Day12

Network OS

What is an OS?• Provides resource management

and conflict resolution.– This includes

• Memory• CPU• Network Cards

Scarce Resources• Memory

– Everyone wants it, there is a limited supply

– Must request memory from OS. • OS may

– Impose limits– Manages swap space as necessary– Manages CPU registers and cache

– When a program exits memory is reclaimed

– A Preemptive multitasking OS allows the OS to force a program to give back memory and exit.

Different OS’s• Windows NT/2000/XP/2003• Windows 95/98/ME• Unix (solaris, BSD)• Linux (Redhat,Suse,Debian…)• Mac OSX, os9…• Each has its own advantages and

disadvantages.– License– Stability– Support

Network component• In order for an OS to be a NOS it

must:– Support network interface cards

(NIC), via drivers– Support protocols such as TCP/IP,

Appletalk etc.– Provide client or server software

Client-Server• The model we are now most

familiar with.– Lots of clients (laptops, desktops)– A few servers

• Web Servers• File Servers• Mail servers

• A single server can talk to many clients.

• Each client can talk to many servers.

Peer To Peer• There is no concept of a single server,

everyone just talks to whoever they wish. – Each machine may act as a client to some

people and a server to others

• File sharing software– Often you connect to a central server to find

a list of other peers. – You can search for files by asking everyone

if they have it– Multiple servers can return parts of a file to

you.

• Advantage are harder to track, better fault tolerance.

Clients• Just about all machines act as

clients– You must have client software

• Internet Explorer, WSFTP, Putty/SecureCRT, AIM, Terminal Service Client etc.

– Many things are now available via the web, so specialized software is less important so long as you have a browser with all the plug-ins.

• You’ll want to protect it from unwanted stuff– Viruses, Spyware, Worms, Spam etc.

Servers• Typically must have static IP

– So people can find them

• Must have some software installed to perform server function– Apache, wu-ftp, IIS, Exchange,

sendmail, Samba, etc.

• Nothing magical about the hardware, any computer can be a server– However, high end servers tend to

have lots of RAM, many CPUs, RAID disks. Some have redundant internals.

Redundancy/Scalability• If a server performs an important

duty:– You’ll want more than 1 of them

• In case one fails• To help handle requests when a lot of

people want that service

– Often you’ll use a load balancer to achieve this.• Most large networking companies make

load balancers for this task.

Backups• Few do it right, everyone should• You only realize you need it when

you need it, and then its too late.– Servers should be backed up to

ensure a failure doesn’t mean a loss of data. Often the data is worth more than the machine

– Backups don’t have to be fancy, CDs, DVDs, Tapes, Zip disks, Jump drives all work great.

– Remember to plan for the worst. • Backup often, and keep some at another

location

UPS• Sometimes the power goes out

– Batteries are your friend– Hard shutdown of computer is bad

• Disk cache, memory cache• If you do it often enough, you’ll eventually

lose data, or the OS.

– UPS/generators can keep you alive when the power goes out.

Authentication• Username and password can be

used to prove your identity– But you don’t want to have to log in

for EVERY file you transfer off a machine.

– Authentication Tokens.• A single server (Domain Controller, NIS,

Kerberos, Radius) authenticates you and gives you a token which proves you’ve authenticated. Now you can just give that token. Eventually the token expires, or can be revoked.

Keeping track of users• Most modern server OS’s have

some capability to organize users, computers and resources into a structure.– Windows: Active Directory– Netware: NDS– Unix/MAC: Ldap

• They are effectively the same thing, the allow you to group similar things together into “trees”.

Intrusion Detection• Finding out someone has been

here.– Logs/event viewer are helpful but can

be faked– Scanning for root kits or

administrator compromises.– Tools available such as:

• ISS• Nessus• Snort