TLDs used for organizations in other countries:
TLD Country
.uk United Kingdom
.fr France
.ye Yemen
.et Ethiopia
Countries define their own internal hierarchy:
www.aau.edu.et

Second-Level Domains
Within every top-level domain there is a huge list of 2nd level
domains
For example, in the COM second-level domain, you've got:
yahoo
msn
microsoft
plus millions of others...

DNS naming structure Example
Examples: TLD
2nd LD
Google .com
ethiopia .net .et

3rd LD 2nd LD ccTLD

The Domain
A Domain is a sub tree of a larger tree identified by a domain

name
Contains resource records and sub-domains
Some resource records point to authoritative server for sub-
domains / zones
e.g. the root contains pointers to .ye
Yemen.net.ye is a domain
10/2/2022
The Resource Record
A domain contains resource records

Resource records are similar to files
Classified into types
Some of the important types are SOA, NS, A, CNAME and
MX
Normally defines in “zone files”
10/2/2022
Types of Resource
Records
The “A” Record
The “Address” record
One or more normally defines a host
Contains an IPv4 Address (the address computers use to
uniquely identify each other on the internet)
Eg. The record:
www A 65.162.184.60
In the yemen.net.ye domain, defines the host uniquely
identifiable as “www.yemen.net.ye ” to be reachable at the
IPv4 Address 65.162.184.60
10/2/2022
Name Servers
Servers responsible for answering DNS queries
 by contacting remote DNS server(s).
Exists at all levels of hierarchy
Authoritative name servers hold part of the DNS database(“zone
file”)
One name server can serve more then one zone
Many name servers “should” serve the same zone
Some name servers are authoritative for certain zones

Name Servers
Iterative vs Recursive Name Servers
•Serve two very different functions
•Shouldn’t mix the two
•Generally the DNS your computer points to is recursive
•Zones are hosted in iterative name servers
•Iterative servers can only answer information they know or have
cached
•Recursive know how to ask others for information
How DNS Servers work(web)
You type http://www.google.com into your web browser and hit enter.
Step 1: Your PC sends a resolution request to its

configured DNS Server, typically at your ISP.
Your PC
ISP “Recursive” DNS server
Tell me the Address of
“www.google.com”

Step 2: Your ISPs recursive name server starts by asking one of the root servers
predefined in its “hints” file.

Root Servers
I don’t know the address but I know
who’s authoritative for the ”com”
domain ask them

Step 3: Your ISPs recursive name server then asks one of the
“com” name servers as directed.

“com” DNS servers
I don’t know the address but I know

who’s authoritative for the
”google.com” domain ask them

Step 4: Your ISPs recursive name server then asks one of the
“google.com” name servers as directed.
ISP “Recursive” DNS server google.com DNS server
The Address of www.google.com is

216.239.53.99

Step 5: ISP DNS server then send the answer back to your
PC. The DNS server will “remember” the answer for a period of
time.
Your PC
The Address of www.google.com is

216.239.53.99

Step 6: Your PC can then make the actual HTTP request to
the web server.
Send me the www.google.com web
page
Your PC
www.google.com web server
Here it is!

How DNS Servers work(mail)
DNS is not just used in HTTP protocol (web pages).
DNS is involved in almost every protocol in use on the
internet.
Next example is how DNS facilitates the transfer of
electronic mail.

Step 1: Your PC sends the e-mail to its configured outbound mail server. A
DNS request similar to the previous example is required to find the address of the
mail server.
Your PC
Outbound Mail (SMTP) Server
Please send this message to

“someone@example.com”

Step 2: Your mail server follows the same intensive process to find the
authoritative servers for “example.com”.
Tell me the name servers for
“example.com”
Outbound Mail server

DNS servers
Here are the name servers for

“example.com”

Step 3: Ask the “example.com” name server for the list of “Mail
eXchangers (MX) for that domain.
Tell me the MX’s for “example.com”
Outbound Mail Server example.com DNS server
The MXs are mx10.example.com and

mx20.backmail.com

Step 4: Select a Mail server and deliver the mail.
Here is some mail for the
“example.com” domain
Outbound Mail Server example.com Mail server
Mail accepted for delivery

Summary
DNS is integral part in most protocols used on the internet
Makes the internet human friendly for us all
Is the world largest distributed database system
Fits the international model perfectly
In simple terms is a mapping between names and IP addresses

.

