+

RISK
MANAGEMENT AND FUTURE
EXPANSION OF LINUX SERVER
DFN50303 SESI II 2021/2022
+
3.0 Risk Management And Maintenance
Of Linux Server

OBJECTIVE

1.IdentifyRisk Management Procedure

2.Remote Login
3.Scheduling Task Management in Server
4.System Report in Server.

DFN50303 SESI II 2021/2022

+
Risk Management procedures

 Reliable, secure data can be lost in a variety of ways, from a

missing laptop to natural disasters that destroys data centres
and other electronic data storage facilities.
 More organizations are realizing the need to focus more on data
risk management that helps them consider a complete risks in
order to highlight areas where negative risks can be mitigated
and positive risks can be leveraged.
 Effective data risk management requires processes and
procedures to coordinate the effort across the entire
organization.

DFN50303 SESI II 2021/2022

+
Risk Management procedures

 One of the data risk management is backups.

 Procedures that need to be considered:
 Data need to be backups
 Hardware used for the backup process Need to be considered
 Backup frequency
 Various types of backups

DFN50303 SESI II 2021/2022

+
What is backup - Definition?

 Backup is the activity of copying files or databases so that they

will be preserved (well-kept) in case of equipment failure or other
catastrophe.
 It is usually a routine part of the operation of large businesses
with mainframes as well as the administrators of smaller business
computers.
 It is a set of procedures that you prepare and implement to protect
your important digital content from hard drive failures, virus
attacks and other events or disasters.
DFN50303 SESI II 2021/2022
+
What is backup?

 The retrieval of files you backed up is called restoring them.

 Personal computer users can consider both local backup and Internet
backup (cloud backup).
 Why back up your data?
 Your hard drive could fail
 Your files could become corrupted
 Your laptop/mobile devices may be lost or stolen
 Your data could be deleted by mistake
 A virus or other malicious program could harm your data
DFN50303 SESI II 2021/2022
+
Features of a Good Backup Strategy
The following are features to consider for when designing your
backup strategy:

 Able to recover from data loss in all situation like hard drive
failure, virus attacks, theft, accidental deletes or data entry errors,
sabotage, fire, flood, earth quakes and other natural disasters.
 Able to recover to an earlier state if necessary like due to data
entry errors or accidental deletes.
 Able to recover as quickly as possible with minimum effort, cost
and data loss.
 Require minimum ongoing human interaction and maintenance
after the initial setup. Hence able to run automated or semi-
automated.

DFN50303 SESI II 2021/2022

+
Planning Your Backup Strategy
 What To Backup
 Where To Backup
 When To Backup
 Backup Types
 Compression & Encryption
 Testing Your Backup –to make sure the backup work
properly.

DFN50303 SESI II 2021/2022

+
What to backup – DATA NEED TO BE
BACKUPS?
 Back up files that are frequently changed, especially if they are
important to you (e.g., term papers, resumes),documents folders
where you store the files you create, Web browser bookmarks,
contacts databases, and files stored on desktop.
 Installed program - not practical to back up the program, but make
sure to keep the installation disks or files so we can reinstall those
programs if necessary.

DFN50303 SESI II 2021/2022

+
Where to backup – HARDWARE USED
FOR BACKUP PROCESS?
 Box Cloud Storage –
 Quickly to upload.
 Can be accessed from anywhere on any device.
 Data encryption during transit to and from the Box cloud, as well as
while stored within Box
 USB Flash Drives –
 Small, portable, and reusable.
 Less storage space than other backup options.
 Easy to lose or misplace.
DFN50303 SESI II 2021/2022
+
Where to backup – HARDWARE USED
FOR BACKUP PROCESS?
 CDs and DVDS –
 physical media to back up data.
 A CD can hold approximately 750 MB of data, while DVDs can hold
either 4.5 GB (single-layer DVD) or 8.7 GB (double-layer DVD).
 Multiple DVDs to back up all the data on your computer, but it is a time-
consuming process

DFN50303 SESI II 2021/2022

+
Where to backup – HARDWARE USED
FOR BACKUP PROCESS?
 External Drives –
 Embedded software to help you manage and schedule regular backups.
 External drives can be stored at an offsite location to protect them from
physical damage that might be caused by a fire or other disaster.
 The most expensive option for backing up your data.

