Professional Documents
Culture Documents
Compiled Materials of SNA
Compiled Materials of SNA
Compiled Materials of SNA
A person who works a system administration is called system administrator, or sys admin, sysad
To ensures that the users of networks receive the information and technically
serves with quality of services they expect
Network administration means the management of network infrastructures
devices (such as router and switches)
Network administration compromises of 3 majors groups:
Network provisioning
its consists of planning and design of network which is done by engineer.
Network operations
it consists of fault, configurations, traffic, all type of management and it is done
by plant facilities group. Its is nerve center of network management operations.
Network maintenance :
its consists of all type of installations and maintenance work.
System and Network Administration
Slide #11
System and Network Administration
Slide #12
Responsibilities of the Network Administrator
As a network administrator, your tasks generally fall into the following
areas:
Designing and planning the network
Setting up the network
Maintaining the network
Adding new host machines to the network
Administering network security
Administering network services, name services, and electronic mail
Troubleshooting network problems
Expanding the network
Simplicity
Choose the simplest solution that solves the entire problem.
Clarity
Choose a straightforward solution that’s easy to change, maintain, debug, and explain to other SAs.
Generality
Choose reusable solutions and open protocols.
Automation
Use software to replace human effort.
Communication
Be sure that you’re solving the right problems and that people know what you’re doing.
Basics First
Solve basic infrastructure problems before moving to advanced ones.
Network Administrator
Security Administrator
Web Administrator
Technical support
48 System and Network Administration
computer operator
Types of Administrators/Users
U need to
dig this
course with
me
Network Administration
Objectives
2
Workstations
3
Prepared by kehussen12@gmail.com
Chapter One
Source: Unknown
System Administration Tasks
❏ User Management
❏ Hardware Management
❏ Software Management
❏ Backups
❏ Firefighting!!!
The Good…
❏ Lots of variety
❏ Challenging
❏ Fulfilling
❏ Pays well
❏ Very employable
The Bad…
❏ Annoying at times
❏Users
❏Management
❏Vendor Tech Support
❏ Long hours
❏ May not be your only job
Code of Ethics
❏ Professionalism ❏ System Integrity
• It's the kernel's job to keep each process and user separate and to
regulate access to system hardware, including cpu, memory, disk
and other I/O devices.
Introduction to Linux
History of UNIX
• 00:00:00 Hours, Jan 1, 1970 is time zero for UNIX. It is also called as
epoch.
Introduction to Linux
…Cont’d
• The Kernel version 1.0 was released in 1994 and today the most
recent stable version is 2.6.9
• Mandrake: http://www.mandrakesoft.com/
• RedHat: http://www.redhat.com/
• Fedora: http://fedora.redhat.com/
• SuSE/Novell: http://www.suse.com/
• Debian: http://www.debian.org/
Introduction to Linux
UNIX Structure
Introduction to Linux
UNIX File System
Unix-like Systems vs Windows Systems
❏ They are two different types of operating systems used in computers.
❏ Unix-like systems, such as Linux and macOS, are based on the Unix
operating system.
❏ They are known for their stability, security, and open-source nature.
❏ Unix-like systems use a command-line interface, which can be more
difficult to learn for beginners, but allows for more advanced control
and automation of tasks.
…Cont’d
❏ On the other hand, Windows systems are developed by Microsoft and
are known for their user-friendly interface and compatibility with a
wide range of software.
❏ Windows systems are more widely used in personal computers, and are
often the go-to choice for businesses that use Microsoft Office
applications and other Windows-specific software.
❏ There are also differences in the way these operating systems handle
file systems, networking, and security. Unix-like systems often use a
hierarchical file system, while Windows systems use a drive-letter
system.
…cont’d
In addition to these
distributions, there are
many other options
available, each with its
own unique features and
focus. The UIs available
on Linux include
GNOME, KDE, Xfce,
LXDE, and others.
Linux Operations Review
➔ File system navigation: move from one directory to another directory (cd)
➔ File management: creating, copying, moving, and deleting files.
➔ Package management: install, update, and remove software packages
➔ Process management: managing processes, such as "ps" to list
running processes, "kill" to terminate a process
➔ User management:creation and management of user accounts
➔ Networking:Linux offers a range of networking commands for configuring
network settings, such as "ifconfig" to display network interface
information
File system Hierarchy and Standard
The File system Hierarchy Standard (FHS) is a standard that defines the structure of the file system on Linux and
other Unix-like operating systems.
