Internet system management
This presentation is the property of its rightful owner.
Sponsored Links
1 / 118

Internet System Management PowerPoint PPT Presentation


  • 47 Views
  • Uploaded on
  • Presentation posted in: General

Internet System Management. Lesson 1: IT Systems and Services Overview. Objectives. List the services offered by IT departments Identify backbone and mission-critical services offered by IT departments Discuss the concepts of system maintenance. Common IT Tasks and Services.

Download Presentation

Internet System Management

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Internet system management

Internet System Management


Lesson 1 it systems and services overview

Lesson 1:IT Systems and Services Overview


Objectives

Objectives

  • List the services offered by IT departments

  • Identify backbone and mission-critical services offered by IT departments

  • Discuss the concepts of system maintenance


Common it tasks and services

Common IT Tasks and Services

  • System and service installation

  • Web server configuration

  • FTP server configuration and management

  • Name resolution configuration

  • E-mail server installation and support

  • E-commerce server installation and support


Common it tasks and services cont d

Common IT Tasksand Services (cont’d)

  • Database server installation and support

  • User management

  • Server monitoring and optimization

  • File backup

  • Routing

  • Establishing and managing shares


Backbone services

Backbone Services

  • Naming services

  • Address management

  • Directory services

  • Central logon

  • Routing


Mission critical services

Mission-Critical Services

  • Mission-critical services are highly visible

  • Users rely on mission-critical services

  • Examples

    • Mail servers

    • Web servers

    • FTP servers

    • Middleware


System configuration

Binding protocols to the network interface card

Protocol management

Addressing

Gateways

Name resolution configuration

Service and application installation and management

IP addressing

System Configuration


User management

User Management

  • Adding and removing users

  • Using applications

  • Managing permissions

  • Group membership

  • Password aging

  • Account lockout

  • Password history

  • Controlled access


System performance

System Performance

  • Bandwidth and access rate issues

  • System I/O performance

  • Hard drive access statistics

  • CPU usage

  • RAM usage


Backup

Backup

  • Archiving user-created files

  • Keeping copies of entire operating systems

  • Storing changes to databases and other data stores

  • Off-site storage


Maintenance

Maintenance

  • Upgrading operating systems

  • Installing service packs and hot fixes

  • Upgrading services, including Web ande-mail servers

  • Scanning hard drives for errors

  • Upgrading hard drives to provide more storage capacity


Summary

Summary

  • List the services offered by IT departments

  • Identify backbone and mission-critical services offered by IT departments

  • Discuss the concepts of system maintenance


Lesson 2 internet system installation and configuration issues

Lesson 2:Internet System Installation and Configuration Issues


Objectives1

Objectives

  • Identify common hardware platforms

  • Describe capabilities of various platform components

  • Define bandwidth and throughput

  • Identify common network operating systems

  • Determine the ideal operating system for a given environment

  • Discuss system installation issues


System elements

System Elements

  • Bus speed

  • System I/O

  • NIC

  • Hard drive

  • RAM


Bandwidth

Bandwidth

  • The total amount of information a network connection can carry

  • Network connections

    • T1

    • Fractional T1

    • T2

    • T3

    • ISDN

    • DSL


Calculating throughput

CalculatingThroughput

  • A percentage of bandwidth; the amount a network connection is being used

  • Throughput elements

    • Connection speed

    • Amount of information

    • Time available for transfer


Internetworking operating systems

Internetworking Operating Systems

  • Microsoft Windows

  • UNIX

  • Linux

  • System V

  • Novell

  • X-Window


Operating system issues

Ease of use

Platform stability

Available talent pool

Available technical support

Operating System Issues


Operating system issues cont d

Operating System Issues (cont’d)

