IT WEEK 12: System Administration

System Administration Overview

Introduction to System Administration

  • Course: IT101 Week 12 conducted by Professor Giannoglou.

  • Additional Courses:

    • Teaching IT340: Linux Administration, a mandatory IT core course.

    • Working on a cloud administration course.

    • Suggestion of a Windows Administration course.

Understanding Files

  • Definition: Files are resources for recording data.

Types of Files

  1. Executable Files:

    • Extensions: .exe, .bat, .ps1, .sh

  2. System Files:

    • Extensions: .ini, .dll, .sys

  3. Compressed Files:

    • Extensions: .tar, .zip

Text Editors

  • Windows: Easy modification of text files/scripts using tools like Visual Studio, Notepad++, Notepad, etc.

  • Linux: Lacks a Graphical User Interface (GUI), uses text editors like:

    • vi/vim

    • nano

Important Commands for Text Editors in Linux

  • Insert Mode: i

  • Copy Line: yy

  • Paste Line Below: p

  • Paste Line Above: P

  • Clear Line: dd

  • Exit Current Mode: Esc

  • Write & Quit: :x or :wq

Filesystem Structure

  • Definition: The filesystem stores and organizes data on a device, managing how data is sent and received.

  • Analogy: Comparable to a filing cabinet.

  • Types of Filesystems: Different kinds based on operating system and hardware:

    • NTFS (Windows)

    • XFS (Linux)

    • EXT4 (Linux)

    • HFS (Mac)

    • exFAT

Windows Filesystem

  • Typical Filesystem: NTFS (New Technology Filesystem)

  • Drive/Partition Assignment: Each is assigned a letter; the main drive is typically C:.

  • File Path Syntax: Uses backslashes `

  • Path Characteristics:

    • No root directory

    • Case insensitive regarding file names

    • File types distinguished by their extensions (file.type)

  • Navigation: Conducted through File Explorer or Command Line Interface (CLI).

Linux Filesystem

  • Structure: Utilizes a reverse tree filesystem.

  • Common Filesystems: Primarily ext4 or XFS.

  • Root Filesystem: Starts with / and moves downward.

  • File Path Syntax: Written with forward slashes / (e.g., /home/karl/documents).

  • Path Characteristics: Case sensitive, file type is often irrelevant.

  • Navigation: Performed using CLI.

File Explorers

  • Definition: Graphical User Interface (GUI) tools for navigating filesystems.

  • Features:

    • Icons and menus for easier selection.

    • Input bar for file paths.

  • Advantages: Especially beneficial for beginners; extensively used in Windows and Mac OS.

Command Line Navigation

  • Definition: A basic method to navigate through the filesystem.

  • Syntax: Varies by OS/terminal.

    • Change Directory: cd

    • List Directory Content:

    • ls (Linux)

    • dir (Windows)

  • Path Types: Can use both relative and absolute paths.

  • Advantages: Useful for scripting; easier with practice.

Active Directory (AD)

  • Definition: A directory service for Windows systems, serving as the primary identity service in corporate environments.

  • Functions:

    • Controls user and resource management.

    • Authenticates and authorizes users.

    • Responsible for managing directory services.

    • Increasingly moving operations to the cloud.

Domain Controller

  • Definition: A server that houses Active Directory.

  • Role: Responds to authentication requests; deemed extremely sensitive.

  • Environment: Exists within Windows Server systems.

User, Group, and Owner Permissions

  • Categories of Permissions:

    • Owner: The user who owns a file.

    • Group: Permissions shared among a group of users.

    • Rest of Users: Permissions for all other users.

  • Types of Permissions:

    • Read

    • Write

    • Execute

Windows File Permissions

  • Modification: Can be changed by right-clicking > properties > security > edit.

  • Definitions:

    • Read: View and list contents.

    • Write: Modify or add contents.

    • Execute: Run executable files or scripts.

    • Full Control: Read, write, execute, and change permission.

    • Modify: Change content in folders without altering permissions.

Linux Permissions (using chmod)

  • Octal representation:

    • Read (r): 4

    • Write (w): 2

    • Execute (x): 1

    • Null Permission (-): 0

  • Functionality: Specifies access rights for users and groups.

Example Output from ls -l Command in Linux

shum@sol:~$ ls -l

total 20
drwx--- 2 shum staff
drwx--- 3 shum staff
drwxr-xr-x 2 shum staff
drwxr-xr-x 2 shum staff
-rw-r--r-- 1 shum staff 4096 Jan 16 22:04 Mail
4096 Jan 16 14:15 csc128
4096 Jan 13 16:42 public
4096 Jan 16 14:07 public_html
628 Jan 15 20:04 verse

  • Output Description:

    • Group name

    • Size

    • Filename

    • Date/time last modified

    • User (owner) name

    • Number of hard links

    • Other (everyone) permissions

    • Group permissions

    • User permissions

    • Type of file (e.g., directory, regular file).

Identity & Access Management (IAM)

  • Definition: Refers to the framework managing user permissions, rights, authorizations, and authentications.

  • Importance: Essential for all business functions; warrants dedicated classes.

Security Principles in System Administration

Principle of Least Privilege

  • Definition: Users should have the minimum rights necessary to perform their jobs.

  • Benefits: Reduces the attack surface and enhances security.

  • Implementation: Root/admin accounts should be limited.

User Accounts

  • Overview: There should be an account for each person or service, secured with passwords and multi-factor authentication (MFA).

  • Access Levels: Users typically have access to files they own.

  • Example Paths: User directories such as `C:\Users\Karl\Desktop.

