Data Communication and System Admin

Addis Ababa University
College of Natural and Computational Sciences

Department of Computer Science
Computer Networking and Security Module
Part I: Data Communication and Computer Networking

Part II: Network and System Administration
Part III: Computer Security
May 2024
Addis Ababa,
Ethiopia
Table of Contents
CHAPTER 1: INTRODUCTION ........................................................................................................................................... 4
DATA & INFORMATION................................................................................................................................................. 4
DATA COMMUNICATION .............................................................................................................................................. 4
COMPONENTS OF DATA COMMUNICATION ............................................................................................................ 4
DATA REPRESENTATION .............................................................................................................................................. 4
DATA FLOW ..................................................................................................................................................................... 4
COMPUTER NETWORK .................................................................................................................................................. 4
CATEGORIES OF NETWORK ......................................................................................................................................... 4
PROTOCOL ....................................................................................................................................................................... 4
STANDARDS IN NETWORKING ................................................................................................................................... 4
STANDARD ORGANIZATIONS IN FIELD OF NETWORKING .................................................................................. 4
CHAPTER TWO: DATA COMMUNICATION ................................................................................................................... 5
INTRODUCTION .............................................................................................................................................................. 5
DATA & SIGNALS ............................................................................................................................................................ 5
ANALOG SIGNAL ............................................................................................................................................................ 5
CHARACTERISTICS OF AN ANALOG SIGNAL .......................................................................................................... 5
DIGITAL SIGNAL ............................................................................................................................................................. 5
TYPES OF CHANNELS .................................................................................................................................................... 6
TRANSMISSION IMPAIRMENTS & TYPES ................................................................................................................. 6
TRANSMISSION MEDIA ................................................................................................................................................. 6
Network Cables - Types ...................................................................................................................................................... 7
NETWORK TOPOLOGY .................................................................................................................................................. 7
COMPONENTS OF THE NETWORK/NETWORK DEVICES ....................................................................................... 7
TYPES OF ERRORS .......................................................................................................................................................... 8
SIGNAL ENCODING ........................................................................................................................................................ 8
CHAPTER 3: NETWORK MODELS .................................................................................................................................... 8
CONCEPT OF LAYERED TASK ..................................................................................................................................... 9
INTRODUCTION TO OSI MODEL & ITS LAYERS ...................................................................................................... 9
DESCRIPTION OF LAYERS IN THE OSI MODEL........................................................................................................ 9
TCP/IP MODEL, ADDRESSING IN TCP/IP – IPV4...................................................................................................... 10
FUNCTIONS OF THE LAYERS OF TCP/IP MODEL................................................................................................... 10
IP ADDRESSING ............................................................................................................................................................. 11
ROUTING AND ROUTING PROTOCOLS .................................................................................................................... 11
CHAPTER FOUR: SWITCHING AND MULTIPLEXING ................................................................................................ 12
SWITCHING .................................................................................................................................................................... 12
MULTIPLEXING ............................................................................................................................................................. 12
MEDIUM ACCESS CONTROL ...................................................................................................................................... 12
2|Page
MODULE II: SYSTEM AND NETWORK ADMINISTRATION ................................................................................ 12
CHAPTER 1: INTRODUCTION AND BACKGROUND .................................................................................................. 12
Computer Systems and Network overview ....................................................................................................................... 12
Philosophy of System Administration............................................................................................................................... 16
Scope of Network administration...................................................................................................................................... 16
The goal of Network administration ................................................................................................................................. 17
The challenges of system administration .......................................................................................................................... 17
The Meta principles of system administration .................................................................................................................. 17
CHAPTER 2: WINDOWS NETWORK CONCEPTS ......................................................................................................... 18
Windows workgroup ......................................................................................................................................................... 18
Windows Workgroups vs Homegroups and Domains ...................................................................................................... 18
Domain Controller ........................................................................................................................................................ 18
Microsoft HomeGroup ............................................................................................................................................... 18
Domain Controllers ....................................................................................................................................................... 19
System requirements for a Domain Controller ................................................................................................................. 19
Storage controller and disk space requirements ............................................................................................................ 20
Network adapter requirements ...................................................................................................................................... 20
LDAP & Windows Active Directory ................................................................................................................................ 20
Protocol overview ............................................................................................................................................................. 20
Windows Active Directory ................................................................................................................................................... 20
Active Directory Services ................................................................................................................................................. 20
AD Logical Structure ........................................................................................................................................................ 21
AD Physical Structure....................................................................................................................................................... 21
AD Implementation........................................................................................................................................................... 21
CHAPTER THREE: USER ADMINISTRATIONCONCEPTS & MECHANISMS ........................................................... 22
Users and capabilities........................................................................................................................................................ 22
What is File & Folder Permissions?.................................................................................................................................. 23
Assigning a Roaming Profile to a User ............................................................................................................................. 24
Advanced Concepts I ........................................................................................................................................................ 25
The Registry ...................................................................................................................................................................... 25
Registry Structure ............................................................................................................................................................. 25
Advanced Concepts II ....................................................................................................................................................... 26
Review Questions ................................................................................................................................................................. 27
CHAPTER 4: RESOURCE MONITORING &MANAGEMENT ....................................................................................... 27
Resource Monitoring & Management ............................................................................................................................... 27
System Performance Monitoring ...................................................................................................................................... 27
Remote Administration ..................................................................................................................................................... 31
Common Tasks/Services for which Remote Administration is used ................................................................................ 32
Performance ...................................................................................................................................................................... 32
Redundant Array of Inexpensive (or Independent) Disks (RAID) ............................................................................... 32
CHAPTER 5: SECURITY .................................................................................................................................................... 33
Introduction ....................................................................................................................................................................... 33
Linux Distribution ............................................................................................................................................................. 33
Unix/Linux Architecture ................................................................................................................................................... 34
Properties of Linux............................................................................................................................................................ 34
Linux Directory Structure ................................................................................................................................................. 34
3|Page
Linux Systems and Network Concepts ............................................................................................................................. 35
Network Configuration and Information........................................................................................................................... 35
Configuration of network interfaces ............................................................................................................................. 35
Network configuration files .......................................................................................................................................... 35
Network configuration commands ................................................................................................................................ 35
4|Page
COMPUTER NETWORK
CHAPTER 1: INTRODUCTION A collection of an autonomous computing devices connected
by a transmission medium. Can be measured by
DATA & INFORMATION  Reliability
 Security
Data refers to the raw facts that are collected while
 Performance
information refers to processed data that enables us to
take decisions.
CATEGORIES OF NETWORK
Networks are categorized on the basis of their size, medium
DATA COMMUNICATION and transmission technology, Architecture …
Data Communication is a process of exchanging data or Based on size:
information  LAN
1. Characteristics of Data Communications:- The  MAN
effectiveness of any data communications system depends  WAN
upon the following four fundamental characteristics: Based on Medium,
 Delivery: The data should be delivered to the correct  Wired vs Wireless
destination and correct user. Based on Architecture
 Accuracy: The communication system should deliver the  Clinet Server vs Peer to Peer
data accurately, without introducing any errors. Based on Transmission technology
 Timeliness: Audio and Video data has to be delivered in a
 Packet-switched vs Circuit switched networks
timely manner without any delay; such a data delivery is
called real time transmission of data. Based on Administration
 Jitter: It is the variation in the packet arrival time.  Private vs Public
COMPONENTS OF DATA PROTOCOL

Protocol can be defined as set of rules that governs data
COMMUNICATION communications.
A Data Communication system has five components:- It defines what is to be communicated, how it is to be
 Message:- is the information to be communicated by communicated and when it is to be communicated.
the sender to the receiver. There are three key elements of a protocol:
Syntax: It means the structure or format of the data. It is the
 Sender The sender is any device that is capable of arrangement of data in a particular order.
sending the data (message). Semantics: It tells the meaning of each section of bits and
 Receiver: - is a device that the sender wants to indicates the interpretation of each section.
communicate the data (message).
 Transmission Medium: - It is the path by which the Timing: It tells the sender about the readiness of the receiver to
message travels from sender to receiver. It can be wired receive the data
or wireless and many subtypes in both.
 Protocol:- It is an agreed upon set or rules used by the STANDARDS IN NETWORKING
sender and receiver to communicate data. Rules that Standards are necessary to ensure interconnectivity and
govern data communication. interoperability between various networking hardware and
software components or vendors.
DATA REPRESENTATION Standards in networking are classified into two categories:
 De facto Standard: These are the standards that have
Data is collection of raw facts which is processed to deduce
information. Data can be represented in: Text, Numbers, been traditionally used and mean by fact or by
Images, Audio and Video. convention. These standards are not approved by any
organized body but are adopted by widespread use.
 De jure standard: It means by law or by regulation.
DATA FLOW These standards are legislated and approved by a body
The data can flow between the two devices in the following that is officially recognized.
ways.
 Simplex: Only one of the devices sends the data and the
other one only receives the data (Unidirectional).
STANDARD ORGANIZATIONS IN
 Half Duplex: both the stations can transmit as well as FIELD OF NETWORKING
receive but not at the same time. Standards are created by standards creation committees,
 Full duplex mode: both stations can transmit and forums, and government regulatory agencies.
receive at the same time. Examples of Standard Creation Committees
5|Page
 International Organization for Standardization(ISO)
6|Page

International Telecommunications Union – CHARACTERISTICS OF AN
Telecommunications Standard (ITU-T) American
National Standards Institute (ANSI) ANALOG SIGNAL
 Institute of Electrical & Electronics Engineers (IEEE) Peak Amplitude
 Electronic Industries Associates (EIA) The amplitude of a signal is the absolute value of its
Examples of intensity at time t
 ATM Forum The peak amplitude of a signal is the absolute value of the
 MPLS Forum highest intensity.
 Frame Relay Forum The amplitude of a signal is proportional to the energy
Examples of Regulatory Agencies: carried by the signal
 Federal Communications Committee (FCC) Frequency
2. Review question Frequency refers to the number of cycles completed by the
wave in one second.
Period refers to the time taken by the wave to complete
CHAPTER TWO: DATA one second.
COMMUNICATION Phase
Phase describes the position of the waveform with respect
to time (specifically relative to time O).Phase indicates the
INTRODUCTION forward or backward shift of the waveform from the axis
Computer networks are designed to transfer data from It is measured in degrees or radian
one point to another. During transit data is in the form The figure above shows the sine waves with same
of electromagnetic signals. amplitude and frequency but different phases
Relation between Frequency & Period
DATA & SIGNALS  Frequency & Period are inverse of each other.
 It is indicated by the following formula:
To be transmitted, data must be transformed to
electromagnetic signals.
Data can be Analog or Digital.
 Analog data refers to information that is continuous; ex.
sounds made by a human voice
Wavelength
 Digital data refers to information that has discrete states.
The wavelength of a signal refers to the relationship
Digital data take on discrete values. For example, data are
between frequency (or period) and propagation speed of
stored in computer memory in the form of 0s and 1s
the wave through a medium.
Signals can be of two types: The wavelength is the distance a signal travels in one
period.
 Analog Signal: They have infinite values in a range.
It is given by
 Digital Signal: They have limited number of defined
values Wavelength = Propagation Speed X Period
Periodic & Non Periodic Signals OR
 Signals which repeat itself after a fixed time period are Wavelength =Propagation Speed X 1/Frequency
called Periodic Signals. It is represented by the symbol: λ (pronounced as lamda)
 Signals which do not repeat itself after a fixed time It is measured in micrometers
period are called Non-Periodic Signals. It varies from one medium to another.
 In data communications, we commonly use periodic Composite Signal
analog signals and non-periodic digital signals. A composite signal is a combination of two or more simple
sine waves with different frequency, phase and amplitude.
ANALOG SIGNAL
An analog signal has infinitely many levels of intensity over a DIGITAL SIGNAL
period of time.
A simple analog signal is a sine wave that cannot be further Digital Signal: Information can also be explained in the form
decomposed into simpler signals. of a digital signal. A digital signal can be explained with the
A sine wave is characterized by three parameters: help of following points:
 Peak Amplitude A digital is a signal that has discrete values.
 Frequency The signal will have value that is not continuous.
 Phase
LEVEL
7|Page
Information in a digital signal can be represented
in theform of voltage levels.
8|Page
transmitted has frequency 10Hz.
BIT LENGTH or Bit Interval (Tb)
It is the time required to send one bit.
It is measured in seconds.
BIT RATE
It is the number of bits transmitted in one second.
It is expressed as bits per second (bps).
Relation between bit rate and bit interval can be as follows
Bit rate = 1 / Bit interval
Baud Rate
It is the rate of Signal Speed, i.e the rate at which the signal
changes.
A digital signal with two levels 0‗& 1‗will have the same
baud rate and bit rate & bit rate.
TYPES OF CHANNELS
From the point of view of transmission, there are two types of
channels:
Low pass Channel
This channel has the lowest frequency as 0 and highest
frequency as some non-zero frequency f1.
This channel can pass all the frequencies in the range 0 to
f1.
Band pass channel
This channel has the lowest frequency as some non-zero
frequency f1 and highest frequency as some non-zero
frequency f2.
This channel can pass all the frequencies in the range f1 to
f2.
Transmission of Digital signal: Digital signal can be
transmitted in the following two ways:
 Baseband Transmission: The signal is transmitted
without making any change to it (i.e. Without modulation)
o In baseband transmission, the bandwidth of the signal
to be transmitted has to be less than the bandwidth of
the channel.
o Ex. Consider a Baseband channel with lower frequency
0Hz and higher frequency 100Hz, hence its bandwidth
is 100 (Bandwidth is calculated by getting the
difference between the highest and lowest frequency)
o A channel whose bandwidth is more than the bandwidth
of the signal is called Wideband channel
o A channel whose bandwidth is less than the bandwidth
of the signal is called Narrowband channel
 Broadband Transmission: Given a bandpass
channel, a digital signal cannot be transmitted directly
through it
o In broadband transmission we use modulation, i.e. we
change the signal to analog signal before transmitting
it.
o The digital signal is first converted to an analog signal;
since we have a bandpass channel we cannot directly
send this signal through the available channel. Ex.
Consider the bandpass channel with lower frequency
50Hz and higher frequency 80Hz, and the signal to be
9|Page
o To pass the analog signal through the bandpass  Radio waves
channel, the signal is modulated using a carrier  Micro waves
frequency. Ex. The analog signal (10Hz) is  Infrared.
modulated by a carrier frequency of 50Hz Wireless signals can be travel or propagated in the
resulting in a signal of frequency 60Hz which can following three ways:
pass through our bandpass channel.
o The signal is demodulated and again converted
into andigital signal at the other end.
TRANSMISSION
IMPAIRMENTS &TYPES
Data is transmitted through transmission medium
which arenot perfect. These imperfection causes signal
impairment. Due to the imperfection error is
introduced in thetransmitted data i.e. the original
signal at the beginning of
the transmission is not the same as the signal at the
receiver.There are three causes of impairment:
 Attenuation
 Distortion
 Noise
Attenuation
Attenuation results in loss of energy due to distance.
When a signal travels through a medium, it loses some
of its energy in overcoming the resistance of the
medium. The electrical energy in the signal may
convert to heat. To compensate for this loss,
amplifiers are used to amplify the signal.
Distortion
Distortion changes the shape of the signal.
Noise
Noise is any unwanted signal that is mixed or
combined with the original signal during transmission.
Due to noise the original signal is altered and signal
received is not sameas the one sent.
TRANSMISSION MEDIA
Transmission media is a means by which a
communicationsignal is carried from one system to
another
A transmission medium can be defined as anything that
cancarry information from a source to a destination. The
transmission medium is usually free space, metallic
cable orfiber optic cable. Guided and Unguided
(WIRELESS) Guided Transmission Media uses a
cabling system that guidesthe data signals along a specific
path. Out of these twisted-pair cable, coaxial cable
transport signals in the form of electricsignals and
fiber-optic cable transport signals in the form oflight.
Unguided Transmission Media transport data without
using a physical conductor. It uses wireless
electromagnetic signals to send data. Three types of
unguided media:
10 | P a g e
Repeater: A repeater is a device that operates only in the physical
 Ground-wave propagation
layer. A repeater receives a signal and, before it
 Sky-wave propagation
 Line-of-sight propagation
Radio waves: Electromagnetic wave ranging in frequencies
between 3 KHz and 1GHz are normally called radio waves.
Radio waves are Omni-directional when an antenna transmits
radio waves they are propagated in all directions.
Microwaves: Electromagnetic waves having frequencies
between 1 and 300 GHz are called microwaves.
Microwaves are unidirectional; when an antenna transmits
microwaves they can be narrowly focused. Microwaves
propagation is line-of-sight.
Infrared: Infrared signals with frequencies ranges from 300
GHz to 400 GHz can be used for short range communication.
Infrared signals, having high frequencies, cannot penetrate
walls.
Network Cables - Types