  • Cost

  • Hardware costs

  • Availability of services and applications

  • Purpose for the server


Installing network operating systems

Installing NetworkOperating Systems

  • Single-boot and dual-boot machines

  • Local and network installation

  • Hardware considerations

  • Listing system components


Summary1

Summary

  • Identify common hardware platforms

  • Describe capabilities of various platform components

  • Define bandwidth and throughput

  • Identify common network operating systems

  • Determine the ideal operating system for a given environment

  • Discuss system installation issues


Lesson 3 configuring the system

Lesson 3:Configuring the System


Objectives2

Objectives

  • List key TCP/IP configuration parameters

  • Add NICs in Windows 2000 and Linux

  • Configure Windows 2000 with static IP addresses

  • Configure Linux with static IP addresses

  • Describe how DHCP works


Tcp ip configuration parameters

TCP/IP Configuration Parameters

  • Computer name

  • IP address

  • Subnet mask

  • Default gateway

  • DNS information

  • DHCP client information

  • WINS


Adapters

Adapters

  • Adding network adapter device drivers in UNIX/Linux

  • Adding network adapter device drivers in Windows 2000

  • Binding device drivers to protocols in Windows 2000

Device Drivers (NIC)


Static addressing

Windows 2000

ipconfig

Linux

ifconfig

ifup

ifdown

linuxconf

netcfg

dmesg

grep

Static Addressing


Additional tcp ip issues and commands

Additional TCP/IP Issues and Commands

  • netstat

  • traceroute

  • router

  • arp


Dynamic addressing

Dynamic Addressing

DHCP lease process


Summary2

Summary

  • List key TCP/IP configuration parameters

  • Add NICs in Windows 2000 and Linux

  • Configure Windows 2000 with static IP addresses

  • Configure Linux with static IP addresses

  • Describe how DHCP works


Lesson 4 user management essentials

Lesson 4:User Management Essentials


Objectives3

Objectives

  • Define authentication

  • Explain the share-level and user-level access security models

  • Identify the purposes and functions of logon accounts, groups and passwords

  • Create a network password policy using standard practices and procedures


Objectives cont d

Objectives (cont’d)

  • Discuss permissions issues

  • Describe the relationship between permissions and user profiles

  • Use administrative utilities for specific networks and operating systems

  • Identify the permissions needed to add, delete or modify user accounts


Authentication

Authentication

  • What you know

  • What you have

  • Who you are


Security models and authentication

Security Models and Authentication


Peer level access

Peer-Level Access


User level access

User-Level Access


Peer level vs user level

Peer-level

Less expensive

Easier to implement

Less secure

Less control over file and resource management

Not scalable

User-level

Increased security

Supports larger number of users

Increased control

Offers system logs

Grows with organizational needs

Peer-Level vs. User-Level


Creating user accounts

Creating User Accounts

  • User name

  • Password

  • Group associations

  • Permissions

  • Additional options


Permissions

Permissions

  • Read

  • Write

  • Execute

  • Print


Windows 2000 permissions

Windows 2000Permissions

  • Full control

  • Change

  • Read

  • No access


Unix permissions

Access Value Bit

7

6

5

4

3

2

1

0

Access Value Bit Meaning

Read, write and execute

Read and write

Read and execute

Read only

Write and execute

Write

Execute

No mode bits (access absent)

UNIX Permissions


Novell rights

Supervisor

Read

Write

Erase

Modify

Create

File scan

Access control

No access

Novell Rights


Additional logon account terms

Additional LogonAccount Terms

  • Logon scripts

  • Home directories

  • Local profiles

  • Roaming profiles


Administrative privileges

UNIX =(including System V, Solaris, Free BSD and all Linux variants)

Windows =

Novell =

Root (full privilege)

Administrator (full privilege)

Supervisor (full privilege)

Administrative Privileges


Standard password practices

Standard Password Practices

  • Create strong password

    • At least six characters

    • Both uppercase and lowercase letters

    • At least one Arabic numeral

    • At least one symbol

  • Implement password policy

    • Plan and create a balanced policy

    • Write and publish policy

    • Train users


Network security policies

Network Security Policies

  • Password aging

  • Password length

  • Password history

  • Account lockout

  • Share creation

  • User creation

  • Local logon


Standard operating procedures

Standard Operating Procedures

  • Vendors for operating systems and software

  • Upgrading, replacing and maintaining hardware

  • Upgrading software (including operating systems and applications)

