Admas University

College of Computing and Informatics Computer

Science Department

Network and System

Administration

Chapter 5 : Installation of Application

server and Management
 Outline

 DHCP, DNS, and TELNET Server Comparison with Other NOS

 Open SSH: Secure Network Communication

 FTP and Email Service Configuration

 Network Information Services (NIS) and Network File System (NFS)

 SAMBA: Linux and Windows File and Printer Sharing

 DNS/BIND: Tracking Domain Names and Addresses

 Setting Up a Firewall and Web Server

 1. Dynamic Host Configuration Protocol (DHCP)

Purpose: DHCP simplifies IP address management within a network.

Functionality:
 DHCP Server: Automatically assigns IP addresses to client devices,
ensuring proper communication over the network.
 DHCP Client: Receives IP information by default (e.g., PCs, mobile
devices, IoT endpoints).
 DHCP Relaying: Centralized DHCP servers handle requests from multiple
subnets via routers or hosts.

Advantage: Reduces manual IP address assignment overhead for network

administrators.
 Cont’d

Comparison:

 DNS: Translates domain names to IP addresses.

 DHCP: Assigns IP addresses dynamically.

 Difference: DNS deals with domain names, while DHCP manages

IP address allocation
 2. Domain Name System (DNS)
Purpose: Converts human-readable domain names (like "FS.com") to IP
addresses.

Functionality:
 Each domain can correspond to multiple IP addresses.

 DNS servers handle domain-to-IP translation.

Advantage: Eliminates the need to remember lengthy IP addresses.

Comparison:
 DHCP: Assigns IP addresses.

 DNS: Resolves domain names to IP addresses

 3. TELNET Server
Purpose: Provides remote command-line access to network devices.

Functionality:
 Allows users to log in remotely and execute commands.

 Older protocol, often replaced by more secure alternatives (like

SSH).

Advantage: Enables remote management and troubleshooting.

Comparison:
 DHCP and DNS serve different purposes.

 TELNET: Facilitates remote access to devices.

 In summary:

 DHCP assigns IP addresses dynamically.

 DNS translates domain names to IP addresses.

 TELNET provides remote command-line access.

 Each of these services plays a vital role in network communication

and management
 Open SSH: secure network communication

 SSH and SCP for remote administration and secure file transfer.
These powerful tools are essential for managing remote servers
and transferring files between hosts
 1. SSH (Secure Shell)

 SSH is a protocol that allows secure communication between two

systems over an unsecured network (such as the internet).
 It provides encrypted communication, ensuring confidentiality and
integrity.
 protocol SSH is the Linux SSH client command, while SSH refers
to the general .
 1. SSH (Secure Shell)

 To connect to a remote host using SSH, you can use the following
command:
 ssh yourusername@yourserver
 Replace your username with your actual username
and your server with the server's address. You'll be
prompted for your password.
 SSH is commonly used for remote shell access, executing
commands, and managing servers.
 1. SCP (Secure Copy)
 SCP (secure copy) is built on top of SSH and allows you to copy files securely
between hosts.
 It's useful for transferring files, creating backups, and synchronizing data.

 The syntax for using SCP is as follows:

 To copy from a (remote) server to your computer:

 scp yourusername@yourserver:/path/to/remote/file
/path/on/your/computer
Cont’d
 Cont’d

Note:
 Be cautious when copying files with the same name and location,
as SCP will overwrite them without warning.

Remember
 Both SSH and SCP rely on secure authentication (usually via
passwords or SSH keys).
 Use these tools wisely to manage your remote systems
effectively.
 FTP and setting up Mail service and client

 Setting Up an FTP Server on Windows 10

 Building your own FTP (File Transfer Protocol)server can be a

convenient solution for transferring files through a private or
public network without the limitations often found with cloud
storage services.
 Steps to set up an FTP server on your Windows 10 PC:
 Cont’d

Install the FTP Server Feature:

1. Press Windows key + X

 Open the Power User menu and select Programs and Features.

2. Click the Turn Windows features on or off link.

3. Expand Internet Information Services and check the FTP Server

option.

