SA 101: System Adminitrator

Part 1: System Admin

What does a SysAdmin do?
User account management Hardware management

Perform filesystem backups, restores

Install and configure new software and services Keep systems and services
operating

Monitor system and network

Troubleshoot problems Maintain documentation Audit security

Help users, performance tuning, and more!

User Account Management

User ID’s Mail

Home directories (quotas, drive capacities)

Default startup files (paths)

Permissions, group memberships, accounting and restrictions

Communicating policies and procedures Disabling / removing user accounts

Hardware Management
Capacity planning

Inventory

SA 101: System Adminitrator 1

 Hardware evaluation and purchase

Adding and removing hardware

Configuration

Cabling, wiring, DIP switches, etc.

Device driver installation

System configuration and settings

User notification and documentation

Data Backups
Perhaps most important aspect!

Disk and backup media capacity planning

Performance, network and system impact

Disaster recovery

Onsite/Offsite

Periodic testing

Multiple copies

User communication

Schedules, restore guarantees and procedures, loss tolerance

Software Installation/Maintenance
Evaluation of software

Downloading and building (compiling and tweaking)

Installation

Maintenance of multiple versions

Security

Patches and updates

SA 101: System Adminitrator 2

 User notification, documentation

System Monitoring
Hardware and services functioning and operational

Capacity

Disk, RAM, CPU, network

Security

Passwords

Break-ins

System logs

Examination

Periodic rotation and truncation

Troubleshooting
Problem discovery, diagnosis, and resolution

Root cause analysis

Often quite difficult!

Often requires

Broad and thorough system knowledge

Outside experts

Luck

Expediency

Local Documentation
Administrative policies and procedures

Backup media locations

SA 101: System Adminitrator 3

 Hardware

Location

Description, configuration, connections

Software

• Install media (or download location)

Installation, build, and configuration details

Patches installed

Acceptable use policies

Security Concerns
System logging and audit facilities

Evaluation and implementation

Monitoring and analysis

Traps, auditing and monitoring programs

Unexpected or unauthorized use detection Monitoring of security advisories

Security holes and weaknesses

Live exploits

User Assistance
Time intensive!

Techniques

Help desks

Trouble-ticket systems

Software availability and usage

Software configuration settings

Hardware usage, maintenance, and troubleshooting

SA 101: System Adminitrator 4

 Writing FAQs

Administration Challenges
Need

Broad knowledge of hardware and software To balance conflicting requirements

Short-term vs. long-term needs

End-user vs. organizational requirements

Service provider vs. police model

To work well and efficiently under pressure

24x7 availability

Flexibility, tolerance, and patience

Good communication skills

People think of sysadmins only when things don't work!

Three Pillars of Exceptional System Design

We will give particular attention to these three core features:

1. Scalability

2. Security

3. Simplicity

Learning is Critical
Know how to find answers:

1. Know how to ask questions

2. Know where to ask questions

3. Read critically

4. Know what you don’t know

SA 101: System Adminitrator 5

 5. Understand what you’re doing

6. Understand why you’re doing it

7. Seek information exchange

SysAdmin favorite Law

Ockham’s Razor:

“Of two equivalent theories or explanations, all other things being

equal, the simpler one is to be preferred.”

2nd Law of Thermodynamics:

“The entropy of an isolated system always increases with time.”

Hanlon’s Razor:

“Never attribute to malice that which can be adequately

explained by stupidity.”

Pareto’s Principle:

“80% of consequences stem from 20% of the causes.”

Sturgeon’s Law:

“90% of everything is crud.”

Murphy’s Law:

“If it can happen, it will happen.”

Throw in some philosophy for good measure:

Causality: For every effect, there must be a cause.

SA 101: System Adminitrator 6

 What is Linux?
Linux is a clone of the operating system Unix, written by a loosely-knit team of
hackers across the Net. It aims towards POSIX and Single UNIX Specification
compliance.

Like any modern fully-fledged Unix, Linux includes true multitasking, virtual memory,
shared libraries, demand loading, shared copy-on- write executables, proper
memory management, and TCP/IP networking.

Linux really refers to the kernel – most of the commands that you are familiar with
are really separate programs, not specific to Linux, and often are part of the Free
Software Foundation's GNU project.

Linux was first developed for 32-bit x86-based PCs (386 or higher). These days it
also runs on dozens of other processors.

Part 2: Introduction to System

Administration and Server Operating
System
System Admin
In a “small company” the sysadmin may be the entire information technology staff.

The system admin may be do everything from telephone, to fax, to computer

management .