DFN50303 SESI II 2021/2022

+
When to backup – BACKUP
FREQUENCY?
 Consider backing up your data as soon as you have created enough
new files or made enough changes to existing files that it would be
difficult to recreate them if they were lost.

DFN50303 SESI II 2021/2022

+
Various Types of Backup.
There are various types of backup that commonly used in risk management.
Full backup
Differential backup
Incremental backup
Imaging backup

Definition, advantages, disadvantages, time consumption –to backup and to restore, storage requirement, comparison to
other backup.

DFN50303 SESI II 2021/2022

+
Full Backup

 A full backup is a backup of every file on a file system,

whether that file has changed or not.
 This backup contains an entire copy of the data.
 When subsequent backups are run, the entire list of files and
will be backed up again.
 If the backup media were to be illegally accessed or stolen,
the hacker or thief would then have access to an entire copy
of your data. disadvantage

DFN50303 SESI II 2021/2022

+
Full Backup

 Full backups are often restricted/limited to a weekly or

monthly schedule, and performed before any major planned
changes to a system.
 It takes longer time to accomplish and requires the most
storage space on the backup media.
 Because it stores all files and folders, frequent full backups
result in faster and simpler restore operations.(minimum time
of restoration process)

DFN50303 SESI II 2021/2022

+
Full Backup
 Advantages (+)

 Restores are the fastest and easy to manage as the entire list of files and
folders are in one backup set.

 Easy to maintain and restore different versions.

 Disadvantages (-)

 Backing up is the slowest among other backup types - each file is

backed up again every time the full backup is run.

 The storage space requirements are the highest (compared to

incremental backup or differential backup). Considering how cheap
storage devices are now, this is a low impact disadvantage.

DFN50303 SESI II 2021/2022

+
Differential Backup

 Differential backup contains all files that have changed since

the last FULL backup.
 With differential backups, one full backup is done first and
subsequent backup runs are the changes made since the last
full backup.
 The result is a much faster backup than a full backup for
each backup run.

DFN50303 SESI II 2021/2022

+
Differential Backup

 If you perform the differential backup too many times, the

size of the differential backup might grow to be larger than
the baseline full backup.
 Restoring a differential backup is a faster process than
restoring an incremental backup because only two backup
container files are needed: the latest full backup and the
latest differential.

DFN50303 SESI II 2021/2022

+
Differential Backup
 In the image below you can see an example on how a
differential backup would look like for a backup job that
runs four times:
Start backup process

Changes in files

Full backup

DFN50303 SESI II 2021/2022

+
Differential Backup
 Advantages (+)
 Restore process is faster than incremental backup.
 Backup process is faster than a full backup.
 The storage space requirements are lower than for full backup -
More efficient use of storage space then full backups since only
files changed since the last full backup will be copied on each
differential backup run.

DFN50303 SESI II 2021/2022

+
Differential Backup
 Disadvantages (-)
 Restore process is slower than from full backup – reason it has 2
set of backup file, the latest full backup and the latest differential.
 Backup process is slower than incremental backup.
 The storage space requirements are higher than for incremental
backup - All files added or edited after the initial full backup will
be duplicated again with each subsequent differential backup.
 Restores are more complicated than full backups BUT simpler
than incremental backups.

DFN50303 SESI II 2021/2022

+
Incremental Backup

 Incremental backup stores all files changed since the

last backup (any type of backup)
 With incremental backups, one full backup is done first and
subsequent backup runs are just the changes made since the
last backup.
 The result is a much faster backup than a full backup for
each backup run.

DFN50303 SESI II 2021/2022

+
Incremental Backup

 This is the fastest backup and requires the least (minimum)

storage space requirement on the backup media.
 Incremental backups should be used only in environments
where backup time or backup storage media are extremely
constrained.

DFN50303 SESI II 2021/2022

+
Incremental Backup

Incremental Backup

Diff B/up

Sat Full back up

DFN50303 SESI II 2021/2022

+
Incremental Backup
 Advantages

 It is the fastest backup type since it only backs-up increments

 Saves storage space compared to other types

 Each backup increment can store a different version for a file/folder

 Disadvantages

 Full restore is the slowest compared to other backup types (you need the
first full backup and all increments since then)

 To restore the latest version of an individual file the increment that

contains it must be found first

DFN50303 SESI II 2021/2022

+
Imaging / mirroring Backup
 Is a backup of an entire hard drive by means of creating its
image (also called mirror, or snapshot).
 It allows, in case of a disaster, to restore a disk image and get a
working system in the same state as it had on the moment of
making the initial image backup.
 Mirror backup is identical to a full backup, with the exception
that the files are not compressed in zip files and they can not be
protected with a password
 Image-based approach to backup is more complicated than
regular file-based backup, as it involves low-level hard drive
copying which accesses data without using the file system.