Chapter 7
THE NEED FOR NETWORK SECURITY

PRESENTATION
OBJECTIVES
Understand information security services
Be aware of vulnerabilities and threats
Realize why network security is necessary
What are the elements of a comprehensive security
program
10/2/2022 PREPARED BY: AGMAS G.

What is “Security”
Dictionary.com says:
◦1. Freedom from risk or danger; safety.
◦2. Freedom from doubt, anxiety, or fear; confidence.
◦3. Something that gives or assures safety, as:
◦ 1. A group or department of private guards: Call building security if a visitor
acts suspicious.
◦ 2. Measures adopted by a government to prevent espionage, sabotage, or
attack.
◦ 3. Measures adopted, as by a business or homeowner, to prevent a crime such
as burglary or assault: Security was lax at the firm's smaller plant.
3
…etc.
Why do we need security?
Protect vital information while still allowing access to
those who need it
Trade secrets, medical records, etc.
Provide authentication and access control for resources
Ex: AFS
Guarantee availability of resources
Ex: 5 9’s (99.999% reliability)

TRENDS FOR INFORMATION
 More information is being created, stored, processed and
communicated using computers and networks
 Computers are increasingly interconnected, creating new
pathways to information assets
 The threats to information are becoming more widespread
and more sophisticated
 Productivity, competitiveness, are tied to the first two
trends
 Third trend makes it inevitable that we are increasingly
vulnerable to the corruption or exploitation of
5
information
Information Security Services
Confidentiality
Integrity
Authentication
Nonrepudiation
Access Control
Availability 6

Information Security
Services
Confidentiality
Maintaining the privacy of data
Integrity
Detecting that the data is not tampered with
Authentication
Establishing proof of identity
Nonrepudiation
Ability to prove that the sender actually sent the data
7

Cont..
Access Control
Access to information resources are regulated
Availability
Computer assets are available to authorized parties when
needed

What Is The Internet?
Collection of networks that communicate
with a common set of protocols (TCP/IP)
Collection of networks with

no central control
no central authority
no common legal oversight or
regulations
no standard acceptable use policy
9
“wild west” atmosphere

Why Is Internet Security a Problem?
 Security not a design consideration
 Implementing change is difficult
 Openness makes machines easy targets
 Increasing complexity
10

Common Network Security Problems
Network eavesdropping
Malicious Data Modification
Address spoofing (impersonation)
‘Man in the Middle’ (interception)
Denial of Service attacks
Application layer attacks
11

Denial of Service
ICMP echo (spoofed source address of victim)
Sent to IP broadcast address
ICMP echo reply
Internet
Perpetrator Victim
12

Denial of Service
Distributed Denial of Service
◦ Same techniques as regular DoS, but on a much larger scale
◦ Example: Sub7Server Trojan and IRC bots
◦ Infect a large number of machines with a “zombie” program
◦ Zombie program logs into an IRC channel and awaits commands
◦ Example:
◦ Bot command: !p4 207.71.92.193
◦ Result: runs ping.exe 207.71.92.193 -l 65500 -n 10000
◦ Sends 10,000 64k packets to the host (655MB!)
◦ Read more at: http://grc.com/dos/grcdos.htm 13

Denial of Service
Mini Case Study – CodeRed
◦ July 19, 2001: over 359,000 computers infected with Code-
Red in less than 14 hours
◦ Used a recently known buffer exploit in Microsoft IIS
◦ Damages estimated in excess of $2.6 billion
14

Denial of Service
Why is this under the Denial of Service category?
◦ CodeRed launched a DDOS attack against
www1.whitehouse.gov from the 20th to the 28th of every
month!
◦ Spent the rest of its time infecting other hosts
15

Denial of Service
How can we protect ourselves?
◦ Ingress filtering
◦ If the source IP of a packet comes in on an interface
which does not have a route to that packet, then drop it
◦ RFC 2267 has more information about this
◦ Stay on top of CERT advisories and the latest security
patches
◦ A fix for the IIS buffer overflow was released sixteen
days before CodeRed had been deployed! 16

TCP Attacks
Recall how IP works…
◦ End hosts create IP packets and routers process them
purely based on destination address alone
Problem: End hosts may lie about other fields which do
not affect delivery
◦ Source address – host may trick destination into
believing that the packet is from a trusted source
◦ Especially applications which use IP addresses as a
simple authentication method 17
◦ Solution – use better authentication methods

