59 terms

Infrastructure 2110

STUDY
PLAY
Essay #1 concerns admin have designing, maintaining IT infra
What are typical concerns an administrator will need to address in designing and maintaining an IT Infrastructure? Either address one or two concerns in depth, or discuss a breadth of concerns and how they may be related.
Essay #2 adv, dis of POP n IMAP
Discuss the advantages and disadvantages of the 2 mail client protocols: POP and IMAP. Discuss them from both the view of the ISP and the end user.
Essay #3 scenerio VNC address security
Describe a scenario in which a VNC would be used. Be sure to also address security concerns.
Essay #4 SNMP to mntn network how?
How could SNMP be used to maintain a network?
Essay #5 adv, dis of tunneling 1 aspect of
Tunneling is a two edged sword. Discuss one good aspect of tunneling and one potential abuse of using tunneling.
Essay # SPAM on infra impact direct and indirect costs
Address the impact of SPAM on an IT Infrastructure. Include direct and indirect impacts and costs.
20 TCP
FTP - data transfer
21 TCP
FTP - control
22 TCP
UDP ---ssh, and other secure protocols
23 TCP
telnet
25 TCP
smtp
53 TCP
UDP ---dns
69 UDP
tftp
80 TCP
http
110 TCP
pop3
143 TCP
imap
161 UDP
snmp
443 TCP
https (http---ssl)
Backup
Backup vs. Archive
Backup / Types
Unstructured
Full
Full + Incremental
Full + Differential
Mirror + Reverse Incremental
Continuous
Backup / Storage media
magnetic tape
hard disk
optical
floppy (ha!)
Solid state
Remote service
Backup / Manipulation of backup data
Compression
De-duplication
Duplication
Encryption
Staging
What is a Domain Name System?
Every machine on an internet is assigned a unique address, directory service to look up the IP addresses of machines
What does a DNS do?
First: contact a DNS server ___1. Asks it to find the IP address for www.xyz.com___2.DNS server has the address or contact other DNS sevrer and on and on
Domain and host name conventions
A full host name may have several name segments,
e.g. ahost.ofasubnet.ofabiggernet.inadomain.example,
In practice full host names typically consist of three segments :
ahost.inadomain.example /
www.inadomain.example
Software interprets the name segment by segment, right to left:
A. Uses an iterative search procedure
I. Each step along the way =
1. Program queries a corresponding DNS server
2. Provides a pointer to the next server which it should consult
HTTP //__Does it require TCP/IP
HTTP does not require the use of TCP/IP or its supporting layers
Can be implemented on top of any other protocol on the Internet, or on other networks
Only presumes a reliable transport
Any protocol that provides such guarantees can be used
HTTP //__Basic response code groups: 1xx, 2xx, 3xx, 4xx, 5xx - what is each group for?
1xx Informational = Experimental // __2xx Success -ok, created, accepted //__3xx Redirection //__4xx Client Error //__5xx Server Error
HTTP //__Specifics for 200, 403, 404
Upon receiving the request, the server sends back:
A status line
E.g. "HTTP/1.1 200 OK" //___403 Forbidden
Request was a legal request, but the server is refusing to respond to it
Unlike a 401 Unauthorized response, authenticating will make no difference
404 - does not exist
HTTP //__Persistent connections - Why?
HTTP/1.1: a keep-alive-mechanism was introduced
A connection could be reused for more than one request
Such persistent connections reduce lag perceptibly, because the client does not need to re-negotiate the TCP connection after the first request has been sent.
HTTP //__Protocol Basics: who uses, why, which ports used
HTTP client initiates a request by establishing a Transmission Control Protocol (TCP) connection to a particular port on a host
Port 80 by default
HTTP server listening on that port waits for the client to send a request message
A message of its own
Body of which is perhaps the requested file, an error message, or some other information
HTTP //__Current version (be careful here)
--- HTTP/1.1 (June 1999)
Current version; persistent connections enabled by default and works well with proxies
Supports request pipelining
HTTP //__Client/Server aspect
HTTP is a request/response protocol between clients and servers
Client makes an HTTP request
Referred to as the user agent
Web browser, spider, or other end-user tool
Server responds
Called the origin server
Stores or creates resources such as HTML files and images
In between the user agent and origin server may be several intermediaries
proxies, gateways, tunnels, etc.
HTTP //__ Secure HTTP
Benefits of using this method for establishing a secure connection are:
Removes messy and problematic redirection and URL rewriting on the server side
Allows virtual hosting (single IP, multiple domain-names) of secured websites
Reduces user confusion by providing a single way to access a particular resource
A weakness with this method is:
Requirement for secure HTTP cannot be specified in the URI
In practice, the (untrusted) server will thus be responsible for enabling secure HTTP, not the (trusted) client
LDAP
Global directory service, using the client sever model
Mail Services//__SMTP, POP, IMAP
Where each is used//___SMTP = is the standard protocol for sending emails across the Internet. //___IMAP and POP3 both read mail
Mail Services//__Advantages and disadvantages of each
//___POP3 protocol assumes there is only one client (computer terminal) connected to the mailbox // Downloaded to client when accessed then Deleted from server
If the client leaves some or all messages on the server
The client's message store is considered authoritative//___
IMAP protocol allows simultaneous access by multiple clients (computer terminals)
IMAP is also suitable if the mailbox is used by multiple users //Mail stays on the server after accessed
Client may store local copies of the messages
Mail Services//__Default ports used
---POP3 for inbound email
Port 110
IMAP for inbound email
Port 143
SMTP port 25
NFS // What is it
Any computer file system that supports sharing of files and other resources as persistent storage over a computer network
NFS //What are the 3 main types and how do they differ
NFS - UNIX
AFS - Primary used in distributed computing