★ Here is a brief overview of the file system hierarchy and standard in Linux:
1. / (root): The root directory of the file system, which contains all other directories and files.
2. /bin: Contains executable files that are necessary for the system to function, such as basic system utilities
like "ls", "cd", and "cp".
3. /etc: Contains system configuration files, such as configuration files for networking, users, and system
services.
4. /home: Contains user home directories, which are used to store user-specific files and configuration
settings.
5. /dev: Contains device files, which are used to represent hardware devices in the system.
6. /proc: Contains virtual files that provide information about system resources, such as memory usage and
CPU usage.
Single-rooted hierarchy
● A single-rooted hierarchy is a type of file system hierarchy in which all
directories and files are arranged in a tree-like structure with a single
root directory.
● This means that all files and directories can be accessed relative to the
root directory
● Unix/Linux file systems are a good example of a single-rooted
hierarchy.
Seamless file systems
● file systems that integrate multiple physical or virtual storage devices
into a single logical file system.
● This allows users to access data stored on different devices as if they
were stored in a single location, without needing to know the details of
the underlying storage architecture.
● Some examples of seamless file systems include Distributed File System
(DFS) and GlusterFS.
Extensible file system
● Network File System (NFS): A file system standard used for sharing files
● Common Internet File System (CIFS): A file system standard used for
environments.
Essential Shell Commands
❏ Here are some essential shell commands that are commonly used:
❏ ls: List files. Used to display the contents of a directory, including files
and subdirectories.
❏ rm: Remove. Used to delete a file or directory (with the "-r" option).
...Cont’d
❏ cp: Copy. Used to copy files or directories.
to a file.
…Cont’d
❏ pwd: Print working directory. Used to display the current working
directory.
❏ ps: Process status. Used to display information about running processes.
❏ top: Used to display real-time information about system processes.
❏ sudo: Superuser do. Used to execute commands with administrative
privileges.
❏ ssh: Secure shell, used to connect to remote system over a secure
network connection
❏ tar: Tape archive. Used to create and extract compressed archive files.
Advanced Shell Features
Shell scripting is a powerful tool for automating tasks on Linux and other Unix-
like systems.
Here are some advanced shell features that can help users create more
powerful and efficient shell scripts:
★ Variables: Variables are used to store values that can be used later in a
script. Variables can be set using the "=" operator, such as "name=John".
To use the value of a variable, it can be referenced by using "$"
followed by the variable name, such as "$name".
…cont’d
● Input/output redirection: Input/output redirection allows users to redirect
the input or output of a command to a file or another command. The ">"
operator is used to redirect the output of a command to a file, while the
"<" operator is used to redirect the input of a command from a file. For
example: "ls > file.txt".
● These are just a few of the many advanced shell features that are
available on Linux and other Unix-like systems. By mastering these
features, users can create powerful and efficient shell scripts to automate
tasks and improve their workflow.
Chapter Two
Account and Security Administration
User and Group
In Linux and other Unix-like systems, users and groups are used to manage access
to system resources such as files and directories.
❏ Users: A user is a person who accesses the system and performs tasks.
➢ Each user is identified by a unique username and has their own home
directory, which is used to store their personal files and configurations.
❏ Groups: A group is a collection of users who share common permissions and
access to system resources.
➢ Each group is identified by a unique group name and has a group ID
(GID).
User Private Group Scheme
❏ The User Private Group (UPG) scheme is a security model used in Linux
and other Unix-like systems to provide each user with their own private
group.
❏ Under this scheme, when a new user is created, a new group is also
created with the same name as the user and the user is added to that
group.
❏ This ensures that each user has their own private group and that their
files and directories are not accessible by other users by default.
User and Group Administration
adduser: create new user account. eg. sudo adduser cs. After this command we
will fill like password, full name and so on..
Optional
userdel/deluser:
passwd: to change password. Sudo passwd cs Delete user account
Usermod:
Modify user account
eg . change username, adduser to
another group etc..
username
groupmod : used to modify group account eg. rename group sysadmin to cstutorial
➔ Password aging: Password aging is a security feature in Linux and other Unix-
● This can be configured using the "chage" command, which sets the
➔ Default user files: Default user files are files that are created
❏ In Linux and other Unix-like systems, managing file and folder permissions is an
important task that system administrators need to perform to ensure system
security and control access to system resources.
