NCC International Advanced Diploma in Computer Studies
NCC International Advanced Diploma – ISA Assignment Due date: 30 July, 2004
NCC International Advanced Diploma in Computer Studies
Internet System Administration
Prepared by:
Table of Content
Task 1
1A) Robots or spiders
Robots or Spiders (also called web robots, web spiders), are automatic programs used by search engines to visit websites. Some robots are designed to gather content for indexing into search databases, and other robots are designed to do link checking, HTML validation, and other tasks.
Web-wide search engines, such as Go Network, AltaVista and HotBot use robots because web pages were accessed remotely.
How Robots Follow Links to Find Pages ?
Robots.txt
With the use of indexing technique, Robots should also check a special file in the root of each server called robots.txt, a plain text file (not HTML). Robots.txt implements the Robots Exclusion Protocol, which allows the Web site administrator to define what parts of the site are off-limits to specific robot user agent names.
Here is a simple ROBOTS.TXT file that prevents all spiders from indexing certain directories on my web server:
User-agent: *
Disallow: /secure/
Disallow: /assets/
Disallow: /cssstyles/
Inter-related documents to form a spiderweb
1B) Updating Unix distribution and kernel
Unix Structure
The Unix Kernel is the heart of the UNIX system. The structures of Unix Kernel consist of User level and Kernel level (and hardware level).
The UNIX distribution was underlying on the user level in which some package software are installed. Users have the right to choose their favourite package software (distribution release). While, the UNIX kernel are the system services bundle-installed by the UNIX operating system. Without the system services program, UNIX operating system can not be run or used. Very often, the kernel was specified (or chosen) by UNIX developer such as HP, IBM, SUN Solaris and so on. Every UNIX has their default kernel, it usually not needed to update if bugs were not hit.
Similarly to Microsoft Windows, the UNIX distribution referred to the software that were installed on UNIX by users themselves or pre-installed by operating system (bundled software). Users can add or remove the software by themselves through command or installer such as RPM method or other means.
Update UNIX distribution and kernel
Unlike Microsoft Windows, almost ALL UNIX system didn’t provide auto “liveupdate” method to update the UNIX distribution software and UNIX kernel. In case of known bugs for operating system or system enhancement released by developers, UNIX administrators were required to update the UNIX system through command prompt with specified command.
Security needs and stability needs for update kernel and distribution
If UNIX were installed in the closed network, it usually didn’t need for update system patches or bug fixes for distributions. However, nowadays, due to raising hacker activities, demanding and increasing security concern, UNIX systems’ system holes are exposed to security risk in Internet, UNIX distribution and kernel were required to update its old kernel and out-dated distribution. For example, Red Hat Linux (one type of UNIX) release 6.0 (Shedwig) Kernel 2.2.5-15, can be updated to kernel 2.4.20 to enhance the system stability and security.
Procedure difference among UNIX ...
This is a preview of the whole essay
Security needs and stability needs for update kernel and distribution
If UNIX were installed in the closed network, it usually didn’t need for update system patches or bug fixes for distributions. However, nowadays, due to raising hacker activities, demanding and increasing security concern, UNIX systems’ system holes are exposed to security risk in Internet, UNIX distribution and kernel were required to update its old kernel and out-dated distribution. For example, Red Hat Linux (one type of UNIX) release 6.0 (Shedwig) Kernel 2.2.5-15, can be updated to kernel 2.4.20 to enhance the system stability and security.
Procedure difference among UNIX world
The update kernel procedures for each UNIX distribution and kernel are different for different UNIX platform such as HPUX, IBM-AIX, DEBIAN, SUSE and RED HAT and so on. The procedures for update should refer to the release notes and procedure guides for the OS patch release or distributions.
1C) Use Samba to Reduce Complexity for Environment
Endless hardware incompatibility issues, system outages, data backup problems, and a steady stream of angry users, all of these are the swamped daily IT operation and routine. Adding a tool called Samba. Samba was the tool for reducing the complexity for work environment.