Transmission media carry signals between computers. Can be
divided into two broad categories:
Cable-based/Guided media: the signal are guided along a solid
medium
Twisted-pair cable: Consists of two conductors (normally
copper), each with its own plastic insulation, twisted together.
Two types
 Unshielded Twisted-Pair cable (UTP)
 Shielded Twisted-Pair cable (STP)
Coaxial cable:- uses copper wire to conduct the signals
electronically
Fiber-optic cable:- uses glass or plastic conductor and
transmits the signals as light
Wireless/Unguided media the signal propagates in the
atmosphere and in outer space
NETWORK TOPOLOGY
A network topology is a description of the layout of the region
or area covered by that network.
There are two types of connections. They are: point-to-point
and multi-point.
Point-to-point connections provide a direct link between two
devices.
Multi-point connections provide a link between three or more
devices on a network.
There are seven basic topologies in the study of network
topology:
 Point-to-point topology,
 Bus (point-to-multipoint) topology,
 Ring topology,
 Star topology,
 Hybrid topology,
 Mesh topology and,
 Tree topology.
COMPONENTS OF THE
NETWORK/NETWORK DEVICES
11 | P a g e
becomes too weak or corrupted, regenerates the original (ISP).
bit pattern. A repeater can extend the physical length of a
LAN. BRIDGE: Connects two LANS having the same protocol –
A repeater does not actually connect two LANs; it connects (e.g. Ethernet or Token ring).
two segments of the same LAN. The segments connected
are still part of one single LAN. A repeater is not a device
that can connect two LANs of different protocols.
HUB: Passive Hubs
A passive hub is just a connector. It connects the wires
coming from different branches. In a star topology
Ethernet LAN, a passive hub is just a point where the
signals comingfrom different stations collide; the hub is
the collision point.This type of a hub is part of the
media; its location in the Internet model is below the
physical layer.
Active Hubs
An active hub is actually a multipart repeater. It is
normally used to create connections between stations in
a physical startopology.
HUB: Hubs are commonly used to connect segments
(devices)of a LAN. Hubs don‘t filter information; instead
broadcast incoming packets to all computers connected to
it. A hub contains multiple ports which support 8, 12 or
24 RJ-45 ports. Two types: Passive hub and Active hub. It
is used in star or ring topology.
SWITCH: A switch filters and forwards data packets
across anetwork.
Unlike a hub which simply replicates what it receives on
oneport onto all the other ports, a switch keeps a record
of the MAC addresses of the devices attached to it.
When the switch receives a data packet, it forwards the
packetdirectly to the recipient device by looking up the
MAC address.
 Switch is intelligent and expensive than Hub
 Switch is a point to point communication device
 Hub is a broadcasting device
ROUTER: Router is a specialized network device

used tointerconnect different types of network that
uses different protocol.
Router allows the users to connect several LAN and WAN
 A LAN to another LAN
 A WAN to another WAN
 A LAN to the Internet
Routers use the routing table to determine how to
forwardpackets.
 The list of routing tables provides directions to
transfer the data to a particular network
destination –various paths to forward the data.
 A router analyzes a destination IP address of a
givenpacket and compares it with the routing
table to decide the packet's next best path
A router shares information with other routers in networking.
 Wireless router – offers Wi-Fi connectivity to
laptops, smartphones, and other devices with
Wi-Finetwork capabilities
 Broadband routers / Broadband modem –
providedby the internet service provider
12 | P a g e
Filters content by reading the MAC addresses of source and The following figure shows the classification of Line coding
destination. schemes:
 MAC to Segment number table
 Do not filter broadcast
 Data not destined for other network is prevented from
passing over the bridge
 Slower than repeater due to filtering
GATEWAY: connects networks that use different protocols.
Can be:
Transport gateway: connects two computers that use
different transport protocols, reformatting packets as need be
Application gateway: understands the format and content of
the data and translates messages from one format to another,
e.g., an e-mail gateway could translate Internet messages to
SMS messages for mobile phones
TYPES OF ERRORS
If the signal comprises of binary data there can be two types of
Analog data to analog signal conversion
Modulation: The Process of converting analog data to analog
errors which are possible during the transmission:
signal is called Modulation. Modulation is used to send an
 Single bit errors: In single-bit error, a bit value of 0
information bearing signal over long distances.
changes to bit value 1 or vice versa. Single bit errors
Types of Modulation: Signal modulation can be divided into
are more likely to occur in parallel transmission.
two broad categories:
 Burst Errors: In Burst error, multiple bits of the
Analog modulation and Digital modulation.
binary value changes. Burst error can change any two
 Analog or digital refers to how the data is modulated
or more bits in a transmission. Burst errors are more
onto a sine wave. If analog audio data is modulated
likely to occur in serial transmission.
onto a carrier sine wave, then this is referred to as
Redundancy
analog modulation.
In order to detect and correct the errors in the data
 Digital modulation is used to convert digital data to
communication we add some extra bits to the original data.
analog signal. Ex ASK, FSK, PSK.
These extra bits are nothing but the redundant bits which will
Analog Modulation can be accomplished in three ways:
be removed by the receiver after receiving the data.
 Amplitude modulation (AM)
There are different techniques used for transmission error
 Frequency modulation (FM)
detection and correction.
 Phase modulation (PM).
Detection methods:
 Parity Check
Digital Modulation Types (Digital to Analog signal
 Cyclic Redundancy Check
conversion)
 Checksum
Digital modulation is used to convert digital data to analog
signal. It can be accomplished in the following ways:
SIGNAL ENCODING  Amplitude Shift Keying(ASK)
Data can be analog or digital, so can be the signal that represents  Frequency Shift keying (FSK)
it. Signal encoding is the conversion from analog/digital data to  Phase Shift keying (PSK)
analog / digital signal. Analog to Digital Conversion using modulation
Digital Data to Digital Signal conversion The definition of the term modulation is described in the next
Coding methods are used to convert digital data into digital section. Here we have modulation techniques:
signals. There are two types of coding methods:  Pulse Amplitude Modulation (PAM)
 Line Coding  Pulse Code Modulation (PCM)
 Block Coding  Pulse Width Modulation (PWM)
Scrambling is also one of the ways to convert digital data to
digital signals but is not used.
Line Coding: It is the process of converting Digital data into CHAPTER 3: NETWORK
digital signal.
MODELS
Classification of Line Codes Computer networks are operated by network models; most
prominently the OSI reference model and the TCP/ IP Model.
13 | P a g e
link.
CONCEPT OF LAYERED TASK
The main objective of a computer network is to be able to
transfer the data from sender to receiver. This task can be done
by breaking it into small sub tasks, each of which is well
defined.
Each subtask will have its own process or processes to do. It is
called Layers. Every task or job can be done by dividing it into
sub task or layers.
INTRODUCTION TO OSI MODEL &

ITS LAYERS
The Open Systems Interconnection (OSI) Model was
developed by International Organization for Standardization
(ISO). ISO is the organization, OSI is the model
It was developed to allow systems with different platforms
(Hardware & software) to communicate with each other.
Now, it is a network model that defines the protocols for
network communications.
It is a hierarchical model that groups its processes into seven
(7) layers. (Top to Bottom)
1. Application Layer
2. Presentation Layer
3. Session Layer
4. Transport Layer
5. Network Layer
6. Data Link Layer
7. Physical Layer
Each layer has specific functions to perform and has to co-
operate with the layers above and below it.
DESCRIPTION OF LAYERS IN THE OSI

MODEL
Physical Layer:
 The Physical Layer provides a standardized interface to
physical transmission media, including: Mechanical
specification of electrical connectors and cables, for
example maximum cable length, Electrical specification
of transmission line and Bit-by-bit or symbol-by-symbol
delivery.
 Interface: The Physical Layer defines the characteristics
of interfaces between the devices & transmission medium.
 Representation of bits: The physical layer is concerned
with transmission of signals from one device to another
which involves converting data (1‗s & 0‗s) into signals
and vice versa. It is not concerned with the meaning or
interpretation of bits.
 Data rate: The physical layer defines the data
transmission rate i.e. number of bits sent per second. It is
the responsibility of the physical layer to maintain the
defined data rate.
 Synchronization of bits: To interpret correct and
accurate data the sender and receiver have to maintain the
same bit rate and also have synchronized clocks.
 Line configuration: The physical layer defines the nature
of the connection .i.e. a point to point link, or a multi-point
14 | P a g e
 Physical Topology: The physical layer defines the  The main responsibility of Network Layer is
type of topology in which the device is connected to transmission of packets from source to destination
the network. In a mesh topology it uses a multipoint Transport Layer
connection and other topologies it uses a point to  The transport layer takes care of process to process
point connection to send data. delivery of data and makes sure that it is intact and in
 Transmission mode: The physical layer defines the order.
direction of data transfer between the sender and
receiver. Two devices can transfer the data in
simplex, half duplexor full duplex mode.
 Main responsibility of the physical layer:
Transmissionof bits from one hop to the next.
Data Link Layer
 The Data Link layer adds reliability to the physical
layer by providing error detection and correction
mechanisms.
 Framing: the Data Link layer receives the data
from Network Layer and divides the stream of bits
into fixed size manageable units called as Frames
and sends it to the physical layer. On the receiver
side, the data link layer receives the stream of bits
from the physical layer and regroups them into
frames and sends them to the Network layer.
 Physical Addressing: The Data link layer appends
the physical address in the header of the frame
before sending it to physical layer.
 Flow control: The data link layer makes sure that
the sender sends the data at a speed at which the
receiver can receive it else if there is an overflow at
the receiver sidethe data will be lost.
 Error Control: The data link layer imposes error
control mechanism to identify lost or damaged
frames, duplicateframes and then retransmit them.
 Access Control: The data link layer imposes
access control mechanism to determine which
device has right to send data in an multipoint
connection setting.
 Main Responsibility: The main responsibility of
the data link layer is hop to hop transmission of
frames.
Network Layer
 The network layer makes sure that the data is
deliveredto the receiver despite multiple
intermediate devices.
 The network layer at the sending side accepts
data from the transport layer, divides it into
packets, addsaddressing information in the
header and passes it tothe data link layer.
 The network layer is responsible for
source todestination of delivery of data.
 The network layer uses logical address
commonlyknown as IP address to recognize
devices on the network.
 Each packet is independent of the other and may
travel using different routes to reach the receiver
hence may arrive out of turn at the receiver
(Routing).
 The Network layer does not perform any flow
controlor error control
15 | P a g e
 At the sending side, the transport layer receives data 2. Internet Layer
from the session layer, divides it into units called 3. Transport Layer
segments and sends it to the network layer.
 To ensure process to process delivery the transport
layer makes use of port address to identify the data
from the sending and receiving process.
 The data can be transported in a connection oriented
or connectionless manner.
 The Transport layer is responsible for segmentation
and reassembly of the message into segments which
bear sequence numbers.
 The transport layer also carries out flow control and
error control functions; but unlike data link layer
these are end to end rather than node to node.
 The main responsibility of the transport layer is
process to process delivery of the entire message
Session Layer
 The session layer establishes a session between the
communicating devices called dialog and
synchronizes their interaction. It is the responsibility
of the session layer to establish and synchronize the
dialogs. It is also called the network dialog
controller.
 The session layer at the sending side accepts data
from the presentation layer adds checkpoints to it
called sync bits and passes the data to the transport
layer. At the receiving end the session layer receives
data from the transport layer removes the checkpoints
inserted previously and passes the data to the
presentation layer. So, the main responsibility of
session layer is dialog control and synchronization.
Presentation Layer
 The communicating devices may be having different
platforms. The presentation layer performs translation,
encryption and compression of data.
 The presentation layer receives the data from the
application layer adds header which contains
information related to encryption and compression and
sends it to the session layer.
 So, the main responsibility of the Presentation layer is
translation, compression and encryption.
Application Layer
 The application layer enables the user to communicate
its data to the receiver by providing certain services.
 The main Responsibility of Application layer is to
provide the user access to network resources.
TCP/IP MODEL, ADDRESSING IN