❏ Here is an overview of how to manage file and folder permissions:
1. File permissions: File permissions are used to control access to individual files.
■ The following are the three types of file permissions:
● Read permission: Allows the user to read the contents of the file.
● Write permission: Allows the user to modify the contents of the file.
● Execute permission: Allows the user to execute the file if it is a program or a
script.
….Cont’d
Default file
Directory file Regular file (none folder files like .txt, .ppt, .docx, .sh )
…Cont’d
2. Folder permissions: are used to control access to directories and the files they
contain.
3. Managing file and folder permissions: The following are some of the key commands
used to manage file and folder permissions:
Linux command
The first rwx is for owner of the folder, the second r-x is for group and the third r-x for guest
…Cont’d
❏ The chmod command is the most commonly used command for managing file and folder
permissions.
❏ It can be used to add or remove permissions, set permissions for the owner, group, or
other users, and set permissions using numeric or symbolic modes.
❏ Numeric mode: from 0 to 7
❏ Symbolic mode: r w x
Managing File Ownership
❖ system administrators need to perform to ensure system security and control
access to system resources.
❖ Here is an overview of how to manage file ownership:
➢ File ownership: File ownership refers to the user and group that are associated with a file.
➢ Managing file ownership: The following are some of the key commands used to manage file
ownership:
■ chown: Used to change the owner of a file or folder.
■ chgrp: Used to change the group of a file or folder.
The chown and chgrp commands are used to change the ownership of a file or folder. The syntax of the
commands is as follows: (next slide)
…cont’d
General Syntax:
To give full permission(read, write and execute) for user kemal to file a.txt
For further example, you can get the writing syntax of ACLs
Setfacl --help
Quiz(3%)
1. Write linux command to give read only permission for user john to file1.txt using ACLs
…Cont’d
To view ACLs
Managing Disk Quotas
❏ disk quotas are used to limit the amount of disk space that users and groups
can use on a file system.
❏ This is an important feature for system administrators who need to manage
disk space usage and prevent users from filling up the file system.
A. Enabling disk quotas: Disk quotas must be enabled on a file system before they can be used
This is typically done by editing the file system /etc/fstab file and adding the usrquota and/or
grpquota options to the mount options for the file system. For example:
This line enables user and group quotas on the /home file system
…Cont’d
B. Setting up quotas: Once disk quotas are enabled, quotas must be set up for individual users or
groups. This is done using the edquota command. The syntax of the command is as follows:
OR
…Cont’d
C. Monitoring quotas: Once quotas are set up, they can be monitored using the quota command.
The syntax of the command is as follows:
OR
This command displays the current disk usage and quota limits for the specified user or
group.
…Cont’d
D. Adjusting quotas: Quotas can be adjusted using the edquota command. The administrator can
edit the quota configuration file for a user or group to increase or decrease their quota limits.
Overall, managing disk quotas is an important task in Linux and other Unix-
like systems that system administrators need to perform to manage disk space
usage and prevent users from filling up the file system. By enabling, setting up,
monitoring, and adjusting quotas, system administrators can effectively
manage disk usage and ensure that disk space is available for critical system
processes and applications.
Chapter Three
● Partitioning: This involves dividing a hard drive or other storage device into multiple
partitions, each with its own file system.
● Formatting: Once a partition has been created, it needs to be formatted with a file system.
● Mounting: When a file system is mounted, it is made available for use by the operating
system and applications.
● Managing file permissions: File system administrators need to manage permissions for
files and directories, determining who has access to them and what actions they can
perform.
…Cont’d
• Monitoring disk usage: It's important to keep track of how much disk space is being
used and ensure that there is enough free space available for new files and
applications.
• Backing up and restoring data: Backing up important files and data is crucial for
preventing data loss in the event of a system failure or other disaster. File system
administrators need to develop and implement backup and recovery strategies to
ensure data can be restored if necessary.