DFN50303 SESI II 2021/2022

+
Imaging / mirroring Backup
 Advantages

 The backup is clean and does not contain old and obsolete files

 Allows for rapid full system restores including the operating system on
the same or very similar hardware.

 Disadvantages

 There is a chance that files in the source deleted accidentally, by

sabotage or through a virus may also be deleted from the backup mirror.

 Password protection is not possible

 Cannot track different versions of files

DFN50303 SESI II 2021/2022

+

DFN50303 SESI II 2021/2022

+

DFN50303 SESI II 2021/2022

+

DFN50303 SESI II 2021/2022

+Backup Files using TAR – tape archive

 The tar command stands for tape achieve, which is the most
commonly used tape drive backup command used by the
Linux/Unix system
 Used to create a collection of files and directories into a highly
compressed archive.
 An archive is putting many files together into a single file on a
single tape or disk.
 The tar command on Linux is often used to create .tar.gz
or .tgz archive files, also called “tarballs.”

DFN50303 SESI II 2021/2022

+Backup Files using TAR – tape archive

 It can create a .tar archive and then compress it with gzip or

bzip2 compression in a single command. That’s why the
resulting file is a .tar.gz file or .tar.bz2 file.
 Bzip2 compress more than gzip, hence is slower than gzip

DFN50303 SESI II 2021/2022

+Backup Files using TAR – tape archive

 Options in tar
 -c: create an archive.
 -z: Compress the archive with gzip.
 -v: Display progress in the terminal while creating the
archive, also known as “verbose” mode.
 -f: Allows you to specify the filename and location of the
archive.
 -- directory : tells tar to switch to the root of the file
system before starting the backup.

DFN50303 SESI II 2021/2022

+Backup Files using TAR – tape archive

 Example using tar command

DFN50303 SESI II 2021/2022

+Restore Backup Files using DUMP

 It is Unix program used to back up file systems. Dump is not

only an archiver (like tar), but also is a backup utility.
 It is a simplistic and primitive tool, with feature for incremental
archiving. It identifies newly created or modified files after the
previous backup and efficiently stores them to an archive very
fast.
 It operates on blocks, below filesystem abstractions such as
files and directories.
 It often used across a network by piping its output through
bzip2 then SSH.

DFN50303 SESI II 2021/2022

+TAR vs DUMP

 There are many tools to manage backup archives such

as cpio, tar and afio. These utilities handle files as the target to
be archived and they are capable of excluding specific files
and/or directories from the target.
 They can even create a single archive that contains files from
multiple filesystems.
 In contrast, dump handles a physical filesystem as an archiving
target and the restore command usually uses the archive to
restore the filesystem as it was dump'ed.

DFN50303 SESI II 2021/2022

+TAR vs DUMP

 Each file is managed by the i-node number and, basically,

dump cannot exclude specific files from the archive
 In summary,
 Cpio, tar or afio is suitable for archiving specific files or
directories.
 Dump is suitable for archiving whole filesystems .

DFN50303 SESI II 2021/2022

+ Type of Backup Software

A. AMANDA
B. Bacula
C. Dirvish
D. Mondo
E. BackupPC

DFN50303 SESI II 2021/2022

+Remote login

 Remote access is the ability for user to get access to a

computer or a network from a remote distance.
 It need a network server to control permission levels and
effectively allow remote access in
 Examples are:
 Users from home can get access to the Internet through
remote access to an Internet service provider
 Allowing staff to work at home with ability to manage
office pc.

DFN50303 SESI II 2021/2022

+Remote login

 Advantages of remote login :

 makes it easier for user to work effectively when away
from office
 need to access an important file on user’s work
computer while at airport.

