Solutions of Assignment ISM

(Internet Server Management)

Task 1 – Perform administrative tasks to manage network users and resources

1. This is one of the most challenging and costly functions performed by system
administrator today is deploying a new operating system to client computers on a
network. There are many scenarios

pre-installation scenario: - Server and Client hardware should meet all the perquisites such as
the drive on the server must be formatted with the NTFS file system. Ensure that the chosen
drive must have enough space. The pre-installation scenario includes the following steps

Client Configuration

Server Configuration

Information
Proliferation

Inter-Application
Awareness

implementation scenario: - Here we will enable the DFS role for the domain joined
computers. This will create a distributed common shared file system which will enables the
client system to access their file which is controlled or allocated by the system administrator. For
this we are going to use the Microsoft Windows Server 2016.The installation of this is done via
the roles and features wizard. The steps are as following.

Step1: Login to the windows server 2016 DC and open the server manager section.

Step2: Open add roles and features wizards and go to the server role section.
Step3: Explore file and storage services.

Step4: Inside file and storage services there is file and iscsi services just open it and select File
server, DFS namespaces, DFS Replication and File server resource manager. Note that to keep
the folder synchronized between the DFS server across network or on a remote site the service
DFS replication is required.
Step5: After selecting the required roles just click the next button and roles will get installed
automatically.

Step6: In this step we create a shared folder namespace.

Step7: In this step we add the folder target.

post-installation scenario: - when we boot the client machine, the PXE Boot ROM begins to
load and initialize. There are 4 phenomenon which occurs with the most NET PC or PXE ROM-
based computers.
Step1: A message BootP is displayed by the client machine. The indication of this message
means that there is need of a ip address for the client machine from DHCP server.
Step2: After getting the ip address from the DHCP server, the new message will change to DHCP.
Step3: The client machine will change to BINL or it may be prompts F12 key for the users. It
suggested that client machine has connected to the server and just waiting for the TFTP which is
the first image file-OSchooser. In some machine these messages are not recognized because
these this sequence simply flashes by too quickly.
Step4: In this step client should have downloaded and displayed the client installation wizard
application with a welcome screen greeting the user.
Account Naming Policies: -
 Complete the first name and last name.
 Initial of first name and complete last name.
 First three characters of first name and first three of last name.
 Three random letters and three numbers.

Password Policies: -
 Uppercase and Lowercase character must be included in password.
 Must contain digit (0 to 9)
 Must contain some special character ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/
 Must be at least 8 characters and alphanumeric with above constrain should be
fulfilled.

Securities Rights: -
 All the users except from account and finance department must not have the
authority to access the shared drive dedicated for each department.
 Admin has the rights to create new group of users, adding a user in the group,
removing the users from a group and setting different permission for the system
according to the requirements.

The steps can be summarizing by the followings:

Create a new user account with Domain Admins credentials

 Protect the default Administrator account

Secure the Guest account

Strengthen security on service administration accounts and groups

Establish best practices for use of administrative accounts and groups

Task 2 – Apply architectural concepts to the design/evaluation of networks

1.Hardware and Software requirements and their application relating with OSI layers.
CPU: - The configuration of server’s CPU should be 8 * 3.0 GHz or higher speed quad core
processor. By the powerfulness of CPU, the performance of the server is increases. For the
employee system the strength of CPU can be vary and depends upon the role of the user who
uses the system. In the case of developer and graphics designer we need high end processor
where as for the admin people this should be a necessary requirement.
Memory: - Here memory specify the temporary memory of the server and subsystem of the
users. So, in this case for the server 32 GB RAM should be good and for each device for users a
range of 4GB to 16 GB is a good choice. Most of the backend developers needed 8 GB to 16 GB.
Graphics designer also have same set of range. Admin people may be requiring a 4GB RAM.
Storage Devices: - This type of devices are the primary parts required in the Database servers
because this type of servers have to store a very big amount of data related to the
corresponding to their respective web services provided by the server. In the above case our
web server should required at least 2TB for the storing purpose of data related to web services
provided by the web servers. For the system used by the users pc 1 TB data is a good choice
now a days.
Operating Systems: -
Red Hat Linux 5.2, x64 Edition, Windows XP/VISTA/7/8/10
 Fedora 14 x64

Windows Server 2003

Windows Server 2008

Software Requirements: -
IIS as a web server.
MySQL for database.
Web browser (chrome v16).
Cost of Running an Internet Server: -

DNS Hosting cost, Hardware Cost, System Setup cost, , Software Cost, SSL And many
more.