TCP/IP – IPV4
After understanding the concept of layered task and the OSI
model, we introduce the TCP/IP model. This model is
currently being used on our systems. TCP/IP model is a
collection of protocols often called a protocol suite. It offers a
rich variety of protocols.
It is a hierarchical model; it existed even before the OSI model
was developed. Originally had four layers (bottom to top):
1. Host to Network Layer
16 | P a g e
4. Application Layer intermediate devices.
The structure TCP/IP model is very similar to the IGMP- Internet Group Message Protocol: It is a mechanism
structure of the OSI reference model. The OSI model has that allows sending the same message to a group of recipients.
seven layers where the TCP/IP model has four layers. Transport Layer
 The Application layer of TCP/IP model
corresponds to the Application Layer of Session,
Presentation & Application Layer of OSI model.
 The Transport layer of TCP/IP model corresponds
to theTransport Layer of OSI model
 The Network layer of TCP/IP model corresponds
to the Network Layer of OSI model
 The Host to network layer of TCP/IP model
corresponds to the Physical and Data link Layer of
OSI model.
FUNCTIONS OF THE LAYERS

OFTCP/IP MODEL
Host to Network Layer
This layer is a combination of protocols at the physical
and data link layers. It supports all standard protocols
used at theselayers.
Network Layer or IP
Also called as the Internetwork Layer (IP). It holds the
IP protocol which is a network layer protocol and is
responsible for source to destination transmission of
data.
The Internetworking Protocol (IP) is a connection-less &
unreliable protocol.
It is a best effort delivery service. i.e. there is no error
checking in IP, it simply sends the data and relies on its
underlying layers to get the data transmitted to the
destination.Even if it is unreliable IP cannot be
considered weak and useless; since it provides only the
functionality that is requiredfor transmitting data thereby
giving maximum efficiency.
Since there is no mechanism of error detection or
correction in IP, there will be no delay introduced on a
medium where thereis no error at all.
IP is a combination of four protocols:
1. ARP
2. RARP
3. ICMP
4. IGMP
ARP – Address Resolution Protocol: It is used to
resolve thephysical address of a device on a network,
where its logical address is known.
Physical address is the 48 bit address that is imprinted
on theNIC or LAN card, Logical address is the Internet
Address orcommonly known as IP address that is used
to uniquely & universally identify a device.
RARP– Reverse Address Resolution Protocol: It is
used bya device on the network to find its Internet
address when it knows its physical address.
ICMP- Internet Control Message Protocol: It is a
signaling mechanism used to inform the sender about
datagram problems that occur during transit. It is used by
17 | P a g e
Transport layer protocols are responsible for transmission of  An IP address does not refer to a host but it refers to a
data running on a process of one machine to the correct process network interface.
running on another machine.
The transport layer contains three protocols:
1. TCP
2. UDP
3. SCTP
TCP – Transmission Control Protocol: TCP is a reliable
connection-oriented, reliable protocol. i.e. a connection is
established between the sender and receiver before the data can
be transmitted. It divides the data it receives from the upper
layer into segments and tags a sequence number to each
segment which is used at the receiving end for reordering of
data.
UDP – User Datagram Protocol: UDP is a simple protocol
used for process to process transmission. It is an unreliable,
connectionless protocol for applications that do not require flow
control or error control. It simply adds port address, checksum
and length information to the data it receives from the upper
layer.
SCTP – Stream Control Transmission Protocol: SCTP is a
relatively new protocol added to the transport layer of TCP/IP
protocol suite. It combines the features of TCP and UDP. It is
used in applications like voice over Internet and has a much
broader range of applications
Application Layer
The Application Layer is a combination of Session,
Presentation & Application Layers of OSI models and defines
high level protocols like File Transfer (FTP), Electronic Mail
(SMTP), Virtual Terminal (TELNET), Domain Name Service
(DNS), etc.
IP ADDRESSING
Packets in the IPv4 format are called datagram. An IP datagram
consists of a header part and a text part (payload).
IPv4 can be explained with the help of following points:
 IP addresses
 Address Space
 Notations used to express IP address
 Classful Addressing
 Subnetting
 CIDR
 NAT
 IPv4 Header Format
IP addresses: IP address uniquely identifies a device on the

Internet. Every host and router on the Internet has an IP address,
which encodes its network number and host number.
 The combination is unique: in principle, no two

machines on the Internet have the same IP address.
 An IPv4 address is 32 bits long
 They are used in the Source address and Destination
address fields of IP packets.
18 | P a g e
Address Space: An address space is the total  There are wo kinds of routing algorithms (routing
number ofaddresses used by the protocol. tables): nonadaptive (static) and adaptive (dynamic)
 If a protocol uses N bits to define an address,  And two kinds of protocols
the address space is 2N because each bit can o Interior routing protocols
have twodifferent values (0 or 1) and N bits o Exterior routing protocols
can have 2N values.
 IPv4 uses 32-bit addresses, which means that
the address space is 232 or 4,294,967,296
(more than 4billion).
Notations: There are two notations to show an IPv4 address:
 Binary notation: The IPv4 address is displayed
as 32bits. ex. 11000001 10000011 00011011
11111111
 Dotted decimal notation: To make the IPv4
address easier to read, Internet addresses are
usually written in decimal form with a decimal
point (dot) separatingthe bytes. Each byte (octet)
is 8 bits hence each number in dotted-decimal
notation is a value ranging from 0 to 255. Ex.
129.11.11.239
Classful addressing : In classful addressing, the
addressspace is divided into five classes: A, B, C,
D, and E.
 Netid and Hostid In classful addressing, an IP
addressin class A, B, or C is divided into netid
and hostid.
Subnetting: It allows a network to be split into several
parts for internal use but still act like a single network to
the outside world.
 To implement subnetting, the router needs a
subnet mask that indicates the split between
network + subnet number and host. Ex.
255.255.252.0/22. A‖/22‖ to indicate that the
subnet mask is 22 bits long.
CIDR: A class B address is far too large for most
organizations and a class C network, with 256 addresses is
too small. This leads to granting Class B address to
organizations who do not require all. This is resulting in
depletion of Address space. A solution is CIDR (Classless
InterDomain Routing) The basic idea behind CIDR, is to
allocate the remaining IP addresses in variable-sized
blocks, without regard to the classes.
NAT (Network Address Translation): The scarcity of
network addresses in IPv4 led to the development of IPv6.
Due to this, we need to use private IP address inside the
organization and translate it to public IP address using
NAT.
IP Header: IPV4 has 32 bit header information such as
Version, IHL, total length, types of services ……
ROUTING AND ROUTING PROTOCOLS

Routing is the act of moving information across an
internetwork from a source to a destination. At the heart of
such protocol is the routing algorithm that determines the
path for a packet.
 Routing requires a host or a router to have a
routingtable which is constructed by the routing
algorithm.
19 | P a g e
line wastes the available bandwidth. Multiplexing allows us to
CHAPTER FOUR: SWITCHING combine several lines into one.
AND MULTIPLEXING
SWITCHING
Switching is a mechanism by which data/information sent
from source towards destination which are not directly
connected. Networks have interconnecting devices, which
receives data from directly connected sources, stores data,
analyze it and then forwards to the next interconnecting device
closest to the destination.
Switching can be categorized as:
Circuit Switching: In circuit switching, two
communicating stations are connected by a dedicated
communication path which consists of intermediate
nodes in the network and the links that connect these
nodes.
It involved the following three distinct steps

 Circuit Establishment: To establish an end-to-end
connection before any transfer of data.
 Data transfer: Transfer data is from the source to the
destination. The data may be analog or digital,
depending on the nature of the network. The
connection is generally full-duplex.
 Circuit disconnect: Terminate connection at the end
of data transfer. Signals must be propagated to
deallocate the dedicated resources.
Message Switching:
Packet Switching: Packet switching was designed to
address the shortcomings of circuit switching in dealing with
data communication. Unlike circuit switching where
communication is continuous along a dedicated circuit, in
packet switching, communication is discrete in form of packets.
The three switching modes to choose from are:
 Cut-through
 Store-and-forward
 Fragment-free
MULTIPLEXING
Whenever the bandwidth of a medium linking two devices is
greater than the bandwidth needs of the devices, the link can be
shared. Multiplexing is the set of techniques that allows the
simultaneous transmission of multiple signals across a single
data link.
Frequency division Multiplexing: Frequency-division
multiplexing (FDM) is an analog technique that can be applied
when the bandwidth of a link (in hertz) is greater than the
combined bandwidths of the signals to be transmitted.
In FDM, signals generated by each sending device modulate
different carrier frequencies.
Wavelength-division multiplexing (WDM): is designed to
use the high-data-rate capability of fiber-optic cable. The
optical fiber data rate is higher than the data rate of metallic
transmission cable. Using a fiber-optic cable for one single
20 | P a g e
Time division multiplexing: different ongoing main classes namely – system software and application
connections can use same switching path but at different software.
interleaved time intervals.). Each connection occupies a
portion of time in the link. Network Overview
MEDIUM ACCESS CONTROL

The problem of controlling the access to the medium is
similarto the rules of speaking in a meeting (the right
to speak isupheld; two people do not speak at the
same time; do notinterrupt each other; do not
monopolize the discussion; ...) Three categories of
multiple access protocols
Random Access Protocols - try your best like taxis do
 MA - Multiple Access
 CSMA - Carrier Sense MA
 CSMA/CD - CSMA with Collision Detection
 CSMA/CA - CSMA with Collision
Avoidance Controlled-Access Protocols - get
permission
 Reservation
 Polling
 Token Passing
Channelization Protocols - simultaneous use
 FDMA - Frequency-Division MA
 TDMA - Time-Division MA
 CDMA - Code-Division MA
MODULE II: SYSTEM

ANDNETWORK
ADMINISTRATION
CHAPTER 1:
INTRODUCTIONAND
BACKGROUND
Computer Systems and Network overview
Computer System
Computer system is a collection of entities (hardware
and software) that are designed to receive process,
manage and present information in a meaningful
format. Hardware refers to the physical, tangible
computer equipment and devices, which provide
support for major functions such as input, processing
(internal storage, computation and control), output,
secondary storage (for data and programs), and
communication. There are five main hardware
components in a computer system: Input, Processing,
Storage, Output and Communication devices.
Computer software, also known as programs or
applications, are the intangible components of the
computer system. They can be classified into two
21 | P a g e
A network can be defined as two or more computers the geometric representation of the relationship of all
connected together in such a way that they can share the links and linking devices to one another. There are
resources. The primary purpose of a network is to share
resources, and a resource could be:
 a file,
 a folder,
 a printer,
 a disk drive, or just about anything else that
exists on a computer.
Therefore, a computer network is simply a collection
of computers or other hardware devices that are
connected together, either physically or logically,
using special hardware and software, to allow them to
exchange information and cooperate. Networking is
the term that describes the processes involved in
designing, implementing, upgrading, managing and
otherwise working with networks and network
technologies.
There are different types of a computer networks

based on their respective attributes. These includes:
geographical span, inter-connectivity (physical
topology), administration and architecture.
Geographical Span: based on geographical area it

covers there are different types of network:
Personal Area Network (PAN): is a network may be

spanned across a given table with distances between
the devices not more than few meters. The technology
used to interconnect the devices could be a Bluetooth.
These networks are called Personal Area Networks,
since the devices interconnected in these networks are
belongs to a single person.
Local Area Network (LAN): is a network that may
span across a building, or across several buildings
within a single organization, by using intermediate
devices, like switches and/or hubs, to interconnect
devices in all floors.
Metropolitan Area Network (MAN): is a network
that may span across a whole city interconnecting
several buildings and organizations.
Wide Area Network (WAN): is a network that may
span across multiple cities, or an entire country, or an
entire continent or it may even cover the whole world.
For example, an Internet is one example of WAN.
Inter-connectivity: components of a network,
including end devices and interconnecting devices,
can be connected to each other differently in some
fashion. By connectedness we mean either logically,
physically or both ways. Network topology refers to
the shape of a network, or the network‘s layout. It is
22 | P a g e
four basic types of topologies, namely bus, star, ring and it can be calculated by using the general formula
and mesh topologies. ((n (n – 1)) /2), where n is the number of nodes in the
Bus Topology: in this topology all devices are

connected to a central cable, called the bus or
backbone, which is terminated at its ends. The
purpose of the terminators is to stop the signal from
bouncing, thereby clearing the cable so that other
computers can send data. Message transmitted along
the Bus is visible to all computers connected to the
backbone cable. As the message arrives at each
workstation, the workstation checks the destination
address contained in the message either to process or
drop the packet if it matches or not respectively. Its
advantages are, ease of installation and less amount
of cable requirement. Its main drawback is, the entire
network will be shut down if there is a break in the
main cable.
Star Topology: in this topology, each node is
connected directly to a central device called a hub or
a switch. Data on a star network passes through the
central device (switch) before continuing to its
destination. The central device manages and controls
all functions of the network. This configuration is
common with twisted pair cable. RJ-45 Connectors
are used to connect the cable to the Network Interface
Card (NIC) of each computer. Its advantages include,
ease of installation and reconfiguration, robust (ease
of fault identification and isolation), link failure only
affects device(s) connected to that link, and is less
expensive than mesh. Its drawbacks include more
cable requirements (than bus and ring) and single
point of failure (if central device fail, the whole
system will be down).
Ring Topology: in this topology, all devices are

connected to one another in the shape of a closed
loop, so that each device is connected directly to two
other devices, one on either side of it. Some of its
advantages include, easy to install and reconfigure,
less expensive (than mesh), and performance is even
despite the number of users. Its cons include, break in
the ring (such as a disabled station) can disable the
entire network, and limitations on media and traffic
(limitation on ring length and number of devices).
Mesh Topology: in this topology devices are

connected with many redundant interconnections
between network nodes. In a full mesh topology,
every node has a connection to every other node in
the network, which makes it the most expensive
topology over all the other topologies. The number of
cables grows fast as the number of nodes increases,
23 | P a g e
network. It has several benefits, such as: dedicated Overview of the TCP/IP Protocol suites
links between devices, robust (single link failure
don‘t affect entire network), privacy/security (direct
communication between communicating devices),
and ease of fault identification and isolation. Its
drawbacks include, installation and reconnection are
difficult (large number of cables), huge amount of
cables consumes a lot of space, and it is the most
expensive of all.
Hybrid Topology: A network structure whose design

contains more than one topology is said to be Hybrid
Topology. Hybrid topology inherits merits and
demerits of all the incorporating topologies. As its
name indicates, this topology can be created by
merging one or more of the above basic topologies.
Administration: From administrator‘s point of view,

a network can be private network which belongs to a
single autonomous system and cannot access outside
of its physical or logical domain. Or a network can be
public network, which can be accessed by anyone
inside or outside of an organization.
Network Architecture: based on the architecture