4. Expand FTP Server and check the FTP Extensibility option.

5. Check Web Management Tools with the default selections.

6. Click OK to begin the installation and then click Close.

 Cont’d
Configure an FTP Site:

1. Open the Control Panel

2. Click on Administrative Tools.

3. Double-click Internet Information Services (IIS) Manager.

4. Expand and right-click Sites in the Connections pane.

5. Select Add FTP Site.

6. Name your new FTP site and enter the path to the FTP folder where you want to
send and receive files.

7. You can also use the Make New Folder button to create a specific folder for your
FTP files.

8. Leave all the default settings for Binding and SSL Settings, but change the SSL
option to No SSL(Note: In a business environment or for sensitive data, consider
configuring SSL).

9. On Authentication, check the Basic option

 Configuring Email Accounts in Windows 10
 Windows 10 includes a built-in Mail app that allows you to access various
email accounts (such as Outlook.com, Gmail, Yahoo!, etc.) in one centralized
interface. Here's how to set it up:

1. Open the Mail app:

 Click the Settings (gear) button at the bottom of the left pane.
 Click Manage accounts in t. he right pane.

2. Add a new email account:

 Select Add account
 Choose the type of account you want to add (e.g., Outlook, Google, etc.).
 Enter the required information (email address, password, and name).
 Click Sign in
 Cont’d

Note !!!
Your email account will start syncing, and you'll be able to send
and receive emails using the Mail app.
Remember to update your account settings if needed, and adjust
mailbox sync settings as necessary.
Network information services (NIS)and sharing file system (NFS)

1. Network Information Service (NIS): provides a distributed database

system for common configuration files in a network.
 NIS servers manage copies of these database files, while NIS clients
request information from the servers instead of using their own local
copies.
 For instance, the /etc/hosts file can be managed by NIS. A few NIS
servers maintain copies of the hosts file information, and all NIS
clients query these servers for host address details instead of checking
their own local /etc/hosts file.
 Cont’d

 Once NIS is operational, managing individual /etc/hosts files on every

machine is unnecessary.
 Updating the NIS servers ensures that all machines retrieve the new
configuration file information consistently.
 NIS plays a crucial role in managing configuration information across the
network, making it consistent on all hosts.
 Cont’d

2. Network File System (NFS): NFS is a distributed file system that allows
sharing files between separate hosts.
 An NFS server has one or more file systems that are mounted by NFS clients.

 To the clients, the remote disks appear as local disks.

 NFS file systems are mounted using the standard Unix mount command, and
Unix utilities work seamlessly with NFS-mounted files just like local files.
 NFS simplifies system administration by eliminating the need to maintain
multiple copies of files on various machines.
 All NFS clients share a single copy of the file on the NFS server.
 Cont’d

 Users benefit from NFS as well. Instead of logging into different systems and
transferring files between them, users can stay on one system and access all necessary
files within a consistent file tree.
 In summary, NIS provides the framework for using NFS. While NFS manages the
resource users care about most—their files —NIS ensures that hosts agree on essential
configuration information such as usernames and host addresses.
 SAMBA: Linux and windows files and printer sharing

1. Samba for Linux and Windows File Sharing:

 Samba enables interoperability between Linux and Windows by

allowing them to communicate effectively.
 Here's how you can access Samba shares from both Linux and Windows clients:
 For Linux Clients:

 Install the necessary Samba client packages. On the client machine, install
the samba-common and samba-client packages.
# yum install samba-client samba-common -y
 Check if you can access the shares from the server using either the hostname
or IP address
# smbclient -U user -L 192.168.1.122
 This command will display available shares, including printer drivers and
home directories.
Create a directory to use as your mount point (e.g., /mnt/myshare):
# mkdir /mnt/myshare
 Mount the share using the following command
(replace user and 192.168.1.122 with appropriate values):
 Cont’d

# mount -t cifs -o username=user //192.168.1.122/myshare /mnt/share

Make the mount persistent by editing /etc/fstab.

You can either provide credentials directly in /etc/fstab or create a credential file:

//192.168.1.122/myshare /mnt/share cifs

username=user,password=password,_netdev 0 0
OR
//192.168.1.122/myshare /mnt/share cifs
credentials=/home/user/.cred,_netdev 0 0
The _netdev option is crucial for network devices.
 For windows

 To map a drive to the Samba share, open PowerShell and issue the
following command:

PS > NET USE M: \\centos my share

 This maps the Samba share to the M: drive.

