Duties of
System Administrator
Installing
and Configuring Servers
1. Linux “server” has a very
broader meaning . The standard Red Hat Linux graphical user interface (GUI)
requires a graphical layer called XFree86. This is a server. This server runs
even on a standalone machine with one user account and it must be configured.
2. Likewise, printing in Linux takes place only after you have configured a print server.
3. You cannot graphical desktop without a Xserver.
4. But you can have you can have World Wide Web access without a Web server , file transfer protocol (FTP) access without running an FTP server, and Internet e-mail capabilities without ever starting a mail server.
5. Whenever a server is connected to machines outside your physical control, security issues arise. You want users to have easy access to the things they need, but you don’t want to open up the system you’re administering to the whole wide world.
6. System Administrator need to know exactly which server you need and how to employ them, because it is a bad practice and potential security nightmare to enable the services that system is not using and does not need.
2. Likewise, printing in Linux takes place only after you have configured a print server.
3. You cannot graphical desktop without a Xserver.
4. But you can have you can have World Wide Web access without a Web server , file transfer protocol (FTP) access without running an FTP server, and Internet e-mail capabilities without ever starting a mail server.
5. Whenever a server is connected to machines outside your physical control, security issues arise. You want users to have easy access to the things they need, but you don’t want to open up the system you’re administering to the whole wide world.
6. System Administrator need to know exactly which server you need and how to employ them, because it is a bad practice and potential security nightmare to enable the services that system is not using and does not need.
Duties of System Administrator
Installing and Configuring Application Software
1. It is possible for individual users to
install some applications in their home directories, drive space set
aside for their own files and customizations these applications are not
available to other users without the intervention of the system administrator.
2. if an application is to be used by more than one user, it probably needs to be installed higher up in the Linux file hierarchy, which is a job that can be performed by the system administrator only.
3. The administrator can limit which users may use which applications by creating a “group” for that application and enrolling individual users into that group.
4. New software packages might be installed in /opt, if they are likely to be upgraded separately from the Red Hat Linux distribution itself.
5. By so doing, it’s simple to retain the old version until you are certain the new version works and meets expectations.
6. Some packages may need to go in /usr/local or even /usr, if they are upgrades of packages installed as part of Red Hat Linux.
7. The location of the installation usually matters only if you compile the application from source code.
8. In Red Hat Package Manager (RPM) packages automatically goes where it should.
2. if an application is to be used by more than one user, it probably needs to be installed higher up in the Linux file hierarchy, which is a job that can be performed by the system administrator only.
3. The administrator can limit which users may use which applications by creating a “group” for that application and enrolling individual users into that group.
4. New software packages might be installed in /opt, if they are likely to be upgraded separately from the Red Hat Linux distribution itself.
5. By so doing, it’s simple to retain the old version until you are certain the new version works and meets expectations.
6. Some packages may need to go in /usr/local or even /usr, if they are upgrades of packages installed as part of Red Hat Linux.
7. The location of the installation usually matters only if you compile the application from source code.
8. In Red Hat Package Manager (RPM) packages automatically goes where it should.
Duties of System Administrator
Creating and Maintaining User Account
1. Linux machine. An account must be
created for each user and system administrator may do this.
2. System administrator can give option to users to change their own password.
3. In red hat enterprise System administrator can configure a setting to prompt user that they must change password periodically.
4. System Administrator can stop person from accessing account.
5. System administrator can make restriction on web surf like user can surf web but has access to particular sites.
6. System administrator can stop certain websites.
2. System administrator can give option to users to change their own password.
3. In red hat enterprise System administrator can configure a setting to prompt user that they must change password periodically.
4. System Administrator can stop person from accessing account.
5. System administrator can make restriction on web surf like user can surf web but has access to particular sites.
6. System administrator can stop certain websites.
Duties of System Administrator
Backing Up and Restoring Files
1. Backup required to secure data from
computer failure, some people may harm others property or system if system
administrator not perfect to handle it.
2. We back up important files so that in the event of a failure of hardware, security, or administration, the system can be up and running again with minimal disruption.
3. Backup can be taken in high capacity tape drive and can be stored in disks..
4. It’s it more sensible to back up user accounts and system configuration files from the distribution CDs would be quicker and easier than getting the basics off a tape archive.