System admin may have to order supplies, deal with users, develop software,
repair, and hardware

What is a System Admin

In a large company the Sysadmin may be one member of a large group.

May be responsible for one aspect of the data center operation.

Programmers

SA 101: System Adminitrator 7

 Database Administrators

Network Administrators

Operators

Common System Admin Traits

A Sysadmin is a customer service agent!

The Sysadmin must be able to communicate with technical and non-technical users.

The Sysadmin should be patient, and have a sense of humor.

The Sysadmin must be able to solve difficult technical problems. The Sysadmin
must be able to work in a group setting.

The Sysadmin must document activities in order to reproduce the results.

What Does a System Admin Do?

Plan and manage the machine room environment

Design machine room; specify cooling, cabling, power connections, and

environmental controls (fire alarm, security)

Install and maintain operating system software, application software, and patches.

Determine hardware and software pre-requisites, which patches to install, which

services to provide, and which services to disable.

Schedule downtime to perform upgrades/patches, and test devices and schedule

downtime to manage devices.

Install and maintain user accounts; develop acceptable use policy and login-name
policy; determine password change policies; install/configure/manage name
services; and manage licenses.

Determine disk quota, police/manage disk space, and monitor log files.

Train users on software and security.

Ensure that users have access to documentation.

SA 101: System Adminitrator 8

 Help users and provide help-desk support and problem tracking system to
answer user questions.

Configure network services:

printing, file sharing, name service.

determine file sharing needs and printing policies.

manage security for shared resources.

Install/maintain system devices, hardware/drivers; specify supported devices;

determine spares practices.

Install/configure/manage web servers, configure web access agents

Configure and maintain business applications

web agents

e-mail

calendar software

order/problem tracking software

Skills Required
Delegation and Time Management

Ethics

Ability to create/follow Policies and Procedures

Desire to learn

Customer Service Attitude

Knowledge of technical aspects

Hardware

Software

Problem Solving

What exactly does a System Administrator do?”

SA 101: System Adminitrator 9

 There is no one concise description of the professional duties of System Administrators;
rather, we identify a number of tasks that are expected to be performed by people
holding this title.

System Administrators are in charge of “servers” as well as of

personal computers, desktop machines, laptops and, increasingly,
mobile devices.

Types of Administrators/Users
In a larger company, following may all be separate positions within a computer support
or Information Services (IS) department. In a smaller group they may be shared by a
few sysadmins, or even a single person.

Database Administrator

Network Administrator

Security Administrator

Web Administrator

Technical support

computer operator

Web administrator

maintains web server services (such as IIS or Apache) that allow for internal or
external access to web sites. Tasks include managing multiple sites, administering
security, and configuring necessary components and software. Responsibilities may
also include software change management. •

Technical support staff

respond to individual users' difficulties with computer systems, provide instructions

and sometimes training, and diagnose and solve common problems. •

computer operator

performs routine maintenance and upkeep, such as changing backup tapes or

replacing failed drives in a RAID array. Such tasks usually require physical

SA 101: System Adminitrator 10

 presence in the room with the computer; and while less skilled than sysadmin tasks
require a similar level of trust, since the operator has access to possibly sensitive
data.

Key Responsibilities of System Administrators:

1. Installation and Configuration:

System administrators are responsible for installing and configuring server

operating systems and software. This involves setting up the system's
hardware, defining network settings, and configuring security features.

2. Maintenance and Updates:

Regular maintenance is essential to keep server systems running smoothly.

Administrators must perform routine tasks such as updating software, applying
security patches, and optimizing system performance.

3. Security:

Security is a top priority for system administrators. They implement measures to

protect servers from unauthorized access, malware, and other threats. This
includes setting up firewalls, access controls, and encryption.

4. Monitoring and Troubleshooting:

Administrators continuously monitor server performance, resource usage, and

network activity to identify and address issues promptly. They diagnose and
resolve technical problems to minimize downtime.

5. Backup and Recovery:

System administrators create backup strategies to ensure data integrity and

disaster recovery. Regular backups are taken, and procedures are in place to
restore systems in case of failures.

6. Monitoring and Troubleshooting:

Administrators continuously monitor server performance, resource usage, and

network activity to identify and address issues promptly. They diagnose and
resolve technical problems to minimize downtime.

7. Backup and Recovery:

SA 101: System Adminitrator 11

 System administrators create backup strategies to ensure data integrity and
disaster recovery. Regular backups are taken, and procedures are in place to
restore systems in case of failures.

