www.catcemea.org.uk

technology innovation centreCATC Birmingham

IT Essentials IINetwork Operating Systems

Chapter 5Overview of Network Services

Network Services

• Called– Services

• Windows 2000

– Daemons• Linux

– NetWare Loadable Modules (NLMs)

• Novell

• Less are set “on” by default as they are susceptible to attacks

Service TCP/IP protocol

World wide web server

HTTP

File transfer FTP, TFTP

Internet mailSMTP, POP3,

IMAP

Remote administration telnet

Directory services (Internet)

DNS,LDAP

Automatic network address configuration

DHCP

Network administration

SNMP

File sharing NFS

Remote Access Services

• Popular uses– Connecting branch offices to

one another – Access to the network after

business hours – Access for telecommuters– Access to the corporate

network for mobile users– Access to network resources

for clients and partners

Telnet Services

• Main Internet protocol for remote connection

• Provides error-free connection

• Beware of:– Hacking– Password guessing– ‘Denial of Service’ attack– Packet sniffing

• Secure SHell (SSH) is more secure

Configuring remote access for a client

• Point-to-Point Protocol (PPP)– PPP daemon (pppd) must be installed

• Can be configured in two ways– Text-based PPP configuration– GUI Dialer PPP Configuration

• Connecting using ISDN• Connecting via DSL and Cable modem Service

Controlling remote access rights

• Firewalls configured by– Manually– GUI tools– Website configuration

• TCP wrappers– two files that are used to configure the TCP Wrappers,

• /etc/hosts.allow• /etc/hosts.deny

• Passwords– Should be sent using SSH

• File Permissions– Can be used to specify general permissions

Remote administration to Linux

• Text-Mode Logins– Logging into a system via Telnet or SSH

– $ ssh hostname -l jsmith

• Remote Administration Protocols SNMP

• Samba Web Administration Tool (SWAT)– Web-based tool that is used to administer a

Samba server

• Webmin– Another Web-based remote administration tool.

Directory Services

• A database that organizes files in a hierarchical structure • A directory service identifies all resources on a network and

makes them accessible to users and applications • Provides system administrators with centralized control of

all users and resources across the entire network• Benefits

– Data can be easily organized– Data can be easily secured– Data can be easily located and accessed

Directory Services Standards

• Allows compatibility with other platforms and directory services

• X.500 – Electronic Directory Service (EDS) standards

• Structure defined as an upside down tree• Database is hierarchical• Three main components

– Directory System Agent (DSA)• Manages the data

– Directory User Agent (DUA)• Gives user access

– Directory Information Base (DIB)• Acts as the central database for storage

Directory Services Standards

• Directory Access Protocol (DAP) used by X.500 compliant directory service– Enables DUA to communicate with the DSA– Defines how users – search, read, add, delete and modify entries

• Lightweight Directory Access Protocol (LDAP)– Subset of DAP that simplifies access to X.500 directories– Uses less resources– Easier to maintain

Windows 2000’s Active Directory

• Information stored in:– Active Directory Database

• Actual directory

– Active Directory Log Files• Records changes

– Shared System Volume• Contains scripts and group policy objects

• Domain– Hierarchical domain tree– Represents a security and administrative boundary

• Organizational Units (OUs)– Organises resources within a domain– Authority can be delegated

Windows 2000’s Active Directory

• Domain Controller (DC)– Must be one server configured in each domain

• Replication– Synchronizing data between DCs

• Security– All objects have an ACL

• Permissions– Assigned– Inherited

• Must be a DNS server on every Windows 2000 network• Runs only on Windows 2000• Information can be exchanged with other LDAP directory

services

Novell’s Network Directory Service (NDS)

• NDS introduced in V4• Hierarchical• Inverted tree• Two basic objects

– Container– Leaf

• Permissions assigned to containers

• Can also run on– NetWare 4 and 5– Windows NT and 2000– IBM AIX and O/S390– Caldera OpenLinux– SCO UNIX– Sun Solaris

Network Information Service (NIS)

• Daemon must be loaded• Often works with NFS• Structure consists of:

– NIS Server• Changes made here• Copies database to slaves

– NIS Slaves• Provide information to clients• Provide load balancing

– NIS Clients

• If configured during install– Provide NIS domain name– Provide IP address

• If configured after install– Use linuxconf utility on client

Other NOS Services

• Intranets– Accessible only from inside of the company

• Extranets– Accessible from outside of the company

• Automating tasks with scripts services– Visual Basic script (VBScript), JavaScript, Linux shell

scripting, Pearl, PHP, TCL, REXX, and Python• Domain Name Service (DNS)

– Translate names into IP addresses• Dynamic Host Configuration Protocol (DHCP)

– Gives automatic network configuration • Domains

– Represents a security and administrative boundary

Other NOS Services

• Printing– Use print servers to manage printing– Use “first in, first out” (FIFO) priority

• File sharing– Windows File Sharing– Network File Sharing (NFS)

• Web services– Microsoft's Internet Information Services (IIS)– Apache Web Server– HyperText Transfer Protocol (HTTP)– HyperText Markup Language (HTML)– HyperText Transfer Protocol Secure (HTTPS)

Mail Servers

• Comprised of:– Mail transfer agent (MTA)

• Receive mail and forward– Mail user agent (MAU)

• Microsoft Outlook• Eudora• Pine

– Mail delivery agent (MDA)• Delivers mail to correct box

• Other features– Web interface programs

• Web based e-mail– LDAP

• Provides address book sharing

FTP (File Transfer Protocol)

• Allows users to download or upload files• Session orientated• Accessed through GUI programs or CLI

Action Command

Establish connection ftp <hostname or IP>

Change local directory lcd <local-directory>

Change remote directory cd <remote-directory>

Download get <remote-file>

Upload put <local-file>

Exit service bye

Virtual Private Networking

• Gives secure access to the company Intranet over the Internet

• Relies on:– Encryption software– Usernames– passwords

www.catcemea.org.uk

technology innovation centreCATC Birmingham

Questions?