Q.NO.

1 Describe what is SWAT protocol / tool in Linux and how it relates to the Samba service and
how you make use of it.

SWAT (Samba Web Administration Tool)

A web based tool that facilitates for graphical user interface (GUI) based management and
configuration of samba server in Linux Environment. SWAT comprised on a Wizard that allows
quick configuration of samba server with ease and convenience. SWAT provides context
sensitive support for each directive of samba configuration file (smb.conf) that allows for
monitoring and administration of connections established with samba server and for their
existing status. SWAT also facilitates for Microsoft Windows network password management
across the network.
Features and Advantages of SWAT
SWAT (Samba Web Administration Tool) is a service built-in available in Samba software suite.
The main executable of SWAT software tool known as SWAT and service can started through
internetworking of super daemon. Samba Web Administration Tool (SWAT) utilize vital
components of samba server for locating the directives those are support by some specific
version of Samba Server. Samba Web Administration Tool (SWAT) keeps the latest information
about Samba server and updates immediate in case of any change in samba server configuration
parameters. Another prominent feature of SWAT is that it allows for context sensitive support
for every configuration directive that it received from man (manual) page entries directly. Few
network administrators thought that system documentation writing inside configuration files is
way that is more convenient so for such network administrators Samba Web Administration Tool
(SWAT) proves itself a disgusting tool. Samba Web Administration Tool (SWAT) stores various
configuration directives setting instead of storing configuration files in some intermediate form
and upon writing Samba Configuration (smb.conf) file on physical storage its only stores
parameters those deviate from default configuration parameters. As resultant parameters and all
commented lines of Samba Configuration (smb.conf) files, those are no more required and not
supported as purge from Samba configuration file and furthermore all the configuration
directives are write in internal ordering.

Swat Installation on Linux

First of all it has to check that SWAT is installed with samba server installation on Linux,
available then you have to configure swat for accessing samba server configuration using web
browser that will allow management and configuration of samba server more conveniently. By
default SWAT installed in /etc/xinetd.d/ directory with executable name, swat. In most of the
Linux flavors, (Distributions) Swat is not install by default even swat delivered with Linux
distribution as installable binary support package. Once confirmed that Samba Web
Administration Server (SWAT) installed with samba server and compatible version, the most
important point is the validation that SWAT installation include with binary swat Files and other
web and text based supporting files. In the past most of the Linux distributions failed for
including necessary support files even swat binary was installed and available at its default
installation location /etc/xinetd.d/ folder. After confirmation and validation about installation of
swat executable it has to check whether Samba Web Administration Tool (SWAT) is enabled in
main control file for internetworking in swat main configuration file located at /etc/xinetd.d or
inetd whatever used by OS.
SAMBA Server
Samba is an application suite used for implementation of Server Message Block (SMB) protocol
and used by both Open Source Linux distribution and Microsoft Windows environment for
client/server communication architecture. Samba server facilitate for interaction of Linux and
Windows based computer hosts with each other. Samba is an open source license free software
under General Public Licensing (GPL) and was develop in 1991 for file and print sharing from
the client machines those are running with samba client. Initially samba developed for file and
print sharing as mentioned above but with passage of time samba developed as an application
suite used for networking and Windows and Linux based architecture. Samba server facilitates
for numerous services including sharing of a single or more director trees, sharing of one or more
than Distributed File System, sharing of printing devices installed on Samba Server with users
using windows OS, assistance for client users for network browsing tasks, authentication
provisioning for users those are trying to connect and login on.
Installation, configuration and working of SWAT
Once samba has configured and Swat is installed with samba at location /etc/xinetd.d/swat,
check whether swat file exists on the mentioned location or not. If swat file at /etc/xinetd.d/swat
location do not found. It is recommended to install samba-swat with following command.
$- yum install xinetd samba-swat –y

Figure: installation of samba-swat using yum command

After installation of samba-swat, swat executable file will save at /etc/xinetd.d/swat, before start
using swat services it is recommended to go to /etc/xinetd.d and open swat file with any text
editor of your choice, like nano or vi.