(where do the clients get the shared resources?),
networks can be categorized into three:
Client-Server Architecture: There can be one or

more systems acting as Server. Other being Client,
request the Server to serve requests. Servers take and
process request on clients‘ behalf.
Peer-to-Peer (Point-to-point): Two systems can be
connected Point-to-Point, or in other words back-to-
back fashion. They both reside on same level and
called peers.
There can be hybrid network which involves network
architecture of both the above types.
Network Protocols
Protocol is a set of rules or standards that control data
transmission and other interactions between
networks, computers, peripheral devices, and
operating systems.
While to devices communicate with each other, the

same protocol must be used on the sending and
receiving devices. It is possible for two devices that
use different protocols to communicate with each
other, but a gateway is needed in between.
24 | P a g e
The TCP/IP protocol suite was developed prior
to the OSI model. Therefore, the layers in the
TCP/IP protocol suite do not exactly match
those in the OSI model. The original TCP/IP
protocol suite was defined as having four layers:
host-to-network, Internet, transport, and
application layers. However, when TCP/IP is
compared to OSI, we can say that the host-to-
network layer is equivalent to the combination
of the physical and data link layers. The Internet
layer is equivalent to the network layer, and the
application layer is roughly doing the job of the
session, presentation, and application layers with
the transport layer in TCP/IP taking care of part
of the duties of the session layer.
TCP/IP is a hierarchical protocol made up of

interactive modules, each of which provides a
specific functionality; however, the modules are
not necessarily interdependent. Whereas the OSI
model specifies which functions belong to each
of its layers, the layers of TCP/IP suite contain
relatively independent protocols that can be
mixed and matched depending on the needs of
the system. The term hierarchical means that
each upper-level protocol is supported by one or
more lower-level protocols.
At the transport layer, TCP/IP defines three

protocols: Transmission Control Protocol (TCP),
User Datagram Protocol (UDP), and Stream
Control Transmission Protocol (SCTP). At the
network layer, the main protocol defined by
TCP/IP is the Internetworking Protocol (IP);
there are also some other protocols that support
data movement in this layer.
Figure. TCP/IP Protocol Stack

Network Access (Physical and Data Link Layers)
The Network Access layer of the TCP/IP
model corresponds with the Data Link and
Physical layers of the OSI reference model.
It defines the protocols and hardware
required to connect a host to a physical
network and to deliver data across it.
Packets from the Internet layer are sent
down
25 | P a g e
the Network Access layer for delivery within the which is transported separately. Datagrams can travel along
physical network. The destination can be another different routes and can arrive out of sequence or be
host in the network, itself, or a router for further
forwarding. So the Internet layer has a view of the
entire Internetwork whereas the Network Access
layer is limited to the physical layer boundary that
is often defined by a layer 3 device such as a
router.
The Network Interface layer (also called the

Network Access layer) is responsible for placing
TCP/IP packets on the network medium and
receiving TCP/IP packets off the network
medium. TCP/IP was designed to be independent
of the network access method, frame format, and
medium. In this way, TCP/IP can be used to
connect differing network types. These include
LAN technologies such as Ethernet and Token
Ring and WAN technologies such as X.25 and
Frame Relay. Independence from any specific
network technology gives TCP/IP the ability to
be adapted to new technologies such as
Asynchronous Transfer Mode (ATM).
Network Access layer uses a physical address to
identify hosts and to deliver data.
The Network Access layer PDU is called a frame.
It contains the IP packet as well as a protocol
header and trailer from this layer.
The Network Access layer header and trailer are
only relevant in the physical network. When a
router receives a frame, it strips of the header and
trailer and adds a new header and trailer before
sending it out the next physical network towards
the destination.
Network (Internet) Layer

At the network layer (or, more accurately, the
Internetwork layer), TCP/IP supports the
Internetworking Protocol. IP, in turn, uses four
supporting protocols: ARP, RARP, ICMP, and
IGMP.
The Internet (Network) Layer Protocols

Internet Protocol (IP): IP essentially is the Internet layer.
The other protocols found here merely exist to support it.
It is an unreliable and connectionless protocol (i.e. a best-
effort delivery service). The term best effort means that
IP provides no error checking or tracking. It assumes the
unreliability of the underlying layers and does its best to
get a transmission through to its destination, but with no
guarantees.
IP transports data in packets called datagrams, each of
26 | P a g e
duplicated. IP does not keep track of the routes and delivery of a message from a process (running program)
has no facility for reordering datagrams once they to another process. A new transport layer protocol,
arrive at theirdestination. SCTP, has been devised to meet the needs of some
newer applications.
Internet Control Message Protocol (ICMP): The Transport Layer Protocol
works at the Network layer and is used by IP for  Transmission Control Protocol (TCP
many different services. ICMP is a management  User Datagram Protocol (UDP)
protocol and messaging service provider for IP. The  Stream Control Transmission Protocol(SCTP)
following are some common events and messages The Port Numbers
that ICMP relates to:
Destination Unreachable: If a router can‘t send an

IP datagram any further, it uses ICMP to send a
message back to the sender, advising it of the
situation.
Buffer Full: If a router‘s memory buffer for
receiving incoming datagrams is full, it will use
ICMP to send out this message until the congestion
abates.
Hops: Each IP datagram is allotted a certain number
of routers, called hops, to pass through. If it reaches
its limit of hops before arriving at its destination, the
last router to receive that datagram deletes it. The
executioner router then uses ICMP to send an
obituary message, informing the sending machine of
the demise of its datagram.
Ping (Packet Internet Groper) uses ICMP echo
messages to check the physical and logical
connectivity of machineson a network.
Traceroute Using ICMP timeouts, Traceroute is
used to discover the path a packet takes as it
traverses an Internetwork.
Address Resolution Protocol (ARP): finds the
hardwareaddress (physical or MAC address) of a
host from aknown IP address. ARP interrogates the
local network bysending out a broadcast asking the
machine with thespecified IP address to reply with
its hardware address. Reverse Address
Resolution Protocol
(RARP):discovers the identity of the IP
address for disklessmachines by sending out a
packet that includes its MACaddress and a request
for the
IP address assigned to that MAC address. A
designated machine, called a RARP server, responds
with the answer, and the identity crisis is over.
Transport Layer
Traditionally the transport layer was represented in
TCP/IP by two protocols: TCP and UDP. IP is a
host-to- host protocol, meaning that it can deliver a
packet from one physical device to another. UDP
and TCP are transport level protocols responsible for
27 | P a g e
TCP and UDP must use port numbers to communicate them running in spite of the activities of users who tend to
with the upper layers, because they‘re what keep track of cause the systems to fail.
different conversations crossing the network
simultaneously. These port numbers identify the source
and destination application or process in the TCP
segment. There are 216 = 65,536 ports available.
Well-known ports: The port numbers range from 0 to

1,023.
Registered ports: The port numbers range from 1,024 to
49,151. Registered ports are used by applications or
services that need to have consistent port assignments.
Dynamic or private ports: The port numbers range from
49,152 to 65,535.
TCP UDP
Ports Ports
Protocol TCP Port Protocol TCP Port
Number Number
Telnet 23 SNMP 161
SMTP 25 TFTP 69
HTTP 80 DNS 53
FTP 21 POP3 110
DNS 53 DHCP 68
HTTPS 443 NTP 123
SSH 22 RPC 530
Table. Sample TCP and UDP port numbers from well-

known category
Application Layer
The application layer in TCP/IP is equivalent to the
combined session, presentation, and application layers in
the OSI model and many protocols are defined at this
layer.
The Process/Application Layer Protocols
 Telnet
 File Transfer Protocol (FTP)
 Network File System (NFS).
 Simple Mail Transfer Protocol (SMTP
 POP3 is used to receive mail.
 Simple Network Management Protocol (SNMP)
 Domain Name Service (DNS)
 Dynamic Host Configuration Protocol (DHCP)
Philosophy of System Administration

Network and system administration is a branch of
engineering that concerns the operational management of
human–computer systems. It is about putting together a
network of computers (workstations, PCs and
supercomputers), getting them running and then keeping
28 | P a g e
A system administrator works for users, so that they that alltransmission requirements can be met.
can use the system to produce work.  Adding capacity to the network by increasing band
However, a system administrator should not just width interconnecting additional modes, or
cater for one or two selfish needs, but also work for creating and interconnecting additional networks.
the benefit of a whole community. Today, that
community is a global community of machines and
organizations, which spans every niche of human
society and culture, thanks to the Internet. It is often
a difficult balancing act to determine the best policy,
which accounts for the different needs of everyone
with a stake in a system. Once a computer is
attached to the Internet, we have to consider the
consequences of being directly connected to all the
othercomputers in the world.
It‘s about hardware, software, user support,
diagnosis, repair and prevention. System
administrators need to know a bit of everything: the
skills are technical, administrative and socio-
psychological.
The terms network administration and system

administration exist separately and are used both
variously and inconsistently by industry and by
academics.
System administration is the term used traditionally
by mainframe and Unix engineers to describe the
management of computers whether they are coupled
by a network or not. To this community, network
administration means the management of network
infrastructure devices (routers and switches). The
world of personal computers (PCs) has no tradition of
managing individual computers and their subsystems,
and thus doesnot speak of system administration, per
se. To this community, network administration is the
management ofPCs in a network. In this material, we
shall take the first view, since this is more precise.
Network and system administration are increasingly
challenging. The complexity of computer systems is
increasing all the time. Even a single PC today,
running Windows NT, and attached to a network,
approaches the level of complexity that mainframe
computers had ten years ago.
We are now forced to think systems not just computers.
Scope of Network administration

The management of a network, usually called
network administration, consists of procedures and
services that keep the network running properly. An
important part of network management entails
making sure that the network is available (or up and
running as IT professionals say) when employees
and managers need it.Other admin activities are:
 Monitoring the network capacity to ensure
29 | P a g e
 Training people to use the network effectively  Planning and implementing adequate security.
 Assisting IT professionals in organizational  Providing a comfortable environment for users.
applications that will make good use of the
network‘s capabilities.
 Backing up the network software and data
regularly to protect against the failure of network
or any of its components
 Putting security procedures in place to make
certain that only authorized users have access to
the network and ensuring that all security
procedures are followed
 Making sure the network personnel can respond
quickly and effectively in the event of a network
operational or security failure.
 Diagnosing and troubleshooting problems on the
network and determining the best course of action
to take to solve them.
Although the specifics of being a system administrator
may change from platform to platform, there are
underlying themes that do not. These themes make up the
philosophy of system administration. The themes are:
• Automate everything
• Document everything
• Communicate as much as possible
• Know your resources
• Know your users
• Know your business
• Security cannot be an afterthought
• Plan ahead
• Expect the unexpected
• Backup and disaster recovery planning
• Patching
The goal of Network administration
The goal is to keep the network running properly and

configuring and managing services that are provided over
the network.
There are many services that we use regularly. There are
some which work in the background enabling other
services to run smoothly.
The challenges of system administration

System administration is not just about installing
operating systems. It is about planning and designing an
efficient community of computers so that real users will
be able to get their jobs done. That means:
 Designing a network which is logical and efficient.
 Deploying large numbers of machines which can be
easily upgraded later.
 Deciding what services are needed.
30 | P a g e
 Developing ways of fixing errors and interactions become increasingly complex and
problemswhich occur. they become non-deterministic, i.e. not
 Keeping track of and understanding how to predictable in terms of
use the enormous amount of knowledge which any manageable number of variables. We
increases every year. therefore face another challenge that is
Some system administrators are responsible for both posed by inevitable growth.
the hardware of the network and the computers
which it connects, i.e. the cables as well as the Principle 3 (Scalability)
computers. Some are only responsible for the
computers. Either way, an understanding of how data
flow from machine to machine is essential as well as
an understanding of how each machine affects every
other.
The Meta principles of

systemadministration
Principle 1 (Policy is the foundation)
System administration begins with a
policy – adecision about what we want
and what should be, in relation to what we
can afford.
Policy speaks of what we wish to
accomplish with the system, and what we
are willing to tolerate of behavior within it.
It must refer to both the component parts and
to the environmentwith which the system
interacts. If we cannot secure predictability,
then we cannot expect
long-term conformance with a policy.
Principle 2 (Predictability)
The highest level aim in system
administration is to work towards a
predictable system. Predictability has limits.
It is the basis of reliability, hence trust and
therefore security.
Policy and predictability are intertwined.

