Chapter - 4

Network Management

1
Sys&Net Admin
 What is network management?
qNetwork management refers to the process of
administering and maintaining computer networks.
qThis includes tasks such as monitoring network
performance, configuring network devices, troubleshooting
issues, and ensuring network security.
qEffective network management is essential for ensuring that
a network operates efficiently and reliably.

Sys&Net Admin 2
 TCP/IP Networking
vWhat does TCP/IP stand for? TCP/IP stands for Transmission
Control Protocol/Internet Protocol.
vTCP/IP is a set of standardized rules that allow computers to
communicate on a network such as the internet.
vBy itself, an individual computer can perform any number of jobs.
But computers’ real power shines when they communicate with each
other.
vMany of the things we think about computers doing – whether it’s
sending email messages, watching Netflix, or getting directions –
involve computers communicating.
Sys&Net Admin 3
 Cont’d
vThese computers may be from different companies, or even
located in different parts of the world – and the people and
programs using them may use different human and computer
languages.
vAny given interaction may be between two computer
systems, or it may involve hundreds of systems.
vBut, like passing a letter or a package from hand to hand,
each transaction occurs between just two computers at a time.
Sys&Net Admin 4
 Cont’d
• For this to happen, the two computers need to know, ahead of time,
how they are expected to communicate.
ØHow do they start the conversation?
ØWhose turn is it to communicate?
ØHow does each computer know its message was transmitted correctly?
ØHow do they end the conversation?
Computers do this through protocols.
A protocol is an agreed-upon set of rules.
Sys&Net Admin 5
 Configuring a Linux Box for
Networking
üLinux is a Unix-like, open source and community-developed operating
system (OS) for computers, servers, mainframes, mobile devices and
embedded devices.
ü It is supported on almost every major computer platform, including x86,
ARM and SPARC, making it one of the most widely supported operating
systems.
üIf you are working with a Linux system using a GUI, you can configure
the network interface via an icon in the far upper right of the screen.
üThe function of this icon is very similar to the windows “TV Set” down
in the lower right of the screen in the taskbar of a Windows desktop
system. Sys&Net Admin 6
 Web Server (Apache)

vApache HTTP Server is a free and open-source web server

that delivers web content through the internet.
vIt is commonly referred to as Apache and after development,
it quickly became the most popular HTTP client on the web.
vAll the configuration files for Apache are located
in /etc/httpd/conf and /etc/httpd/conf. d .
vThe data for websites you'll run with Apache is located in
/var/www by default, but you can change that if you want.
Sys&Net Admin 7
 DNS Server (BIND)
üWhat is BIND? Berkeley Internet Name Domain (BIND) is the most
popular Domain Name System (DNS) server in use today.
ü It was developed in the 1980s at the University of Berkley and is
currently in version 9.
üBIND is an open source system free to download and use, offered
under the Mozilla Public License.
üBinding of a socket is done to address and port in order to receive
data on this socket (most cases) or to use this address/port as the
source of the data when sending data (for example used with data
connections in FTP server).
Sys&Net Admin 8
 Mail Transfer Agents (Postfix)
üPostfix is a hugely-popular Mail Transfer Agent (MTA) designed to
determine routes and send emails.
üPostfix is one of the leading Mail Transfer agent which is used to send
and receive emails. And the default port of Postfix is 25.
üThe best part is that postfix doesn't need any configuration for strictly
internal usage. Simply installing the package should suffice.
üA Material Transfer Agreement (MTA) is a contract governing the
transfer of materials between two parties. It defines the rights of the
provider and the recipient with respect to the materials and any
derivatives.
Sys&Net Admin 9
 What is the difference between MTA
and SMTP?

ü"MTA" Refers to software which accepts email and routes it

towards it's destination (possibly passing it to another MTA).

üSo an MTA accepts emails and decides where to send them.

ü "SMTP server" (Simple Mail Transfer Protocol) refers to software

which implements the server side of the SMTP protocol.

