Upload
jared-crawford
View
222
Download
0
Embed Size (px)
Citation preview
Day12
Network OS
What is an OS?• Provides resource management
and conflict resolution.– This includes
• Memory• CPU• Network Cards
Scarce Resources• Memory
– Everyone wants it, there is a limited supply
– Must request memory from OS. • OS may
– Impose limits– Manages swap space as necessary– Manages CPU registers and cache
– When a program exits memory is reclaimed
– A Preemptive multitasking OS allows the OS to force a program to give back memory and exit.
Different OS’s• Windows NT/2000/XP/2003• Windows 95/98/ME• Unix (solaris, BSD)• Linux (Redhat,Suse,Debian…)• Mac OSX, os9…• Each has its own advantages and
disadvantages.– License– Stability– Support
Network component• In order for an OS to be a NOS it
must:– Support network interface cards
(NIC), via drivers– Support protocols such as TCP/IP,
Appletalk etc.– Provide client or server software
Client-Server• The model we are now most
familiar with.– Lots of clients (laptops, desktops)– A few servers
• Web Servers• File Servers• Mail servers
• A single server can talk to many clients.
• Each client can talk to many servers.
Peer To Peer• There is no concept of a single server,
everyone just talks to whoever they wish. – Each machine may act as a client to some
people and a server to others
• File sharing software– Often you connect to a central server to find
a list of other peers. – You can search for files by asking everyone
if they have it– Multiple servers can return parts of a file to
you.
• Advantage are harder to track, better fault tolerance.
Clients• Just about all machines act as
clients– You must have client software
• Internet Explorer, WSFTP, Putty/SecureCRT, AIM, Terminal Service Client etc.
– Many things are now available via the web, so specialized software is less important so long as you have a browser with all the plug-ins.
• You’ll want to protect it from unwanted stuff– Viruses, Spyware, Worms, Spam etc.
Servers• Typically must have static IP
– So people can find them
• Must have some software installed to perform server function– Apache, wu-ftp, IIS, Exchange,
sendmail, Samba, etc.
• Nothing magical about the hardware, any computer can be a server– However, high end servers tend to
have lots of RAM, many CPUs, RAID disks. Some have redundant internals.
Redundancy/Scalability• If a server performs an important
duty:– You’ll want more than 1 of them
• In case one fails• To help handle requests when a lot of
people want that service
– Often you’ll use a load balancer to achieve this.• Most large networking companies make
load balancers for this task.
Backups• Few do it right, everyone should• You only realize you need it when
you need it, and then its too late.– Servers should be backed up to
ensure a failure doesn’t mean a loss of data. Often the data is worth more than the machine
– Backups don’t have to be fancy, CDs, DVDs, Tapes, Zip disks, Jump drives all work great.
– Remember to plan for the worst. • Backup often, and keep some at another
location
UPS• Sometimes the power goes out
– Batteries are your friend– Hard shutdown of computer is bad
• Disk cache, memory cache• If you do it often enough, you’ll eventually
lose data, or the OS.
– UPS/generators can keep you alive when the power goes out.
Authentication• Username and password can be
used to prove your identity– But you don’t want to have to log in
for EVERY file you transfer off a machine.
– Authentication Tokens.• A single server (Domain Controller, NIS,
Kerberos, Radius) authenticates you and gives you a token which proves you’ve authenticated. Now you can just give that token. Eventually the token expires, or can be revoked.
Keeping track of users• Most modern server OS’s have
some capability to organize users, computers and resources into a structure.– Windows: Active Directory– Netware: NDS– Unix/MAC: Ldap
• They are effectively the same thing, the allow you to group similar things together into “trees”.
Intrusion Detection• Finding out someone has been
here.– Logs/event viewer are helpful but can
be faked– Scanning for root kits or
administrator compromises.– Tools available such as:
• ISS• Nessus• Snort