  • Responding to power outages, building evacuation and hacker intrusion

  • Acceptable use policy


Summary3

Summary

  • Define authentication

  • Explain the share-level and user-level access security models

  • Identify the purposes and functions of logon accounts, groups and passwords

  • Create a network password policy using standard practices and procedures


Summary cont d

Summary(cont’d)

  • Discuss permissions issues

  • Describe the relationship between permissions and user profiles

  • Use administrative utilities for specific networks and operating systems

  • Identify the permissions needed to add, delete or modify user accounts


Lesson 5 managing users in windows 2000

Lesson 5:Managing Users in Windows 2000


Objectives4

Objectives

  • Identify the purpose of the Windows 2000 Security Accounts Manager

  • Administer remote Windows 2000 systems and users

  • Enforce systemwide policies

  • Convert a FAT drive to NTFS

  • Enable auditing in Windows 2000 Server

  • View local and remote events in Event Viewer


Objectives cont d1

Objectives(cont’d)

  • Manage file and directory ownership

  • Manage user rights

  • Enable custom user settings

  • Identify accounts used by Windows 2000 services


The security accounts manager

The Security Accounts Manager

  • Sam

    • A collection of processes and files used by Windows 2000 to authenticate users

    • Located at C:\winnt\system32\config


The computer management snap in

The ComputerManagement Snap-in

  • Managing users on a remote system


Local security settings

LocalSecurity Settings

  • Start | Programs | Administrative Tools | Local Security Policy

    • Configure account policies

    • Establish auditing

    • Change default user-rights settings

    • Alter default settings for system peripherals and auditing options

    • Determine public-key encryption and IP security policies


Auditing ownership and rights

Auditing,Ownership and Rights

  • Audit policy

  • User rights

  • Security options


Editing and customizing user accounts

Editing and Customizing User Accounts

  • Groups

  • User environment (home directory, logon scripts, user profiles)

  • Dial-in options


Windows 2000 services and user accounts

Windows 2000Services and User Accounts

  • IIS

  • Remote Management

  • Terminal Services

  • NetShow Video Server


Summary4

Summary

  • Identify the purpose of the Windows 2000 Security Accounts Manager

  • Administer remote Windows 2000 systems and users

  • Enforce systemwide policies

  • Convert a FAT drive to NTFS

  • Enable auditing in Windows 2000 Server

  • View local and remote events in Event Viewer


Summary cont d1

Summary (cont’d)

  • Manage file and directory ownership

  • Manage user rights

  • Enable custom user settings

  • Identify accounts used by Windows 2000 services


Lesson 6 managing users in linux

Lesson 6:Managing Users in Linux


Objectives5

Objectives

  • Create new accounts on Linux systems

  • Set password aging policies on Linux systems

  • Set account policies in Linux

  • View user accounts used by system daemons

  • Explain run levels

  • Use ntsysv and chkconfig


Manually adding users

File

/etc/passwd

/etc/shadow

/etc/logon.defs

Purpose

Public user database

Shadow password file

Contains default values

Manually Adding Users


Manually adding users cont d

File

/etc/default/useradd

/etc/skel

/etc/group

Purpose

Contains default values

Contains default values

Group file

Manually Adding Users (cont’d)


Linux user accounts

Entry of the new account into a database

Creation of the resources the new account will need

Linux User Accounts


Linux user account properties

Linux User Account Properties

  • User name

  • User ID number

  • Primary group ID number

  • Home directory

  • Shell program

  • Password


Pluggable authentication modules

PluggableAuthentication Modules

  • The password file

  • The shadow password file

  • Creating and preparing home directories

  • Account creation utility

  • linuxconf


Password management and account policies

Password Management and Account Policies

  • Passwordaging

  • Password checking


Groups

Groups

Mechanisms for managing access tofiles and processes


Linux system accounts

Linux System Accounts

  • Different subsystems should run under different accounts

  • File protections should be used to prevent one subsystem from interfering with resources belonging to another


