+ All Categories
Home > Documents > Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Date post: 11-Jan-2016
Category:
Upload: rose-watts
View: 221 times
Download: 6 times
Share this document with a friend
Popular Tags:
117
Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management
Transcript
Page 1: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved.

Advanced Internet System Management

Page 2: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved.

Lesson 1:Mission-Critical Services

Page 3: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Objectives

• Identify foundational services, including DNS, WINS and Samba

• List mission-critical services• Discuss system maintenance and logging• Describe performance monitoring and server

optimization issues• Identify the importance of implementing

security features for your servers

Page 4: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Foundational Services

• Domain Name System• Windows Internet Naming Service• Samba• Server Message Blocks• NetBIOS over TCP/IP• Network File System

Page 5: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Types ofMission-Critical Services

• HTTP servers• Streaming media servers• Database servers• E-commerce servers• News servers• E-mail servers• Security services

Page 6: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Performance Monitoringand Server Optimization

• Logging services

• Auditing services

• Performance Monitor

Page 7: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Fault Tolerance

The ability for a host or network to recover from an error or system failure

Page 8: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

HighAvailability Clustering

• Reading available resources• Reduced network latency• Centralized administration• Scalability

Page 9: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Backup

• Backup considerations

– Backup of critical host operating systems

and files

– Off-site file storage

– UNIX and NT backup programs

– Backup devices

– Backup tapes

Page 10: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary

Identify foundational services, including DNS, WINS and Samba

List mission-critical services Discuss system maintenance and logging Describe performance monitoring and server

optimization issues Identify the importance of implementing

security features for your servers

Page 11: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved.

Lesson 2:Installing and

Configuring a Web Server

Page 12: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Objectives

• Identify the basic functions of a Web server• Explain how a Web server identifies file types• Customize the server root directories• Redirect URLs and add default document

types

Page 13: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Objectives (cont’d)

• Enable user-based authentication for the Web server

• Control access to a Web server based on IP address

• Enable HTML administration for IIS 5.0• Create virtual servers and directories in IIS

and Apache Server

Page 14: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Web ServerRoot Directory

Web server

Web server root: C:\inetpub\wwwroot

Normally, all documents issued by the server

must reside beneath the root directory

Page 15: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Common Web Servers

• Apache Server• Microsoft IIS• Netscape Enterprise Server• Zeus Web server

Page 16: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Configuring IIS

• Using the IIS snap-in• Connecting to the Web server

– The Home Directory tab– The Documents tab– The Directory Security tab

• Controlling access by computer account• Controlling access by IP address• The Performance and Custom Errors tabs

Page 17: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Virtual Servers

• Dedicated virtual servers• Simple virtual servers• Shared virtual servers

Page 18: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Apache Server

• Location of Apache Server files• File placement• Apache Server RPM files

Page 19: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

AdministeringApache Server

• Apache Server processes• Stopping and starting httpd• Configuring Apache Server

Page 20: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Virtual Serversand Apache

• The NameVirtualHost directive• Order of entries

Page 21: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary

Identify the basic functions of a Web server Explain how a Web server identifies file types Customize the server root directories Redirect URLs and add default document

types

Page 22: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary (cont’d)

Enable user-based authentication for the Web server

Control access to a Web server based on IP address

Enable HTML administration for IIS 5.0 Create virtual servers and directories in IIS

and Apache Server

Page 23: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved.

Lesson 3:Advanced Web

Server Configuration

Page 24: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Objectives

• Implement common e-commerce elements• Identify key HTTP error messages• Create a custom HTTP error message in IIS 5.0• Explain how Web servers and clients use

MIME

Page 25: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Objectives (cont’d)

• Describe how Web applications work with IIS 5.0

• Execute ASP and CGI scripts in ane-commerce setting

• Connect a Web site to a database using a Web application

• Install, configure and test a streaming media server

Page 26: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

HypertextTransfer Protocol

• Application-layer protocol• HTTP requests and replies

– Command/Status– Headers– Body

Page 27: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

HTTP Version 1.1Request Commands

• Options• Get• Head• Post• Put• Delete• Trace

Page 28: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Web Applications and E-Commerce

• Web application types– Client-side applications– Server-side applications

Page 29: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Server-Side Applications and E-Commerce

• Internet Database Connector (IDC)• Internet Server Application Programming

Interface (ISAPI)• Application servers

– Allaire ColdFusion– IBM WebSphere Application Server– Microsoft Transaction Server– Microsoft IIS 5.0 ASP engine– PHP