DFN50303 SESI II 2021/2022

+Remote login

 Traditional tools are insecure and transmit the user's

password in clear text when used.
1. telnet
2. Rcp

 Nowdays, there are more secure remote service available:

 OpenSSH Server
 Puppet
 Zentyal

DFN50303 SESI II 2021/2022

+openSSH

 Freely available version of the Secure Shell (SSH)

 Remotely
 Controlling
 transferring files between computers.
 Consist of a server daemon and client tools to facilitate
secure, encrypted remote control and file transfer
operations.

DFN50303 SESI II 2021/2022

+Scheduling Task Management in Server

 Tasks can be scheduled to run at a particular time on a

particular date, or at a specified interval.
 Task scheduler function is to place the task on the task
server's queue at the specified time, but the actual
execution of the task might not start at this time.

DFN50303 SESI II 2021/2022

+Scheduling Task Management in Server

Job Scheduling
Job scheduling is a feature that allows a user to submit a
command or program for execution at a specified time in
the future.
On a Linux server, it is important that certain tasks run at
certain times
The execution of the command or program could be one
time or periodically based on a pre-determined time
schedule.

DFN50303 SESI II 2021/2022

+Scheduling Task Management in Server

 For example, scheduling system maintenance commands

to run during nonworking hours is a good practice, as it
does not disrupt normal business activities.
 One of the Linux daemons of job scheduling is crond.
 The cron system runs jobs repetitively at pre-specified
times that can be monthly, weekly, daily, hourly, or even
per minute

DFN50303 SESI II 2021/2022

+Scheduling Task Management in Server

 We typically schedule intensive jobs at times when the

system is expected to be underused such as overnight.
 A daemon called crond runs in the background and check
its configuration every minute to examine configuration
files in order to execute commands or shell scripts
specified if the time matches the time indicated.
 A series of configuration files under /etc can also contain
jobs and control which users are allowed to add jobs using
crontab.

DFN50303 SESI II 2021/2022

+Cron job in scheduling task

 The crontab (cron derives from chronos, Greek for time;

tab stands for table) command, found in Unix and Unix-
like operating systems, is used to schedule commands to
be executed periodically
 Cron job is design to execute command from script on
time.

DFN50303 SESI II 2021/2022

+Cron job in scheduling task

* * * * * directory/script.sh
stars represent different date parts in the following order:
 minute of hour (from 0 to 59)
 hour of day 24hr format (from 0 to 23)
 day of month (from 1 to 31)
 Month of year (from 1 to 12)
 day of week (from 0 to 6) (Sunday = 0 or 7)
 Command or script to execute

DFN50303 SESI II 2021/2022

+Cron job in scheduling task

 Example

0 1 * * 1-5 /bin/tempt/script.sh
 Script.sh in ‘/bin/temp/’ is executed when the system clock hits:
 minute: 0
 of hour: 1
 of day of month: * (every day of month)
 of month: * (every month)
 and weekday: 1-5 (=Monday until Friday)
 Schedule the script to Monday till Friday at 1 AM

DFN50303 SESI II 2021/2022

+System Report in Server

 Most Linux distributions are equipped with tons of monitoring. These tools provide
metrics which can be used to get information about system activities.

 You can use these tools to find the possible causes of a performance problem. The
commands discussed below are some of the most basic commands when it comes to
system analysis and debugging server issues such as:
 Finding out bottlenecks.
 Disk (storage) bottlenecks.
 CPU and memory bottlenecks.
 Network bottlenecks.
 Server Monitoring tools
 ps – display current running processes
 Lsof –find list of open file
 Ntop – display network – web based tools
 Parted – utility report

DFN50303 SESI II 2021/2022

+Various server monitoring tools

1. ps – display current running processes

 ps command will report a snapshot of the current processes.

 To select all processes use the -A or -e option: #ps -A
 Sample output:

DFN50303 SESI II 2021/2022

+Various server monitoring tools

1. ps – display current running processes

 The ps command has several options that you can use to display
additional process information.
• -a: Prints information about all processes most frequently requested,
except process group leaders and processes not associated with a
terminal
• -e: Prints information about every process currently running
• -f: Generates a full listing
• -l: Generates a long listing
• -o format: Writes information according to the format specification
given in a format. Multiple -o options can be specified. The format
specification is interpreted as the space-character-separated
concatenation of all the format option arguments.