What makes system administration difficult
is that it involves a kind of ‗search‘ problem.
It is the hunt for a stable region in the
landscape of all policies,
i.e. those policies that can lead to stable and
predictable behavior. In choosing policy,
one might easily promote a regime of
cascading failure, of increasing
unpredictability that degenerates into chaos.
Avoiding these regimes iswhat makes system
administration difficult. As networks of
computers and people grow, their
31 | P a g e
Scalable systems are those that grow in named WORKGROUP (MSHOME in Windows XP). To
accordance with policy; i.e. they continue to access shared resources on other PCs within its group, a
function predictably, even as they increase in
size.
Human–computer systems are too complex and
have too many interactions and dependencies to
be deterministic
When we speak of predictability, it must always
be within a margin of error. If this were not the
case, system administration would not be difficult
CHAPTER 2: WINDOWS
NETWORK CONCEPTS
In computer networking a workgroup is a collection of
computers on a LAN that share common resources and
responsibilities. Workgroup is Microsoft‘s term for a
peer-to-peer L. Windows WORKGROUPs can be found
in homes, schools and small businesses. Computers
running Windows OSs in the same work group may share
files, printers, or Internet connection. Workgroup
contrasts with domain, in which computers rely on
centralized authentication.
Windows workgroup
A Windows workgroup is a group of standalone
computers in a peer-to-peer network. Each computer in
the workgroup uses its own local accounts database to
authenticate resource access. The computers in a
workgroup also do not have a common authentication
process. The default-networking environment for a clean
windows load is workgroup
In general, a given Windows workgroup environment can

contain many computers but work best with 15 or fewer
computers. As the number of computers increases, a
workgroup eventually become very difficult to administer
and should be re-organized into multiple networks or set
up as a client-server network.
The computers in a workgroup are considered peers

because they are all equal and share resources among each
other without requiring a server. Since the workgroup
doesn‘t share a common security and resource database,
users and resources must be defined on each computer.
Joining a workgroup requires all participants to use a
matching name; all Windows computers (Windows 7, 8
and 10) are automatically assigned to a default group
32 | P a g e
user must know the name of the workgroup that particularly homeowners. Instead of requiring an
computer belongs to plus the username and password administrator to manually set up shared user accounts on
of an accounton the remote computer. every PC, HomeGroup security settings can be managed
through one shared login.
The main disadvantages of workgroups are:
 If a user account will be used for accessing

resources on multiple machines, the user
accountwill need to be created on those
machines this requires that the same
username and password beused.
 The low security protocol used for
authenticationbetween nodes.
 Desktop computers have a fixed limit of 15 or
less connections. Note that this is in reference
to connections to an individual desktop.
One of the most common mistakes when setting up a

peer- to-peer network is misspelling the workgroup
name on one of the computers. For example,
suppose you decide that all the computers should
belong to a workgroup named MYGROUP. If you
accidentally spell the workgroup name MYGRUOP
for one of the computers, that computer will be
isolated in its own workgroup. If you can‘t locate a
computer on your network, the workgroup name is
one of the first things to check.
Windows Workgroups vs Homegroups

andDomains
Domain Controller
Windows domains support client-server local
networks. A specially configured computer called
Domain Controller running a Windows Server
operating system serves as a central server for all
clients. Windows domains can handle more
computers than workgroups due to the ability to
maintain centralized resource sharing and access
control. A client PC can belong to either to a
workgroup or to a Windows domain, but not both.
Assigning a computer to the domain automatically
removes it from theworkgroup.
Microsoft HomeGroup
Microsoft introduced the Homegroup concepts in
windows 7. Homegroups are designed to simplify
the management of workgroups for administrators,
33 | P a g e
Joining a Homegroup does not remove a PC from its
Windows WORKGROUP, the two sharing methods co-
exist. Computers running versions of Windows operating
systems older than Windows 7 (like XP and vista),
however cannot be members of HomeGroups.
Domain Controllers
A domain controller (DC) is a server computer that
responds to security authentication requests within a
computer network domain. It is a network server that is
responsible for allowing end devices to access shared
domain resources. It authenticates users, stores user
account information and enforces security policy for a
Figure. Domain Controller
domain. It is most commonly implemented in Microsoft
Windows Server can be one of three kinds: Active
Windows environments (see below about Windows
Directory ―domain controllers‖ (ones that provide identity
Domain), where it is the centerpiece of the Windows
and authentication), Active Directory ―member servers‖
Active Directory service. However, non-Windows
(ones that provide complementary services such as file
domain controllers can be established via identity
repositories and schema) and Windows Workgroup
management software such as Samba (see the last
―stand-alone servers‖. The term ―Active Directory
paragraph of section 2.1).
Server‖ is sometimes used by Microsoft as synonymous
to ―Domain Controller‖ but the term is discouraged.
Domain controllers are typically deployed as a cluster to
ensure high-availability and maximize reliability. In a
Windows environment, one domain controller serves as
the Primary Domain Controller (PDC) and all other System requirements for a Domain
servers promoted to domain controller status in the Controller
domain server as a Backup Domain Controller (BDC). In This section outlines the minimum hardware
Unix-based environments, one machine serves as the requirements to run the latest Windows Server available
master domain controller and others serve as replica as this resource is prepared (i.e. Windows Server 2022).
domain controllers, periodically replicating database If your computer has less than the minimum
information from the main domain controller and storing requirements, you will not be able to install the server
it in a read-only format. correctly. Actual requirements will vary based on your
system configuration and the applications and features
On Microsoft Servers, a domain controller (DC) is a you install.
server computer that responds to security authentication
requests (logging in, etc.) within a Windows domain. A
Processor
Windows domain is a form of a computer network in
which all user accounts, computers, printers and other
Processor performance depends not only on the clock
security principals, are registered with a central database
frequency of the processor, but also on the number of
located on one or more clusters of central computers
processor cores and the size of the processor cache. The
known as domain controllers. A domain is a concept
following are the minimum processor requirements for
introduced in Windows NT whereby a user may be
the product:
granted access to a number of computer resources with
the use of a single username and password combination.
You must setup at least one Domain Controller in every  1.4 GHz 64-bit processor
Windows domain..
RAM
The following are the estimated minimum RAM

requirements for the product:
 512 MB (2 GB for Server with Desktop
34 | P a g e
Experience installation option)
35 | P a g e
Storage controller and disk space requirements  Add a new entry
Computers that run Windows Server must include a  Delete an entry
storage adapter that is compliant with the PCI Express
architecture specification. Persistent storage devices on
servers classified as hard disk drives must not be PATA.
Windows Server does not allow ATA/PATA/IDE/EIDE
for boot, page, or data drives. The
estimated minimum disk space requirements for the
system partition is 32 GB
Network adapter requirements

Network adapters used with this latest release should
include an Ethernet adapter capable of at least 1
gigabit per second throughput.
LDAP & Windows Active Directory

The Lightweight Directory Access Protocol (LDAP) is an
open, vendor-neutral, industry standard application
protocol for accessing and maintaining distributed
directory information services over an Internet Protocol
(IP) network. Directory services play an important role in
developing intranet and Internet applications by allowing
the sharing of information about users, systems, networks,
services, and applications throughout the network. As
examples, directory services may provide any organized
set of records, often with a hierarchical structure, such as
a corporate email directory. Similarly, a telephone
directory is a list of subscribers with an address and a
phone number.
Protocol overview
A client starts an LDAP session by connecting to an
LDAP server, called a Directory System Agent (DSA), by
default on TCP and UDP port 389, or on port 636 for
LDAPS (LDAP over TLS/SSL, see below). The client
then sends an operation request to the server, and a server
sends responses in return. With some exceptions, the
client does not need to wait for a response before sending
the next request, and the server may send the responses in
any order. All information is transmitted using Basic
Encoding Rules (BER).
The client may request the following operations:
 StartTLS– use LDAPv3 Transport Layer Security

(TLS) extension for a secure connection
 Bind – authenticate and specify LDAP protocol
version
 Search – search for and/or retrieve directory
entries
 Compare – test if a named entry contains a given
attribute value
36 | P a g e
 Modify an entry
 Modify Distinguished Name (DN) – move  Domain Services (DS)
orrename an entry  Lightweight Directory Services (LDS)
 Abandon – abort a previous request  Certificate Services (CS)
 Extended Operation – generic operation  Federation Services (FS)
used todefine other operations  Rights Management Services (RMS)
 Unbind – close the connection (not the
inverse ofBind)
A common alternative method of securing LDAP
communication is using an SSL tunnel. The default
port for LDAP over SSL is 636. The use of LDAP
over SSL was common in LDAP Version 2
(LDAPv2) but it was never standardized in any
formal specification. This usage has been deprecated
along with LDAPv2, which was officially retired in
2003.
Windows Active Directory

Active Directory (AD) is a directory service
developed by Microsoft for Windows domain
networks. It is included in most Windows Server
operating systems as a set of processes and services.
Initially, it was used only for centralized domain
management. However, it eventually became an
umbrella title for a broad range of directory- based
identity-related services.
A server running the Active Directory Domain

Service (AD DS) role is called a domain controller.
It authenticates and authorizes all users and
computers in a Windows domain type network,
assigning and enforcing security policies for all
computers, and installing or updating software. For
example, when a user logs into a computer that is
part of a Windows domain, Active Directory checks
the submitted password and determines whether the
user is a system administrator or normal user. Also, it
allows management and storage of information,
provides authentication and authorization
mechanisms, and establishes a framework to deploy
other related services: Certificate Services, AD
Federation Services, Lightweight Directory Services,
and Rights Management Services. Active Directory
uses LDAP versions 2 and 3, Microsoft‘s version of
Kerberos, and DNS.
Active Directory Services

Active Directory Services consist of multiple
directory services. The best known is Active
Directory Domain Services, commonly abbreviated
as AD DS or simply AD.
37 | P a g e
configuration. The forest represents the security boundary
AD Logical Structure
As a directory service, an Active Directory instance
consists of a database and corresponding executable code
responsible for servicing requests and maintaining the
database.
Objects
Active Directory structures are arrangements of
information about objects. The objects fall into two broad
categories: resources (e.g., printers) and security
principals (user or computer accounts and groups).
Security principals are assigned unique security
identifiers (SIDs).
Each object represents a single entity—whether a user, a

computer, a printer, or a group—and its attributes. Certain
objects can contain other objects. An object is uniquely
identified by its name and has a set of attributes—the
characteristics and information that the object
represents— defined by a schema, which also determines
the kinds of objects that can be stored in Active Directory.
The schema object lets administrators extend or modify

the schema when necessary. However, because each
schema object is integral to the definition of Active
Directory objects, deactivating or changing these objects
can fundamentally change or disrupt a deployment.
Schema changes automatically propagate throughout the
system. Once created, an object can only be deactivated—
not deleted. Changing the schema usually requires
planning.
Forests, trees, and domains
The Active Directory framework that holds the objects

can be viewed at a number of levels. The forest, tree, and
domain are the logical divisions in an Active Directory
network.
Within a deployment, objects are grouped into domains.

The objects for a single domain are stored in a single
database (which can be replicated). Domains are
identified by their DNS name structure, the namespace.
A domain is defined as a logical group of network objects

(computers, users, devices) that share the same Active
Directory database.
A tree is a collection of one or more domains and domain

trees in a contiguous namespace, and is linked in a
transitive trust hierarchy.
At the top of the structure is the forest. A forest is a

collection of trees that share a common global catalog,
directory schema, logical structure, and directory
38 | P a g e
within which users, computers, groups, and other more than one licensed Windows server computer.
objectsare accessible. Backup and restore of Active Directory is possible for a
network with a single domain controller, but Microsoft
Organizational Units recommends more than one domain controller to provide
The objects held within a domain can be grouped automatic failover protection of the directory. Domain
into organizational units (OUs). OUs can provide controllers
hierarchy to a domain, ease its administration, and
can resemble the organization‘s structure in
managerial or geographical terms. Microsoft
recommends using OUs rather than domains for
structure and to simplify the implementation of
policies and administration. The OU is the
recommended level at which to apply group policies,
which are Active Directory objects formally named
group policy objects (GPOs), although policies can
also be applied to domains or sites (see below). The
OU is the level at which administrative powers are
commonly delegated, but delegation can be
performed on individualobjects or attributes as well.
AD Physical Structure
Sites are physical (rather than logical) groupings
definedby one or more IP subnets. AD also holds the
definitions of connections, distinguishing low-speed
(e.g., WAN, VPN) from high-speed (e.g., LAN)
links. Site definitions are independent of the domain
and OU structure and are common across the forest.
Sites are used to control network traffic generated by
replication and also to refer clients to the nearest
domain controllers (DCs).
Replication
Active Directory synchronizes changes using multi-

master replication. Replication by default is
‗pull‗rather than ‗push‘, meaning that replicas pull
changes from the server where the change was
effected. The Knowledge Consistency Checker
(KCC) creates a replication topology of site links
using the defined sites to manage traffic. Intra-site
replication is frequent and automatic as a result of
change notification, which triggers peers to begin a
pull replication cycle. Inter-site replication intervals
are typically less frequent and does not use change
notification by default, although this is configurable
and can be made identical to intra-site replication.
Replication of Active Directory uses Remote
Procedure Calls (RPC) over IP (RPC/IP).
AD Implementation
In general, a network utilizing Active Directory has
39 | P a g e
are also ideally single-purpose for directory operations Forest trust: Applies to the entire forest. Transitive, one- or
only, and should not run any other software or role. two-way.
Certain Microsoft products such as SQL Server and

Exchange can interfere with the operation of a domain
controller, necessitating isolation of these products on
additional Windows servers. Combining them can make
configuration or troubleshooting of either the domain
controller or the other installed software more difficult. A
business intending to implement Active Directory is
therefore recommended to purchase a number of
Windows server licenses, to provide for at least two
separate domain controllers, and optionally, additional
domain controllers for performance or redundancy, a
separate file server, a separate Exchange server, a separate
SQL Server, and so forth to support the various server
roles.
Physical hardware costs for the many separate servers can

be reduced through the use of virtualization, although for
proper failover protection, Microsoft recommends not
running multiple virtualized domain controllers on the
same physical hardware.
AD Trusting
To allow users in one domain to access resources in
another, Active Directory uses trusts. Trusts inside a
forest are automatically created when domains are
created. The forest sets the default boundaries of trust, and
implicit, transitive trust is automatic for all domains
within a forest.
Terminology
One-way trust: One domain allows access to users on

another domain, but the other domain does not allow
access to users on the first domain.
Two-way trust: Two domains allow access to users on
both domains.
Trusted domain: The domain that is trusted; whose users
have access to the trusting domain.
Transitive trust: A trust that can extend beyond two
domains to other trusted domains in the forest.
Intransitive trust: A one way trust that does not extend
beyond two domains.
Explicit trust: A trust that an admin creates. It is not
transitive and is one way only.
Cross-link trust: An explicit trust between domains in
different trees or in the same tree when a
descendant/ancestor (child/parent) relationship does not
exist between the two domains.
Shortcut: Joins two domains in different trees, transitive,
one- or two-way.
40 | P a g e
Realm: Can be transitive or nontransitive Users and capabilities
(intransitive), one- or two-way. A user account is a collection of settings and information
External: Connect to other forests or non-AD that tells Windows which files and folders you can access,
domains. Nontransitive, one- or two-way.
PAM trust: A one-way trust used by Microsoft
Identity Manager from a (possibly low-level)
production forest to a (Windows Server 2016
functionality level) ‗bastion‘ forest, which issues
time-limited group memberships.
AD Management solutions
Microsoft Active Directory management tools include:
 Active Directory Administrative Center

(Introduced with Windows Server 2012 and
above),
 Active Directory Users and Computers,
 Active Directory Domains and Trusts,
 Active Directory Sites and Services,
 ADSI Edit,
 Local Users and Groups,
 Active Directory Schema snap-ins for
MicrosoftManagement Console (MMC),
 SysInternals ADExplorer
These management tools may not provide enough
functionality for efficient workflow in large
environments. Some third-party solutions extend the
administration and management capabilities. They
provide essential features for a more convenient
administration processes, such as automation,
reports,integration with other services, etc.
Review Questions
1. Discuss the difference between Workgroup
andHomegroup.
2. What are the system requirements of
domaincontroller?
3. Discuss some of the active directory services.
4. To allow one user from one domain to use
services in other domain, active directory
uses trust.
5. Discuss the different terminologies used in
trusting.
6. Discuss the difference between forests, trees
anddomains.
7. Discuss the logical and physical structure of
domains.
CHAPTER THREE: USER

ADMINISTRATIONCONCEP
TS
& MECHANISMS
41 | P a g e
what you can do on your computer, what are your revoke network access to a computer by removing a group‘s
preferences, and what network resources you can access right to access the computer from the network.
when connected to a network.
The user account allows you to authenticate to Windows

or any other operating system so that you are granted
authorization to use them. Multi-user operating systems
such as Windows don‘t allow a user to use them without
having a user account.
A user account in Windows is characterized by the

following attributes:
User name: the name you are giving to that account.

