Network Administration Procedures Tools –Ping –SNMP –Ethereal –Graphs aid,113175,00.asp 10 commandments for PC security.

Network Administration

• Procedures

• Tools– Ping – SNMP– Ethereal– Graphs

• http://www.pcworld.com/news/article/0,aid,113175,00.asp

• 10 commandments for PC security

Procedures

• Failure detection– Network card locally or at the switch/router– Host monitoring– Traffic monitoring– Route flapping– Intrusion

Management Levels

• Performance management– Utilization and throughput

• Fault Management– What is broken

• Configuration management– Track connections

• Accounting management– Logging resource use

• Security management

Infrastructure

• Managing entity– Human, network manager at the NOC

• Managed device– Switch, router, interface

• Management Information Base– Network management agent– Network management protocol (SNMP)

Monitoring Protocol

• http://www.snmp.org• Network Management Objects

– MIB object

• Data Definition language– Structure of Management Information (SMI)

• Protocol (SNMP)• Security and Administration capabilities

– Remote control

SMI constructs

• Data types– INTEGER -231 to 231-1

– Integer32 -231 to 231-1

– Unsigned32 unsigned version of above

– OCTET String 16 bit binary or text data

– OBJECT IDENTIFIER MIB information

– IPaddress 32 bit internet address

– Counter32 32 bit counter, wrap around

– Counter64 64 bit counter, wrap around

– Gauge32 non wrapping counter

– TimeTicks 1/100ths of a second since an event

– Opaque string

MIB Information

• Object Identifier tree

MIB information

• Organizes protocol information (RFC 2578,2579,2580)

– Sorta like the dewey decimal system for network monitoring.

– Identification strings:

• sysDescr

• sysObjectID

• sysUpTime

• sysContact

• sysName

• sysLocation

• sysServices

Protocol Data Unit (PDU)

• Data string for SNMP information

SNMP Security

• Read Community– Read data information from the remote system

• Write Community– Write data to the remote system

• Trap Community– Receive alarm information from the remote

system.

SNMP Security

• Encryption– SNMP transfers may be encrypted

• Authentication– Hashed function secret keys

• Playback protection– A hacker can’t hijack the PDU strings

• Access Control– Remote host can limit SNMP access to certain

objects

Tools at USU

• http://statler.usu.edu

• http://floyd.usu.edu

• http://pomoxis.usu.edu

• Interpreting the data

Windows Administration

• User Accounts

• Group Accounts

• UPS

• Fault Tolerance

• Backups

System Administration

• Users– Files, Rights, Groups

• System– Security– Virus Protection– UPS– Fault Tolerance

System Admin

• Virus Protection– Scans incoming data for viruses– Scans the disk for trojans or backdoors– Must be updated regularly, all versions do this

automatically if set up.– Beware of back door access to the server– Viruses may not slow down the server– Viruses may propagate via users address books

UPS

• Handles short duration power failures• Can alert the operator of power failure• Decide how long the UPS needs to power the

system• Does the server display need to be on?• How much power does the server need?• Does the UPS have an RS232 control port?• Life of the UPS battery(ies)

Server Admin

• Fault Tolerance– Multiple power supplies– Multiple CPU’s– Fault Tolerant Disk systems

• RAID 0 (disk striping)

• RAID 1 (disk mirroring)

• RAID 5 (disk striping with parity)

– BACKUP

Server Fault Tolerance

• Dual Power supplies– Power supplies always fail first!– If one supply fails the other can take over

• Dual CPU’s– Speed performance– The system can operate with only 1 CPU

operating

RAID!

• RAID 0– Disk Striping– No fault tolerance

• RAID 1– Disk Mirroring– High Disk Overhead (2-2GB disks=2GB)– High Write overhead (write to both disks)

MORE RAID!

• RAID 5– disk striping– parity blocks– Requires at least 3 disk drives– Can improve disk performance– lose and replace 1 disk drive and no data is lost– overhead is 1/N n=number of disks, 5 10GB

disks = 40 GB storage

Again Backups?

• Even a fault tolerant disk system can fail• Always back up• Always have several copies of backups in

case one is unreadable• Check the backups to see if they are

readable• Store the tapes or removable media in a

safe place

Server Admin

• Watch Event Logs for errors– Log files grow rapidly, delete old logs

• Audit Disk usage and resources

• Decide when an upgrade is needed

Server Admin

• Monitoring (Task Manager)

• Resources:– Processor– Memory– Disk– Network

• Baseline– To determine what is different week to week

Server Administration

• Network– File Sharing– Printing– Mail

File Sharing

• Howto– Set up networking, allow sharing– Who will access the files?– Do they need write access?– Is it secure?

• Beware of instant messaging

Printing

• Local or remote

• Shared from PC or networked printer

• What about security?

• Gotchas

Mail

• Exchange (Microsoft)– POP Mail (Post Office Protocol)

• Downloads messages to the client

– IMAP Mail (Internet Message Access Protocol)• Downloads headers (subject) to the client

• Better Security

– SMTP (Simple Mail Transfer Protocol)• Sends messages from the client to the Internet

– Calendaring (collaboration)

Mail

• Disk space

• SPAMMING

• Relaying

Network Administration