Figure: open swat file with vi editor located at /etc/xinet.d folder

Following image shows the default configuration of /etc/xinetd.d/swat configuration file, in
following figure only_from value is set to 127.0.0.1. That means accessing to swat for samba
web based administration is only allowed from the localhost because only loopback IP of server
on which swat is installed allowed, further swat is also disable at mentioned in last line of this
swat default configuration file.

Figure: Default configuration of /etc/xinetd.d/swat file

It is recommended to change only_from value from loopback IP to Local Network IP, remove
127.0.0.1 and assigned 192.168.1.0/24 value to only_from, which means users from network
192.168.1.0/24 can access the samba using Samba Web Administration Toool. Furthermore,
value for disable is also required to set no, that will make swat service on and available. Swat
configuration file after changing is depicted below:
 Figure: configuration of /etc/xinetd.d/swat changed and service swat on

After changing disable value from yes to no, will make service swat available and accessible
from entire network of 192.168.1.0/24. In following figure, it depicted to start swat service and
to add in start at boot.

Figure: starting xinetd service

Once swat service has started, samba server can access using swat for management and
configuration through Graphical User Interface (GUI) web based using samba web
administration tool (Swat). For accessing the samba configuration, it is recommended to use any
web browser and provide address in url http://192.168.1.100:901, that is the default IP address of
machine on which samba and swat is configured and installed.
Note: Installation of Samba-Swat on CentOs7
It is required to mention with great concern that installation of swat is not possible on CentOS7,
as CentOs 7 support for samba version 4 and for samba version 4, there is no swat is available.
For installation of swat with samba, it is required to install samba version 3 that is not feasible in
CentOs 7, so instead of swat other web based administration and configuration tools can use for
samba GUI based administration.
Q. No 2

Hosts.allow file in CentOs located under folder /etc/hosts.allow, This file comprise of access
rules for allowing or denying the access for network services those are used for tcp wrapper
library or for the services those are started using tcp_wrapper-enabled xinetd.
In above figure, hosts.allow files contents is depicted, where At Line 1: rule for senmail daemon
is defined. Access rules in hosts.allow file are defined using following syntax
daemon_list : Client_list : option : option …
according to syntax used for defining access rules in hosts.allow files, at line 1 rules for sendmail
daemon is defined and access for 192.168.1.1 is denied, it means that any client with IP address
192.168.1.1 is not allowed to access the sendmail daemon network service.
At Line 2: access rule for sshd daemon is defined, for sshd network service rules says that any
cilet with IP address 192.168.1.1 is not allowed to access sshd network service. Client with this
IP address is not allowed to access sshd service or sshd service is inaccessible for client with
mentioned IP address.
At Line 3: access rule for sendmail daemon is defined, this rules illustrate that client with IP
address 192.168.2.2 is allowed to access sendmail daemon network services. At Line 4: another
rules for sendmail daemon is defined and send mail daemon services for all clients are denied.
Above sendmail daemon rules defined at line number 1 and 3 will proceeded before access rule
defined on line no. 4 for sendmail daemon in which access for all clients is denied. But, At Line
3 sendmail daemon access is allowed for client with IP address 192.168.2.2 that mans except
client with IP address 192.168.2.2 is the only client who can access sendmail daemon network
services, because At Line 1, sendmail daemon is denied for client with IP address 192.168.1.1.
At Line 4 sendmail daemon service is denied for all clients but before deny sendmail daemon
service at line 4, sendmail service was allowed for client with IP address 192.168.2.2.
At Line 5: telnetd daemon network service is denied for all clients and no access rules is defined
for telnetd daemon, on line 5 service is denied for all clients. It means not a single client allowed
for accessing the telnetd service and telnetd daemon service access is block for all everyone.
At Line 6: an Access Rule for proftpd daemon service is defined and service allowed for client
with IP address 192.168.2.2 and again At Line 7 access rule for proftpd daemon service is
defined in which proftpd service is allowed for client with IP address 192.168.2.3 and client with
this IP address have rights to access the proftpd service. At line 8, Access Rule for proftpd is
again defined and access for all clients is denied. It means according to Line 6 and Line 7 only
two clients with IP address 192.168.2.2 and 192.168.2.3 are allowed to proftpd daemon service
and except these clients proftpd daemon service is denied for everyone.
Q1-c
There are various methods available for resetting password in windows server 2012, third party
applications for resetting of password in Windows server 2012 also available those helps for
resetting the Widows server 2012 password even if you have lost or forget your assigned
password. The most appropriate way for resetting password for Windows 2012 server especially
when you have forgotten your password is resetting password using pre-created installation disk.
but for this method you must have make your pre-created installation disk when your system is
accessible to you. Once you have pre-created installation disk you can reset password for
Windows Server 2012 whenever you required. For Resetting password of Windows 2012 server
following mentioned steps are required to execute, which are mentioned below in sequence.
For Password resetting in Windows 2012 Server, first of all you have to boot your machine using
Microsoft Windows 2012 Server installation CD or DVD or any other media that keeps in
Windows Server 2012 installation files that can also be a Bootable USB Stick.
1- Insert your Windows Server 2012 bootable media and boot from installation media
2- When Windows have booted from installation media and windows server 2012
installation menu appear, choose Windows Setup Menu option and click on next button.
This first step is mentioned below in figure
3- When Windows server 2012 installation setup start, after clicking on next button, choose
option for repairing your computer, another widows will prompt with option continue,
troubleshooting, and turn off your pc, Choose second option that is Troubleshooting and
continue the procedure as mentioned in figure given below:

4- In next step, upon prompting the advance option window that has option for system
image and command prompt, Choose Command Prompt option from the given options as
mentioned in figure mentioned below:
 5- On appearing command prompt, commands mentioned below are required to execute in
sequence
i- d: (Select the drive that has windows installation media)
ii- cd windows\system32
iii- ren Utilman.exe utilman.exe.old (Rename utilman.exe file and save with
“utilman.exe.old” name.
iv- ren cmd.exe Utilman.exe (Rename cmd.exe file and save as utilman.exe
name)
v- execute command “wpeutil reboot” for rebooting Windows Server 2012.

6- After successfully executing the above-mentioned command on command prompt, exit

from command prompt and click continue button.
7- Windows Server 2012 will reboot and will show logon screen. Upon logon screen
appearing, click Windows Key + U simultaneously.
8- At the prompt, you will be able to change password and setting of new password for
Windows Server 2012 using “net user administrator password new 123456”
command.
By following above-mentioned steps, it is possible to reset the password of Windows Server
2012 with easy steps.
Q2-A Discuss similarities and differences between FTP and Samba service

Differences between FTP and Samba Services:

FTP (File Transfer Protocol) and samba both are Client/Server Architecture and seems that both
provides the same services for the users but there is a difference between both two services. The
most prominent differences between FTP and Samba services are mentioned below in tabular
form
FTP (File Transfer Protocol) Samba Service (SMB: Server Message Block)
FTP mean File Transfer Protocol SMB means Server Message Block
FTP allows file transfer from one SMB (Samba) is Client/Server communication
connection to another connection protocol that allows for sharing and accessing of
network resources like files, printers, serial ports,
and other network resources.
FTP facilities to user for creation, Samba do not allow users to create, delete network
deletion of files and directories resources and just allows for sharing of network
resource as oppose to FTP
File Transfer Protocol (FTP) use Port Samba used port number 139 and port number 445
Number 20 and 21 for simple ftp and for sharing of network resouces
sftp (Secure FTP) port is 22
For File Transfer Protocol (FTP) remote Samba service required remote login services for
login service is not necessary accessing the network resources
File Transfer Protocol (FTP) establish Samba service allows for establishing of
two connection for file sharing, one multichannel connections and maximum 32
connection for controlling the channels can establish concurrently.
connectivity and other connection for
sharing of data (files)

As for as concerned with similarities of FTP and Samba service, it can say that both service
provides File sharing for the remote users, File Transfer Protocol also allows to users for sharing
of files from a remote server machine on which files are stored and user required to establish a
connection using login authentication for sharing of files. Samba service also offers file sharing
between server and client but with addition of other network resources like printers, serial ports
and other network resources. FTP and Samba both required user login for accessing the files
store on serve machine.

