GitHub/quartz
1
0
Fork 2
mirror of https://github.com/jackyzha0/quartz.git synced 2026-03-25 07:25:42 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity
62793c5633
quartz/content/notes/06-network-system-administration.md
Jet Hughes 1429230b91 vault backup: 2023-03-20 09:39:23
2023-03-20 09:39:23 +13:00

135 lines
4.8 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: "06-network-system-administration"
tags:
- lecture
- cosc301
---
> [!DANGER] need to study this and watch lecture
security awareness
- physical and network attacks
- [[security]]
Computer/Internet hazards
- SPAM/UCE (Unsolicited Commercial Email)
- Phishing
- Disk crashes/data loss
- Loss of services due to outage
- TCP/IP spoofing and sniffing (privacy)
- Pornography
- Ignorant users
- Grumpy (former) employees
- Administrators of the untrained kind
broken symlink
- broken symlilnk/softlink can be a risk
- If it is pointing to a location that is accessible by an attacker, it ends up retrieving a file belong to the attacker.
- If it is a web server, you end up retrieve and present the attackers information.
- Solution: NO_FOLLOW flag to stop following the symlink.
Roles in network community
- Important roles include users, hosts, network components e.g. routers and operating systems.
- Users - should be trained to be aware of the community. Human beings are usually the weakest link.
- Host machines - should be allocated different tasks on different server machines
- Routers/gateways
- affect network security and performance
- OS - have different pros and cons
- UNIX/Linux, Windows, MAC OS, Netware
Host Management
- Shutting down a host
- Turn off the power?
- Should use command shutdown
- shutdown -h time halt the system. time can be now.
- shutdown -r time reboot the system
- Log files and audits: health barometer of a host
- syslogd: a daemon for logging messages. Its configuration file is /etc/syslog.conf
- dmesg: check kernel messages
- lastlog: check the last login time of every user
- syslog under /var/log: the log file of the system
- They should be rotated regularly
User Management
- User account
- Includes all the files, resources, and info belonging to one user. For commercial systems, it may include billing info.
- Create a new account
- adduser
- Account info: username, password, user id, group id, full name of user, home directory, login shell
- In the /etc/passwd file,
- Amber:x:1000:100:Amber Dawn:/home/amber:/bin/bash
- Check after adding
- Involved files
- /etc/passwd, /etc/group, /etc/shadow
- In /etc/shadow,
- Chloe:$2a$05$wa7xVOqOH4lVOrh.qa9ivSX0G0QUCFqbk11YV6:14743:0:99999:7:::
- Username:encrypted password:last password change:minimum:expiration:warning:disabled:diabled date:reserved
- User login environment
- .bash_profile, .bashrc, /etc/profile
- Place global files such as profile under /etc
- Other scripts can be referred in it
- Use env/set to check/set your environment
- Paths and prompts
- Keep a copy of your shell scripts (initial setups) in order to survive them from upgrade of OS/software
- For more detailed info, man bash
- Password
- Very important for security
- Should not be names of persons, books, places, your computer, nor your phone number, birthday, car registration plate, login name, words in dictionaries, keyboard sequence
- Should be composed of letters (lower and upper cases), digits, and special characters like $,@
- Refer to http://en.wikipedia.org/wiki/Password_strength
- passwd imposes similar rules to make passwords secure.
- Change frequently
- User id and group id
- Users should be divided into groups for security reasons, e.g. students, staff, admin
- Special users/groups: nobody, mail, ftp
- addgroup
- In /etc/group,
- video:x:33:hzy,paul,kai
- Group name:password:group id;list of members
- Remove a user: deluser
- The relevant lines from /etc/passwd, /etc/group, and /etc/shadow will be removed.
- It is a good idea to first disable the account before you start removing stuff
- Disable a user temporarily
- A better way when you are not sure if a user will come back
- Way 1: Put an * in the password field of /etc/shadow
- Way 2: use passwd -{l|u} username
- Way 3: Change the login shell to a script file
User Account
- How to manage user accounts on different computers?
- Share home directory using NFS
- Share passwords using NIS (Network Information System) or LDAP (lightweight directory access protocol)
- Allocate an Email server
- Directory services like LDAP
- How to remember different passwords for different accounts on different computers?
-
- Control user resources
- Disk space
- Separate disk partition for problem users
- Use df command to monitor space
- Quotas and limits
- Better not to put them on users until necessary
- Check limits.conf under /etc/security
- Killing old processes: kill
- Dont do it unless you are absolutely sure
- Account policy
- Who shouldnt have a user code?
- How to deal with weak passwords?
User Support
- User support services
- cshelp
- User training and well-being
- How to treat the users?
- Your adversaries?
- Your friends?
- Your co-operators?
friendly attitude
Reference in New Issue View Git Blame Copy Permalink