DEPARTEMENT OF INFORMATION TECHNOLOGY

SYSTEM AND NETWORK ADMINISTRATION

ASSIGNMENT II
Prepared by Id no_
1. Behailu Eshetu It/032/04
2. Brehanu G/aebzgi It/043/04
3. Bisrat Fiseha It/040/04
Submitted to: Instructor Dawit
1
Page

2006 e.c
 Marked assignment- 1
1. Describe the SNMP network management ?
It is a simple network management protocol.
At the beginning it was a Simple Gateway Monitoring Protocol, but was quickly
extended and became a standard for network monitoring.
The model of configuration management is particularly suited to non-interactive
devices like printers and static network infrastructure that require an essentially
static configuration over long periods of time.
Now a day SNMP exists in 3 versions .this are:-
1. SNMP Version 1
 It is the oldest and most basic version of SNMP.
 is based on two entities. managers and agents.
 SNMP managers execute management applications, while SNMP agents
mediate access to management variables.
 Pros :- it is supported by most devices that are SNMP compatable and
simple to setup.
 Cons :-limited security as it only uses a simple password and sent
unencrypted text. And should only be used inside LANs behind firewalls
.also only support 32bit counter which is not enough for bandwidth
monitoring.
2. SNMP version 2c
 Pros: adds 64 bit counters to monitor bandwidth usage in networks with
gigabit/second loads.
 Pros: limited security the same situation as virsion 1.
3. Version 3
 Offers user account and authentication for multiple users and optional
encryption of the data packets which makes it much more secure. And it
also provide all the advantage of version 2.
 Cons: if youselect an SNMP version which is not supported by the server
or the device that you want to monitor you will receive an error message.
SNMP supports three operations on devices: read, write and notify (through ‘traps’).
SNMP access is mediated by a server process on each hardware node (the agent)
2

, which normally communicates by UDP/IP on ports 161 and 162.

Page
 It defines both a framework and a specific protocol for exchanging network
information on a TCP/IP internetwork.

2. Explain how SNMP can be used to watch over and

configure network devices.
 As described in the 3rd questionthe use of SNMP is to read/ watch over different
network hardware’s using the network itself.
 The notify functionality is implemented by ‘traps’ or events that can be configured
in the SNMP agent. Each event type is defined by the SNMP software of the device
being managed
 Specifying community strings and Telnet access data by subnet results in a more
efficient and faster discovery. In general, the more specific the credentials, the
faster the discovery will determine the correct credentials.

 Speed of discovery related to community string settings in the GUI only affects the initial
discoveries. Once Network Manager has identified the correct community strings, it stores
this information in the NCMONITOR relational database. Subsequent discoveries access this
database for SNMP community strings and other SNMP-related device access information.

3. What are the limitations of SNMP?

Basically SNMP hasthe following basic limitations.
 It has some large security gaps that can give network intruders access to
the information carried along the network.

 There are no adequate mechanisms to guarantee security (mainly version

1 and 2)
 The intruders also could potentially shutdown some terminals.
 It is generally considered to be simple and so that the information it deals
is neither detailed nor well organized.

 Reducing network bandwidth,

 It is not possible to accept receipt of a warning sent by the Agent (resulting from
the construction of the UDP protocol - no confirmation during data
transmission)
3
Page

4. Describe the Network Management Architecture?

  As we know most network management architectures use the same basic structure
and set of relationships.
 Management entities also can poll end stations to check the values of certain variables.
Polling can be automatic or user-initiated, but agents in the managed devices respond
to all polls.
 Agents are software modules that first compile information about the managed devices
in which they reside, then store this information in a management database, and finally
provide it (proactively or reactively) to management entities within network
management systems (NMS) via a network management protocol.
 Well-known network management protocols include the Simple
Network Management Protocol (SNMP) and Common Management
Information Protocol (CMIP).Management proxies are entities that
provide management information on behalf of other entities.

5. Discuss the TCP/IP Remote Network Monitoring (RMON)?

 The simple network management protocol defines both a framework and specific
protocol for exchanging network information on the TCP/IP internetworks.
 the Remote Network Monitoring (RMON)specification was created To enable the
information gathered by different devices to be retrived.
 The general model used by SNMP is that of a network management station (NMS) that
sends requests to SNM agents running on managed devices.
 The SNMP agents may also initiate certain types of communication by sending trap
messages to tell the NMS when particular events occur.
 administrators often use special hardware units called network analyzers, monitors or
probes.
 RMON is often referred to as a protocol, and you will sometimes see SNMP and RMON
referred to as “the TCP/IP network management protocols”.
 SNMP Remote Network Monitoring (RMON)was created to enable the efficient
management of networks using dedicated management devices such as network
analyzers, monitors or probes. RMON is often called a “protocol”, but does not in fact
define any new protocol operations; it is a MIB module for advanced network
management capabilities.
4
Page
 Marked assignment- 2
1. What is meant by configuration management in the context of network and
system administration?
Configuration management is the administration of state in hosts or network hardware
An other side of network setup is the policies, practices and procedures which are used
to make changes to or to maintain the system as a whole
Configuration management (NCM) is the process of organizing and maintaining
information about all the components of a computer network
It focused on configuring network devices like switch, router in the network.
Configuration management (CM) is the detailed recording and updating of information that
describes an enterprise's software. Such information typically includes the versions and updates
that have been applied to installed software packages and the locations.
It is mainly focused on software configuration of a computer.