Page 30: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Web Applications and MIME

• MIME identifies the different types of documents and applications that Internet services manage

• MIME and labeling• MIME and file extensions

– Hard-wired– Configurable

Page 31: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

E-Commerce WebServers and Perl

• Perl for CGI is an almost-universal way to attach Web servers to databases

Page 32: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Script Execution in IIS 5.0

• Scripts Only– Allows execution of ASP applications

• Scripts and Executables– Allows execution of CGI scripts

Page 33: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Apache Server and Perl

• Placing a CGI script in Apache Server

• Troubleshooting a Perl installation inLinux

Page 34: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

E-Commerce Web Servers and Gateways

• Gateways• Performance• Databases

Page 35: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Active Server Pages

Microsoft technology that implements Web applications

Page 36: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

ODBC, Web Gatewaysand E-Commerce

• Adding a system DSN• Registering a database with Windows 2000• Implementing a gateway in IIS using ASP

Page 37: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Streaming Media Servers

• Streaming media server standard• Streaming server hardware and software

requirements• On-demand versus live streaming• URLs and port numbers• RealServer mount points

Page 38: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary

Implement common e-commerce elements Identify key HTTP error messages Create a custom HTTP error message in IIS 5.0 Explain how Web servers and clients use

MIME

Page 39: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary (cont’d)

Describe how Web applications work with IIS 5.0

Execute ASP and CGI scripts in ane-commerce setting

Connect a Web site to a database using a Web application

Install, configure and test a streaming media server

Page 40: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved.

Lesson 4:Enabling SecureSockets Layer

Page 41: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Objectives

• Describe the functions of SSL• Identify the SSL handshake process• Use the IIS 5.0 snap-in to generate an SSL

certificate request• Deploy the Certificate Authority snap-in to

sign certificate requests• Configure IIS 5.0 to use SSL

Page 42: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Secure Sockets Layer (SSL)

• The Web server and the client browser exchange and negotiate a secure communications link

Page 43: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

SSL Architecture

Server Machine

Application Layer (Telnet,FTP,HTTP,NFS,NIS)

SSL

UDP Transport Layer (TCP)

Network Layer

Client Machine

Application Layer (Telnet,FTP,HTTP,NFS,NIS)

SSL

UDP Transport Layer (TCP)

Network Layer

Secure Encrypted

Application Layer Traffic

Page 44: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

SSL and Channel Security

• The channel is private

• The channel is authenticated

• The channel is reliable

Page 45: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

SSL Handshake

• Hello phase• Key Exchange phase• Session Key

Production phase

• Server Verify phase• Client

Authentication phase

• Finished phase

Page 46: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Applying SSL Encryption

• 40-bit key• 128-bit key

Page 47: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Requesting andInstalling a Certificate

• Certificate types• The X.509v3 standard• Revocation lists• Certificate benefits• Certificate shortcomings

Page 48: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Certificate Concerns

• Password-protected text file• Binding• CA security• Data sniffing and tampering

Page 49: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary

Describe the functions of SSL Identify the SSL handshake process Use the IIS 5.0 snap-in to generate an SSL

certificate request Deploy the Certificate Authority snap-in to

sign certificate requests Configure IIS 5.0 to use SSL

Page 50: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved.

Lesson 5:Configuring and

Managing a News Server

Page 51: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Objectives

• Create a newsgroup in both Windows 2000 and Linux

• Configure newsgroup expiration policies• Control access to a news server through IP

address filtering and user-based authentication

Page 52: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

NNTP Service

• Usenet newsgroups• Private and Usenet

NNTP servers• The Expires header

Page 53: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary

Create a newsgroup in both Windows 2000 and Linux

Configure newsgroup expiration policies Control access to a news server through IP

address filtering and user-based authentication

Page 54: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved.

