quartz/content/notes/06-network-system-administration.md

---
title: "06-network-system-administration"
tags: 
- lecture
- cosc301
---


security awareness
- physical and network attacks
- [[security]]

Computer/Internet hazards 
- SPAM/UCE (Unsolicited Commercial Email) 
- Phishing 
- Disk crashes/data loss 
- Loss of services due to outage 
- TCP/IP spoofing and sniffing (privacy) 
- Pornography 
- Ignorant users 
- Grumpy (former) employees 
- Administrators of the untrained kind

broken symlink
- broken symlilnk/softlink can be a risk
- If it is pointing to a location that is accessible by an attacker, it ends up retrieving a file belong to the attacker. 
- If it is a web server, you end up retrieve and present the attacker’s information. 
- Solution: NO_FOLLOW flag to stop following the symlink.

Roles in network community
- Important roles include users, hosts, network components e.g. routers and operating systems. 
	- Users - should be trained to be aware of the community. Human beings are usually the weakest link. 
	- Host machines - should be allocated different tasks on different server machines 
	- Routers/gateways 
	- affect network security and performance 
	- OS - have different pros and cons 
	- UNIX/Linux, Windows, MAC OS, Netware


Host Management 
- Shutting down a host 
	- Turn off the power? 
	- Should use command shutdown 
	- shutdown -h time halt the system. time can be now. 
	- shutdown -r time reboot the system 
- Log files and audits: health barometer of a host 
	- syslogd: a daemon for logging messages. Its configuration file is /etc/syslog.conf 
	- dmesg: check kernel messages 
	- lastlog: check the last login time of every user 
	- syslog under /var/log: the log file of the system 
	- They should be rotated regularly

User Management 
- User account 
	- Includes all the files, resources, and info belonging to one user. For commercial systems, it may include billing info. 
- Create a new account 
	- adduser 
	- Account info: username, password, user id, group id, full name of user, home directory, login shell 
	- In the /etc/passwd file, 
		- Amber:x:1000:100:Amber Dawn:/home/amber:/bin/bash 
	- Check after adding
- Involved files 
	- /etc/passwd, /etc/group, /etc/shadow 
	- In /etc/shadow, 
	- Chloe:$2a$05$wa7xVOqOH4lVOrh.qa9ivSX0G0QUCFqbk11YV6:14743:0:99999:7::: 
	- Username:encrypted password:last password change:minimum:expiration:warning:disabled:diabled date:reserved 
- User login environment 
	- .bash_profile, .bashrc, /etc/profile 
	- Place global files such as profile under /etc 
- Other scripts can be referred in it 
	- Use env/set to check/set your environment 
- Paths and prompts 
	- Keep a copy of your shell scripts (initial setups) in order to survive them from upgrade of OS/software 
- For more detailed info, man bash
- Password 
	- Very important for security 
	- Should not be names of persons, books, places, your computer, nor your phone number, birthday, car registration plate, login name, words in dictionaries, keyboard sequence 
	- Should be composed of letters (lower and upper cases), digits, and special characters like $,@ 
	- Refer to http://en.wikipedia.org/wiki/Password_strength 
	- passwd imposes similar rules to make passwords secure. 
	- Change frequently 
- User id and group id 
	- Users should be divided into groups for security reasons, e.g. students, staff, admin 
	- Special users/groups: nobody, mail, ftp 
- addgroup 
	- In /etc/group, 
	- video:x:33:hzy,paul,kai 
	- Group name:password:group id;list of members

- Remove a user: deluser – The relevant lines from /etc/passwd, /etc/group, and /etc/shadow will be removed. – It is a good idea to first disable the account before you start removing stuff 
- Disable a user temporarily – A better way when you are not sure if a user will come back – Way 1: Put an * in the password field of /etc/shadow – Way 2: use passwd -{l|u} username – Way 3: Change the login shell to a script file