[Link] is configuration information stored by devices?

When configuration information about a configuration of storage is changed, a determining unit
of a storage device determines whether configuration information just updated is to be stored
in accordance with a main update cause of the configuration information and/or a update
content of the configuration information. If the determining unit determines that the
configuration information is to be stored, a configuration-information storing unit stores the
configuration information just updated in a configuration-information storage unit.

[Link] the alternatives available for automating host management.

What limitation does each of the alternatives have?

Vendors have also built many system administration products. Tivoli: it is probably the
most advanced and wide-ranging product available. It is a Local Area Network (LAN)
management tool based on CORBA and X/Open standards; it is a commercial product,
advertised as a complete management system to aid in both the logistics of network
management and an array of configuration issues.
Webmin, Virtualmin, Usermin, Cloudmin – This suite of control panels comes with pretty much
everything you need to manage every aspect of a Linux or Unix-based server, from system
administration (Webmin) to virutal private servers on a cloud system (Cloudmin), and everything
in between. All of the control panels are free, although you can purchase a license for Virtualmin
and Cloudmin for paid support.
5
Page
 ZPanel – Offering next-generation features for server management, ZPanel is a hosting panel for
Windows, Linux, UNIX, and Mac OS X servers. The developers classify it as easy to use but robust
enough for even large businesses.
OpenPanel – Designed to be a “platform for developers”, OpenPanel is a modular server
management system that is designed to be easy to use yet give you “full control over all
technical processes on a server”. In addition to its GUI web-based panel, it features a command
line interface (CLI) for full system control. It has multiple layers of management for
administrators and users.

[Link] System configuration policy?

It is policies, practices and procedures which are used to make changes to or to
maintain the system as a whole, i.e. what humans decide as part of the system
administration process.
A system policy also has the role of summarizing the attitudes of an organization to
its members and its surroundings and often embodies security issues.
So system configuration policy includes the following:-

 Users: Allowing and forbidding certain types of software.

 Organization: What responsibility will the organization take for its users’
actions? What responsibility will the organization take for the user’s safety?
 Mail: Limit the size of incoming and outgoing mail. Spam filtering. Virus
controls.
 WWW: Allowing or forbidding user CGI scripts. Guidelines for allowed content
of web pages.

Marked assignment- 3
[Link] some typical strategies for finding faults?
Finding the problem required experience, a large knowledge base, active
imagination
We have to use three stages:-
 Gather evidence from users and from other tests.
 Make an informed guess as to the probable cause.
 Try to reproduce (or perhaps just fix) the error.
6
Page
[Link] some typical strategies for correcting faults?
One should pay attention to all the facts available about the problem. If users
have reported it, then one should take seriously what they have to say, but
always attempt to verify the facts before taking too much on trust.
Reading documentation can sometimes reveal simple misunderstandings in
configuration which would lead to the problem.
Talking to others who might have seen the problem before can provide a short
cut to the truth. They might have done the hard work of diagnosis before.
Again, their solutions need to be verified before taking them on trust.
Reading old bug and problem reports can provide important clues.
Examining system log files will sometimes provide answers.
Performing simple tests and experiments, based on a best-guess scenario,
sharpen the perception of the problem and can even allow the cause to be
pinpointed.
If the system is merely running slower than it should, then some part of it is
struggling to allocate resources. Is the disk nearing full, or the memory, or even
the process table?
Entertain the idea that it is choking in garbage. For instance, deleted files take
up space on systems like Novell, since the files are stored in such a way that
they can be undeleted. One needs to purge the file system every so often to
remove these, or the system will spend much longer than it should look for free
blocks. UNIX systems thrash when processes build up to unreasonable levels.
Garbage collection is a powerful tool in system maintenance. Imagine how
human health would suffer if we could never relieve ourselves of dead cells or
the by-products of a healthy consumption.

[Link] the process you would use to troubleshoot a slowly

running host. Formalize this process as an algorithm?

Formalize this process as an algorithm.

The "classic" methodologies all describe different ways we can go about the

process of troubleshooting. The process ofÿtroubleshootingÿtypically involves:

Define Problem

Gather Information
7
Page

Analyze the Information

 Eliminate Possibilities

Propose a Hypothesis

Test the Hypothesis

Solve the Problem

[Link] CPU power is cheap; previously it was common for

organizations to have to load users and services onto a single host
with limited CPU. Describe as many strategies as you can that you
might use to prevent users from monopolizing CPU-intensive
services?