5. System Administrator must decide what to back up and how frequently backup.
6. System Administrator may maintain a series of incremental backups i.e. adding only the files that have changed since the last backup or multiple full backups.
7. System Administrator may use RAID (redundant array of independent disks ) for Backup , which is multiple hard drives all containing the same data as insurance against the failure of any one of them, in addition to other backup systems.
8. System administrator should carry restore at least once in non critical time.
9. Need to formulate a plan for bringing the system back up in the event of a failure.
2. We back up important files so that in the event of a failure of hardware, security, or administration, the system can be up and running again with minimal disruption.
3. Backup can be taken in high capacity tape drive and can be stored in disks..
4. It’s it more sensible to back up user accounts and system configuration files from the distribution CDs would be quicker and easier than getting the basics off a tape archive.
5. System Administrator must decide what to back up and how frequently backup.
6. System Administrator may maintain a series of incremental backups i.e. adding only the files that have changed since the last backup or multiple full backups.
7. System Administrator may use RAID (redundant array of independent disks ) for Backup , which is multiple hard drives all containing the same data as insurance against the failure of any one of them, in addition to other backup systems.
8. System administrator should carry restore at least once in non critical time.
9. Need to formulate a plan for bringing the system back up in the event of a failure.
Duties of System Administrator
Monitor and Tuning Performance
Monitor and Tuning Performance
- System tuning is an ongoing process aided by a variety of diagnostic and monitoring tools.
- Some performance decisions are made at installation time, while others are added or tweaked later.
- A good example is the use of the hdparm utility, to squeeze the best performance from your equipment, monitor your system carefully and use Linux built-in configuration wisely.
- Proper monitoring allows you to detect a misbehaving application that might be consuming more resources than it should or failing to exit completely on close.
- Possibly most important, careful system monitoring and diagnostic practices give you an early heads-up when a system component is showing early signs of failure, so that any potential downtime can be minimized.
Configuring a Secure System
____________________________________________________
1.
There is a common
thread in Linux system administration, something that is a constant presence in
everything you do, it is the security of the computer and data integrity.
2.
The system
administrator’s task, first and foremost, is to make certain that no data on
the machine or network are likely to become corrupted, whether by hardware or
power failure, by misconfiguration or user error (to the extent that the latter
can be avoided), or by malicious or inadvertent intrusion from elsewhere.
3.
No one involved
in computing can have failed to hear of the succession of increasingly serious
attacks upon machines connected to the Internet such as DDoS, E-mail attacks
and worms attacks.
4.
Depending on how
and to what a Linux machine is connected, the sensitivity of the data it
contains and the uses to which it is put, security can be as simple as turning
off unneeded services, monitoring the Red Hat Linux security mailing list to
make sure that all security advisories are followed, and otherwise engaging in
good computing practices to make sure the system runs robustly.
5.
It can be an
almost full-time job involving levels of security permissions within the system
and systems to which it is connected, elaborate firewalling to protect not just
Linux machines but machines that, through their use of non-Linux software, are
far more vulnerable, and physical security — making sure no one steals the
machine itself.
6.
For any machine
that is connected to any other machine, security means hardening against attack
and making certain that no one is using your machine as a platform for
launching attacks against others.
7.
If you are running
Web, ftp, or mail servers, then make sure that passwords are not easily guessed
and not made available to unauthorized persons, that disgruntled former
employees no longer have access to the system, and that no unauthorized person
may copy files from your machine or machines.
Your job as a system administrator is to strike the right balance
between maximum utility and maximum safety, all the while bearing in mind that
confidence in a secure machine today says nothing about the machine’s security
tomorrow.
Using Tools to Monitor SecuritY
1.
Crackers : It’s
the clever people aiming to break into other peoples computers, just to amuse
themselves or doing potential larceny. If there is a vulnerability in a system,
they will find it.
2.
The Linux
development community is quick to find potential exploits and to find ways of
slamming shut the door before crackers can enter by making available new,
patched versions of packages in which potential exploits have been found.
3.
First and best
security tool is making sure that whenever a security advisory is issued, you
download and install the repaired package.
4.
As good as the
bug trackers are, sometimes their job is reactive. Preventing the use of your
machine for nefarious purposes and guarding against intrusion are, in the end,
your responsibility alone.
No comments:
Post a Comment