Partitioning disk with fdisk and parted
● fdisk is a command-line utility for partitioning disks on Linux systems. Here's how you can use it to partition
a disk:
○ Step1 Open terminal
1. Open a terminal window and log in as the root user or use the sudo command to run parted with root privileges.
2. Type "parted /dev/sdX" to start parted, where "X" is the letter corresponding to the disk you want to partition. For
example, if you want to partition the first hard disk in the system, you would use "parted /dev/sda".\
3. Type mkpart <partition type> <file type> <starting sector> <ending sector>
2. Once you have created all of the partitions you need, use the "quit" command to exit parted.
…Cont’d
Newly created
partition
..Cont’d
To delete partition
Open Terminal
sudo fdisk /dev/sdx where x is partition name eg. /dev/sda
Enter d to delete partition
Enter partition number eg. if partition is at /dev/sda1 Enter 1
Enter w to write on the disk
quit
mkfs.ext4 /dev/sda1
…Cont’d
● Both fdisk and parted are powerful tools for partitioning disks, and can be used to
create complex partition layouts with multiple partitions of different types and sizes.
It's important to be careful when using these tools, as errors or mistakes can result in
data loss or other problems. Be sure to backup important data before making any
changes to disk partitions.
Creating a file system
● To create a new file system on a disk partition, you can use the mkfs
command followed by the type of file system you want to create (e.g., ext4,
xfs, btrfs, etc.) and the name of the partition you want to format.
This command will format the first partition on the first hard disk in the system with
the ext4 file system.
Mounting a file system
● To mount a file system, you first need to create a mount point (i.e., a directory
where the file system will be accessible). You can use the mkdir command to
create a new directory for this purpose.
Maintaining a file system
● To maintain a file system, there are several tools and commands available on
Linux systems.
• df: displays information about disk usage and available space on file systems
• du: displays information about disk usage of files and directories
• fsck: checks and repairs file system errors
• tune2fs: allows you to tune various parameters of an ext2, ext3, or ext4 file system
• xfs_repair: checks and repairs XFS file systems
…Cont’d
To make the swap partition persistent across reboots, add an entry for it in the /etc/fstab file.
Determining disk usage with du and df
● Disk quotas are a feature of the Linux file system that allows system
administrators to limit the amount of disk space a user or group can use.
● To configure disk quota,
Step 1: Enable Quota Support
In the fstab file, the number 2 specifies the order in which file systems are
checked for errors at boot time.
Logical volume management and RAID
Network Access
TCP/IP Protocol Suites
…Cont’d
TCP is a connection-oriented protocol that provides reliable
data transmission.
correct order.
IP packets contain:-
Source address
Destination address
Protocol),
File Sharing
Video Streaming
● Unreliable
○ Packets might be lost, corrupted, duplicated, delivered out of order
IP addresses
● 4 bytes
○ e.g. 10.141.5.19
● But…
Routing
● How does a device know where to send a packet?
○ All devices need to know what IP addresses are on directly attached networks
● Organizations that got in early have bigger allocations than they really
need
IP packets
● Source and destination addresses
● Protocol number
○ 1 = ICMP, 6 = TCP, 17 = UDP
● Various options
○ e.g. to control fragmentation
● ARP cache
maintains the recent mappings from IP addresses to MAC addresses
Protocol
2. Configure network interfaces: Edit the interface configuration files located in the
/etc/network/interfaces
auto eth0
iface eth0 inet dhcp //to set dhcp address
…cont’d
1. Identify network interfaces: Check the available network interfaces on the Linux box
using the “ ip link show “ Command.
2. Configure network interfaces: Edit the interface configuration files located in the
/etc/network/interfaces
auto eth0
iface eth0 inet static //to set static address
address 192.168.0.2
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1
…cont’d
3. Configure DNS: Edit the “/etc/resolv.conf” file to add the DNS server IP addresses.
For example, to add the Google DNS servers, add the following lines:
nameserver 8.8.8.8
nameserver 8.8.4.4
5.Test network connectivity: Test network connectivity by pinging other devices on the
network or the internet. For example, to ping Google's DNS server, use the following
command:
ping 8.8.8.8
Configuring a Linux Box as a Router
● What is router?
A router is a device that connects two or more packet-switched networks
or subnetworks.
net.ipv4.ip_forward=1
then run
auto eth1
iface eth1 inet static
address 192.168.2.1
netmask 255.255.255.0
…Cont’d
3. Configure NAT: Network Address Translation (NAT) allows the Linux box to translate
private IP addresses used on the local network to a public IP address used on the
internet. To configure NAT, use the following commands:
This will configure NAT for outgoing traffic on the eth0 interface.