//___ SMB - Operates as an application-level network protocol =
Applied to shared access to,
Files,
Printers,
Serial ports,
Miscellaneous communications,
Between nodes on a network
NFS //NAS/SAN
Network attached storage - retrieves files from source, storage area network - retrieves data and assembles files
SNMP// Uses: network management
Used by network management systems
Monitor network-attached devices for conditions that warrant administrative attention
Manage said systems
SNMP// MIBs
MIBs describe the structure of the management data of a device subsystem
Use a hierarchical namespace containing object identifiers (OID)
Each OID identifies a variable that can be read or set via SNMP
SNMP// Type of data managed: Scalar, Tabular
Scalar objects
Define a single object instance
Tabular objects
Define multiple related object instances
Grouped in MIB tables
SNMP// Managed devices
Collect and store management information
Make information available to NMSs using SNMP
Switches and bridges
Hubs
IP telephones
Computer hosts
Printers
SNMP// Data types: Network addresses, counters, gauges, time ticks, opaques, integers, unsigned integers
Network addresses - Represent an address from a particular protocol family //
counters -Non-negative integers that increase
, gauges - Non-negative integers
, time ticks - Represents a hundredth of a second since some event
opaques Represents an arbitrary encoding that is used to pass arbitrary information strings,
integers - Represents signed integer-valued information
unsigned integers - Represents unsigned integer-valued information
Telnet // Function
Establish or use a TELNET or other interactive TCP connection
User might "telnet in from home to check his mail at school"
Use a telnet client to connect local computer to a server
Once the connection is established
Log in with his account information
Execute commands remotely on that computer
Telnet // Port used
Telnet = Port 23. Rsh = port 514. rlogin = port 513. rcp =
Telnet // Security concerns
TELNET, by default, does not encrypt any data sent over the connection (including passwords)
Telnet // Uses now
want to manually talk and diagnose problem, access host applications, admin of network elements, MUD games
Telnet // rsh, rlogin, rcp - uses/dangers
unsecure, unencrypted
SSH // Function - uses
Network protocol
Allows data to be exchanged over a secure channel between two computers
Encryption provides confidentiality and integrity of data
SSH // Port used
TCP port 22 (default)
ssh client program establishes connections to an sshd daemon on an accepting remote connections
SSH // Security flaws
man in the middle attacks,
SSH // Public-key cryptography
everyone has the key to get to the computer, you use your private key to aythenticate
SSH // scp, sftp,
SCP = A means of securely transferring computer files using the Secure Shell (SSH) protocol
between a local computer and a remote host,
between two remote hosts//__SFTP = A network protocol that provides file transfer and manipulation functionality over any reliable data stream
VNC
Virtual Network Computing

What is it?
Ports
Security
RFB
VPN
Virtual Private Networks

What is it?
Priorities
Tunneling - brief description of tunneling
Web Servers
What does a web server do?
Relation to HTTP/HTML
Static v. dynamic content
Path translation (url/file name)
Platforms Supported
Features: SSL and TLS, Logging, Filtering
License
IIS
Platforms Supported
Services