8. User Management:

They manage user accounts, permissions, and access rights. This involves
creating, modifying, and deleting user accounts as well as controlling what
resources users can access.

Popular Server Operating Systems

1. Linux:

Various distributions of Linux, such as Ubuntu Server, CentOS, and Red Hat
Enterprise Linux, are widely used for server environments due to their stability,
security features, and open-source nature.

2. Windows Server:

Microsoft's Windows Server operating system offers a user-friendly interface

and integrates well with Windows-based environments. It's commonly used for
hosting applications and services.

3. UNIX:

Though less prevalent than Linux and Windows, UNIX-based systems like
FreeBSD and Solaris are known for their stability and scalability.

Part 3: Antimalware Policies

Considering what you have learned in today’s presentation and using other
resources, write an antimalware policy for a small business or school. The policy
should include technical recommendations as well as procedural guidelines. You
may choose to consult existing antimalware policy guidelines found on the Web for
some ideas. However, you should come up with your own.

SA 101: System Adminitrator 12

 💡 Note:

There are numerous anti-virus policies for organizations and schools on the
internet but I could not find any policy regarding software agencies policy on
how to ensure that the software they produce is clean. Sure, it is a
developer's ethics not to create software that might destroy a company's
reputation but, we cannot eliminate this possibility.

Overview

The purpose of this policy is to set minimum guidelines necessary to ensure that the
software it produced meets the quality it promised to the client.

It’s the company’s obligation to protect it’s business and client reputation from
fraudulent and inappropriate actions its employees might do. Such actions are
punishable by company’s employment policy. Punishments may vary depending on
the severity of the malware it caused.

Scope

This policy is applicable to the company’s employees, mainly Developers,

Consultants, Quality Assurance/Testers, Lead Developers, Code Reviewer to
produce quality and secured applications.

Definition
Git

a version control system to manage changes in the code.

Branch

a separate version of a code.

Merge Request/Pull Request

to let the team know that the code is ready to be tested and reviewed.

Code Review

is a process to verify that the codes are optimized and working properly as what is
stated on the requirements.

SA 101: System Adminitrator 13

 Penalties

Any employee who is found to have violated this policy may be subject to
disciplinary action, up to and including termination of employment.

Part 4: User Account Management Policy

Policy Statement:
This User Account Management Policy outlines the procedures and guidelines for
creating, modifying, and removing user accounts within the organization's
information technology (IT) systems. The purpose of this policy is to ensure the
security, integrity, and confidentiality of the organization's data while providing
appropriate access to authorized users.
Policy Guidelines:

1. User Account Creation:

User accounts will be created for employees and authorized personnel upon
request from the HR department or relevant department head.

All user accounts will adhere to the organization's naming convention

standards.

New accounts will be created with minimal access privileges necessary for the
individual's role.

2. Password Management:

Users are required to choose strong and unique passwords that meet the
organization's password complexity requirements.

Passwords must be changed every 90 days.

Passwords must not be shared, written down, or stored in an insecure manner.

Account lockout policies will be enforced after a specified number of

unsuccessful login attempts.

3. Access Review and Modification:

User account access will be periodically reviewed by the IT department.

SA 101: System Adminitrator 14

 Access privileges will be modified or revoked based on job role changes or
termination of employment.

Employees changing roles within the organization will have their access rights
adjusted accordingly.

4. Termination and Account Deactivation:

When an employee or contractor leaves the organization, their account will be

deactivated promptly.

Accounts will be deactivated immediately upon receipt of a termination notice

from HR.

User data will be securely archived for a defined retention period before
account deletion.

5. User Training and Awareness:

Users will receive training on secure password practices and the importance of
protecting their accounts.

Employees will be made aware of the organization's policies and their

responsibility to report any suspected security breaches or unauthorized
access.

6. Auditing and Monitoring:

User account activities will be logged and regularly reviewed for any suspicious
or unauthorized activities.

Audit trails will be maintained and retained as per data retention policies.

7. Exception Handling:

Any exceptions to this policy, such as granting elevated access for specific
tasks, must be documented, approved, and reviewed periodically.

Exception handling will adhere to the organization's change management and

approval process.

8. Policy Compliance:

Non-compliance with this policy may result in disciplinary actions, including but
not limited to account suspension, revocation of privileges, and, in severe

SA 101: System Adminitrator 15

 cases, termination of employment or legal action.

9. Policy Review:

This policy will be reviewed annually or as needed to ensure its relevance and
effectiveness in maintaining user account security and access control.

SA 101: System Adminitrator 16