…Cont’d
4. Configure routing: Use the “ ip route ” command to configure routing. For example, to
add a route to the 192.168.2.0/24 network through the eth1 interface, use the following
command:
This command allow eth1 will provide address for hosts from
192.160.2.0 – 192.168.2.255
…Cont’d
4. Test network connectivity: Test network connectivity by pinging other devices on the
network or the internet
Web server is a computer where the web content is stored. Basically web server
is used to host the web sites but there exists other web servers also such as
gaming, storage, FTP, email etc.
Web site is collection of web pages while web server is a software that respond to
the request for web resources.
…Cont’d
Configure Apache server
1. Installing Apache
sudo apt install apache2
2. Configure Apache
By goto /etc/apach2 direrctory configure the following line:
apach2.conf
ports.conf
sites-available/default
http://192.168.1.100
When users type domain names such as ‘google.com’ or ‘facebook.com’ into web browsers,
DNS is responsible for finding the correct IP address for those sites.
Browsers then use those addresses to communicate with origin servers or CDN edge
Install BIND: Install the BIND DNS server using the package manager for the Linux
distribution being used.
sudo apt-get install bind9
Configure BIND: Edit the BIND configuration files located in the “/etc/bind”
directory to configure the server.
named.conf
named.conef.options
named.conf.local
Cont’d
Set up DNS zones: Set up DNS zones for the domain names being served by the
DNS server.
recursion yes;
listen-on {your server IP address;};
allow-transfer {none;} //to disable zone transfer by default
forwarders {
your nameserver or google nameserver (8.8.8.8/IP address);
};
Forward Zone Configuration
//Forward Zone;
zone “asu.edu.et” IN {
type master;
file “/etc/bind/db.asu.edu.et”;
};
Reverse Zone Configuration
//Reverse Zone;
zone “56.168.192.in-addr.arpa” IN {
type master;
file “/etc/bin/56.168.192”; //if your IP address is 192.168.56.x
};
Cont’d
A mail server transfers and delivers email messages between two or more mail
clients.
Components of Mail Server
Mail Transfer Agent (MTA)
A mail Transfer Agent (MTA) is a software application that is responsible for the
routing and delivery of email messages between mail servers.
…Cont’d
Examples of MTA
Sendmail
Postfix
Fetchmail
Qmail
exim
Configuring a Mail Transfer Agent (MTA) postfix
Web server: A web server stores and delivers web pages, images, and other
Apache
Nginx
Mail server: A mail server is responsible for sending and receiving email
messages.
Popular Mail Servers
Postfix
Exim
Microsoft Exchange
…Cont’d
File server: A file server stores and manages files, allowing users to access them
from various devices.
Popular File Servers
Window file server
Samba (for Linux)
Database server: manages databases and allows multiple users to access and
modify data at the same time.
Popular Database Servers
MySQL
Oracle
Microsoft SQL server
…Cont’d
BIND
Microsoft DNS
It manages resources such as memory and CPU usage and provides services such as:
Security and
transaction management
Apache Tomcat
JBoss.
Installation of Application Server and Management
general steps
DHCP, DNS, and Telnet are all network services that are commonly
used in modern networks.
Here is a comparison of these services with other network operating
system (NOS) setups of the corresponding services:
Next Slide
DHCP
There are a number of tools that can be used to remotely connect to hosts.
The secure shell or ssh is a collection of tools using a secure protocol for
Communication is encrypted.
To install ssh
sudo apt-get install openssh-server openssh-client
…cont’d
the user on cs has to accept the server’s RSA key (public key)
SCP copies files from remote host to local host or vice versa.
Copy file (in this case /home/cs) from remote computer to local
computer(to the directory /home/dnsuser/Desktop)
ssh-keygen -t rsa
• Default key length is 2048 bits. To be more secured, increase the bit length
• ssh-keygen –t rsa -b 4096 increases the length to 4096 bits
• When asked to choose filename, press Enter key to select the default file
Setting up Passwordless SSH
cd /home/cs
…Cont’d
Windows-based systems.