Password: the password associated with the user account
(in Windows 7 or older versions you can also use blank
passwords).
User group: a collection of user accounts that share the
same security rights and permissions. A user account
must be a member of at least one user group.
Type: all user accounts have a type which defines their
permissions and what they can do in Windows.
Administrator: The ―Administrator‖ user
account has complete control over the PC. He or
she can install anything and make changes that
affect all users of that PC.
Standard: The ―Standard‖ user account can only

use the software that‘s already installed by the
administrator and change system settings that
don‘t affect other users.
Guest: The ―Guest‖ account is a special type of

user account that has the name Guest and no
password. This is only for users that need
temporary access to the PC. This user can only
use the software that‘s already installed by the
administrator and cannot make any changes to
system settings.
All user accounts have specific capabilities, privileges,

and rights. When you create a user account, you can grant
the user specific capabilities by making the user a member
of one or more groups. This gives the user the capabilities
of these groups. You then assign additional capabilities by
making a user a member of the appropriate groups or
withdraw capabilities by removing a user from a group.
An important part of an administrator‘s job is being able

to determine and set permissions, privileges, and logon
rights as necessary. Although you can‘t change a group‘s
built-in capabilities, you can change a group‘s default
privileges and logon rights. For example, you could
42 | P a g e
The most efficient way to assign user rights is to make the
What is File & Folder Permissions? user a member of a group that already has the right. In
some cases, however, you might want a user to have a
Permissions are a method for assigning access rights particular right but not have all the other rights of the
to specific user accounts and user groups. Through group. One way to resolve this problem is to give the user
the use of permissions, Windows defines which user
accounts and user groups can access which files and
folders, and what they can do with them. To put it
simply, permissions are the operating system‘s way
of telling you what you can or cannot do with a file
or folder.
On Windows operating system, to learn the

permissions of any folder, right click on it and select
―Properties.‖ In the Properties window, go to the
Security tab. In the ―Group or user names‖ section
you will see all the user accounts and use groups that
have permissions to that folder. If you select a group
or a user account, then see its assigned permissions,
in the ―Permissions for Users‖ section.
In Windows, a user account or a user group can

receive one of the following permissions to any file
or folder:
Read: allows the viewing and listing of a file or

folder. When viewing a folder, you can view all its
files and subfolders.
Write: allows writing to a file or adding files and
subfolders to a folder.
List folder contents: this permission can be
assigned only to folders. It permits the viewing and
listing of files and subfolders, as well as executing
files that are found inthat folder.
Read & execute: permits the reading and accessing
of a file‘s contents as well as its execution. When
dealing with folders, it allows the viewing and listing
of files and subfolders, as well as the execution of
files.
Modify: when dealing with files, it allows their
reading, writing and deletion. When dealing with
folders, it allows the reading and writing of files and
subfolders, plus the deletion of the folder.
Full control: it allows reading, writing, changing
and deleting of any file and subfolder. Generally,
files inherit the permissions of the folder where they
are placed, but users can also define specific
permissions that are assigned only to a specific file.
To make your computing life simpler, it is best to
edit permissions only at a folder level.
Assigning User Rights
43 | P a g e
the rights directly. Another way to resolve this is to create The Windows Registry is similarly divided to support
a special group for users that need the right. This is the roaming; there are System and Local Machine hives that
approach used with the Remote Desktop Users group,
which was created by Microsoft to grant Allow Logon
through Terminal Services to groups of users.
You assign user rights through the Local Policies node of

Group Policy. Local policies can be set on a per-computer
basis using a computer‘s local security policy or on a
domain or OU basis through an existing group policy for
the related domain or OU. When you do this, the local
policies apply to all accounts in the domain or OU.
What is Roaming profile?

A Windows profile is a set of files that contains all
settings of a user including per-user configuration files
and registry settings. In an Active Directory or NT4
domain you can set that the profile of a user is stored on a
server. This enables the user to log on to different
Windows domain members and use the same settings.
When using roaming user profiles, a copy of the profile is

downloaded from the server to the Windows domain
member when a user logs into. Until the user logs out, all
settings are stored and updated in the local copy. During
the log out, the profile is uploaded to the server.
Assigning a Roaming Profile to a User

Depending on the Windows version, Windows uses
different folders to store the roaming profile of a user.
However, when you set the profile path for a user, you
always set the path to the folder without any version
suffix. For example:
\\server\profiles\user_name
A roaming user profile is a file synchronization concept
in the Windows NT family of operating systems that
allows users with a computer joined to a Windows domain
to log on to any computer on the same domain and access
their documents and have a consistent desktop
experience, such as applications remembering toolbar
positions and preferences, or the desktop appearance
staying the same, while keeping all related files stored
locally, to not continuously depend on a fast and reliable
network connection to a file server.
All Windows operating systems since Windows NT 3.1

are designed to support roaming profiles. Normally, a
standalone computer stores the user‘s documents, desktop
items, application preferences, and desktop appearance on
the local computer in two divided sections, consisting of
the portion that could roam plus an additional temporary
portion containing items such as the web browser cache.
44 | P a g e
stay on the local computer, plus a separate User hive synchronized from the fileserver to the local computer.
(HKEY CURRENT USER) designed to be able to When you log out of the computer, any changes to the
roam with the user profile. profile are then synchronized back to the server.
Instructions for checking whether or not you have a
When a roaming user is created, the user‘s profile roaming profile are available.
information is instead stored on a centralized file
server accessible from any network-joined desktop
computer. The login prompt on the local computer
checks to see if the user exists in the domain rather
than on the local computer; no preexisting account is
required on the local computer. If the domain login is
successful, the roaming profile is copied from the
central file server to the desktopcomputer, and a local
account is created for the user.
When the user logs off from the desktop computer,

the user‘s roaming profile is merged from the local
computer back to the central file server, not including
the temporary local profile items. Because this is a
merge and not a move/delete, the user‘s profile
information remains on thelocal computer in addition
to being merged to the network.
When the user logs in on a second desktop computer,

this process repeats, merging the roaming profile
from the server to the second desktop computer, and
then merging back from the desktop to the server
when the user logs off.
When the user returns to the first desktop computer

and logs in, the roaming profile is merged with the
previous profile information, replacing it. If profile
caching is enabled, the server is capable of merging
only the newest files to the local computer, reusing
the existing local filesthat have not changed since the
last login, and thereby speeding up the login process.
Windows stores information about a particular user

in a so-called profile. Some examples of the sort of
data that gets stored in a profile are (N.B. this list is
not exhaustive):
Application data and settings

The ―Documents‖/‖My Documents‖ folder
The ―Downloads‖ folder, which is where your
internet browser may save to by default Files stored
on your Desktop
Directories you create under c:\users\[your-
username] Members of some groups in the
department have aroaming profile. This means that
the master copy of theprofile is stored on a
fileserver. When you log in to aWindows
computer, the contents of your profile will be
45 | P a g e
stores low-level settings for the Microsoft Windows
There are two main reasons why a roaming profile might operating system and for applications that opt to use the
be useful in the department. Firstly, because the contents
of the profile are stored centrally, whenever you log on to
any computer in the department you will have the same
application data and settings (e.g., internet browser
bookmarks, preferences in Microsoft Office etc.).
Secondly, because the master copy of your roaming

profile is stored on a Departmentally-managed fileserver,
all data stored within it is automatically backed up.
What are the main differences of roaming and local

profiles?
Windows roaming and local profiles are similar in that

they both store Windows user settings and data. A local
profile is one that is stored directly on the computer. The
main advantage to using a local profile is that the profile
is accessible even when the computer is disconnected
from the network. A major drawback of a local profile is
that the user profile data is not being automatically backed
up by the server. Since most users rarely back up their
computers, if a hard drive fails, any data that is stored
within local profiles on that machine would be lost.
Roaming profiles are stored on a server and can be

accessed by logging into any computer on the network. In
a roaming profile, when a user logs onto the network,
his/her profile is copied from the server to the user‘s
desktop. When the user logs off of their computer, the
profile (including any changes that the user might have
made) is copied back to the server. A major drawback of
roaming profiles is that they can slow down the network.
Windows user profiles often become very large as the user
profile data continues to grow. If you have a large
roaming profile, the login and logoff times may take a
significant amount of time.
The solution to this problem is to use folder redirection

with roaming profiles. Folder redirection allows specific
folders (such as the Desktop and Documents folder) to be
permanently stored on the server. Doing so eliminates the
need for the redirected folder to be copied as a part of the
logon and logoff processes.
Advanced Concepts I
The Registry
The Windows Registry is a hierarchical database that
46 | P a g e
registry. The kernel, device drivers, services, security policies enforced by the system (these
Security Accounts Manager, and user interface can restrictions may be predefined by the system itself, and
all use the registry. The registry also allows access to configured by local system administrators or by domain
counters for profiling system performance. administrators). Different users, programs, services or
remote systems may only see some parts of the hierarchy
or distinct hierarchies from the same root keys.
Registry Structure
Keys and values
The registry contains two basic elements: keys and

values. Registry keys are container objects similar to
folders. Registry values are non-container objects
similar to files. Keys may contain values and
subkeys. Keys are referenced with a syntax similar to
Windows‘ path names, using backslashes to indicate
levels of hierarchy. Keys must have a case
insensitive name without backslashes.
The hierarchy of registry keys can only be accessed

from a known root key handle (which is anonymous
but whose effective value is a constant numeric
handle) that is mapped to the content of a registry
key preloaded by the kernel from a stored ―hive―, or
to the content of a subkey within another root key, or
mapped to a registered service or DLL that provides
access to its contained subkeys andvalues.
Text Box:
Example:
HKEY_LOCAL_MACHINE\Software\Microsoft\W
indo ws refers to the subkey "Windows" of the
subkey "Microsoft" of the subkey "Software" of the
HKEY_LOCAL_MACHINE root key.
There are seven predefined root keys, traditionally
named according to their constant handles defined in
the Win32 API, or by synonymous abbreviations
(depending on applications):
HKEY_LOCAL_MACHINE or
HKLM
HKEY_CURRENT_CONFIG or
HKCCHKEY_CLASSES_ROOT or
HKCR HKEY_CURRENT_USER
or HKCU HKEY_USERS or HKU
HKEY_PERFORMANCE_DATA (only in
WindowsNT, but invisible in the Windows Registry
Editor) HKEY_DYN_DATA (only in Windows 9x,
and visiblein the Windows Registry Editor)
Like other files and services in Windows, all registry
keys may be restricted by access control lists
(ACLs), depending on user privileges, or on security
tokens acquired by applications, or on system
47 | P a g e
depending on your use case, needs, or company policy.
Advanced Concepts II
Routing and NAT
Routing refers to establishing the routes that data packets
take on their way to a particular destination. This term can
be applied to data traveling on the Internet, over 3G or 4G
networks, or over similar networks used for telecom and
other digital communications setups. Routing can also
take place within proprietary networks.
In general, routing involves the network topology, or the

setup of hardware, that can effectively relay data.
Standard protocols help to identify the best routes for data
and to ensure quality transmission. Individual pieces of
hardware such as routers are referred to as ―nodes‖ in the
network. Different algorithms and protocols can be used
to figure out how to best route data packets, and which
nodes should be used. For example, some data packets
travel according to a distance vector model that primarily
uses distance as a factor, whereas others use Link-State
Protocol, which involves other aspects of a ―best path‖ for
data.
Data packets are also made to give networks information.

Headers on packets provide details about origin and
destination. Standards for data packets allow for
conventional design, which can help with future routing
methodologies. As the world of digital technology
evolves, routing will also evolve according to the needs
and utility of a particular network.
Network Address Translation (NAT)

NAT translates the IP addresses of computers in a local
network to a single IP address. This address is often used
by the router that connects the computers to the Internet.
The router can be connected to a DSL modem, cable
modem, T1 line, or even a dial-up modem. When other
computers on the Internet attempt to access computers
within the local network, they only see the IP address of
the router. This adds an extra level of security, since the
router can be configured as a firewall, only allowing
authorized systems to access the computers within the
network.
Proxies and Gateways

What is proxy server?
A proxy server acts as a gateway between you and the

Internet. It‘s an intermediary server separating end users
from the websites they browse. Proxy servers provide
varying levels of functionality, security, and privacy
48 | P a g e
Here‘s a few of the primary uses for a proxy server:  IoT gateways
 Email security gateways
 Firewalls  VoIP trunk gateways
 Content filters
 Bypassing content filters
 Caching
 Security
 Sharing Internet connections
What is a Gateway ?
A gateway is a node (router) in a computer network, a

key stopping point for data on its way to or from
other networks. Thanks to gateways, we are able to
communicate and send data back and forth. The
Internet wouldn‘t be any use to us without gateways
(as well as alot of other hardware and software).
How gateways work?
All networks have a boundary that limits

communication to devices that are directly connected
to it. Due to this, if a network wants to communicate
with devices, nodes or networks outside of that
boundary, they require the functionality of a
gateway. A gateway is often characterized as being
the combination of a router and a modem.
The gateway is implemented at the edge of a network

and manages all data that is directed internally or
externally from that network. When one network
wants to communicate with another, the data packet
is passed to the gateway and then routed to the
destination through the most efficient path. In
addition to routing data, a gateway will also store
information about the host network‘s internal paths
and the paths of any additional networks that are
encountered.
Gateways are basically protocol converters,

facilitating compatibility between two protocols and
operating on any layer of the open systems
interconnection (OSI) model.
Types of gateways
Gateways can take several forms and perform a

variety oftasks. Examples of this include:
 Web application firewalls

 Cloud storage gateways
49 | P a g e
entire system) fail to run at all. In either case, performance
Review Questions
1. Discuss the different types of users and types of
permissions they may have on the system.
2. Discuss the seven predefined root key in
Windows registery.
3. What is routing and routing protocols? Discuss
some of well-known routing protocols.
4. What is Network Address Translation (NAT)?
Why do we need NAT in our LAN?
5. What are the benefits of NAT to an organization?
Discuss the different ways used to implement
NAT.
6. Discuss the meaning, benefit and how proxies
work.
7. Discuss the different types of gateways.
CHAPTER 4: RESOURCE
MONITORING &MANAGEMENT
Resource Monitoring & Management
As stated earlier, a great deal of system administration
revolves around resources and their efficient use. By
balancing various resources against the people and
programs that use those resources, you waste less money
and make your users as happy as possible. However, this
leaves two questions:
What are resources?
How it is possible to know what resources are being used

