Which is the role of System Administrator?

Duties of a system administrator

The duties of a system administrator are wide-ranging, and vary widely from one organization to another. Sysadmins are usually charged with installing, supporting, and maintaining servers or other computer systems, and planning for and responding to service outages and other problems. Other duties may include scripting or light programming, project management for systems-related projects.

The system administrator is responsible for following things:

• User administration (setup and maintaining account)
• Maintaining system
• Verify that peripherals are working properly
• Quickly arrange repair for hardware in occasion of hardware failure
• Monitor system performance
• Create file systems
• Install software
• Create a backup and recover policy
• Monitor network communication
• Update system as soon as new version of OS and application software comes out
• Implement the policies for the use of the computer system and network
• Setup security policies for users. A sysadmin must have a strong grasp of computer security (e.g. firewalls and intrusion detection systems).

Source By :
http://www.cyberciti.biz/faq/what-is-the-role-of-the-system-administrator/

Network Scanning tool

The typical UNIX® administrator has a key range of utilities, tricks, and systems he or she uses regularly to aid in the process of administration. There are key utilities, command-line chains, and scripts that are used to simplify different processes. Some of these tools come with the operating system, but a majority of the tricks come through years of experience and a desire to ease the system administrator's life. The focus of this series is on getting the most from the available tools across a range of different UNIX environments, including methods of simplifying administration in a heterogeneous environment.

http://www.ibm.com/developerworks/aix/library/au-satnetworkscan/?ca=dgr-lnxw97netwktlkit&S_TACT=105AGX59&S_CMP=GR

10 most important Linux Security issues

A good place for security education is the SANS/FBI site (http://www.sans.org/top20/). These are the most important Unix related security issues:

1. Web Server. One of the places that an intruder is going to check first is for vulnerabilities in your Apache version and in you cgi-scripts.

2. Remote Procedure Calls. RPC Services should be down if they are not required, they allow a remote user to execute instructions in your computer; the intruder usualy gains root access this way.

3. SNMP (Simple Network Management Protocol). This protocol is known to have had its vulnerabilities and their password can be easily cracked and more easier captured from the network.

4. SSH (Secure Shell). SSH has been exploited before, if you do not need it then you can turn it off, or filter the source ip addresses with TCP Wrapper.

5. Remote Services (Trusted host). This was a setup in the machines based on the rely of other machines IP address, and leaved access without asking password. Their binaries are "rsh", "rcp", "rlogin" and "rexec". They exist and can be used also today, the attacked can do a party with your machine if they use a technique known as "ip spoofing".

6. FTP (File Transfer Protocol). Many vulnerabilities have been found in FTP, as exploits and protocol weaknesses, like clear text password transfer (resolved in SFTP).

7. LPD (Line Printer Daemon). This daemon is also remotely exploitable with help of an overflow and a shellcode, gaining root access if the server is running as root.

8. BIND/DNS (Dynamic Name Server). DNS Flooding, exploits and other attacks are available, if you are going to set up a DNS, use a firewall to filter any port that you do not want.

9. Sendmail. This mail transfer agent is known for its buffer overflows and remote exploits, though it has resolved its issues, always appears something new. It is recommended to use qmail.

10. Weak Password / No Passwords in the system. I do not need to explain this.

Many people that talk about security talk about a false sense of security that one can have in the cyberspace, i do not totaly agree with them, i see very often thay it is created a false sense of insecurity also. The items i have listed before create some sense of insecurity and alert; but do not worry, if you are going to run one of this critical services, just keep in mind:

* Use a well configured firewall (pay more attention to "well configured" than "firewall")
* Set up correctly an Intrusion Detection and Prevention System.
* Ask for help a security professional, here in Argentina we have very good ones :-)

The screen function in linux

In unix like operating systems we have the 'screen' utility, so usefull as easy to use. In cases where you need to compile a kernel in the background in a remote server (where the connection can get lost), download a file or do some critical operation without the risk of loosing the network connection to the server, the 'screen' utility comes handy.

Run it just writing its name:

#screen

This creates a virtual shell, a virtual terminal, for those (like me) that love virtualization :-)
Now you see a new shell, type some commands, leave a 'top' running, and type:

ctrl+a+c (this creates a new window, like a new shell).

How to go back to the window with the 'top' ?
Type ctrl+a+n (this jumps to the next window, in this case, the first one).

I dont know of a limit of shells you can create with "ctrl+a+c".
You jump backward to the previous window with "ctrl+a+p".
Split the current 'screen' window in multiple windows with "ctrl+a+S"
Jump between splitted windows with "ctrl+a+TAB".

And, if you need to send the the terminal the "ctrl+a" signal, press "ctrl+a+a".

Now... the real magic, how to leave this process running in the background and how to recover the terminal after a connection loose ?

Press ctrl+a+d to disconnect from 'screen' and leave all the terminals in the background, these processes will survive as i said, a disconnection, so you can disconnect from that server and come back in two days that screen will be still there.

