System Network and Administration MIT CONTENT Notes
Workgroup
A system that has no centralized management system
Domain
A system that has a centralized management system
Active Directory | Domain Controller | Server
Machine that has installed ntds.dit ie personal computer of Rizwan. Ntds.dit contains database of services for network.
Protocols used by NTDS.dit
x.500 (old) LDAP (lightweight directory access protocol) used now. it base on kerbrose protocol that solve authentication problem
SSO (single sign on)
A user that login using domain controller
Ticket granting ticket (TGT)
Ticket by server given to user (kerbrose) to begin authentication process. Client (send ticket) ? Server (varify) ? and Issue Service ticket+ session key
Kerberos
Kerbros is authentication protocol using tickets.version 1.3 at MIT. other versions are v4 and v5. Window 2000 & letter use it as default authentication method. it use authentication server for authentication (grant TGT for using service).
Structure of Active Directory
Domain (devices),
TREE (collection of >1 domains),
Forest (collection of trees and domains),
TRUST (uniway.if >1 user access data of other domains than other domain create trust first) ,
Fedration (multiway.if >1 user access data of other domains than other domain create trust first)
DNS (domain name system)
A system that resolve IP adress into domain name and vv is DNS.In this data center is hidden mostly. ie fb.com we know only domain or ip address not dns server.
- Forward lookup zone
it contains Domain name to ip entries
- eReverse lookup zone
it contains ip address to domain entries
- Both zones (Forward |reverse lookup zone) contains three zones.
- Primary
- first of all maked and have all info about machines
- Secondry
- that get info from primary or any other
- Stub
- Image of primary DNS in new network
- by default two files (NS and SOA) created
- NS
- contains info about all dns ie dns1,dns2,dns3
- SOA
- value of each dns server (server that has highest value is used).
- A
- entries of ipv4
- AAA
- entries of ipv6
- CNAME
- fake (ip data etc) for increasing security.
- How DNS works
- www.mit.ss1.com.root when request made ,first of all (resolver) goto cache then DNS then Root,then tld
- Goto root server, then .com derver than ss1 upto so on
- Queries
- Iterative Query
- DNS to root server request
- Recurse Query
- Client to DNS
- Authorized Query
- Matching DNS to DNS server
- Non Authorized Query
- DNS to client.
DDNS
- In DNS, an domain is maped with a static ip address.
DNS take 24 hours to update new IP address. - DDNS allow to access devices in your home because these devices use dynamic IP.
- lets suppose 1.1.1.12 is your ip, on work you want to access it but it becomes 1.1.1.19. HERE, DDNS used.
- Work as, a host name given to you.and new ips are updated.
- download free DDNS
DHCP (dynamic host control protocol)
DHCP Assign ip,subnet mask,gateway and DNS automatically .Router , Active directory can be maked DHCP but trafic increase and single point of failer disadvantages respectively.- if no DHCP time consume,human error,conflict ip, changing ip if needed is difficul
- it stores ranges of ips (in scope) for assigning ie 192.168.1.0 to 192.168.1.100
- Servers in network must be assigned statically ips
- it will exclude servers (statically assigned) ips from range
- store mac address for next time same ip allocation
- when some device removed from network, its ip can't back to scope for some time.
- All devices send request for renew their ip, Now an removed pc not send this because it is not in network, so its ip go into scope
- Now when new device is added its get that Ip
- Discovery: client send request for ip, DHCP listen on UDP 69 port.
- OFFER: DHCP offer an ip to client
- Request: client ping broadcastly, if get reply it means some one has this ip else client request for that ip
- Acknowlgement: DHCP send unicast acknowldgement to client.
Proxy Server
Retrives data on internet. our request ?proxy server ?send and get respond of our request and send it to our device.- Benifits
- Privacy: our public ip is visible between our device & proxy server.
- Speed: it store files into its cache for next time
- Activity logging: keep track of activity,block some webs
- Encrypt data:
RAID
- Hard Disk
- IDE: no used now days
- SATA: 7200 & 5400 RPM(revolution per minute) respectively
- SSD: 16x faster than SATA
- SATA is used now days.
- SATA
| Basic SATA | Dynamic SATA |
|---|---|
| max 4 primary partitions created | max 14 primary partitions created |
| if>4 needed, we make extended (logical but one is parent) partitions | sizes increase or decreased after fix |
- Entry point of processor is in Active Partition
- MBR: memory boot recurit contains boot files
- Its recomended to store MBR,OS in Active partition
- When POST (power on self test) maded it goes to CACHE ? RAM ? Active Partition ? Other partitions
- A:/,B:/ drives are reserved for floppy disks , now floppy disk not used so these are not shown
- Formating mechanisms: NTFS, FAT, FAT32, FAT16 in mechanisms sizes of sectors,enc,speed defined ie FAT16 ?1 sector=16kb ,no encription etc
- SAN (storage area network) for centraized,reduce failure storage, SAN used, it is collection of >=2 HDD
- RAID 0
- Disk stripping technique used
- 2 hard disk used
- storage capicty is N, 10+10=20GB
- if there is 7 junks of data, 1,3,5 are stored on hard 1, and other junks on hard 2
- Read and write speed incresed
- if one hard failed, data will be lossed
- RAID 1
- Disk mirrioring technique used
- 2 hard disk used
- storage is 10+10=10GB
- one hard drive contain image of other
- if one hard failed,other will contain image
- RAID 5
- Pairty disk technique used (data of two hards is combined and save to hard 1,2,3 respectively)
- 3 hard disk used
- capacity is n-1, 10+10+10=20GB
- if one hard failed, data can be recovered by using other two hard disks
- RAID 10
- stripping+mirrioring technique
- 4 hard disks used
- two hards store data ie junk 1,3,5 on one and other junks on other hard
- two hards store copy of junks
- Partition styles
| MBR (memory boot recurit) | GPT (GUID partition table) |
|---|---|
| max 4 partitions | max 128 partitions |
| MBR partition table allocated 64 bytes | 16384 bytes |
| ie 16*4,this is reason of 4 partitions | each table has 128 bytes |
- Partion make using cmd
- open CMD
- type Diskpart
- selct disk
- select disk N ie select disk 1
- create partition {primary|extended|logical} size=1000
- size is in bytes
- assign letter R
- now partion is selected and successfully maked
- Delete: if you want to delete first select partition n
- Delete partition
- Active: to make partition active first select it using select partition n then type
- active
- Partion to GPT Or MBR
- open CMD
- type Diskpart
- selct disk
- select disk N ie select disk 1
- clean
- convert GPT|MBR
LINUX
- How to make batch script in Linux
- make test.sh usin vi
- run it using #bash test.sh or ./test.sh
- chmod 777 test.sh to change permissions
Servers
- web server: store ,process,deliver web pages to clients, http protocol used, ie appache server
- FTP ,SFTP,TFTP (file transfer protocol): protocols to tranfer files
- FTP (file transfer protocol): files trasfer between computer & server.ie vsftpd,TUX,WU-ftpd,gssftp servers
- we can make our pc also as FTP server
- access as ftp://server.com or use ftp client (file zilla)
- it use port 21
- ftp is not secured.
- SFTP (secure file transfer protocol)
- adds a layer of security.Data is encrypted
- its use port 22
- it use TCP connection oriented protocol (means delivery is 99%)
- TFTP (trivial file transfer protocol)
- use for transfer files within LAN
- it use UDP & connectionless protocol
- SAMBA SERVER: allow to access files on linux from windows & vv
- Exchange server: for mails & calendaring
- Sharepoint: for collaboration