Upload
databaseguys
View
308
Download
1
Tags:
Embed Size (px)
Citation preview
www.catcemea.org.uk
technology innovation centreCATC Birmingham
IT Essentials IINetwork Operating Systems
Chapter 5Overview of Network Services
Network Services
• Called– Services
• Windows 2000
– Daemons• Linux
– NetWare Loadable Modules (NLMs)
• Novell
• Less are set “on” by default as they are susceptible to attacks
Service TCP/IP protocol
World wide web server
HTTP
File transfer FTP, TFTP
Internet mailSMTP, POP3,
IMAP
Remote administration telnet
Directory services (Internet)
DNS,LDAP
Automatic network address configuration
DHCP
Network administration
SNMP
File sharing NFS
Remote Access Services
• Popular uses– Connecting branch offices to
one another – Access to the network after
business hours – Access for telecommuters– Access to the corporate
network for mobile users– Access to network resources
for clients and partners
Telnet Services
• Main Internet protocol for remote connection
• Provides error-free connection
• Beware of:– Hacking– Password guessing– ‘Denial of Service’ attack– Packet sniffing
• Secure SHell (SSH) is more secure
Configuring remote access for a client
• Point-to-Point Protocol (PPP)– PPP daemon (pppd) must be installed
• Can be configured in two ways– Text-based PPP configuration– GUI Dialer PPP Configuration
• Connecting using ISDN• Connecting via DSL and Cable modem Service
Controlling remote access rights
• Firewalls configured by– Manually– GUI tools– Website configuration
• TCP wrappers– two files that are used to configure the TCP Wrappers,
• /etc/hosts.allow• /etc/hosts.deny
• Passwords– Should be sent using SSH
• File Permissions– Can be used to specify general permissions
Remote administration to Linux
• Text-Mode Logins– Logging into a system via Telnet or SSH
– $ ssh hostname -l jsmith
• Remote Administration Protocols SNMP
• Samba Web Administration Tool (SWAT)– Web-based tool that is used to administer a
Samba server
• Webmin– Another Web-based remote administration tool.
Directory Services
• A database that organizes files in a hierarchical structure • A directory service identifies all resources on a network and
makes them accessible to users and applications • Provides system administrators with centralized control of
all users and resources across the entire network• Benefits
– Data can be easily organized– Data can be easily secured– Data can be easily located and accessed
Directory Services Standards
• Allows compatibility with other platforms and directory services
• X.500 – Electronic Directory Service (EDS) standards
• Structure defined as an upside down tree• Database is hierarchical• Three main components
– Directory System Agent (DSA)• Manages the data
– Directory User Agent (DUA)• Gives user access
– Directory Information Base (DIB)• Acts as the central database for storage
Directory Services Standards
• Directory Access Protocol (DAP) used by X.500 compliant directory service– Enables DUA to communicate with the DSA– Defines how users – search, read, add, delete and modify entries
• Lightweight Directory Access Protocol (LDAP)– Subset of DAP that simplifies access to X.500 directories– Uses less resources– Easier to maintain
Windows 2000’s Active Directory
• Information stored in:– Active Directory Database
• Actual directory
– Active Directory Log Files• Records changes
– Shared System Volume• Contains scripts and group policy objects
• Domain– Hierarchical domain tree– Represents a security and administrative boundary
• Organizational Units (OUs)– Organises resources within a domain– Authority can be delegated
Windows 2000’s Active Directory
• Domain Controller (DC)– Must be one server configured in each domain
• Replication– Synchronizing data between DCs
• Security– All objects have an ACL
• Permissions– Assigned– Inherited
• Must be a DNS server on every Windows 2000 network• Runs only on Windows 2000• Information can be exchanged with other LDAP directory
services
Novell’s Network Directory Service (NDS)
• NDS introduced in V4• Hierarchical• Inverted tree• Two basic objects
– Container– Leaf
• Permissions assigned to containers
• Can also run on– NetWare 4 and 5– Windows NT and 2000– IBM AIX and O/S390– Caldera OpenLinux– SCO UNIX– Sun Solaris
Network Information Service (NIS)
• Daemon must be loaded• Often works with NFS• Structure consists of:
– NIS Server• Changes made here• Copies database to slaves
– NIS Slaves• Provide information to clients• Provide load balancing
– NIS Clients
• If configured during install– Provide NIS domain name– Provide IP address
• If configured after install– Use linuxconf utility on client
Other NOS Services
• Intranets– Accessible only from inside of the company
• Extranets– Accessible from outside of the company
• Automating tasks with scripts services– Visual Basic script (VBScript), JavaScript, Linux shell
scripting, Pearl, PHP, TCL, REXX, and Python• Domain Name Service (DNS)
– Translate names into IP addresses• Dynamic Host Configuration Protocol (DHCP)
– Gives automatic network configuration • Domains
– Represents a security and administrative boundary
Other NOS Services
• Printing– Use print servers to manage printing– Use “first in, first out” (FIFO) priority
• File sharing– Windows File Sharing– Network File Sharing (NFS)
• Web services– Microsoft's Internet Information Services (IIS)– Apache Web Server– HyperText Transfer Protocol (HTTP)– HyperText Markup Language (HTML)– HyperText Transfer Protocol Secure (HTTPS)
Mail Servers
• Comprised of:– Mail transfer agent (MTA)
• Receive mail and forward– Mail user agent (MAU)
• Microsoft Outlook• Eudora• Pine
– Mail delivery agent (MDA)• Delivers mail to correct box
• Other features– Web interface programs
• Web based e-mail– LDAP
• Provides address book sharing
FTP (File Transfer Protocol)
• Allows users to download or upload files• Session orientated• Accessed through GUI programs or CLI
Action Command
Establish connection ftp <hostname or IP>
Change local directory lcd <local-directory>
Change remote directory cd <remote-directory>
Download get <remote-file>
Upload put <local-file>
Exit service bye
Virtual Private Networking
• Gives secure access to the company Intranet over the Internet
• Relies on:– Encryption software– Usernames– passwords
www.catcemea.org.uk
technology innovation centreCATC Birmingham
Questions?