System Admin Lab
System Admin Lab
System Admin Lab
Tcpdump:-
tcpdump is a network traffic analyzer that can be used to capture and analyze
network traffic on a particular network interface. It is a powerful tool that can
be used for a variety of purposes, including troubleshooting network problems,
security analysis, and network performance monitoring.
snort:-
snort is a network intrusion detection system (IDS) that can be used to detect
malicious traffic on a network. It can also be used to monitor network traffic for
suspicious activity.
ethereal:-
ethereal (formerly known as Ethereal) is a network analyzer that can be used
to capture and analyze network traffic. It is a graphical user interface (GUI)
for tcpdump, and it provides a more user-friendly way to view and analyze
network traffic.
Once you have installed the packet monitoring software, you can start to
familiarize yourself with it by using the following commands:
tcpdump
To capture all network traffic on a particular interface, you can use the
following command:
To view captured traffic, select the packet you want to view and click on the
"Details" tab.
2. Perform following operations: Trace route, Ping,
Finger, Nmap
Traceroute
Traceroute is a network diagnostic tool that can be used to trace the path that a
packet takes from your computer to a destination. This can be useful for
troubleshooting network problems, such as when you are unable to connect to a
website or server.
To perform a traceroute to a website, you can use the following command:
traceroute google.com
This will print a list of the routers that the packet passes through on its way to
Google.
Ping
Ping is a network diagnostic tool that can be used to check the connectivity
between your computer and another computer or device. It sends a packet to the
destination computer and measures the time it takes for the packet to be
returned. This can be useful for troubleshooting network problems, such as
when you are unable to connect to a website or server.
ping google.com
This will print the time it takes for the packet to be sent and returned, as well as
the number of packets that were sent and the number of packets that were lost.
Finger
Finger is a network protocol that is used to query a remote computer for
information about a user. This information can include the user's name, real
name, login time, idle time, and when the user last logged in.
To query a remote computer for finger information, you can use the following
command:
finger [email protected]
This will print the user's information, if the finger service is enabled on the
remote computer.
Nmap
Nmap is a port scanner that can be used to scan a network for open ports. This
can be useful for security purposes, such as identifying potential security
vulnerabilities.
To scan a network for open ports, you can use the following command:
nmap -A 192.168.1.0/24
3. Execute given commands : Server configuration
(FTP, SMTP, DNS)
Server Configuration
An SMTP (Simple Mail Transfer Protocol) server is used to send and receive
email messages. To configure an SMTP server, you will need to install SMTP
server software and configure it to send and receive email from specific
domains. You will also need to configure relay settings and authentication
settings.
A DNS (Domain Name System) server is used to translate domain names into
IP addresses. To configure a DNS server, you will need to install DNS server
software and configure it to resolve names for specific domains. You will also
need to configure forwarders and root hints.
NFS (Network File System) is a distributed file system protocol that allows
users to access files and directories remotely, as if they are stored locally. This
is particularly useful for sharing files between different Linux systems.
Prerequisites:
Two Linux systems (one server and one client) A network connection between
the two systems Root privileges on both systems
NFS Server Configuration:
Install NFS server software on the server system. The specific package name
may vary depending on your Linux distribution. For example, on
Ubuntu/Debian, you can use the following command:
Bash
sudo apt-get install nfs-kernel-server Use code with caution. Learn more
Create the directory that you want to share. For example, let's create a directory
called /share:
Bash
sudo mkdir /share
Use code with caution. Learn more
Set the permissions on the directory so that NFS clients can access it. For
example, you can use the following command to give everyone read and write
access to the directory:
Bash
sudo chmod 777 /share
Install NFS client software on the client system. The specific package name
may vary depending on your Linux distribution. For example, on
Ubuntu/Debian, you can use the following command:
Bash
sudo apt-get install nfs-common Use code with caution. Learn more
Create a mount point for the NFS share. For example, let's create a directory
called
/mnt:
Bash
sudo mkdir /mnt
Use code with caution. Learn more
Mount the NFS share. For example, to mount the /share directory from the
server to the /mnt directory on the client, use the following command:
Bash
sudo mount 192.168.1.10:/share /mnt Use code with caution. Learn more
where 192.168.1.10 is the IP address of the NFS server.
You can now access the NFS share as if it were a local directory. For example,
you can list the contents of the directory with the following command:
Bash
ls /mnt
Use code with caution. Learn more Troubleshooting:
If you are having problems with NFS, you can try the following:
Make sure that the NFS server and client are on the same network. Make sure
that the NFS server is running.
Make sure that the firewall on the NFS server is not blocking NFS traffic. Make
sure that the /etc/exports file on the NFS server is correct.
Make sure that the NFS client has the correct mount point.
5. Implement Firewall Configuration using
iptables/ipchains (Linux only)
Configuring a firewall using iptables on Linux involves defining rules that
specify how network traffic should be handled. Before proceeding, make sure
you have the necessary permissions to configure the firewall, as this often
requires root or sudo privileges.
Here is a basic example to get you started. This example assumes you want to
allow incoming SSH traffic (port 22) and HTTP traffic (port 80), while blocking
all other incoming traffic. It also allows all outgoing traffic.
bash
Copy code
sudo iptables -L
This command lists the current rules.
bash
Copy code
sudo iptables -F
This command flushes all existing rules.
Set Default Policies:
Set the default policies to DROP incoming and ACCEPT outgoing:
bash
Copy code
sudo iptables -P INPUT DROP
sudo iptables -P FORWARD DROP
sudo iptables -P OUTPUT ACCEPT
Allow Incoming SSH (Port 22):
Allow incoming SSH traffic:
bash
Copy code
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
Allow Incoming HTTP (Port 80):
Allow incoming HTTP traffic:
bash
Copy code
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
Save Rules:
Save the rules to ensure they persist after a reboot:
bash
Copy code
sudo service iptables save
or
bash
Copy code
sudo iptables-save > /etc/iptables/rules.v4
This command may vary depending on your Linux distribution.
bash
Copy code
sudo service iptables restart
or
bash
Copy code
sudo systemctl restart iptables
Again, this may vary based on your Linux distribution.
This example provides a basic setup. Depending on your specific needs and
server configuration, you may need to adjust the rules accordingly. Always
ensure that you don't lock yourself out of the system when configuring firewall
rules remotely.
6. Execute Experiments using Turbo C Assembler
Turbo C Assembler, or TASM, is an assembly language compiler that was part
of the Turbo C integrated development environment (IDE) for DOS. Please note
that using Turbo C Assembler may not be practical on modern systems as it is
quite outdated and might not be compatible with newer operating systems.
However, if you are working in a controlled environment or in an educational
setting where Turbo C is still in use, you can proceed with the following steps.
Setting up Turbo C:
Install Turbo C:
Install Turbo C on your system. You can find legacy versions of Turbo C
online. Keep in mind that these versions are outdated and might not work well
on modern operating systems.
Open Turbo C:
Launch Turbo C and open the integrated development environment (IDE).
assembly
Copy code
.model small
.data
message db 'Hello, World!', '$'
.code
main proc
mov ah, 09h
lea dx, message
int 21h
mov ah, 4Ch
int 21h
main endp
end main
This simple assembly program displays "Hello, World!" using DOS interrupt
calls.