It provides file and print services that enable Linux and Unix-based
Linux
Windows
Shared folder
…Cont’d
To install Samba Server
OR
Step 2. set file and folder permissions for newly created folder
[Anonymous]
comment = Anonymous file sharing
path = / anonymous_shares
browsable = yes
writeable = yes
guest ok = yes
read only = no;
force user = nobody;
Secure file Sharing
[Secure-Shares]
comment = Secure file sharing
path = / Secure_shares
browsable = yes
writeable = yes
guest ok = no
read only = no;
Chapter SIX
Managing Network Services
What does mean network service?
o Network services refer to the various services and protocols that are used to
enable
communication and data transfer between devices on a network.
o Examples of network services include
email,
file sharing,
remote access,
domain name resolution, and
network printing.
o These services are typically provided by servers on the network and can be
accessed by clients using appropriate software or protocols.
key aspects of managing network services
Service Configuration
Network services such as
DHCP,
DNS,
FTP,
email servers, and others need to be properly configured with the appropriate settings
and parameters.
This includes monitoring network traffic patterns, analyzing resource utilization, and planning for
hardware and software upgrades when necessary.
Documentation and Documentation Management
Proper documentation of network services, including configurations,
procedures, and troubleshooting guidelines, is essential for effective
management.
Maintenance Troubleshooting:
Common System and Network Problems
boot problems by starting the system with minimal drivers and services.
Backup and Restore Data and System Volume:
Data Backup
Regularly back up important data to external storage devices, cloud storage, or
network drives.
Create a system image backup that captures the entire system volume, including the
This allows for a complete restoration of the system in case of data loss or system
failure.
…Cont’d
File-Level Restore
For data recovery at the file level, use backup software or manual methods to
If your operating system supports it, use the System Restore feature to restore the
This can help resolve issues caused by recent system changes or updates.
…Cont’d
In severe cases where the system volume is heavily damaged or corrupted, you may
Use installation media or recovery partitions to initiate the recovery process, following
Verify IP Configuration
Check the IP configuration settings of your network adapter to
ensure they are correct.
Use the command prompt and type "ipconfig" to view the IP
address, subnet mask, gateway, and DNS settings.
…Cont’d
tracert www.asu.edu.et
Chapter Seven
Systems Security
Overview of Systems Security
disclosure
disruption,
modification, or destruction
Critical Components of systems security
Access Control
Network Security
Data Protection
Incident Response
Login security refers to the measures and practices implemented to ensure the
integrity and confidentiality of user login credentials and the authentication process.
It aims to protect user accounts from unauthorized access and mitigate the risks
Secure Login Forms: Use secure protocols like HTTPS to encrypt login credentials during transit
Password Storage and Hashing: Avoid storing passwords in plaintext or using weak encryption
methods.
User Account Management: regular review and removal of inactive or unused accounts
Boot Loader security (LILO and GRUB)
Boot Loader Security refers to the measures taken to protect the boot
loader, which is the software responsible for loading the operating system
Boot loaders like LILO and GRUB have configuration files (e.g., /etc/lilo.conf for LILO and
Ensure that these files are not accessible by unauthorized users, as they can modify boot
Password Protection
Both LILO and GRUB support password protection to prevent unauthorized modifications
By setting a password, you can restrict access to the boot loader configuration and
Secure Boot
GRUB supports Secure Boot, which is a feature that verifies the digital signatures of boot
unauthorized modifications.
Secure Boot uses cryptographic keys to verify the authenticity of boot components
ensure you can restore them in case of accidental modifications, system failures, or
security breaches.
This allows you to recover the boot loader configuration and maintain the integrity of the
boot process.
…cont’d
System Updates
Keep your boot loader software up to date with the latest security patches and updates.
This helps to address any vulnerabilities or weaknesses that may be discovered in the
Regularly check for updates from the official sources and follow best practices for
applying updates.
…cont’d
Physical Security
Protect the physical hardware that runs the boot loader and the system itself.
Unauthorized physical access could allow an attacker to modify the boot loader or boot
This includes monitoring changes to boot loader configuration files, tracking boot-related
o IP addresses,
o client requests.
/etc/hosts.deny
…Cont’d
networks.
/etc/hosts.deny file contains the list of hosts or networks that are not
Where,
daemon_list - The name of a network service such as SSH, FTP, http etc.
clients_list - The comma separated list of valid hostnames, IP addresses or
network addresses.
options - An optional action that specifies something to be done whenever a rule
is matched.