Lesson 6:E-Mail

Server Essentials

Page 55: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Objectives

• Describe the process of sending an e-mail message

• Explain key e-mail server concepts• Describe the functions of e-mail protocols

Page 56: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Sending andDelivering E-Mail

End User

SMTP Server

End User

Page 57: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

E-Mail Agents

• Mail transfer agent• Mail delivery agent• Mail user agent

Page 58: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

E-Mail ServerTerminology

• Masquerading• Aliasing• Relaying

Page 59: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Simple Mail Transfer Protocol

• SMTP commands– helo– ehlo– mail from– rcpt to– data– quit

Page 60: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Post Office Protocol 3 (POP3)

• POP3 commands– user– pass– list– retr– dele– quit

Page 61: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

IMAP and LDAP

• IMAP and e-mail clients• Lightweight Directory Access Protocol

Page 62: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Web Mail

• E-mail servers:– Create a Web interface– Provide Web-based access

Page 63: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary

Describe the process of sending an e-mail message

Explain key e-mail server concepts Describe the functions of e-mail protocols

Page 64: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved.

Lesson 7:Configuring

E-Mail Servers

Page 65: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Objectives

• Identify the purpose and usefulness of MX records

• Discuss DNS as it applies to e-mail servers• Configure an e-mail server in

Windows 2000• Manage a Web-based e-mail service• Deploy a list server

Page 66: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

MX Recordsand E-Mail Servers

• MX records inform the DNS server where to direct e-mail messages– Intradomain e-mail– Interdomain e-mail

Page 67: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Intradomain E-Mail

DNS Server

E-Mail Server Patrick.ciwcertifed.com

james.ciwcertifed.com

Page 68: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Interdomain E-Mail

DNS Server

E-Mail Servermail.stanger.com

E-Mail Servermail.lane.com

james.stanger.com

patrick.lane.com

lane.com

stanger.com

Page 69: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Mail Exchange Record Fields

• Domain name• IN• MX• Numerical value• Server name

Page 70: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary

Identify the purpose and usefulness of MX records

Discuss DNS as it applies to e-mail servers Configure an e-mail server in

Windows 2000 Manage a Web-based e-mail service Deploy a list server

Page 71: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved.

Lesson 8:Proxy Servers

Page 72: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Objectives

• Explain the benefits of a proxy server• Differentiate between public and private

IP addresses• Install and configure Web-based and SMTP-

based proxy servers

Page 73: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Proxy Servers

• Connecting to a proxy server• Modifying clients

Page 74: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Connecting to aProxy Server

Ethernet

Client

Internet

Web ServerProxy

Page 75: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Proxy Server Considerations

• Advanced users may try to bypass the proxy server

• You need a license that allows enough connections for all employees

Page 76: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary

Explain the benefits of a proxy server Differentiate between public and private IP

addresses Install and configure Web-based and SMTP-

based proxy servers

Page 77: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary

Explain the benefits of a proxy server Differentiate between public and private IP

addresses Install and configure Web-based and SMTP-

based proxy servers

Page 78: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved.

Lesson 9:Logging Activity

Page 79: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Objectives

• Explain the need for logging activity generated by servers and services

• Configure Web server logs in IIS, Apache Server and ftpd

• Identify the need to check DNS and e-mail logs

• View information from a Web server log file using commercial log analysis software

Page 80: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Logging Information

• Server efficiency• Usage rate• Revenue generation• Security

Page 81: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Setting Priorities

• Mission criticality• Service type• Server location• Recent

installations

Page 82: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Evaluating Logs

• Peak usage rates• Error messages• Failed logon attempts

Page 83: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

HTTP Server Log Files

• Server log• Access log• Error log• Referrer log• Agent log

Page 84: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

FTP Log Files

• FTP log files contain the following information– IP address of the client connecting to your

server– Client’s user name– Date and time the connection was made– IP address of the server– Commands issued

Page 85: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

FileAnalysis Software

• WebTrends• Webalizer

Page 86: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary

Explain the need for logging activity generated by servers and services

Configure Web server logs in IIS, Apache Server and ftpd

Identify the need to check DNS and e-mail logs

View information from a Web server log file using commercial log analysis software

Page 87: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved.

Lesson 10:Monitoring and

Optimizing Internet Servers

Page 88: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Objectives

• Explain the need for server monitoring and optimization

• Use tools when monitoring and optimizing servers

• Identify key Internet server elements to monitor

• Adjust Internet server settings to meet expected workload

Page 89: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Analyzing Server Performance

• Server and service log files• Protocol analyzers (packet sniffers)• System performance tools

Page 90: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Queues and Bottlenecks

• Queue– Sequence of

requests for services

• Bottleneck– Number of

incoming requests exceeds that rate at which the system can service them

Page 91: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Correcting Bottlenecks

• Speed up the component causing the bottleneck by upgrading or replacing it

• Replicate the component causing the bottleneck by distributing the demand for a service across multiple servers

• Increase the capacity of the queues in the system to tolerate more requests

Page 92: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

HardwareConcerns

• Web servers• Web applications and session state

Page 93: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary

Explain the need for server monitoring and optimization

Use tools when monitoring and optimizing servers

Identify key Internet server elements to monitor

Adjust Internet server settings to meet expected workload

Page 94: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved.