üwhich are used for retrieving email messages from a server

Sys&Net Admin 10
 Proxy Caches (Squid)
ØSquid or proxy caches are servers that store frequently accessed web
pages and resources to improve web browsing performance and
reduce bandwidth usage.
ØWhen a user requests a web page, the proxy server checks if it
already has a copy of the page in its cache. If it does, it serves the
page from the cache, which can speed up the page load time
significantly.
ØSquid or proxy caches are commonly used in corporate and
educational networks to improve internet performance for users.

Sys&Net Admin 11
 Proxy Caches (Squid)
üProxy caching is a feature of proxy servers that stores content on the
proxy server itself, allowing web services to share those resources to
more users.
üThe proxy server coordinates with the source server to cache
documents such as files, images and web pages.
üSquid is a widely-used caching proxy server for Linux and Unix
platforms.
üThis means that it stores requested Internet objects, such as data on
a Web or FTP server, on a machine that is closer to the requesting
workstation than the server. Sys&Net Admin 12
• Proxy server caching differs from browser caching in
that website resources are stored in intermediate servers,
instead of on your visitors' local drives.
• This results in a single cached resource copy being served to
multiple visitors.
• The proxy server stores cacheable content in a local cache
before delivering the content to the requester.
• Examples of cacheable content include static web pages and
JavaServer Pages files that contain dynamically generated,
but infrequently changing, information.
Sys&Net Admin 13
 Network service
• In computer networking, a network service is an application running
at the network application layer and above, that provides data storage,
manipulation, presentation, communication or other capability which
is often implemented using a client–server or peer-to
peer architecture based on application layer network protocols.
• Each service is usually provided by a server component running on
one or more computers (often a dedicated server computer offering
multiple services) and accessed via a network by client
components running on other devices.
• However, the client and server components can both be run on the
same machine.
Sys&Net Admin 14
üDynamic Host Configuration Protocol (DHCP) is a
client/server protocol that automatically provides an Internet
Protocol (IP) host with its IP address and other related
configuration information such as the subnet mask and
default gateway.
üDHCP operations fall into four phases: server discovery, IP
lease offer, IP lease request, and IP lease acknowledgement.
üThese stages are often abbreviated as DORA for Discovery,
Offer, Request, and Acknowledgement.
Sys&Net Admin 15
DORA picture

Sys&Net Admin 16
 Cont’d
• DHCP uses UDP port 67 on the server side and UDP port 68 on the
client side.

• DHCP also has two versions: DHCPv4 and DHCPv6 to support IPv4
and IPv6, respectively.

• These two versions, much like the two versions of IP, are very different
and are therefore considered separate protocols and use separate ports.
Sys&Net Admin 17
 Advantages of DHCP
1.Automatic management of IP addresses, including the prevention
of duplicate IP address problems.
2. Allows support for BOOTP clients, so you can easily transition
your networks from BOOTP to DHCP.
BOOTP (Bootstrap Protocol) is a network protocol used by a client computer to
obtain an IP address from a server. It is mainly used for diskless workstations that
need to boot from a network server.
3. Allows the administrator to set lease times, even on manually allocated IP
addresses.
Sys&Net Admin 18
 Network Time Services and Sharing
Desktops with VNC
is a protocol used to synchronize the clocks of computers on a
network.
vIt is important to ensure that all computers on a network have the same time, as it is
necessary for various tasks such as logging, debugging, and transaction processing.
vNTS uses the Network Time Protocol (NTP) to synchronize the clocks of computers on a
network.
is a desktop sharing system that allows you to
over a network.
vIt is a useful tool for remote access and support, as well as for collaboration and training
purposes.
vVNC works by transmitting keyboard and mouse events from the client computer to the
remote computer, and transmitting screen updates from the remote computer to the client
computer. Sys&Net Admin 19
 RPC-Based Services and INET Super
Server
üRPC (Remote Procedure Call) is a protocol used to enable communication
between different processes running on different computers on a network.
üIt allows a client process to call a procedure on a server process and receive the
results of the procedure back.
üRPC-based services are a way of providing access to resources and services on a
network.
üThe INET Super Server is a program that provides a way of managing network
services on a UNIX or Linux system.
ü It listens for incoming connections on various ports and starts the appropriate
service when a connection is made.
ü It can also be used to manage RPC-based services on a network.
Sys&Net Admin 20
 Cont’d
üTo use RPC-based services, you need to define the procedures that will be made
available to clients, and then implement these procedures on the server.
ü The server then registers the procedures with the RPC runtime system, which
enables clients to call them.
üThe client process can then call the procedures on the server process by sending
an RPC request.
üThe server processes the request and sends the results back to the client.
üTo use the INET Super Server, you need to configure it to listen on the
appropriate ports for incoming connections.
ü RPC-based services and the INET Super Server are useful tools for managing
network services and resources.
üThey enable processes running on different computers to communicate with
each other, and provide a way of managing services on a network.
Sys&Net Admin 21
 TCP/IP Troubleshooting:
ping, traceroute, netstat, ifconfig
üTCP/IP (Transmission Control Protocol/Internet Protocol) is a suite of protocols used for
communication over the internet and other networks.