2.Specication of network topologies: -

Computer Networks includes a Network Hubs that is a device for connecting multiple Ethernet
devices together and making them act as a single network segment. In this case we are using a
10Base-T Star Network topology.
3. IP addressing design and implementation: -

192.168.100.0/24 - servers
192.168.120.0/24 - Wi-Fi AP
192.168.130.0/24 - printers
192.168.140.0/24 - ip telephones
192.168.150.0/24 – cctv

192.168.100.0 = LAN 100

192.168.120.0 = LAN 100
10.0.0.0= LAN 1000
10.0.0.0= LAN 1000
10.1.0.0= LAN 1010
 10.4.2.0= LAN 1042
For the subnet division: - for/24.
0: reserved
1: gateway
2.15 RRP/HSRP routers
16-31: switches
32-63: IT reserved (printers and the like)
64-127: Static (reserved DHCP)
128-254: DHCP (dynamic) range

4.Selection of Network Operating systems and client operating systems: -

Network Operating System: - Red Hat Linux 5.2, x64 Edition

Client Operating System: - Windows XP/VISTA/7/8/10 and Fedora 14 x64

5. Networking utilities to be applied to diagnose and troubleshoot network OS problems.

Connection Problems: -

Problem 1: - Connection closed by remote host: -

A user has established a connection to a remote host, and the connection closes before the user
logs out.

Solution: - Use the ping (8) command to determine whether the host is running. Determine
whether the remote host is down by contacting the host network administrator. If the host is
not down, use telnet (1) to re-establish the connection.

Problem 2: Connection refused: -

Users cannot connect to a remote host. The remote host is up, and the interface is up, but a
connection cannot be established. Several possible causes and solutions for the problem follow.

Solution: - In the network service file for example (/etc/services) just check the protocol port
number on the local host. The port shown on the default network services file should be same
as protocol’s port number. In the case of matching these numbers just tell the network
administrator on the remote host to do the same check. Let us assume the result of the check is
as follow
Network services, Internet style

telnet 25/tcp

There can be other more reasons for the same problem:

The /etc/inetd daemon is down.

The server is not enabled by /etc/inetd. conf.

Problem 3: Connection timed out: -

The local host is trying to connect to the remote host but is not making an active connection.
The telnet (1) program sent a packet to a specific address, but no hosts are responding.
The telnet client program times out if a connection is not made within a certain time limit
(usually between 30 and 75 seconds).

Task 3 – Apply appropriate security to safeguard network resources

1.Usage of Distributed file system

A distributed file system is a client-server model-based application in which clients have to

access data and process that data which are stored on the server. This feels like the data is
accessed by the same way as this is stored in same computer system. When a client machine
accesses a file, which is stored in the server, that file is sent by the server that is a copy of the
file which is cached on the client system till the data is being processed and then after it is
returned to the server.

NFS, NetWare, Microsoft’s Distributed File System and IBM/Transarc’s DFS are some examples of
the distributed file system.

2. Security, compression & encryption mechanisms for file/folder

Security is one of the major concern, since it needs to be, ubiquitous, through the system.
Security policy determine the security goals for the computer system and these goals are
targeted via different security mechanisms or tools. The goals of the security for the distributed
file system are as

 Secrecy

 Privacy

 Authenticity

 Integrity

Security policy suggests what actions the entities in a system are permissible to take and which
types are avoided. Security mechanism implements security policies. These are the following
techniques that are being used.

 Encryption: - This gives a means to implements confidentiality, since it

transforms the data into some other form which is not understand by the attacker. The
output file from this process is called the cipher file.

 Authentication: - This process is used for the verification purpose whether the
client, server, user etc are authentic or not. User can be authenticated by the password
mechanism system.

 Authorization: - This is used for the checking purpose whether the client is
authorized to perform specific task.

 Auditing: - By this tool we can trace which client access which content and at
what time they did it.

3. Implementation of security certificates to the documents: -

The main design issues for the implementation of security certificates to the documents in the
distributed system are

1. Focus of control
2. Layering of security mechanism.

Focus of control: -
There are mostly three techniques that can be used to protect a distributed application. They
are

a) Protect the secure data against the not valid operation.

b) Protect the secure data against the unauthorized invocations.

c) Protect the secure data against the unauthorized users.
Layering of security mechanism: -

The most important concept for the designing of the secure system is the decision that in which
level the security mechanism should be implemented. In most of the distributed system the
security mechanism is placed in the middleware. Just see the diagram as
Cryptography: -

This is the technique by which a private information is protected against unauthorized access
for the case where physical security is difficult to implement. There are two basic mechanism of
this technique that are: encryption and decryption.