Group Management

  • Definition: A group consists of workers with similar job functions.

  • Best Practices: Use group permissions instead of assigning individual permissions manually.

  • Example Groups: IT Help Desk, SOC, Platform Security, Accounting.

Role-Based Access

  • Definition: Roles define specific access and activities of users/groups.

  • Granularity: More detailed categorization compared to groups.

  • Examples of Roles: Security Log Reader, Security Admin.

Administrative Rights

  • Role Definitions: The administrator (Windows) or root (Linux) has overarching access rights over the system.

  • Implications: Although they have access to everything, system attempts to restrict certain files/services to prevent issues.

  • Security Measures: Administrators should implement strategies like PAM (Pluggable Authentication Modules), logging, and key management.

Network Inventory Management

  • Definition: Importance of knowing every detail of the network, including user data, software, OS, hardware, versioning, configurations, etc.

  • Purpose: Auditing, maintaining, and patching systems.

  • Methods: Often accomplished with endpoint agents and scripts.

System Lifecycle Management

  • Effects: Software can become unsupported; for example, avoiding outdated systems like Windows Vista.

  • Importance: Regular patches are necessary, as hardware eventually reaches end-of-life (EOL).

  • Term: EOSL (End of Service Life) indicates a critical date when a system is deemed obsolete.

Data Backups

  • Definition: Backups are maintained to retain copies of data for emergencies.

  • Methods: Scheduled backups that capture the current system state regularly.

  • Storage Locations: Copies stored both on-site and off-site.

  • Significance: Increasingly crucial due to risks posed by ransomware and is often part of Business Continuity Planning.

System Imaging

  • Definition: The process of creating an image that captures the OS in its entirety including network configurations, system settings, users, and installed software.

  • Application: Images may be deployed across multiple devices to maintain uniformity in OS across the board.

Infrastructure as Code (IaC)

  • Definition: Uses definition files to deploy and manage environments.

  • Capabilities: Enables deployment of containers, servers, network services, and more.

    • Allows pushing updates and changes efficiently.

    • Pulls data for monitoring, minimizing human error.

  • Examples: AWS CloudFormation, Ansible, Puppet.

Patches and Updates

  • Definition: Regular updates provided by software and OS vendors.

  • Scheduling: Often occur on regular time frames (weekly, bi-weekly, monthly) based on needs.

  • Requirement: Must be within software support timeline.

Scripting in System Administration

  • Functionality: Scripts automate tasks necessary for system administration.

  • Applications: Used to check inventory databases, deploy configurations, and run health checks.

  • Languages: Written in languages such as Python, XML, C, JavaScript.

Automated Tasks

  • Definition: Scheduled processes that manage system tasks such as health checks, patches, and backups.

  • Platforms:

    • Windows: Task Scheduler

    • Linux: Crontab.

Monitoring Systems

  • Purpose: Tools to ensure systems operate smoothly; monitoring for health checks, security alerts, compliance, and patching.

  • Tools:

    • Third-party applications

    • Built-in tools

    • Custom scripts.

Comparison: Windows vs Linux

  • Applications: Windows typically used for user-facing interactions and Active Directory services; Linux predominantly for server environments.

  • Integration: Most businesses utilize both operating systems.

  • Notable Differences: Require distinct administrative knowledge: filesystems, permissions, services, etc.

Various Operating Systems

  • Linux Variants: Different distributions such as Ubuntu, Fedora, and Red Hat.

  • Other OS Examples: Microsoft products (Windows Server, Windows Desktop, MS-DOS), Mobile OS (Android, iOS), and UNIX flavors.

Command Line Characteristics

  • Linux CLI: Primarily command-line based, characterized by case sensitivity and steep learning curve.

  • Benefits: Easier automation and greater efficiency compared to GUI interfaces.

Linux Terminal Interaction

  • Definition: The command line interface where users engage with the operating system.

  • Shell Access: Primarily utilizes Bourne Again Shell (bash).

  • Features: Various powerful built-in shortcuts (up arrow, tab completion, Ctrl + E/A).

PowerShell in Windows

  • Purpose: Task automation and configuration management tool, more advanced than Command Prompt.

  • Popularity: Widely used for scripting and automation tasks; can be an attack vector.

Device Security Measures

  • Security Solutions: Includes Identity and Access Management (IAM), Endpoint Detection and Response (EDR), VPNs, and Antivirus (AV) software.

  • Logging Practices: Implementing logging policies and event management.

  • Configurations: Firewall settings, IAM setups, and proxy configurations.

  • Inventory Management: Keeping track of software installations and their versioning.

Mobile Device Management

  • Company Policy: Organizations often provide work phones with strictly enforced policies covering content access, password protocols, and geolocation tracking.

  • Application Management: Allowance for approved applications for internal network access, facilitated through whitelisting.

Networking Fundamentals

  • Key Terms: Understanding IP addresses and subnets, establishing network segments, and creating firewall rules.

  • DNS Configuration: Critical for accessing resources over the network.

Establishing a Network Baseline

  • Definition: Expected behavior and characteristics of devices, covering aspects like open connections, tasks, software in use, and geographical locations.

  • Application: Bases for detecting anomalies, malware, or software issues.

Network Segmentation Concept

  • Definition: The practice of isolating network devices to separate broadcast domains.

  • Considerations: Protects sensitive assets by delineating different network segments—such as the Internet, Demilitarized Zone (DMZ), and internal networks.

Network Diagram Representation

  • Components: Visual depiction of network setup including Internet, DMZ, Internal segments, and essential strategies for vulnerability scanning, access management, and data retention.