üTroubleshooting TCP/IP issues can be challenging, but there are several tools available
that can help you diagnose and resolve problems.

üPing is a utility used to test whether a network connection is working. It sends a packet
to a target computer and waits for a response. If the target computer responds, then the
connection is working. If not, then there may be a problem with the network or the target
computer. Sys&Net Admin 22
 Cont’d
ØTraceroute is a utility used to trace the path that packets take
between a source and a destination computer. It sends packets
with increasing time-to-live values, and each router along the
path sends back an ICMP (Internet Control Message Protocol)
message indicating that the packet has been received. This
allows you to see the route that packets take between two
computers.
ØNetstat is a utility used to view active TCP/IP connections on
a computer. It can be used to view the IP addresses and port
numbers of both the local computer and remote computers, as
well as the status of the connections.
Sys&Net Admin 23
 Cont’d
Øifconfig is a utility used to view and configure network settings
on a Linux or UNIX computer.
It can be used to view the IP address, subnet mask, and default
gateway of a computer, as well as to renew or release an IP address.
These tools are essential for troubleshooting TCP/IP issues.
By using them, you can quickly diagnose and resolve network
problems, ensuring that your network is always up and running.

Sys&Net Admin 24
 Remote Administration
with SSH and SCP
üSSH (Secure Shell) is a protocol used for secure remote access to a computer
or server over a network.
üIt provides a secure, encrypted connection between the local computer and the
remote computer, allowing you to access and manage the remote computer as if
you were sitting in front of it.
üSSH is commonly used for remote administration, as well as for secure file
transfers.
üSCP (Secure Copy) is a utility used for secure file transfers between computers
over a network.
ü It uses the SSH protocol to encrypt the data being transferred, ensuring that it
is secure and cannot be intercepted by unauthorized users.
üSCP is commonly used for transferring files between a local computer and a
remote computer, as well as between two remote computers.
Sys&Net Admin 25
 Cont’d
• To use SSH for remote administration, you need to have an
SSH client installed on your local computer and an SSH server
installed on the remote computer.
• You can then use the SSH client to connect to the remote
computer, and use command-line tools to manage the remote
computer as if you were sitting in front of it.
• This allows you to perform tasks such as configuring settings,
installing software, and monitoring system performance.
Sys&Net Admin 26
 Cont’d
• To use SCP for secure file transfers, you need to have an SCP client
installed on your local computer and an SCP server installed on the
remote computer.
• You can then use the SCP client to transfer files between the local
computer and the remote computer, or between two remote computers.
• SCP is a secure and efficient way of transferring files over a network,
and is commonly used for backups, software updates, and other file
transfer tasks.
• Remote administration with SSH and SCP is a powerful tool for
managing computers and servers on a network.
• By using these tools, you can securely access and manage remote
computers, and transfer files between computers with ease.
Sys&Net Admin 27
 Configuration,
Telnet Replacement, Secure Copy and Rsync
ØConfiguration refers to the process of setting up and customizing software
or hardware to meet specific requirements.
Ø In the context of computer networks, configuration can involve setting up
network settings, security settings, and other parameters to ensure that the
network is functioning properly.
ØTelnet is a protocol used for remote access to a computer or server over a
network. It allows you to log in to the remote computer and execute
commands as if you were sitting in front of it.
However, Telnet is not secure, as it sends all data, including passwords and
other sensitive information, in plain text over the network.
As a result, Telnet is being replaced by more secure protocols such as SSH.
Sys&Net Admin 28
 Cont’d
• Secure Copy (SCP) is a utility used for secure file transfers between computers
over a network.
• It uses the SSH protocol to encrypt the data being transferred, ensuring that it is
secure and cannot be intercepted by unauthorized users.
• SCP is commonly used for transferring files between a local computer and a
remote computer, as well as between two remote computers.
• Rsync is a utility used for efficient file transfers between computers over a
network.
• It only transfers the parts of files that have changed, reducing the amount of data
that needs to be transferred and speeding up the transfer process.
• Rsync is commonly used for backups, software updates, and other file transfer
tasks.
Sys&Net Admin 29
 Cont’d
• To configure a computer or network, you need to have a thorough understanding
of the software and hardware you are working with, as well as the requirements
of the network.