TCP Attacks
TCP connections have associated state
◦ Starting sequence numbers, port numbers
Problem – what if an attacker learns these values?
◦ Port numbers are sometimes well known to begin
with (ex. HTTP uses port 80)
◦ Sequence numbers are sometimes chosen in very
predictable ways
18

TCP Attacks
If an attacker learns the associated TCP state for the connection,
then the connection can be hijacked!
Attacker can insert malicious data into the TCP stream, and the
recipient will believe it came from the original source
Ex. Instead of downloading and running new program, you download a virus
and execute it
19

TCP Attacks
Say hello to Alice, Bob and Mr. Big Ears
20

TCP Attacks
Alice and Bob have an established TCP connection
21

TCP Attacks
Mr. Big Ears lies on the path between Alice and Bob on the
network
◦ He can intercept all of their packets
22

TCP Attacks
First, Mr. Big Ears must drop all of Alice’s packets since they
must not be delivered to Bob (why?)
Packets
The Void
23

TCP Attacks
Then, Mr. Big Ears sends his malicious packet with the next
ISN (sniffed from the network)
ISN, SRC=Alice
24

TCP Attacks
What if Mr. Big Ears is unable to sniff the packets between
Alice and Bob?
◦ Can just DoS Alice instead of dropping her packets
◦ Can just send guesses of what the ISN is until it is accepted
How do you know when the ISN is accepted?

◦ Mitnick: payload is “add self to .rhosts”
◦ Or, “xterm -display MrBigEars:0”
25

TCP Attacks
Why are these types of TCP attacks so dangerous?
Web server Trusting web client
Malicious user
26

TCP Attacks
How do we prevent this?
IPSec
◦ Provides source authentication, so Mr. Big Ears cannot pretend
to be Alice
◦ Encrypts data before transport, so Mr. Big Ears cannot talk to
Bob without knowing what the session key is
27

Five Minute Break
For your enjoyment, here is something completely unrelated
to this lecture:
28

Packet Sniffing
 Recall how Ethernet works …
 When someone wants to send a packet to some else …
 They put the bits on the wire with the destination MAC address …
 And remember that other hosts are listening on the wire to detect for collisions …
 It couldn’t get any easier to figure out what data is being transmitted over the
network!
29

Packet Sniffing
What kinds of data can we get?
Asked another way, what kind of information would be most useful to a malicious
user?
Answer: Anything in plain text
◦ Passwords are the most popular
30

Packet Sniffing
How can we protect ourselves?
SSH, not Telnet
◦ Many people at CMU still use Telnet and send their password in the clear
(use PuTTY instead!)
◦ Now that I have told you this, please do not exploit this information
◦ Packet sniffing is, by the way, prohibited by Computing Services
HTTP over SSL
◦ Especially when making purchases with credit cards!
SFTP, not FTP
◦ Unless you really don’t care about the password or data
◦ Can also use KerbFTP (download from MyAndrew)
IPSec
◦ Provides network-layer confidentiality
31

Social Problems
People can be just as dangerous as unprotected computer
systems
◦ People can be lied to, manipulated, bribed, threatened,
harmed, tortured, etc. to give up valuable information
◦ Most humans will breakdown once they are at the
“harmed” stage, unless they have been specially trained
◦ Think government here…
32

HACKER MOTIVATIONS
Money, profit
Access to additional resources
Experimentation and desire to learn
“Gang” mentality
Psychological needs
Self-gratification
Personal vengeance
Emotional issues
Desire to embarrass the target
33

SANS Five Worst
Security Mistakes End
Users Make
1. Opening unsolicited e-mail attachments without verifying
their source and checking their content first.
2. Failing to install security patches-especially for Microsoft
Office, Microsoft Internet Explorer, and Netscape.
3. Installing screen savers or games from unknown sources.
4. Not making and testing backups.
5. Using a modem while connected through a local area
network. 34

SECURITY COUNTERMEASURES
THREE PHASE APPROACH
PROTECTION
DETECTION
RESPONSE
35

ELEMENTS OF A COMPREHENSIVE SECURITY PROGRAM
Have Good Passwords

Use Good Antiviral Products
Use Good Cryptography
Have Good Firewalls
Have a Backup System
Audit and Monitor Systems and Networks
Have Training and Awareness Programs
Test Your Security Frequently
36