Samba is a suite of Unix applications that speak the SMB (Server Message Block) protocol. SMB was used to perform client-server networking. samba allowed Unix servers to get in on the action and communicate through the SMB protocol. Thus, a Samba-enabled Unix machine could masquerade as a server and offer the following services:
- Share one or more filesystems
- Share printers installed on both the server and its clients
- Assist clients with Network Neighborhood browsing
- Authenticate clients logging onto a Windows domain
- Provide or assist with WINS name server resolution
Unix daemons provided by samba was shown as follows:
- smbd - A daemon that allows file and printer sharing on an SMB network and provides authentication and authorization for SMB clients.
- nmbd - A daemon that looks after the Windows Internet Name Service (WINS), and assists with browsing.
The above article from
1D) Common Gateway Interface
Common Gateway Interface (CGI) scripts
CGI allows the Web client to execute programs on the Web server. The server then returns the results to the client. CGI scripts are just normal executable programs or system script files like UNIX shell scripts. Compiled programs may be written in any programming language, like C and C++. Interpreted scripts may be written in any scripting language like Perl or UNIX shell script, provided the system running the Web server supports it. The following points should be noted in using these two types of CGI application:
- Compiled programs can be executed much faster than interpreted script. For applications with many user accesses, compiled programs are preferred.
- Script can be developed and modified more easily. It can be modified directly and take effect immediately without the need for recompilation.
- It doesn’t need to keep the source files of the scripts separately. Frequently, CGI scripts are placed in the cgi-bin directory of the Web server.
There are two methods for CGI program on the server receive the necessary data from the client for processing: GET and POST
GET and POST
The developers have to determine which method their CGI programs will use in receiving client data at the time the program is developing. A program that uses the GET method gets the data from a pre-defined environment variable.
A simple CGI script Example
#!/bin/sh
echo Content-type: text/html
echo
echo "<HTML>"
echo "<HEAD>"
echo "</HEAD>"
echo "<BODY>"
echo "<P>Here is the data submitted through GET method:"
echo "<PRE>"
echo QUERY_STRING = $QUERY_STRING
echo "</PRE>"
echo "</BODY>"
echo "</HTML>"
1E) Light Weight Directory Access Protocol (LDAP)
Short for Lightweight Directory Access Protocol, a set of protocol for accessing information directories. LDAP is based on the standards contained within the X.500 standard, but is significantly simpler. And unlike X.500, LDAP supports TCP/IP, which is necessary for any type of Internet access. Because it's a simpler version of X.500, LDAP is sometimes called X.500-lite.
LDAP is a directory service server (RFC1777), storing attribute based data. Data generally read more than written to. Hence no transactions or no rollback processes. Hierachical data structure are in a tree-like structure called Directory Unformation Tree (DIT).
LDAP is an Internet protocol that email programs use to look up contact information from a server, such as ClickMail Central Directory.
LDAP has broader applications, such as looking up services and devices on the Internet (and intranets). Netscape Communicator can store user preferences and bookmarks on an LDAP server. There is even a plan for linking all LDAP servers into a worldwide hierarchy, all searchable from client.
LDAP promises to save users and administrators time and frustration, making it easy for everyone to connect with people without frustrating searches for email addresses and other trivia.
1F) Windows Active Directory
This is Directory service, copyrighted by Microsoft. A directory service enables the user to find an object when given any one of its attributes, can be installed on servers running Microsoft Windows Server 2003, Standard Edition; Windows Server 2003, Enterprise Edition; and Windows Server 2003, Datacenter Edition. Active Directory stores information about objects on the network and makes this information easy for administrators and users to find and use. Active Directory uses a structured data store as the basis for a logical, hierarchical organization of directory information.
This data store, also known as the directory, an information source that contains information about users, computer files, or other objects. In a file system, a directory stores information about files. In a distributed computing environment (such as a Windows domain), the directory stores information about objects such as printers, fax servers, applications, databases, and other users, contains information about Active Directory objects. These objects typically include shared resources such as servers, volumes, printers, and the network user and computer accounts. For more information about the Active Directory data store, see Directory data store.
Security is integrated with Active Directory through logon authentication and access control to objects in the directory. With a single network logon, administrators can manage directory data and organization throughout their network, and authorized network users can access resources anywhere on the network. Policy-based administration eases the management of even the most complex network.
Source from
Task 2A
2A) Windows Update
2Ai) Procedure for the update
- Click Start at start menu → select Windows Update
- An Internet Explorer is launched with web site
The welcoming page is opened.