DFN50303 SESI II 2021/2022

+Various server monitoring tools

2. lsof - list open files

 Lsof command used in many Linux/Unix like system that is

used to display list of all the open files and the processes.
 The open files included are disk files, network sockets,
pipes, devices and processes.
 One of the main reason for using this command is when a
disk cannot be unmounted and displays the error that files
are being used or opened.
 With this command you can easily identify which files are in
use.

DFN50303 SESI II 2021/2022

+Various server monitoring tools

2. lsof - list open files

 The most common format for this command is:

DFN50303 SESI II 2021/2022

+Various server monitoring tools

3. ntop – display network usage

 web based tool - ntop is the best tool to see network usage
in a way similar to what top command does for processes
i.e. it is network traffic monitoring software.
 You can see network status, protocol wise distribution of
traffic for UDP, TCP, DNS, HTTP and other protocols.

DFN50303 SESI II 2021/2022

+

DFN50303 SESI II 2021/2022

+Various server monitoring tools

4. Utility report using parted

 Parted is a famous command line tool that allows you to

easily manage hard disk partitions.
 It can help you add, delete, shrink and extend disk partitions
along with the file systems located on them.
 Parted command writes the changes immediately to your
disk, so be careful if you try to modify your disk partitions.
 If you plan on testing parted, the better option would be to
simply use a virtual machine or old computer/laptop
without any valuable information on it.

DFN50303 SESI II 2021/2022

+Various server monitoring tools

4. Utility report using parted

 Using parted with print to see the disk partitions, it will also
display the hard disk information and model

DFN50303 SESI II 2021/2022

+Speeding up the system
 Top
 produces an ordered list of running processes selected by user-specified criteria, and updates
it periodically

 Htop
 an interactive system-monitor process-viewer and process-manager. It is designed as an
alternative to the Unix program top. It shows a frequently updated list of the processes
running on a computer, normally ordered by the amount of CPU usage

 Nice and renice

 used to invoke a utility or shell script with a particular priority, thus giving the process more
or less CPU time than other processes. It becomes useful when several processes are
demanding more resources than the CPU can provide.

 Kill
 command used to send a signal to a process. By default, the message sent is the termination
signal, which requests that the process exit.

DFN50303 SESI II 2021/2022

+Speeding up the system

There are four ways which you can quickly and easily speed
up your system to get the best performance possible out of
it.
Change GRUB Timeout - GRUB (GRand Unified
Bootloader) is a boot loader package developed to support
multiple operating systems and allow the user to select
among them during boot-up.
Startup Applications - uncheck those applications that
don’t absolutely need to be run when you first log in.

DFN50303 SESI II 2021/2022

+Speeding up the system

 Disable Special Effects and Features - turn some of

desktop effects off.
 Use Lightweight Alternatives - switch to lighter
applications or even entire desktop environments
completely.

**note that disk cleanup and defragmentation won’t really help

on Linux systems. Disk cleanup can free up disk space, but it
won’t actually speed anything up. Also, defragmenting a Linux
disk is possible, but almost never necessary. At least, not like it
is on Windows systems.

DFN50303 SESI II 2021/2022

+Terminating process using kill

 A process (a task), is the running form of a program which are

stored on disk and processes run in memory.
 ps command can be used to lists the processes that are
associated with your shell.
 For each process, the ps command displays the PID, the
terminal identifier (TTY), the cumulative execution time
(TIME), and the command name (CMD).
 For example, use the ‘ps -ef‘ command to list all the processes
currently scheduled to run on the system.

DFN50303 SESI II 2021/2022

+Terminating process using kill

 When a process misbehaves, you might sometimes want to

terminate or kill it.
 The kill command is a command line utility to for terminating
processes.
 The kill command is used primarily to terminate or restart
processes.
 To kill, or terminate a process first find out the process
identifier number or PID of the process to be killed, then pass
the PID number to the kill command.

DFN50303 SESI II 2021/2022

+Terminating process using kill

 The kill command sends signal 15, the terminate signal, by

default.
 This signal causes the process to terminate in an orderly
manner. The kill command sends a termination signal to one or
more processes.
 The syntax: # kill [-signal] PIDs

 Some processes ignore the default signal 15 that the kill

command sends. If a process does not respond to signal 15, you
can force it to terminate by using signal 9 with the kill
command. # kill -9 PID
DFN50303 SESI II 2021/2022