Upload
kelley-johnson
View
216
Download
2
Embed Size (px)
Citation preview
Network Services
CSCI N321 – System and Network Administration
Copyright © 2000, 2007 by Scott Orr and the Trustees of Indiana University
Section Overview
Client-Server Model
Network Ports, Services and Daemons
Network Protocols
Viewing Active Ports
Common Server Daemons
References
Linux System Administration
Chapter 18 (pgs. 305-332) Optional: Chapters 20 & 21
CQU 85321 System Administration Course
TextbookChapter 16
Lectures2002 #16
TCP/IP Protocol Stack
Physical Layer (media)Physical Layer (media)
Link Layer (Device Drivers)Link Layer (Device Drivers)
Network Layer (IP)Network Layer (IP)
Transport Layer (TCP,UDP)Transport Layer (TCP,UDP)
Application (FTP, HTTP, DNS)Application (FTP, HTTP, DNS)
Client-Server Model
ServerServer ClientClient
Listens forListens forincomingincomingrequestsrequests
Makes a requestMakes a request
Request fulfilledRequest fulfilled
Network Ports
Enables processes to communicate with each other across a network64K possible portsPrivileged ports < 1024 reserved for system use only Correspond to well-known services /etc/services
/etc/services
Service-name port/protocol aliases
Examples:ssh 22/tcp
smtp 25/tcp mail
www 80/tcp http www-http
imaps 993/tcp
syslog 514/udp
Running Network Servers
Stand-alone Daemon Each started via rc script Always running Listens (binds) to the service port Uses resources even when idle
inetd “Super-daemon” Listens to many ports Starts daemon when request is received Daemon shuts down when finished /etc/inetd.conf
/etc/inetd.confservice_name: Service namesock_type: stream (tcp) dgram (udp) raw (direct IP)
proto: protocol used (/etc/protocol)flags: wait, nowaituser: User to run daemon asserver_path: Full path to daemon programargs: Command line arguments to daemon
Xinetd
Replacement for inetdEnhancements Access Control Resource based limits Logging (Success and Failure)
Default: /etc/xinetd.confService Specific: /etc/xinetd.d
/etc/xinetd.conf
defaultsdefaults{{ instances = 60instances = 60 log_type = SYSLOG authprivlog_type = SYSLOG authpriv log_on_success = HOST PIDlog_on_success = HOST PID log_on_failure = HOSTlog_on_failure = HOST cps = 25 30cps = 25 30}}
includedir /etc/xinetd.dincludedir /etc/xinetd.d
Example xinetd service /etc/xinetd.d/imaps:/etc/xinetd.d/imaps:
service imapsservice imaps{{ disable = nodisable = no socket_type = streamsocket_type = stream wait = nowait = no user = rootuser = root server = /usr/local/sbin/imapdserver = /usr/local/sbin/imapd groups = yesgroups = yes flags = REUSE IPv6flags = REUSE IPv6}}
Windows Service Management
Microkernel – Everything a serviceAdministrative tools -> ServicesService Options Startup Type: Automatic, Manual,
Disabled Log On: Which user to run service as Recovery: What to do on failure Dependencies: Which services does this
one depend upon
Windows Service Recovery
Settings for: First Failure Second Failure Subsequent
Failures
Counter Reset (Days)
Options: Take no Action Restart the
Service Run a program Restart the
Computer
Network Protocols
Service request/response syntaxOften uses English commandsRequest For Comments (RFC) Documentation for protocols and
practices Each revision its own number May have a second classification
For Your Information (FYI) Best Common Practices (BCP) Standards (STD)
Viewing Active Ports
netstat –a – Ports in use Source/destination addresses and ports Protocol used State
LISTENESTABLISHED
lsof –i :service – Process using porttcpdump – View network traffic
Resource Sharing Daemons
Network File System (NFS) nfsd mountd
Line Printing Daemon (lpd)Samba smbd – Microsoft file and print sharing nmbd – Microsoft name resolution
Internet Daemons
telnetd – Remote Accessftpd – File transferBerkeley-R Daemonssshd – Secure ShellElectronic Mail sendmail/postfix – Receiving email imapd, popd – Remote email access
httpd – Web
Infrastructure Daemons
named – DNSdhcpd – Dynamic Host Config Protocolnisd/ldapd – Directory Servicesfingerd – User informationxntpd – System time synchronizationrouted/gated – RoutingFirewall