- Click on “Scan for updates”
- Review and install updates
Critical patches included the following 7 items:
Cumulative Security Update for Outlook Express 6 Service Pack 1 (KB837009)
Critical Update for Internet Explorer 6 Service Pack 1 (KB831167)
Critical Update for ADODB.stream (KB870669)
Security Update for DirectX 7.0 (KB839643)
Security Update for Windows 2000 (KB837001)
Security Update for Windows 2000 (KB828741)
Security Update for Windows 2000 (KB835732)
2Aii) A short report on experience
Waiting for a long while for each security patches. It takes over an hour.
Difficulties that was encounterred
The difficulties were the limited bandwidth to download the required update file. As file size was quite large (about 30MB), it did take a very long time for whole download process, even broadband was used, especially, some critical bug fix was launched. Many windows users updated it at the same time.
Moreover, no guarantee for some mission critical application such as MSSQL database to run properly, because some system files were replaced by new files. Some abnormal were experienced by administrator. Hence, backup for whole system should be done before update.
Lesson learnt
- To obtain the most effective way for update, a schedule should be set to automatic update windows service at services panel.
- To upgrade windows at non-peak hour such as 3 a.m to 7a.m everyday
- Backup full system first before upgrade, to prevent system crush after upgrade.
Evidence to show the upgrade process (Before upgrade)
Evidence to show the upgrade process (After upgrade)
The installed security patches can be found in the Add/Remove program in settings → control panel.
Task 2B
2B) Windows Administration
2Bi) The summary of software installed on local computer can be found in the registration.
Type “Regedit” at RUN in start menu, browse to the folder at following.
Most installed program provided uninstallation procedure in which it served as the installation of software summary.
Click settings → Control Panel → administrative tools → Computer Management.
Click the hardware resources under system information, and right click it to save as the information into a text file. The text file was embedded to this document below.
Sample content for the hardware configuration
[Sound Device]
Item Value
Name ES1868 Plug and Play AudioDrive (WDM)
Status OK
PNP Device ID ISAPNP\ESS1868_DEV0001\FFFFFFFF
IRQ Number 5
I/O Port 0x0220-0x022F
I/O Port 0x0388-0x038B
I/O Port 0x0330-0x0331
Driver c:\winnt\system32\drivers\ess.sys (64144, 5.00.2138.1)
Sample content for the software configuration
2Bii) Application groups and access permission
2Biii) All services available on the system
Task 3A
3A) Common Characteristic
3Ai) User-friendliness
User-friendliness is a term often used to describe software and other technologies. Its definition is subjective, depending on the user. Useful alternative terms are usability and accessibility, both from the field of human-computer interaction.
Statement: To compare the ease of browser for general users.
For menu driven
Graphical user interfaces (GUI) is involved. For example, change directory from c:\temp to “C:\Documents and Settings\Administrator\My Documents”.
Use file explorer and click on the specified path.
The path changed to “C:\Documents and Settings\Administrator\My Documents”
For Command line tool
Conclusion
Using the explorer GUI is more convenient for end-user to copy thing to anther directory, just 2 simple steps for the human intervention. i.e The user-friendliness using Windows Explorer method
3Aii) Mismatching of functionalities of menu driven tools with the command line tools
Statement: Comparing the functionalities for directory browser of both tools, only show hidden directory and file.
For menu driven
Windows file explorer was chosen to be used to browse directory at C:\WINNT\System32. All files including hidden files, system files, were shown by default.
All files were displayed in the above explorer windows. The Windows Explorer can not fulfill the requirement as statement.
For command line tool
Command DIR was chosen for the comparison, shown as follows:
Type DIR with /AH option, i.e “DIR /AH”. The only required hidden files and directories in the C:\WINNT\System32 were displayed.
Only 2 directories, and only 2 files were shown, see as below:
Conclusion
The command line tool provided more comprehensive and flexible way to fulfill special needs for IT professional. It lets users to choose their own favourite listing of directory. While menu driven tool just provided the basic function for browsing, showing all files and folders by default.
3Aiii) Comparison of the resilience of the two types of tools to errors
Statement: Comparison of resilience to errors
For menu driven tools
Menu driven tools usually don’t provide the resilience to errors, except those tools have implemented the function of “redo”. Wrong human interaction will call unpredictable result such as wrongly confirmation of delete objects in Active Directory. The error occurred should only be notified in the present of operator.