Run levels ntsysv and chkconfig

Run Levels,ntsysv and chkconfig

  • The /etc/inittab file

  • The /etc/rc.d/ directory

  • The ntsysv command

  • The chkconfig command


Summary5

Summary

  • Create new accounts on Linux systems

  • Set password aging policies on Linux systems

  • Set account policies in Linux

  • View user accounts used by system daemons

  • Explain run levels

  • Use ntsysv and chkconfig


Lesson 7 name resolution in lans with dns

Lesson 7:Name Resolutionin LANs with DNS


Objectives6

Objectives

  • Explain the DNS

  • Identify DNS components

  • List the common DNS record types

  • Define reverse DNS lookup

  • Implement DNS in Windows 2000 and Linux

  • Deploy DDNS

  • Use nslookup


The domain name system

The Domain Name System

Internet service thatconverts common host namesinto their correspondingIP addresses


The domain name space

The Domain Name Space

  • DNS consists of three levels

    • Root

    • Top

    • Second

Root

TOP

Second

Second


Accessing hosts by dns name

dns2

Accessing Hosts by DNS Name

Possible resolution to a top-level domain, such as .com

The .ciwcertified domain

www

host1

www.ciwcertified.com

host1.ciwcertified.com

.research

.sales

.research

research1

sales1

.dnsresearch

dns1

research2

sales2

research2

research.ciwcertified.com

sales.ciwcertified.com

dnsresearch.research.ciwcertified.com


Dns server types

Root server

Master (or primary) server

Slave (or secondary) server

Caching-only server

Forwarding server

DNS Server Types


Common dns records

Common DNS Records

  • Internet (IN)

  • Name Server (NS)

  • Start of Authority (SOA)

  • Address (A)

  • Canonical Name (CNAME)

  • Mail Exchanger (MX)

  • Pointer (PTR)


Setting up dns

Setting Up DNS

  • Server

  • Zone file

  • DNS record


Probing dns with nslookup

Probing DNS with Nslookup

  • Locate name servers

  • Locate IP addresses

  • Locate host names

  • Review various record types

  • Change servers

  • List domains


Configuring dns in windows 2000

Configuring DNS in Windows 2000

  • Dynamic DNS

    • DNS record aging and scavenging

  • SOA field

  • WINS

  • Zone transfers


Understanding bind

Understanding BIND

  • BIND 4

  • BIND 8.x

  • BIND 9.x


Setting up dns in linux

Setting Up DNS in Linux

  • The named.conf file (BIND versions 8 and 9)

  • The named.ca file

  • The named.local file

  • The forward zone file

  • The reverse zone file


Troubleshooting dns

Troubleshooting DNS

  • DNS Professional

  • CyberKit Professional

  • Ping Plotter

  • WS_FTP Ping ProPack


Summary6

Summary

  • Explain the DNS

  • Identify DNS components

  • List the common DNS record types

  • Define reverse DNS lookup

  • Implement DNS in Windows 2000 and Linux

  • Deploy DDNS

  • Use nslookup


Lesson 8 name resolution with wins and samba

Lesson 8:Name Resolution with WINS and Samba


Objectives7

Objectives

  • Explain the basics of NetBIOS

  • Identify additional name resolution options for LANs and WANs

  • Implement and manage WINS

  • Use Samba to create a WINS server in UNIX

  • Configure Samba systems to use Windows 2000 authentication

  • Create and manage shares using Samba


Netbios over tcp ip

NetBIOS over TCP/IP

NetBIOS runs over TCP/IP much thesame way that SMB runs over TCP/IP


The netbios naming convention

The NetBIOS Naming Convention

  • NetBIOS services use UDP ports 137 and 138 and TCP port 139

    • 137 supports the NetBIOS name service

    • 138 carries the NetBIOS datagram service

    • 139 carries the NetBIOS session layer


Windows internet naming service

NetBIOS computer name (Instructor1)

IP address for (Instructor1)

