COP 4343 Unix System Administration

Slides:



Advertisements
Similar presentations
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Ferry Astika Saputra Workshop Administrasi Jaringan TELNET & SSH.
Advertisements

Linux Networking TCP/IP stack kernel controls the TCP/IP protocol Ethernet adapter is hooked to the kernel in with the ipconfig command ifconfig sets the.
Securing Network using Linux. Lesson Outline Setting up a secure system TCP Wrapper configuration Firewalls in Linux Authentication Systems –NIS –Kerberos.
Linux+ Guide to Linux Certification, Second Edition Chapter 15 Configuring Network Services and Security.
Linux Services Sirak Kaewjamnong. 2 Linux DHCP Server  DHCP is an IP address dynamically assigned from DHCP server.  PC client will most likely get.
DHCP. DHCP (Dynamic Host Configuration Protocol) is a network service that enables clients to obtain network settings (IP Address, Subnet Mask, Default.
New SA Training Topic 7: DNS and DHCP To implement the underlying basis for our organizations networking, we rely on two fundamental services  DNS – the.
1 Linux Networking and Security Chapter 4. 2 Configuring Client Services Configure “superservers” to handle multiple network services Set up administrative.
Module 3: Configuring Basic TCP/IPv4 Settings. Overview of the TCP/IP Protocol Suite Overview of TCP/IP Addressing Name Resolution Dynamic IP Addressing.
A+ Guide to Software: Managing, Maintaining, and Troubleshooting, 5e
Computer Networks. IP Addresses Before we communicate with a computer on the network we have to be able to identify it. Every computer on a network must.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 7: Domain Name System.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.
Network Services CSCI N321 – System and Network Administration Copyright © 2000, 2007 by Scott Orr and the Trustees of Indiana University.
Linux: A Wireless Solution Josh Joiner. Agenda Introduction Minimum Hardware Basic Components Steps on setting up a wireless network Security Concerns.
ITI-481: Unix Administration Meeting 3. Today’s Agenda Hands-on exercises with booting and software installation. Account Management Basic Network Configuration.
1 Network Administration ITA3564 Leung Hung
Linux Services Muhammad Amer. 2 xinetd Programs  In computer networking, xinetd, the eXtended InterNET Daemon, is an open-source super-server daemon.
1 Introductory material. This module illustrates the interactions of the protocols of the TCP/IP protocol suite with the help of an example. The example.
Fundamentals of Proxying. Proxy Server Fundamentals  Proxy simply means acting on someone other’s behalf  A Proxy acts on behalf of the client or user.
Data Communications and Networks Chapter 5 – Network Services DNS, DHCP, FTP and SMTP ICT-BVF8.1- Data Communications and Network Trainer: Dr. Abbes Sebihi.
Module 10: How Middleboxes Impact Performance
Internet Services.  Basically, an Internet Service can be defined as any service that can be accessed through TCP/IP based networks, whether an internal.
ECMM6018 Enterprise Networking for Electronic Commerce Tutorial 7 Dynamic Host Protocol.
CIS 192B – Lesson 2 Domain Name System. CIS 192B – Lesson 2 Types of Services Infrastructure –DHCP, DNS, NIS, AD, TIME Intranet –SSH, NFS, SAMBA Internet.
Unix network Services. Configuring a network interface In Unix there are essentially two commands that are used to enable TCP/IP. ifconfig route.
Sample DNS configurations. Example 1: Master 'master' DNS and is authoritative for this zone for example.com provides 'caching' services for all other.
Chapter 38 Initialization & Configuration. Bootstrapping occurs during boot up to obtain boot program which may then load operating system may use network.
“ is not to be used to pass on information or data. It should used only for company business!” – Memo from IBM Executive The Languages, Methods &
Juan Ortega 10/7/09 NTW342. Setting up the Configuration File ddns-update-style interim; Ignore client-updates; Subnet netmask
1 Network Communications A Brief Introduction. 2 Network Communications.
Securing your network But still be able to access it Hugh Mahon.
Dynamic Host Configuration Protocol
Routing Game.
NAT、DHCP、Firewall、FTP、Proxy
Application Layer Functionality and Protocols
Module 3: Enabling Access to Internet Resources
Affinity Depending on the application and client requirements of your Network Load Balancing cluster, you can be required to select an Affinity setting.
Chapter 9 Router Configuration (Ospf, Rip) Webmin, usermin Team viewer
Implementing TCP/IP.
LINUX ADMINISTRATION
MCA – 405 Elective –I (A) Java Programming & Technology
LINUX ADMINISTRATION 1
DHCP server & Client Objectives Contents
Installing and Troubleshooting Networks
Firewall – Survey Purpose of a Firewall Characteristic of a firewall
Understand Networking Services
Working at a Small-to-Medium Business or ISP – Chapter 7
TCP/IP Networking An Example
Welcome To : Group 1 VC Presentation
Working at a Small-to-Medium Business or ISP – Chapter 7
IS3440 Linux Security Unit 6 Using Layered Security for Access Control
Network Services CSCI N321 – System and Network Administration
Lecture # 7 Firewalls الجدر النارية. Lecture # 7 Firewalls الجدر النارية.
IIS.
Securing Network Services
Introduction to TCP/IP
Routing and Switching Essentials v6.0
TCP/IP Networking An Example
Application layer Lecture 7.
Firewalls Purpose of a Firewall Characteristic of a firewall
Working at a Small-to-Medium Business or ISP – Chapter 7
Lab 7 - Topics Establishing SSH Connection Install SSH Configure SSH
Network Services.
PART V Transport Layer.
Daemons & inetd Refs: Chapter 12.
AbbottLink™ - IP Address Overview
APACHE WEB SERVER.
Computer Networks Protocols
Data Communications and Networks
Presentation transcript:

COP 4343 Unix System Administration Unit 12: basic network services concepts dhcpd, named superserver

Basic Network Services service listens on port for requests examples: http uses port 80 ssh uses port 22 firewall must allow IP packets through /etc/sysconfig/iptables service iptables restart

/etc/sysconfig/iptables # ftp -A RH-Firewall-1-INPUT -p tcp --dport 20 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp --dport 21 -j ACCEPT # ssh -A RH-Firewall-1-INPUT -p tcp --dport 22 -j ACCEPT # http -A RH-Firewall-1-INPUT -p tcp --dport 80 -j ACCEPT # mail -A RH-Firewall-1-INPUT -p tcp --dport 25 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp --dport 143 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp --dport 587 -j ACCEPT

Basic Network Services examples: dhcpd: UPD ports 67 and 68 named: UPD port 53 superserver: can be configured to listen on any port

dhcpd server install dhcpd package configuration file: /etc/dhcpd.conf enable in run-level

dhcpd configuration example subnet 192.168.0.0 netmask 255.255.255.0 { range 192.168.0.2 192.168.0.8; Range of available IP addresses default-lease-time 604800; Default lease time in seconds max-lease-time 604800; Maximum time a lease will be given option subnet-mask 255.255.255.0; subnetmask given to clients option domain-name-servers 1.2.3.4, 1.2.3.5; List of name server IP addresses option domain-name "your.domain.name"; option routers 192.168.0.1; Gateway router }

named server implements domain name server (DNS) Configuration file: /var/named/chroot/etc/named.conf example: zone "ege.com" { type master; file "ege.hosts"; };

Example: ege.hosts @ IN SOA ege.com. raimund.ege.com. ( 75 8H ; refresh 2H ; retry 1W ; expire 1H) ; min time to live NS ns3.ege.com. NS ns4.ege.com. MX 10 mail.ege.com. TXT "Ege Consulting Inc" A 131.94.130.39 mail A 131.94.130.39 ns3 A 131.94.130.39 ns4 A 66.92.213.193 instructor A 131.94.132.84 www.instructor A 131.94.132.84

Superserver configurable server to handle multiple network services xinetd xinetd.conf xinetd.d listens on multiple network ports and starts the appropriate service when a client connects to that port traditional Unix: inetd

example configuration file service echo { type = INTERNAL id = echo-stream socket_type = stream protocol = tcp user = root wait = no disable = yes }

example configuration file service ntalk { disable = yes socket_type = dgram wait = yes user = root group = tty server = /usr/bin/ktalkd }

xinetd security enable port in firewall host specific: iptables /etc/hosts.allow /etc/hosts.deny

xinetd to enable: disable = no reload xinetd service service xinetd reload test via telnet host port

example services port 7: echo port 19: chargen port 9: discard repeats back whatever you type port 19: chargen returns a character stream until control-D port 9: discard like /dev/null port 37: time returns a number corresponding to the current time port 13: daytime returns the current date/time in human-readable form

Services Beyond the Superserver services do not rely on superservers: Apache Web SMTP FTP ... run as service in run level

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.