…Cont’d
Rules to Remember
The access rules in the /etc/hosts.allow file are applied first. They takes
ALL: ALL
Allow and Deny hosts
Network ports
IP addresses.
• Ensure that your Linux kernel has built-in support for iptables.
Introduction to Linux
common scenarios in which iptables to Configure Firewall
criteria.
These techniques are commonly employed in network setups where multiple devices
specific device or service within a private network by redirecting traffic from a specific
It is typically used to enable external access to services running on devices within the
private network.
Introduction to Linux
how port forwarding works?
1. A request comes in from an external network to the public IP address and a specific
port
2. The router or firewall receives the request and checks its port forwarding
configuration.
3. Based on the configured rules, the router/firewall forwards the incoming traffic to the
designated internal IP address and port.
Introduction to Linux
Example
Introduction to Linux
NAT/IP Masquerading:
Network Address Translation (NAT) is a technique that allows multiple devices
within a private network to share a single public IP address when connecting to
external networks.
IP masquerading is a specific form of NAT that dynamically translates the
private IP addresses of devices to the public IP address when they access the
internet.
Introduction to Linux
how NAT/IP Masquerading works?
1. Devices within the private network send outgoing requests to access resources on the
internet.
2. The router or firewall performing NAT replaces the source IP addresses of the outgoing
packets with its own public IP address.
3. Responses from external servers are sent back to the router/firewall's public IP address.
4. The router/firewall performs reverse translation, replacing its public IP address with the
original private IP address, and forwards the response packet to the appropriate internal
device.
Introduction to Linux
Packet-Processing Model
The model outlines the stages involved in handling a packet from the moment it
While the exact implementation may vary across different network devices
Introduction to Linux
General packet-processing model
1. Packet Reception: The network device receives the incoming packet on one of its
interfaces
2. Packet Decapsulation: If the received packet is encapsulated within a data link layer
protocol, such as Ethernet, the device decapsulates the packet to extract the network
3. Packet Classification: The device examines the packet's headers to determine its
4. Security Checks: The packet is evaluated for any security-related policies, such as
5. Quality of Service (QoS) Handling: If the device supports QoS, it may apply QoS
7. Routing: The device looks up the packet's destination IP address in its routing table
8. Forwarding Decision: Based on the routing lookup, the device makes a forwarding
decision, determining the outgoing interface or the appropriate forwarding path for
the packet.
9. Packet Forwarding: The device forwards the packet out through the determined
10. Packet Egress: The packet is transmitted out of the device's interface onto the
network medium for delivery to the next hop or the final destination.
Introduction to Linux
…Cont’d
Introduction to Linux
Intrusion Detection
Intrusion Detection is a security mechanism designed to detect
and respond to unauthorized or malicious activities on a
computer system or network.
It involves monitoring network traffic, system logs, and other
data sources to identify potential security breaches or
abnormal behavior.
Introduction to Linux
Different Types Intrusion
Unauthorized Access
o This occurs when an attacker gains unauthorized access to a system or network without proper
authentication or permissions.
Malware Attacks
and adware.
Insider Threats
o NIDS monitors network traffic, analyzes network packets, and looks for patterns or
performance,
behavior, and
usage patterns.
…Cont’d
System observation can be performed using a variety of techniques and
tools, including:
Monitoring Tools
System Logs
Network Monitoring
Performance Testing
…Cont’d
System observation serves several purposes, including
Identifying performance issues and bottlenecks to optimize system
performance.
Detecting and mitigating security incidents or abnormal system behavior.
behavior.
Understanding user behavior and usage patterns to improve user experience.
Evaluation methods and problems
Evaluation methods are used to assess the performance, effectiveness, and
They provide valuable insights and feedback that can guide decision-making,
Case Studies
Usability Testing
Programming algorithms
Digital circuits
…Cont’d
Stochastic Behavior
refers to a system or process that exhibits randomness or uncertainty
in its outcomes.
Unlike deterministic behavior, the same inputs or conditions may result
in different outputs.
Stochastic systems involve probabilistic elements and are influenced
by random factors, making it impossible to precisely predict the exact
outcome.
…Cont’d
Examples of Stochastic behavior:
Random number generation
Weather forecasting
In many real-world systems, both deterministic and stochastic elements may be present.
Understanding and analyzing the interplay between deterministic and stochastic behavior is essential
in many fields, including physics, engineering, computer science, and finance, to make accurate