Windows Internet Naming Service

  • Handles queries regarding NetBIOS names and corresponding IP addresses

  • Uses UDP ports 137 and 138


Managing wins

Managing WINS

  • Scavenging and backup

    • Scheduling queue


Static mapping

Static Mapping

Static mapping creates entries in the WINS database that allow non-WINS clients

  • Entries include

    • Unique

    • Group

    • Domain name

    • Internet group

    • Multihomed


Replication

Replication

  • Pushpartner

  • Pullpartner


Configuring dns and wins

Configuring DNS and WINS

  • DNS and WINS can work together to allow DNS to retrieve the dynamically assigned IP address associated with a particular name


Samba

Samba

  • Samba allows UNIX systems to participate in Windows networks

    • Establishes shares on UNIX hosts that are accessible to Windows systems

    • Shares printers

    • Makes a UNIX system a WINS server

    • Makes a UNIX system a WINS client


Internet system management

SWAT

  • Samba configuration tool

    • Home

    • Globals

    • Shares

    • Printers

    • Status

    • View

    • Password


Samba and wins

Sambaand WINS

  • Creating a WINS client

  • Troubleshooting WINS in UNIX systems


Samba share clients

Samba Share Clients

  • Windows

    • Network Neighborhood applet

    • Windows Explorer Map Network Drive utility

  • Linux

    • The smbclient program

    • The smbmount program


Interoperability issues

Interoperability Issues

  • Encrypting Samba passwords

    • The smb.conf file

    • The smbadduser command

    • The smbpasswd command

    • Registry changes


Summary7

Summary

  • Explain the basics of NetBIOS

  • Identify additional name resolution options for LANs and WANs

  • Implement and manage WINS

  • Use Samba to create a WINS server in UNIX

  • Configure Samba systems to use Windows 2000 authentication

  • Create and manage shares using Samba


Lesson 9 implementing internet services

Lesson 9:Implementing Internet Services


Objectives8

Objectives

  • Deploy user-level and anonymous FTP access in Windows 2000 and Linux

  • Describe standard and passive FTP

  • Configure Telnet for Windows 2000 and Linux

  • Configure finger in Linux

  • Control access to Linux services


File transfer protocol servers

File TransferProtocol Servers

  • Application-layer protocol

  • Uses two ports

    • TCP/20

    • TCP/21

  • Passive mode

  • Normal mode


Anonymous accounts

Anonymous Accounts

  • Anonymous accounts in Windows NT

  • Anonymous accounts in UNIX

  • Account considerations


Implementing microsoft ftp

ImplementingMicrosoft FTP

  • Microsoft Internet Information Server (IIS) is the primary way to implement FTP in Windows FTP


Managing ftp in iis

Managing FTP in IIS

  • Security Accounts tab

  • Messages tab

  • Home Directory tab

  • Directory Security tab


Creating virtual ftp servers

Creating Virtual FTP Servers

  • Dedicated virtual FTP servers

  • Simple virtual FTP servers

  • Shared virtual FTP servers


Anonymous access in iis

Anonymous Access in IIS

  • Analyzing and configuring anonymous FTP

  • Controlling access to your FTP site

  • Customizing your IIS FTP server

  • Configuring anonymous FTP on UNIX


Telnet

Telnet

  • Controls a system from a remote location

  • Operates on port 23


Xinetd

FTP

Telnet

Finger

SWAT

TFTP

Chargen

Daytime

POP3

BOOTP

Echo

Xinetd


Finger

Finger

  • Accesses information about local and remote users

    • Daytime

    • Echo

    • Chargen


The hosts allow and hosts deny files

The hosts.allow andhosts.deny Files

  • Controls access to UNIX services


Summary8

Summary

  • Deploy user-level and anonymous FTP access in Windows NT and UNIX

  • Install and configure Telnet for Windows 2000 and UNIX

  • Configure finger in UNIX

  • Control access to UNIX services


Internet system management1

Internet System Management

  • IT Systems and Services Overview

  • Internet System Installation and Configuration Issues

  • Configuring the System

  • User Management Essentials

  • Managing Users in Windows 2000


Internet system management2

InternetSystem Management

  • Managing Users in Linux

  • Name Resolution in LANs with DNS

  • Name Resolution with WINS and Samba

  • Implementing Internet Services


  • Login