Out of 'screen' write:
#screen -ls

This shows something like:

There is a screen on:
31696.pts-2.gw0 (Detached)
1 Socket in /tmp/uscreens/S-wlamagna.

To re-connect to screen write:
#screen -r 31696.pts-2.gw0

split display: C-a S
jump to next display: C-a tab
remove current region: C-a X
remove regions but the current one: C-a Q

And you are back in the screen terminals.
I hope it was usefull, please leave me a message with your experience or new tricks.

How to set runlevel with chkconfig

This implementation of chkconfig was inspired by the chkconfig command present in the IRIX operating system. Rather than maintaining configuration information outside of the /etc/rc[0-6].d hierarchy, however, this version directly manages the symlinks in /etc/rc[0-6].d.

In Redhat Linux you have a powerfull tool called chkconfig, you can list all the services with:
#chkconfig --list
To see the services started in runlevel 3:
#chkconfig --list | grep 3:on

To turn off a service in all the runlevels:
#chkconfig pcmcia off

Turn off a service in a desired runlevel:
#[root@monitor1]# chkconfig --list | grep hpoj
hpoj 0:off 1:off 2:on 3:on 4:on 5:on 6:off
#[root@monitor1]# chkconfig --level 3 hpoj off
#[root@monitor1 rc3.d]# chkconfig --list | grep hpoj
hpoj 0:off 1:off 2:on 3:off 4:on 5:on 6:off


If you want to add a new service, you created the /etc/rc.d/init.d/ file and now you wans to manage the service, configure it to start and stop on desired runlevels.

Edit the /etc/rc.d/init.d/service-name file, and add this line on the top:

#!/bin/bash
# chkconfig: 2345 55 25
# description: A service that does powerful things
#

This is a description of what this line does:
# chkconfig: 2345 55 25
             |   |  |
             |   |  priority for kill scripts
             |   |
             |   priority for start scripts
             |
             run levels at which to start service

Then execute, for example, adding the qmail service:
#[root@monitor1 init.d]# chkconfig --add qmail
#[root@monitor1 init.d]# chkconfig --list qmail
qmail           0:off   1:off   2:off   3:on    4:off   5:on    6:off

Now configure it to start on desired runlevels !

Advantages of Linux over its profitable competitor

 Linux is free.

You can install a complete Unix system at no expense other than the hardware.

Linux is fully customizable in all its components.

Thanks to the General Public License (GPL), you are allowed to freely read and modify the source code of the kernel and of all system programs.


Linux runs on low-end, cheap hardware platforms.

You can even build a network server using an old Intel 80386 system with 4 MB of RAM.

Linux is powerful.

Linux systems are very fast, since they fully exploit the features of the hardware components. The main Linux goal is efficiency, and indeed many design choices of commercial variants, like the STREAMS I/O subsystem, have been rejected by Linus because of their implied performance penalty.

Linux has a high standard for source code quality.
Linux systems are usually very stable; they have a very low failure rate and system maintenance time.

The Linux kernel can be very small and compact.

It is possible to fit both a kernel image and full root filesystem, including all fundamental system programs, on just one 1.4 MB floppy disk. As far as we know, none of the commercial Unix variants is able to boot from a single floppy disk.

Linux is highly compatible with many common operating systems.

It lets you directly mount filesystems for all versions of MS-DOS and MS Windows, SVR4, OS/2, Mac OS, Solaris, SunOS, NeXTSTEP, many BSD variants, and so on. Linux is also able to operate with many network layers, such as Ethernet (as well as Fast Ethernet and Gigabit Ethernet), Fiber Distributed Data Interface (FDDI), High Performance Parallel Interface (HIPPI), IBM's Token Ring, AT&T WaveLAN, and DEC RoamAbout DS. By using suitable libraries, Linux systems are even able to directly run programs written for other operating systems. For example, Linux is able to execute applications written for MS-DOS, MS Windows, SVR3 and R4, 4.4BSD, SCO Unix, XENIX, and others on the 80 x 86 platform.

Linux is well supported.

Believe it or not, it may be a lot easier to get patches and updates for Linux than for any other proprietary operating system. The answer to a problem often comes back within a few hours after sending a message to some newsgroup or mailing list. Moreover, drivers for Linux are usually available a few weeks after new hardware products have been introduced on the market. By contrast, hardware manufacturers release device drivers for only a few commercial operating systems — usually Microsoft's. Therefore, all commercial Unix variants run on a restricted subset of hardware components.

With an estimated installed base of several tens of millions, people who are used to certain features that are standard under other operating systems are starting to expect the same from Linux. In that regard, the demand on Linux developers is also increasing. Luckily, though, Linux has evolved under the close direction of Linus to accommodate the needs of the masses.

I hope it was usefull, leave me a "hello" if it is so!
Thanks.