Lesson 11:Fault Tolerance

and System Backup

Page 95: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Objectives

• Identify ways to create fault tolerance in a network host

• Explain the concept of offsite storage• Implement procedures for disaster

assessment• Follow a data recovery strategy• Implement recovery procedures to repair

corrupted data

Page 96: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Fault Tolerance

The ability of a system or application to recover lost information due to a hardware or software failure

Page 97: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

RAID

• RAID 0: disk striping• RAID 1: disk mirroring• RAID 4: disk striping with large blocks• RAID 5: disk striping with parity

Page 98: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Additional FaultTolerance Options

• Hot swapping• Uninterruptible power supply• Folder replication• Offsite storage and site mirroring• Removable media

Page 99: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Site Redirection

Helps recover from system outages and denial-of-service attacks by redirecting Internet services and sites

Page 100: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Tape Backupand Removable Media

• Floppy disks• Zip disks• CD-ROMs• Tapes

Page 101: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Planning aBackup Strategy

• Determining which files to back up• Choosing local or network backup types• Selecting a backup method• Planning and practicing restoration

procedures• Ensuring that you have verified all backup

files

Page 102: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Disaster Assessmentand Recovery

• Windows 2000 and Linux boot disks• Windows 2000 system state data• Windows Emergency Repair Disk• Windows 2000 Safe Mode• Troubleshooting Linux

Page 103: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary

Identify ways to create fault tolerance in a network host

Explain the concept of offsite storage Implement procedures for disaster

assessment Follow a data recovery strategy Implement recovery procedures to repair

corrupted data

Page 104: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Copyright © 2002 ProsoftTraining. All rights reserved.

Lesson 12:Security Overview

Page 105: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Overview

• Identify vulnerabilities commonly found in various operating systems

• List the steps to counteract operating system weaknesses

• Define firewall and intrusion detection concepts

• Discuss the effect of security measures on employees and system hosts

• Recognize security breaches

Page 106: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Server Vulnerabilities

• Users and group permissions• Multiple partitions• Policies• System defaults• System bugs

This System is Secure!

Page 107: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Enhancing Server Security

• Enabling shadow passwords• Removing unnecessary system services

Page 108: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Firewalls

• Create a perimeter that protects your private network from other public networks

Page 109: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Firewall Functions

• Enhance logging and authentication• Encrypt transmissions between hosts and/or

networks• Provide enhanced security• Default to one of two types of behavior

– Reject all traffic unless explicitly permitted– Allow all traffic unless explicitly denied

Page 110: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Firewall Types

• Packet filter• Application-level gateway proxy• Circuit-level gateway proxy

Page 111: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Firewall Terminology

• Internal interfaces• External interfaces• Demilitarized zone• Rule• Bastion host

Page 112: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

IntrusionDetection Systems

• Network-based IDS• Host-based IDS• Hybrid IDS

Page 113: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Security Tradeoffs

• Complexity• Host performance

degradation• Unintended denial

of service

Page 114: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

RecognizingSecurity Breaches

• Failed logons• Unexplained or common system shutdowns

and restarts• Changes in user privileges• Added or removed accounts• System processes that have been shut down,

activated or restarted• Changes in file permissions

Page 115: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Summary

Identify vulnerabilities commonly found in various operating systems

List the steps to counteract operating system weaknesses

Define firewall and intrusion detection concepts

Discuss the effect of security measures on employees and system hosts

Recognize security breaches

Page 116: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Advanced InternetSystem Management

Mission-Critical Services Installing and Configuring a Web Server Advanced Web Server Configuration Enabling Secure Sockets Layer Configuring and Managing a News Server E-Mail Server Essentials

Page 117: Copyright © 2002 ProsoftTraining. All rights reserved. Advanced Internet System Management.

Advanced InternetSystem Management

Configuring E-Mail Servers Proxy Servers Logging Activity Monitoring and Optimizing Internet Servers Fault Tolerance and System Backup Security Overview


Recommended