Marked assignment 4
[Link] a physical-network map for your organization

The physical-network map should show where the wires go and the end. points or ranges of
wireless links.
 If redundancy was part of the physical-network design, it should clearly indicate and
document the physically diverse paths.
 The amount and type of connectivity available for each link should be indicated. For
example,
 if 200 pairs of copp er wires and m20 pairs of fiber optic cables connect a pair of
buildings,
 The documentation should specify how both sets are rated and terminated and the
distances between the termination points.
8
Page
2. Draw a logical-network map for your organization.
 The logical-network map should show the logical-network topology, with network
numbers, names, and speeds.
 This map should also show any routing protocols and administrative domains that vary
across the network.
9
Page
  Both the physical- and logical-network maps should reach to the perimeter of the
organization’s network and identify its outer boundaries.

Marked assignment -6
1. What are the basic requirements for computer security? Look around your
network. Which hosts satisfy these basic requirements?
Security Patches Operating systems and application programs have periodic
security patches released by the vendor that need to be installed. Installation of
newer versions of the operating system or application program may be needed.
Anti-Virus Protection Computers are required to maintain and use an up-to-date
version of anti-virus software (or virus filtering software for Unix). Other electronic
devices are required to use anti-virus protection, if available.
Firewall A software firewall, hardware firewall or other network filtering (e.g. port
or IP address filtering) technology must be used to help protect the
computer/device while on the network.
Configuration
Authentication (password, passphrase)
Training
Integrity: controlling how information changes or resources are used;
Accountability: knowing who has had access to information or resources;
2. Devise a checklist for securing a PC attached to a network in your
10

organization. How would you secure a PC in a bank? Are there any

differences in security requirement between your organization and a bank? If
Page

so, what are they and how do you justify them?

 To secure PCs in a bank we must use the following mechanisms:

Assigning unique usernames and corresponding passwords are the simplest way of
protecting a network resource. But additional methods are:-
o setting strong passwords on wireless networking devices,
o adding encryption to sensitive data and files
o establishing a firewall,
o installing and maintaining antivirus software,
The security mechanism of banks and organizations may different. Because all organizations
are not banks but all banks are considers as organizations.

No all organizations are securable computer network because they need to know for others
about the company information.

Any how securities for banks are of the following:

Hardware
 Make backups of important files and keep the backup somewhere other than
on your computer.
 Turn off software features you don't use, such as instant messaging, printer
sharing and file sharing.
 Install an anti-virus program and keep it updated.
 The best security measure you can take is to install a firewall, which is as
important for home computers as it is for businesses.
Web
 Set up unique passwords.
 Do not share files or swap music, movie or other entertainment files over the
Internet.
Wireless
 Change default passwords when you set up your system.
 Turn on your wireless router's WEP (Wired Equivalency Protocol).
 Don't broadcast your SSID (the name of your network).
3. Determine what password format is used on your own system. Are shadow
password files used? We use a password format of the following using a
11

shadow password in /etc/shadow/

Behail:hkgebddg:1[Link]
Page
 Each individual is separated by colon:

 User name: user name usually in lowercase letters

 Password: password is encrypted and can contain at least one special character, at
least one upper and lowercase letters and digits.
 Third : last password changed
 Minimum: Minimum number of days between password changes
 Maximum: Maximum number of days between password changes
 Warn: number of days before password is expired
 Inactive: number of days after password is expired , account is disabled.
 Expire: days since the account is disabled.
4. Assume that passwords may consist of only the 26 letters of the alphabet.
How many different passwords can be constructed if the number of
characters in the password is 1, 2, 3, 4, 5, 6, 7 or 8 characters?

Marked assignment -7
1. Discuss the future of network and system administration.
System administration future
We are approaching a new generation of operating systems, with the capacity
for self-analysis and Self-correction. It is no longer a question of whether they
will arrive, but of when they will arrive. When it happens, the nature of system
administration will [Link] administration future
So what does the future hold for network administration? Well, even though
nobody really knows for sure, I can certainly make some educated guesses. My
prediction is that cloud computing will become the norm and that organizations
will employ far fewer IT professional than they do today.
Opportunities for Advancement: With additional education, it is possible to
advance to positions such as Network Engineer and Network Architect.
Skills Transferable to:Network Specialist, Network Security Consultant, and
Technical Support Representative.
2. Write on what you see as the outlook for computing.
Computer networking has revolutionized the way people work and connect,
both at home and in the workplace. It has also generated demand for
professionals who can create, maintain and secure these networks, sometimes
12

on a very large scale. This is where network and computer systems

administrators enter the picture.
Page
Network administration and system administration is one of the fastest growing
career fields because it is a part of computing.
Increasing the salary of an employee in a company and the computing device is
self-configuring, self-maintaining.

13
Page