• You can then use tools such as Telnet (if it is still being used), Secure Copy, and
Rsync to manage the network and transfer files securely and efficiently.

• By understanding and using these tools effectively, you can ensure that your
network is secure, efficient, and functioning properly.
Sys&Net Admin 30
 RSA and DSA Authentication
(Password-less Logins)
ü are two
commonly used public key cryptographic algorithms that are used for
authentication and encryption. They are both used for password-less logins, which
allow you to access a remote computer without having to enter a password every
time.
üRSA authentication works by using a public key and a private key. The public key
is shared with the remote computer, while the private key is kept on the local
computer.
üWhen you try to log in to the remote computer, the remote computer sends a
message encrypted with the public key. The local computer then decrypts the
message using the private key, proving that it is the authorized user.
üDSA authentication works by using a key pair consisting of a public key and a
private key. Sys&Net Admin 31
 Cont’d
üThe public key is shared with the remote computer, while the
private key is kept on the local computer.
üWhen you try to log in to the remote computer, the local
computer generates a signature using the private key, and
sends it to the remote computer.
üThe remote computer then verifies the signature using the
public key, proving that it is the authorized user.
üBoth RSA and DSA authentication are secure and effective
methods for password-less logins.
Sys&Net Admin 32
 Cont’d
üThey are commonly used for remote access and other
authentication tasks, as they eliminate the need for
passwords, which can be vulnerable to attacks such as brute
force attacks and dictionary attacks.
üIn summary, RSA and DSA authentication are both
important cryptographic algorithms that are used for
authentication and encryption.
üThey are effective methods for password-less logins,
providing a secure and efficient way to access remote
computers and other resources.
Sys&Net Admin 33
 Remote Command Execution and
Port Forwarding
ü Remote command execution is a process where a user can execute
commands on a remote computer or server over a network.
üIt is a useful tool for managing and administering remote systems, as
it allows you to execute commands as if you were sitting in front of
the remote computer.
üOne common tool for remote command execution is SSH (Secure
Shell), which provides a secure and encrypted connection between the
local computer and the remote computer. With SSH, you can remotely
execute commands on the remote computer, transfer files, and manage
the system as if you were sitting in front of it.
Sys&Net Admin 34
 Cont’d
üPort forwarding is a technique used to redirect network
traffic from one computer to another, typically over a
network.
üIt is commonly used to allow remote access to a computer or
server, or to allow a computer to access resources on a
remote network.
üPort forwarding works by mapping a port on the local
computer to a port on the remote computer, allowing traffic
to be sent between the two computers.
Sys&Net Admin 35
 Cont’d
üPort forwarding is often used in conjunction with remote command
execution, as it allows you to remotely execute commands on a
computer that is behind a firewall or NAT (Network Address
Translation) device.
üBy forwarding a port on the firewall or NAT device to the remote
computer, you can establish a connection and remotely execute
commands as if you were sitting in front of the remote computer.
üBy using these tools, you can remotely execute commands on a
remote computer, transfer files, and manage the system as if you were
sitting in front of it, even if the remote computer is behind a firewall
or NAT device.

Sys&Net Admin 36
 THANKS

END OF CHAPTER FOUR

?
Sys&Net Admin 37