CRYPTOGRAPHY
Necessity is the mother of invention, and computer networks are
the mother of modern cryptography.
Ronald L. Rivest
Symmetric Key Cryptography
Public Key Cryptography
Digital Signatures
37

Firewall
A system or group of systems that enforces an access control policy
between two networks.
PC Servers
Visible
IP
Address
Internal
Network
Host
38

THANK YOU
I have questions…
39

Chapter 8
Analytical system administration
1
System Admin
2
Focus areas of system administration
3
…
4
…
5
…
6
…
7
…
8
…
9
…
10
…
11
…
12
..
13
…
14
…
15
System administration problems
 The most common system administration problems includes:
Ineffective SW
Lack of storage space
Security
Internet connection
Lack of time
16
Problems in System Administration
17
…
18
…
19
…
20
OS for Sys Admin
 Need to use some OS to make ideas concrete
 Really only two choices: Windows and UNIX (and UNIX-like
OSes such as Linux)
 Both are useful and common in the real world.
21
22
23

All N and S

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

All N and S

Uploaded by

Copyright:

Available Formats

Admas University

Responsibilities of the Network Administrator:

Runs scripts from Spawns Spawns

To day many operating systems uses GRUB (GRand Unified

To install GRUB (for the very first time)

Before that, need to add/modify /etc/init.d/sshd

Network performance management will include managing beyond bandwidth, packet

General tasks for all operating systems

Network Client and Server Software

A signal is a software interrupt,

A signal is an interrupt in the sense that it can change the flow of

NTFS New Technology File System

Two copies of FAT…

Metadata read( device, phyBlock, size )

Managing User, Computer and Group Accounts

9/30/2022 PREPARED BY SHEWAKENA. 1

9/30/2022 PREPARED BY SHEWAKENA.

Joining a domain creates a computer account object in the AD

Each computer account has SID (other security principals, such

9/30/2022 PREPARED BY SHEWAKENA. 3

Account determines 3 factors:

9/30/2022 PREPARED BY SHEWAKENA. 4

9/30/2022 PREPARED BY SHEWAKENA. 5

9/30/2022 PREPARED BY SHEWAKENA. 6

9/30/2022 PREPARED BY SHEWAKENA. 7

9/30/2022 PREPARED BY SHEWAKENA. 8

9/30/2022 PREPARED BY SHEWAKENA. 9

Domain accounts names must be unique within the domain,

9/30/2022 PREPARED BY SHEWAKENA. 10

Renaming account doesn’t affect any of the user account

9/30/2022 PREPARED BY SHEWAKENA. 11

9/30/2022 PREPARED BY SHEWAKENA. 12

9/30/2022 PREPARED BY SHEWAKENA. 13

9/30/2022 PREPARED BY SHEWAKENA. 14

9/30/2022 PREPARED BY SHEWAKENA. 15

Groups can be nested (membership by inheritance)

User’s rights and privileges through group memberships are

9/30/2022 PREPARED BY SHEWAKENA. 16

9/30/2022 PREPARED BY SHEWAKENA. 17

9/30/2022 PREPARED BY SHEWAKENA. 18

Create using the Local Users and Groups MMC snap-in

9/30/2022 PREPARED BY SHEWAKENA. 19

9/30/2022 PREPARED BY SHEWAKENA. 20

9/30/2022 PREPARED BY SHEWAKENA. 21

Printer Group - Print

9/30/2022 PREPARED BY SHEWAKENA. 22

9/30/2022 PREPARED BY SHEWAKENA. 23

9/30/2022 PREPARED BY SHEWAKENA. 24

9/30/2022 PREPARED BY SHEWAKENA. 25

9/30/2022 PREPARED BY SHEWAKENA. 26

9/30/2022 PREPARED BY SHEWAKENA. 27

9/30/2022 PREPARED BY SHEWAKENA. 28

9/30/2022 PREPARED BY SHEWAKENA. 29

Protect the database from numerous types of failures

A backup strategy is determined by :

Like its UNIX cousins, Windows provides a utility to perform file

The Windows backup utility also provides the interface to the

10/2/2022 PREPARED BY: AGMAS G. 1

10/2/2022 PREPARED BY: AGMAS G. 2

The “Domain Name System”

10/2/2022 PREPARED BY: AGMAS G. 3

Domain names comprise a hierarchy so that names are unique,