Network Administration

• Procedures
• Tools
– Ping
– SNMP
– Ethereal
– Graphs
• http://www.pcworld.com/news/article/0,aid,113175,00.asp
• 10 commandments for PC security
 Procedures
• Failure detection
– Network card locally or at the switch/router
– Host monitoring
– Traffic monitoring
– Route flapping
– Intrusion
 Management Levels
• Performance management
– Utilization and throughput
• Fault Management
– What is broken
• Configuration management
– Track connections
• Accounting management
– Logging resource use
• Security management
 Infrastructure
• Managing entity
– Human, network manager at the NOC
• Managed device
– Switch, router, interface
• Management Information Base
– Network management agent
– Network management protocol (SNMP)
 Monitoring Protocol
• http://www.snmp.org
• Network Management Objects
– MIB object
• Data Definition language
– Structure of Management Information (SMI)
• Protocol (SNMP)
• Security and Administration capabilities
– Remote control
 SMI constructs
• Data types
– INTEGER -231 to 231-1
– Integer32 -231 to 231-1
– Unsigned32 unsigned version of above
– OCTET String 16 bit binary or text data
– OBJECT IDENTIFIER MIB information
– IPaddress 32 bit internet address
– Counter32 32 bit counter, wrap around
– Counter64 64 bit counter, wrap around
– Gauge32 non wrapping counter
– TimeTicks 1/100ths of a second since an event
– Opaque string
 MIB Information
• Object Identifier tree
 MIB information
• Organizes protocol information (RFC 2578,2579,2580)
– Sorta like the dewey decimal system for network monitoring.
– Identification strings:
• sysDescr
• sysObjectID
• sysUpTime
• sysContact
• sysName
• sysLocation
• sysServices
 Protocol Data Unit (PDU)
• Data string for SNMP information
 SNMP Security
• Read Community
– Read data information from the remote system
• Write Community
– Write data to the remote system
• Trap Community
– Receive alarm information from the remote
system.
 SNMP Security
• Encryption
– SNMP transfers may be encrypted
• Authentication
– Hashed function secret keys
• Playback protection
– A hacker can’t hijack the PDU strings
• Access Control
– Remote host can limit SNMP access to certain
objects
 Tools at USU
• http://statler.usu.edu
• http://floyd.usu.edu
• http://pomoxis.usu.edu
• Interpreting the data
 Windows Administration
• User Accounts
• Group Accounts
• UPS
• Fault Tolerance
• Backups
 System Administration
• Users
– Files, Rights, Groups
• System
– Security
– Virus Protection
– UPS
– Fault Tolerance
 System Admin
• Virus Protection
– Scans incoming data for viruses
– Scans the disk for trojans or backdoors
– Must be updated regularly, all versions do this
automatically if set up.
– Beware of back door access to the server
– Viruses may not slow down the server
– Viruses may propagate via users address books
 UPS
• Handles short duration power failures
• Can alert the operator of power failure
• Decide how long the UPS needs to power the
system
• Does the server display need to be on?
• How much power does the server need?
• Does the UPS have an RS232 control port?
• Life of the UPS battery(ies)
 Server Admin
• Fault Tolerance
– Multiple power supplies
– Multiple CPU’s
– Fault Tolerant Disk systems
• RAID 0 (disk striping)
• RAID 1 (disk mirroring)
• RAID 5 (disk striping with parity)
– BACKUP
 Server Fault Tolerance
• Dual Power supplies
– Power supplies always fail first!
– If one supply fails the other can take over
• Dual CPU’s
– Speed performance
– The system can operate with only 1 CPU
operating
 RAID!
• RAID 0
– Disk Striping
– No fault tolerance
• RAID 1
– Disk Mirroring
– High Disk Overhead (2-2GB disks=2GB)
– High Write overhead (write to both disks)
 MORE RAID!
• RAID 5
– disk striping
– parity blocks
– Requires at least 3 disk drives
– Can improve disk performance
– lose and replace 1 disk drive and no data is lost
– overhead is 1/N n=number of disks, 5 10GB
disks = 40 GB storage
 Again Backups?
• Even a fault tolerant disk system can fail
• Always back up
• Always have several copies of backups in
case one is unreadable
• Check the backups to see if they are
readable
• Store the tapes or removable media in a
safe place
 Server Admin
• Watch Event Logs for errors
– Log files grow rapidly, delete old logs
• Audit Disk usage and resources
• Decide when an upgrade is needed
 Server Admin
• Monitoring (Task Manager)
• Resources:
– Processor
– Memory
– Disk
– Network
• Baseline
– To determine what is different week to week
 Server Administration
• Network
– File Sharing
– Printing
– Mail
 File Sharing
• How to
– Set up networking, allow sharing
– Who will access the files?
– Do they need write access?
– Is it secure?
• Beware of instant messaging
 Printing
• Local or remote
• Shared from PC or networked printer
• What about security?
• Gotchas
 Mail
• Exchange (Microsoft)
– POP Mail (Post Office Protocol)
• Downloads messages to the client
– IMAP Mail (Internet Message Access Protocol)
• Downloads headers (subject) to the client
• Better Security
– SMTP (Simple Mail Transfer Protocol)
• Sends messages from the client to the Internet
– Calendaring (collaboration)
 Mail
• Disk space
• SPAMMING
• Relaying
Network Administration