Q. NO 2-B
In above figure interaction between DHCP client and DHCP server is presented, DHCP client
and DHCP server exchanges various messages with each other for provisioning of dynamic IP
allocation to clients and work in a client/server communication architecture.
In above figure, At Number 1: The first Message (DHCP REQUEST), message is generated by
the DHCP server and sent to DHCP client. DHCP client receives DHCP REQUEST message
from DHCP server in response of DHCP Discovery message that is generated by the DHCP
client, whenever a DHCP client DHCP Discovery message to DHCP server, DHCP Server send
DHCP REQUEST message in response to DHCP Client. Leave unavailable option shows that
DHCP Server do not assign/lease IP address to DHCP client and reason can be all IP address are
already leased out.
At Number 2: DHCPNAK (DHCP Negative Acknowledge) message generate by the DHCP
server and sent to DHCP Client, in this case DHCP server sends back DHCPNACK to DHCP
client. AT Number 1, DHCP REQUEST message sent by DHCP Server to DHCP Client when
DHCP Client requested for a special IP Address, and DHCP server respond with DHCP
REQUEST message and unavailable lease.

At Number 3: DHCPDISCOVRY Message is shown, that is sent by the DHCP client on

initialization of communication between DHCP client and DHCP Server. At the starting of the
communication DHCP client send DHCP Discovery Message to find out DHCP Server for
allocation of an IP Address. DHCPDISCOVERY message is broadcasted by the DHCP client to
check, whether any DHCP Server in subnet is available for allocation of IP addresses or not.
At Number 4: DHCP OFFEER Message that is generate and send by the DHCP server in
response of DHCP DISCOVERY message. It is also possible that DHCP Server do not send
DHCP offer message towards DHCP client and reasons involves that all available IP addresses
already have been leased to other users, subnet configuration issues, and if DHCP client do not
support to DHCP Offer Message. DHCP Offer Message if generated and sent towards DHCP
client from DHCP server it will contain a valid IP address for allocation to DHCP Client.
At Number 5: DHCP REQUEST message is again generated by the DHCP Server and send
towards DHCP Client, This DHCP REQUEST message generated in response of DHCP client
(DHCP DISCOVERY) message that is generate by DHCP Client for IP address 10.0.14.9.
AT Number 6: DHCPACK (Acknowledge) message is sent back to DHCP Client by the
selected DHCP Server, DHCPACK contains addition configuration message. DHCPACK
message is sent towards client by confirming that IP has been assigned and additional
configuration is also being sent in DHCPACK message.
At Number 7: DHCP INFORM message is shown, DHCPINFORM message is sent by the
DHCP client and DHCP server received and process this DHCPINFORM message. In above
figure, DHCPINFORM message is generate by the DHCP client with IP address 192.168.0.29,
and informs to DHCP server that DHCP client is not associated with Subnet.
Q.2-C Critically discuss differences regarding firewall configuration in Linux using iptables and
firewall-cmd commands. Provide implementation examples.

IPTABLES
Iptables is application/utility program in Linux that facilitate for configuration of firewall
security tables provided by the Linux Kernel Firewall and available chains and use can define or
remove security rules using iptables commands. Iptables in Linux utilize various kernel modules
and diverse protocol for provisioning the best security features to users. Iptables can utilize for
both IP addressing schemes like IPV an IPV6 addressing and for both transport layer protocols
TCP and UDP for blocking the service ports used by various applications. Iptables in Linux
adopts Netfilter framework for provisioning of diverse networking operations those can
performed by the iptables. The Iptables rules managed by the Linux Kernel and is the key
responsibility of Linux Kernel. Regardless which security tool used for configuration of security
at the end these security rules are converted to iptables rules and kernel manages all the security
related operations. Iptables used chain like INPUT, OUTPUT and FORWARD chains. For
dropping all the services in, flushing iptables following commands are used
Iptables –F ( for flushing the IP tables entries)
Iptables –P INPUT DROP
Iptables –P OUTPUT DROP
Iptables –P FORWARD DROP
FirewallD
Firewalld offers dynamic management of firewall by using network or firewall zones for
defining the trust level of network connection those are established for services and connected
interfaces. Firewalld provides support for both addressing IPV and IPV6 addressing schemes as
well as for Ethernet bridges and IP subsets. There are two isolated configuration options are
available in firewalld those are for runtime and permanent setttings. Firewalld also provides
support of an interface with respect to services and applications for directly addition of firewall
rules. Following firewalld commands are used for configuration of firewalld rules
For zone management
Sudo firewall –cmd –get-active-zone