With this basic setup, you'll be able to access file shares

from client machines in your network, regardless of
whether they run Linux or Windows
 DNS/BIND: Tracking Domain Name and Address

Domain Name System (DNS) and its implementation using BIND

1.DNS (Domain Name System):

 It maps domain names (such as www.example.com) to IP

addresses(such as 192.168.1.1).
 The DNS specification defines a secure, general-purpose database
that holds information about internet hosts.
 It also specifies a protocol used to exchange this information.

 DNS provides library routines that implement the protocol.

 Additionally, DNS plays a role in routing email.

 Cont’d
2. BIND (Berkeley Internet Name Domain):

 BIND is the most widely used DNS software.

 It serves as both a name server(resolving domain names to IP

addresses) and a resolver(querying other name servers).
Key features of BIND include:
 Authoritative Nameserver: Provides authoritative answers for domain names.

 Caching Nameserver: Stores recently resolved queries to speed up future

requests.
 Forwarder: Forwards queries to other nameservers.

 Master/Slave Configuration: Allows redundancy and load distribution.

 Cont’d

To set up BIND:

 Install BIND packages (e.g., bind9 on Ubuntu).

 Configure BIND by editing files like

/etc/bind/named.conf.options.
 Set up zones (e.g., forward and reverse zones) in configuration
files.
 Troubleshoot any issues that arise.
In summary, DNS and BIND work together to ensure efficient domain name
resolution and IP address mapping across the internet, simplifying
communication for both humans and machine
 Setting up a firewall and web server
Setting Up a Firewall

1.Understanding How Firewalls Work

 On a Linux machine the default firewall is called iptables.

 By default, iptables allows all connections without exceptions.
 There are three main chains in iptables:
 INPUT: For incoming connections
 OUTPUT: For outgoing connections.
 FORWARD: Allows packets to be rerouted
 Cont’d

2. Creating Firewall Rules

 To allow specific connections, we append rules to each section

using the -A directive.
 Example: To allow incoming HTTP traffic (port 80):

sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT

 To allow established connections:

sudo iptables -A INPUT -m conntrack --ctstate

ESTABLISHED,RELATED -j ACCEPT
 Cont’d

3. Creating an iptables File

 Create an iptables file using your favorite editor (e.g.,

VIM):

sudo vim /etc/iptables.firewall.rules

Add your rules to this file (explained below).

4. Sample Rules (Modify as Needed)

Allow loopback (lo0) traffic:
*filter
# Allow all loopback (lo0) traffic
 -A INPUT -i lo -j ACCEPT
Drop traffic to 127/8 that doesn't use lo0:
 Cont’d

-A INPUT -d 127.0.0.0/8 -j REJECT

Allow SSH (port 22):

-A INPUT -p tcp --dport 22 -j ACCEPT

Allow HTTP (port 80):

-A INPUT -p tcp --dport 80 -j ACCEPT

 Allow MySQL (port 3306):

-A INPUT -p tcp --dport 3306 -j ACCEPT

Allow FTP (port 21):

-A INPUT -p tcp --dport 21 -j ACCEPT

 Cont’d

5. Save and Apply Rules

 Save the iptables rules:
 sudo iptables-save > /etc/iptables.firewall.rules
 Create a startup file to load these rules on boot:
 sudo vim /etc/network/if-pre-up.d/firewall
 Add the following content and save:
 #!/bin/sh
 /sbin/iptables-restore < /etc/iptables.firewall.rules
 Make the startup file executable:
 sudo chmod +x /etc/network/if-pre-up.d/firewall
 Setting Up a Web Server

 To set up a web server, you can use popular software like

Apache, Nginx, or Lighttpd.
 Install your chosen web server software, configure virtual
hosts, and upload your website files.
 Ensure your firewall rules allow incoming HTTP traffic
(port 80) for the web server.
 Remember to adapt these instructions to your specific
environment and requirements. Stay secure and enjoy
hosting your applications
 Group Assignment

Installation of Application Server and Management

Group 1
 DHCP, DNS, Telnet server; compare with other NOS setup of corresponding network
services
Group 2:
 Open SSH: Secure Network Communication
 Group 3:
 FTP and Setting-up Mail Servers and Client
 Group 4:
 Network Information Service (NIS) and Sharing File systems (NFS)
 Group 5:
 SAMBA: Linux and Windows File and Printer Sharing
 Group 6:
 DNS/BIND: Tracking Domain Names and Address
 Group 7:
 Setting up a Firewall and a Web server
use via [email protected]