(and to what extent)?
The purpose of this chapter is to enable you to answer

these questions by helping you to learn more about
resources and how they can be monitored.
Before you can monitor resources, you first have to know

what resources there are to monitor. All systems have the
following resources available:
 CPU power
 Bandwidth
 Memory
 Storage
System Performance Monitoring

System performance monitoring is normally done in
response to a performance problem. Either the system is
running too slowly, or programs (and sometimes even the
50 | P a g e
monitoring is normally done as the first and last utilization ever reaches 100%. If CPU utilization stays
steps of a three-step process: below 100%, no matter what the system is doing, there
is additional processing power available for more work.
Monitoring to identify the nature and scope of the
resource shortages that are causing the performance
problems.
The data produced from monitoring is analyzed and

a course of action (normally performance tuning
and/or the procurement of additional hardware) is
taken to resolve the problem
Monitoring System Capacity
Monitoring system capacity is done as part of an

ongoing capacity planning program. Capacity
planning uses long- term resource monitoring to
determine rates of change in the utilization of system
resources. Once these rates of change are known, it
becomes possible to conduct more accurate long-
term planning regarding the procurement of
additional resources.
What to Monitor?
As stated earlier, the resources present in every
system are CPU power, bandwidth, memory, and
storage. At first glance, it would seem that
monitoring would need only consist of examining
these four different things.
Unfortunately, it is not that simple. For example,

consider a disk drive. What things might you want to
know about its performance?
 How much free space is available?

 How many I/O operations on average
does itperform each second?
 How long on average does it take each I/O
operation to be completed?
 How many of those I/O operations are
reads?How many are writes?
 What is the average amount of data
read/writtenwith each I/O?
Monitoring CPU Power
In its most basic form, monitoring CPU power can

be no more difficult than determining if CPU
51 | P a g e
However, it is a rare system that does not reach 100% Monitoring Storage
CPU utilization at least some of the time. At that point it
is important to examine more detailed CPU utilization
data. By doing so, it becomes possible to start determining
where the majority of your processing power is being
consumed.
Monitoring Bandwidth
Monitoring bandwidth is more difficult than the other

resources described here. The reason for this is due to the
fact that performance statistics tend to be device-based,
while most of the places where bandwidth is important
tend to be the buses that connect devices. In those
instances where more than one device shares a common
bus, you might see reasonable statistics for each device,
but the aggregate load those devices place on the bus
would be much greater.
Some of the more common bandwidth-related statistics

are:
 Bytes received/sent
 Interface counts and rates
 Transfers per Second
Monitoring Memory
If there is one area where a wealth of performance

statistics can be found, it is in the area of monitoring
memory utilization. Due to the inherent complexity of
today‘s demand-paged virtual memory operating systems,
memory utilization statistics are many and varied. It is
here that the majority of a system administrator‘s work
with resource management takes place.
The following statistics represent a cursory overview of

commonly-found memory management statistics:
 Page Ins/Page Outs

 Active/Inactive Pages
 Free, Shared, Buffered, and Cached Pages
 Swap Ins/Swap Outs
Successfully monitoring memory utilization requires a

good understanding of how demand-paged virtual
memory operating systems work, which alone could take
up an entire book.
52 | P a g e
Monitoring storage normally takes place at two they occur. Monitoring tools help you spot errors and
different levels: service failures before they start to impactusers.
 Monitoring for sufficient disk space Why do System Performance Monitoring?

 Monitoring for storage-related
performanceproblems
The reason for this is that it is possible to have dire

problems in one area and no problems whatsoever in
the other. For example, it is possible to cause a disk
drive to run out of disk space without once causing
any kind of performance-related problems. Likewise,
it is possible to have a disk drive that has 99% free
space, yet is being pushed past its limits in terms of
performance.
In any case, the following statistics are useful for

monitoring storage:
 Free Space
 File System-Related Statistics
 Transfers per Second
 Reads/Writes per Second
Monitoring Tools
As your organization grows, so does the number of
servers, devices, and services you depend on. The
term system covers all of the computing resources of
your organization. Each element in the system
infrastructure relies on underlying services or
provides services to components that are closer to
user.
In networking, it is typical to think of a system as a

layered stack. User software sits at the top of the
stack and system applications and services on the
next layer down. Beneath the services and
applications, you will encounter operating systems
and firmware. The performance of software elements
needs to be monitoredas an application stack.
Users will notice performance problems with the

software that they use, but those problems rarely
arise within that software. All layers of the
application stack need to be examined to find the
root cause of performance issues. You need to head
off problems with real-time status monitoring before
53 | P a g e
Knowing whether a computer has issues is fairly  More sophisticated system monitoring package
straightforward when the computer is right in front of you. provides a much broader range of capabilities,
Knowing what’s causing the problem? That’s harder. such as:
But a computer sitting by itself is not as useful as it could  Monitoring multiple servers. Handling servers
be. Even the smallest small-office/home-office network from various vendors running various operating
has multiple nodes: laptops, desktops, tablets, WiFi systems. Monitoring servers at multiple sites and
access points, Internet gateway, smartphones, file servers in cloud environments.
and/or media servers, printers, and so on. That means you  Monitoring a range of server metrics: availability,
are in charge of ―infrastructure‖ rather than just CPU usage, memory usage, disk space, response
―equipment.‖ Any component might start misbehaving time, and upload/download rates. Monitoring
and could cause issues for the others. CPU temperature and power supply voltages.
 Monitoring applications. Using deep knowledge
Bandwidth monitoring tools and NetFlow and sFlow
of common applications and services to monitor
based traffic analyzers help you stay aware of the activity,
key server processes, including web servers,
capacity, and health of your network. They allow you to
database servers, and application stacks.
watch traffic as it flows through routers and switches, or
 Automatically alerting you of problems, such as
arrive at and leaves hosts.
servers or network devices that are overloaded or
System Monitoring Software Essentials down, or worrisome trends. Customized alerts
that can use multiple methods to contact you –
In order to keep your system fit for purpose, your email, SMS text messages, pager, etc.
monitoring activities need to cover the following  Triggering actions in response to alerts, to handle
priorities: certain classes of problems automatically.
 Collecting historical data about server and device
 Acceptable delivery speeds
health and behavior.
 Constant availability
 Displaying data. Crunching the data and
 Preventative maintenance
analyzing trends to display illuminating
 Software version monitoring and patching visualizations of the data.
 Intrusion detection  Reports. Besides displays, generating useful
 Data integrity predefined reports that help with tasks like
 Security monitoring forecasting capacity, optimizing resource usage,
 Attack mitigation and predicting needs for maintenance and
 Virus prevention and detection upgrades.
 Customizable reporting. A facility to help you
Lack of funding may cause you to compromise on
create custom reports.
monitoring completeness. The expense of monitoring can
 Easy configurability, using methods like auto-
be justified because of it:
discovery and knowledge of server and
 reduces user/customer support costs application types.
 prevents loss of income caused by system outages  Non-intrusive: imposing a low overhead on your
or attack vulnerability production machines and services. Making smart
 prevents data leakage leading to litigation use of agents to offload monitoring where
 prevents hardware damage and loss of business- appropriate.
critical data  Scalability: Able to grow with your business,
from a small or medium business (SMB) to a
Minimum system monitoring software large enterprise.
capabilities
Windows Task Manager
54 | P a g e
Task Manager (old name Windows Task Manager) is a  Performance
task manager, system monitor, and startup manager  App History
included with all versions of Microsoft Windows since
Windows NT 4.0 and Windows 2000.
Windows Task Manager provides information about

computer performance and shows detailed information
about the programs and processes running on the
computer, including name of running processes, CPU
load, commit charge, I/O details, logged-in users, and
Windows services; if connected to the network, you can
also view the network status and quickly understand how
the network works.
Microsoft improves the task manager between each

version of Windows, sometimes quite dramatically.
Specifically, the task managers in Windows 10 and
Windows 8 are very different from those in Windows
7and Windows Vista, and the task managers in Windows
7 and Vista are very different from those in Windows XP.
A similar program called Tasks exists in Windows 98 and
Windows 95.
How to Open the Task Manager?

Starting Task Manager is always a concern for many of
you. Now we will list some easy and quick ways for you
to open it. Some of them might come in handy if you don‘t
know how to open a Task Manager or you can‘t open Task
Manager the way you‘re used to.
If you prefer using a mouse over a keyboard, one of the

quickest ways to launch Task Manager is to right-click
on any blank area on the taskbar and select Task
Manager. Just need two clicks.
You can also run Task Management by hitting Windows

to open the Run box, typing taskmgr and then hitting
Enter or clicking OK.
 Processes
55 | P a g e
 Startup
 Users
 Details
 Services
Windows Resource Monitoring
Resource Monitor is a system application included in

Windows Vista and later versions of Windows that
allows users to look at the presence and allocation of
resources on a computer. This application allows
administrators and other users determine how system
resources are being used by a particular hardware
setup.
How to start Resource Monitor?
Users and administrators have several options to

start Resource Monitor. It is included in several
versions of Windows, and some options to start the
tool are only available in select versions of the
operating system.
The first two methods should work on all versions of

Windows that are supported by Microsoft.
1. Windows-R to open the run box. Type

resmon.exe, and hit the Enter-key.
2. Windows-R to open the run box. Type
perfmon.exe /res, and hit the Enter-key.
3. On Windows 10: Start → All Apps →
Windows Administrative Tools → Resource
Monitor
4. Old Windows: Start → All Programs →
Accessories → System Tools → Resource
Monitor
5. Open Task Manager with
Ctrl+Shift+Esc→ Performance tab, click
open Resource Monitor.
56 | P a g e
Figure: Opening Resource Monitor from Task Bandwidth describes the maximum data transfer rate of a
Manager network. It measures how much data can be sent over a
specific connection in a given amount of time. For
The Resource Monitor interface looks the same on example, a gigabit Ethernet connection has a bandwidth
Windows 7, 8.1 and 10. The program uses tabs to of 1,000 Mbps (125 megabytes per second). An Internet
separate data, it loads an overview when you start it, connection via cable modem may provide 25 Mbps of
and including CPU, Memory, Disk, and Network are bandwidth.
the five tabs of the program including all the
processes that use the resources. The most common Internet bottleneck is your connection
to your ISP.
The sidebar displays graphs that highlight the CPU,
Disk, Network, and Memory use over a period of 60 Bandwidth vs. Speed
seconds.
Internet speed is a major vice to any Internet user. Even
Monitor CPU Usage with Resource Monitor though Internet speed and data transfer mostly revolve
around bandwidth, your Internet speed can also be
You need to switch to the CPU tab if you want to monitor different from the Internet bandwidth expectations. What
CPU utilization in detail. You find the processes listing of tends to make it complicated is that the terms bandwidth,
the overview page there, and also the three new listings speed, and bandwidth speed are used interchangeably,
Services, Associated Handles and Associated Modules. but they are actually different things. Most people refer
to speed as how long it takes to upload and download
Memory in Resource Monitor files, videos, livestreams, and other content.
The memory tab lists processes just like the CPU tab Network bandwidth
does, but with a focus on memory usage. It features a
physical memory view on top of that that visualizes the Use of bandwidth can also be monitored by a network
distribution of memory on the Windows machine. bandwidth monitor. Network bandwidth is a fixed
commodity. There are several ways to use network
If this is your first time accessing the information, you bandwidth. First, you can control the data flow in your
may be surprised that quite a bit of memory may be Internet connection. That is you can streamline data from
hardware reserved. The graphs highlight the used one point to another point. Next, you can also optimize
physical memory, the commit charge, and the hard faults data so that it consumes less bandwidth from what is
per second. Each process is listed with its name and allocated.
process ID, the hard faults, and various memory related
information. Network Printers
Commit: Amount of virtual memory reserved by the Network printing allows us to efficiently use printing
operating system for the process. resources. With network printing we first connect all of
Working Set: Amount of physical memory currently in our work stations to a network and then we implement a
use by the process. network printer. In general there are two ways this can be
Shareable: Amount of physical memory in use by the done.
process that can be shared with other processes.
Private: Amount of physical memory in use by the Remote Administration
process that cannot be used by other processes.
Remote administration is an approach being followed to
Network Activity in Resource Monitor control either a computer system or a network or an
application or all three from a remote location. Simply
The Network tab lists network activity, TCP connections put, Remote administration refers to any method of
and listening ports. It lists network activity of any running controlling a computer from a remote location. A remote
process in detail. It is useful, as it tells you right away if location may refer to a computer in the next room or one
processes connect to the Internet. on the other side of the world. It may also refer to both
legal and illegal remote administration. Generally, remote
Bandwidth
administration is essentially adopted when it is difficult or
57 | P a g e
impractical to a person to be physically present and do compromise the system. It is advised that remote
administration on a system‘s terminal. administration to be used only in emergency or essential
Requirements to Perform Remote Administration
 Internet connection
 Connecting
Common Tasks/Services for which Remote

Administration is used
Generally, remote administration is needed for user
management, file system management, software
installation/configuration, network management,
Network Security/Firewalls, VPN, Infrastructure Design,
Network File Servers, Auto-mounting etc. and kernel
optimization/ recompilation.
The following are some of the tasks/ services for which

remote administration need to be done:
 Hacking
 Remote Desktop Solutions
 Controlling one‘s own computer from a remote
location
 ICT Infrastructure Management
The following are some of proprietary and open source

applications that can be used to achieve this.
 SSH (Secure Shell)