Absent of users will cause the information missing generated by the error message.
Example of Resilience to error
Deletion of system files, all system files located in WINNT will be deleted if user answered the wrong answer.
Command line tools
By contradiction to menu driven, command line tools could establish the resilience to errors by striker command, other algorithm and methods. All activities could be log into a text file. The following are some example for command line tools.
Example of Resilience to Error
RECOVER command
At command prompt, type “RECOVER”, this is a command to recover a damaged file. This can only be found by using command line tools. This tool was not provided in menu driven tool.
Example of Log activities or processes for auditing and checking
Another example, log the command line result.
At command prompt, type “chkdsk >> simon.txt”, the whole process of running chkdsk command will be log into text file called simon.txt. As activities processes were log, the error checking process could be further held by administrator.
The partial log file “simon.txt” was displayed as follows:
The type of the file system is NTFS.
WARNING! F parameter not specified.
Running CHKDSK in read-only mode.
CHKDSK is verifying files (stage 1 of 3)…
…
CHKDSK is verifying files (stage 2 of 3)…
The above log file recorded the whole process of CHKDSK.
3Aiv) Consistency with the way options or arguments are used in the command line tools.
Most windows are consistent to each others. In general, windows commands (command executable) are followed by switch, argument, or options.
Help options for each command
By type “/?” after most command, it will display its usages and syntax for the command.
For example, “Copy /?”
The switch /Y May be present in the COPYCMD environment variable.
At command prompt, type “net use /?”
The options for /PERSISTENT was YES or NO.
Case-insensitive for windows command
In all windows command, it was case-insensitive. It accepted all cases of COPY command. “copy” or “Copy” or “CoPy” or etc are accepted.
All necessary argument should be typed to run the command.
In windows command, it should provide the requirement information to run the command. For example “SUBST”, it could only be run when provided the physical path and the path existed.
This command will map a local drive K: in which K drive contained the content inside c:\temp.
For more usage and its consistency of other windows commands, refer to the windows command reference guide or online manual at Microsoft.com
3Av) Suitability of the menu driven and the command line tools for highly repetitive tasks
Statement: To compare the ease of copying thousand of files
For menu driven,
Select Copy the source and paste to another folder.
Repeat the steps for the remaining thousand of copying jobs with the present of operator.
For command line tool
Create a batch file called simon.bat, the content was shown as follows:
Copy C:\NCC1\*.* D:\NCC1\
Copy C:\NCC2\*.* D:\NCC2\
Copy C:\NCC3\*.* D:\NCC3\
Copy C:\NCC4\*.* D:\NCC4\
Copy C:\NCC5\*.* D:\NCC5\
Copy C:\NCC6\*.* D:\NCC6\
……………………….. (Repeat for remaining )---------
The above batch will copy all the content in C:\NCC1, C:\NCC2, …, C:\NCCN to the corresponding destination folder without human intervention.
Conclusion
The command line tool should be chosen for very repetitive tasks, as no human intervention was involved for the whole process. This is more effective method to do repetitive tasks.
Task 3B
3Bi) A menu driven tool
The Windows Explorer is a menu driven tool. The browser navigation was convenient to change directory to anther directory.
Current directory was “C:\WINNT\system32\dns”
Directory changed to “C:\WINNT\system32\appmgmt”
A few mouse clicks can get the job done.
3Bii) Installed by default command tool
A command line tool in which was installed on your machine by default.
For example, “ipconfig”
“Ipconfig” was typically installed by default program to check the IP address of the currently using machine. This provided the information of IP address for the machine.
3Biii) NOT installed by default command line tool, but found in Windows CD
The additional command tools could be found in the Windows Installation CD in Support\Tools folder. The installation of these tools were required before ran.
After installed Microsoft System support tools, extra command line tools were installed in “C:\program files\Support Tools”
After installation, go to C:\program files\Support Tools
Type PMON.EXE at command prompt at C:\Program files\Support Tools
The Windows on showing the process running in the machine was shown as follows:
3Biv) A command line tool, which is available for free on the Internet.
SIZEOF.EXE reports the total size of a set of files in bytes, kilobytes, and megabytes which it is free for download and use on the Internet, from
END
Page of