 OpenSSH (OpenBSD Secure Shell)
 Telnet
 rlogin
 rsh
 VNC (Virtual Network Computing)
 FreeNX
 Wireless Remote Administration
 Remote Desktop Connection (RDC)
Disadvantages of Remote Administration
Remote administration has many disadvantages too apart

from its advantages. The first and foremost disadvantage
is the security. Generally, certain ports to be open at
Server level to do remote administration. Due to open
ports, the hackers/attackers takes advantage to
58 | P a g e
situations only to do administration remotely. In Thus, any read request can be serviced by any drive in
normal situations, it is ideal to block the ports to the set. If a request is broadcast to every drive in the set,
it can be serviced by the drive that accesses the data first
avoid remote administration.
(depending on its seek time and rotational latency),
Performance
Redundant Array of Inexpensive (or Independent) Disks (RAID)
RAID is a data storage virtualization technology that
combines multiple physical disk drive components
intoone or more logical units for the purposes of
dataredundancy, performance improvement, or both.
This wasin contrast to the previous concept of highly
reliablemainframe disk drives referred to as Single
LargeExpensive Disk (SLED).
Data is distributed across the drives in one of several

ways, referred to as RAID levels, depending on the
required level of redundancy and performance. The
different schemes, or data distribution layouts, are
named by the word ―RAID‖ followed by a number,
for example RAID 0 or RAID 1. Each scheme, or
RAID level, provides a different balance among the
key goals: reliability, availability, performance, and
capacity. RAID levels greater than RAID 0 provide
protection against unrecoverable sector read errors,
as well as against failures of whole physical drives.
Standard levels
Originally, there were five standard levels of RAID,
but many variations have evolved, including several
nested levels and many non-standard levels (mostly
proprietary). RAID levels and their associated data
formats are standardized by the Storage Networking
Industry Association (SNIA) in the Common RAID
Disk Drive Format (DDF) standard:
RAID 0 consists of striping, but no mirroring or

parity. Compared to a spanned volume, the capacity
of a RAID 0 volume is the same; it is the sum of the
capacities of the drives in the set. But because
striping distributes the contents of each file among all
drives in the set, the failure of any drive causes the
entire RAID 0 volume and all files to be lost. In
comparison, a spanned volume preserves the files on
the unfailing drives. The benefits of RAID 0 is that
the throughput of read and write operations to any file
is multiplied by the number of drives because, unlike
spanned volumes, reads and writes are done
concurrently.
RAID 1 consists of data mirroring, without parity or

striping . Data is written identically to two or more
drives, thereby producing a ―mirrored set‖ of drives.
59 | P a g e
improving performance. Sustained read throughput, if the entire array until the failed drive has been replaced. Witha
controller or software is optimized for it, approaches the RAID 6 array, using drives from multiple sources and
sum of throughputs of every drive in the set, just as for
RAID 0.
Actual read throughput of most RAID 1 implementations

is slower than the fastest drive. Write throughput is
always slower because every drive must be updated, and
the slowest drive limits the write performance. The array
continues to operate as long as at least one drive is
functioning.
RAID 2 consists of bit-level striping with dedicated
Hamming-code parity. All disk spindle rotation is
synchronized and data is striped such that each sequential
bit is on a different drive. Hamming-code parity is
calculated across corresponding bits and stored on at least
one parity drive. This level is of historical significance
only; as of 2014 it is not used by any commercially
available system.
RAID 3 consists of byte-level striping with dedicated
parity. All disk spindle rotation is synchronized and data
is striped such that each sequential byte is on a different
drive. Parity is calculated across corresponding bytes and
stored on a dedicated parity drive. Although
implementations exist, RAID 3 is not commonly used in
practice.
RAID 4 consists of block-level striping with dedicated
parity. The main advantage of RAID 4 over RAID 2 and
3 is I/O parallelism: in RAID 2 and 3, a single read I/O
operation requires reading the whole group of data drives,
while in RAID 4 one I/O read operation does not have to
spread across all data drives. As a result, more I/O
operations can be executed in parallel, improving the
performance of small transfers.
RAID 5 consists of block-level striping with distributed
parity. Unlike RAID 4, parity information is distributed
among the drives, requiring all drives but one to be
present to operate. Upon failure of a single drive,
subsequent reads can be calculated from the distributed
parity such that no data is lost. RAID 5 requires at least
three disks. Like all single-parity concepts, large RAID 5
implementations are susceptible to system failures
because of trends regarding array rebuild time and the
chance of drive failure during rebuild. Rebuilding an array
requires reading all data from all disks, opening a chance
for a second drive failure and the loss of the entire array.
RAID 6 consists of block-level striping with double
distributed parity. Double parity provides fault tolerance
up to two failed drives. This makes larger RAID groups
more practical, especially for high- availability systems,
as large-capacity drives take longer to restore. RAID 6
requires a minimum of four disks. As with RAID 5, a
single drive failure results in reduced performance of the
60 | P a g e
manufacturers, it is possible to mitigate most of the  Redhat
problems associated with RAID 5. The larger the  Kubuntu
drive capacities and the larger the array size, the  Debian
more important it becomes to choose RAID 6
instead of RAID
5. RAID 10 also minimizes these problems.
Review Questions
1. Discuss why we need resource monitoring in
our infrastructure, and what are the resources
that weare going to monitor.
2. Discuss the different kinds of resource
monitoring tools that are already available in
Windows operating systems.
3. Besides the free and already available
resource monitoring and management tools
mentioned above, discuss some of other well-
known free and commercial tools available
for system administrators.
4. Why remote administration is needed? Explain.
5. List the different network clients.
6. What are the different remote administration
tools?
CHAPTER 5: SECURITY
Introduction
What is Unix/Linux?
The Unix OS is a set of programs that act as a link
between the computer and the user. The computer
program that allocates the system resources and
coordinates all the details of the computer‘s internals
is called the operating system or the kernel. Users
communicate with the kernel through a program
known as the shell. The shell is a command line
interpreter; it translates commands entered by the
user and converts them into a language that is
understood by the kernel.
Linux Distribution
Linux distribution is an operating system that is
made up of a collection of software based on Linux
kernel or you can say distribution contains the Linux
kernel and supporting libraries and software. Around
600+ Linux Distributions are available and some of
the popular Linuxdistributions are:
 Linux Mint
 Ubuntu
 Solus
 Fedora
 OpenSUSE
61 | P a g e
implementations, you will find a lot of similarities in the
Unix/Linux Architecture different distributions. Linux may appear different
Here is a basic block diagram of a Unix system.
Figure. Block diagram of Unix system
The main concept that unites all the versions of Unix is

the following four basics:
Kernel
Shell
Commands and Utilities
Properties of Linux
Linux Pros
A lot of the advantages of Linux are a consequence of

Linux‘ origins deeply rooted in UNIX, except for the first
advantage, of course:
 Linux is free
 Linux is portable to any hardware platform
 Linux was made to keep on running
 Linux is secure and versatile
 Linux is scalable
 The Linux OS and most Linux applications have
very short debug-times
Linux Cons
 There are far too many different distributions

 Linux is not very user friendly and confusing for
beginners
Linux and GNU

Although there are a large number of Linux
62 | P a g e
depending on the distribution, your hardware and
personal taste, but the fundamentals on which all
graphical and other interfaces are built, remain the
same. The Linux system is based on GNU tools
(Gnu‘s Not UNIX), which provide a set of standard
ways to handle and use the system.
Sorts of Files
Most files are just files, called regular files; they

contain normal data, for example text files,
executable files or programs, input for or output
from a program and so on. The -l option to ls
displays the file type, using the first character of
each input line:
The following table gives an overview of the

characters determining the file type:
For convenience, the Linux file system is usually

thoughtof in a tree structure as shown below:
The tree of the file system starts at the trunk or slash,

indicated by a forward slash (/). This directory,
containing all underlying directories and files, is also
called root directory or ―the root‖ of the file system.
Linux Directory Structure

/bin: Common programs, shared by the system, the
system administrator and the users.
/boot: The startup files and the kernel, vmlinuz. In
some recent distributions also grub data. Grub is the
GRand Unified Boot loader and is an attempt to get
rid of the many different boot-loaders we know
today.
/dev: Contains references to all the CPU peripheral
hardware, which are represented as files with special
properties.
63 | P a g e
/etc: Most important system configuration files are in communications network. The protocols used by the
/etc, this directory contains data similar to those in the machines are organized in different layers or levels, in
Control Panel in Windows.
/home Home directories of the common users.
/lib: Library files, includes files for all kinds of
programs needed by the system and the users.
/lost+found: Every partition has a lost+found for files
that were saved during failures are here.
/misc: For miscellaneous purposes.
/mnt: Standard mount point for external file systems,
e.g. a CD-ROM or a digital camera.
/opt: Typically contains extra and third party software.
/proc: Virtual file system containing system resources
information. You can type man proc command on
terminal to see more information about the meaning of the
files in proc.
/root: The administrative user‘s home directory. Mind
the difference between /, the root directory and /root, the
home directory of the root user.
/sbin: Programs for use by the system and the system
administrator.
/tmp : Temporary space to be used by the system, and
its contents will be cleaned upon reboot, so don‘t use this
for saving any work!
/usr: Programs, libraries, documentation etc. for all user-
related programs.
/var: Storage for all variable and temporary files
created by users, such as log files, temporary files
downloaded from the Internet, or to keep an image of a
CD before burning it.
Linux Systems and Network Concepts

What is networking?
A network consists of multiple machines (computers) that

are connected together and share each other all kinds of
information. This connection between the network can be
developed through waves and signals or wires, depending
on which is most convenient for work and the type of
information that needs to be shared.
In the network multiple machines (host) are connected to

the communication sub-net that allows the dialog between
them. They can communicate in two basic ways:
 Through channels point to point (PPP)

 Through broadcast channels
For communicating machines that aren‘t able to

communicate by themselves, routers (intermediate
machines) are used. Moreover, the protocols are a set of
rules known by the entities exchanging data through the
64 | P a g e
such a way that: each layer offers services to a networking configuration. The ip command is used for
higher level, and each layer is supported by services assigning IP addresses to interfaces, for setting up routes
offered by a lower level Each level in a machine to the Internet and to other networks, for displaying
―talks with‖ his twin in another. The rules governing TCP/IP
this ―conversation‖ form the protocol of that level
(layer).
When we talk about Network Architecture, we are

talking about the set of levels and protocols of a
computers network.
Network Configuration and Information

Configuration of network interfaces
All the big, user-friendly Linux distributions come
with various graphical tools, allowing for easy setup
of the computer in a local network, for connecting it
to an Internet Service Provider or for wireless access.
These tools can be started up from the command line
or from a menu:
Ubuntu configuration is done selecting

System→Administration→Networking.
RedHat Linux comes with redhat-config-network,

which has both a graphical and a text mode interface.
Network configuration files

The graphical helper tools edit a specific set of
network configuration files, using a couple of basic
commands. The exact names of the configuration
files and their location in the file system is largely
dependent on your Linux distribution and version.
However, a couple of network configuration files are
common on all UNIX systems:
/etc/hosts
The /etc/hosts file always contains the localhost IP

address, 127.0.0.1, which is
used for interprocess communication.
Never remove this line! Sometimes contains
addresses of additional hosts, which can be contacted
without using an external naming service such as
DNS (the Domain Name Server).
Network configuration commands

The ip Command
The distribution-specific scripts and graphical tools

are front-ends to ip (or ifconfig and route on older
systems) to display and configure the kernel‘s
65 | P a g e
configurations etcetera. The following commands show
IP address and routing information:
Review Questions
1. Discuss the history, controversy, war … between open-
source and closed sources software.
2. What are advantages and disadvantages of Linux.
3. Discuss what makes Linux and GNU different from each
other, and what makes them one.
4. Can we say Linux and Unix are the same? If they are, then
how? If they are not, then why?
66 | P a g e

Data Communication and System Admin

Uploaded by

Data Communication and System Admin

Uploaded by

Addis Ababa University

College of Natural and Computational Sciences

Computer Networking and Security Module

Part I: Data Communication and Computer Networking

COMPONENTS OF DATA PROTOCOL

Network Cables - Types

ROUTER: Router is a specialized network device

INTRODUCTION TO OSI MODEL &

DESCRIPTION OF LAYERS IN THE OSI

TCP/IP MODEL, ADDRESSING IN

FUNCTIONS OF THE LAYERS

IPv4 can be explained with the help of following points:

IP addresses: IP address uniquely identifies a device on the

 The combination is unique: in principle, no two

ROUTING AND ROUTING PROTOCOLS

It involved the following three distinct steps

MEDIUM ACCESS CONTROL

MODULE II: SYSTEM

There are different types of a computer networks

Geographical Span: based on geographical area it

Personal Area Network (PAN): is a network may be

Bus Topology: in this topology all devices are

Ring Topology: in this topology, all devices are

Mesh Topology: in this topology devices are

Hybrid Topology: A network structure whose design

Administration: From administrator‘s point of view,

Network Architecture: based on the architecture

Client-Server Architecture: There can be one or

While to devices communicate with each other, the

TCP/IP is a hierarchical protocol made up of

At the transport layer, TCP/IP defines three

Figure. TCP/IP Protocol Stack

The Network Interface layer (also called the

Network (Internet) Layer

The Internet (Network) Layer Protocols

IP transports data in packets called datagrams, each of

Destination Unreachable: If a router can‘t send an

Well-known ports: The port numbers range from 0 to

Table. Sample TCP and UDP port numbers from well-

Philosophy of System Administration

The terms network administration and system

Scope of Network administration

The goal of Network administration

The goal is to keep the network running properly and

The challenges of system administration

The Meta principles of

Policy and predictability are intertwined.

In general, a given Windows workgroup environment can

The computers in a workgroup are considered peers

 If a user account will be used for accessing

One of the most common mistakes when setting up a

Windows Workgroups vs Homegroups

The following are the estimated minimum RAM

 512 MB (2 GB for Server with Desktop

Network adapter requirements

LDAP & Windows Active Directory

The client may request the following operations:

 StartTLS– use LDAPv3 Transport Layer Security

Windows Active Directory

A server running the Active Directory Domain

Active Directory Services

Each object represents a single entity—whether a user, a

The schema object lets administrators extend or modify

The Active Directory framework that holds the objects

Within a deployment, objects are grouped into domains.

A domain is defined as a logical group of network objects

A tree is a collection of one or more domains and domain

At the top of the structure is the forest. A forest is a

Active Directory synchronizes changes using multi-

Certain Microsoft products such as SQL Server and

Physical hardware costs for the many separate servers can

One-way trust: One domain allows access to users on

 Active Directory Administrative Center

CHAPTER THREE: USER

The user account allows you to authenticate to Windows

A user account in Windows is characterized by the