Network Services

CSCI N321 – System and Network Administration

Copyright © 2000, 2007 by Scott Orr and the Trustees of Indiana University

Section Overview

Client-Server Model

Network Ports, Services and Daemons

Network Protocols

Viewing Active Ports

Common Server Daemons

References

Linux System Administration

Chapter 18 (pgs. 305-332) Optional: Chapters 20 & 21

CQU 85321 System Administration Course

TextbookChapter 16

Lectures2002 #16

TCP/IP Protocol Stack

Physical Layer (media)Physical Layer (media)

Link Layer (Device Drivers)Link Layer (Device Drivers)

Network Layer (IP)Network Layer (IP)

Transport Layer (TCP,UDP)Transport Layer (TCP,UDP)

Application (FTP, HTTP, DNS)Application (FTP, HTTP, DNS)

Client-Server Model

ServerServer ClientClient

Listens forListens forincomingincomingrequestsrequests

Makes a requestMakes a request

Request fulfilledRequest fulfilled

Network Ports

Enables processes to communicate with each other across a network64K possible portsPrivileged ports < 1024 reserved for system use only Correspond to well-known services /etc/services

/etc/services

Service-name port/protocol aliases

Examples:ssh 22/tcp

smtp 25/tcp mail

www 80/tcp http www-http

imaps 993/tcp

syslog 514/udp

Running Network Servers

Stand-alone Daemon Each started via rc script Always running Listens (binds) to the service port Uses resources even when idle

inetd “Super-daemon” Listens to many ports Starts daemon when request is received Daemon shuts down when finished /etc/inetd.conf

/etc/inetd.confservice_name: Service namesock_type: stream (tcp) dgram (udp) raw (direct IP)

proto: protocol used (/etc/protocol)flags: wait, nowaituser: User to run daemon asserver_path: Full path to daemon programargs: Command line arguments to daemon

Xinetd

Replacement for inetdEnhancements Access Control Resource based limits Logging (Success and Failure)

Default: /etc/xinetd.confService Specific: /etc/xinetd.d

/etc/xinetd.conf

defaultsdefaults{{ instances = 60instances = 60 log_type = SYSLOG authprivlog_type = SYSLOG authpriv log_on_success = HOST PIDlog_on_success = HOST PID log_on_failure = HOSTlog_on_failure = HOST cps = 25 30cps = 25 30}}

includedir /etc/xinetd.dincludedir /etc/xinetd.d

Example xinetd service /etc/xinetd.d/imaps:/etc/xinetd.d/imaps:

service imapsservice imaps{{ disable = nodisable = no socket_type = streamsocket_type = stream wait = nowait = no user = rootuser = root server = /usr/local/sbin/imapdserver = /usr/local/sbin/imapd groups = yesgroups = yes flags = REUSE IPv6flags = REUSE IPv6}}

Windows Service Management

Microkernel – Everything a serviceAdministrative tools -> ServicesService Options Startup Type: Automatic, Manual,

Disabled Log On: Which user to run service as Recovery: What to do on failure Dependencies: Which services does this

one depend upon

Windows Service Recovery

Settings for: First Failure Second Failure Subsequent

Failures

Counter Reset (Days)

Options: Take no Action Restart the

Service Run a program Restart the

Computer

Network Protocols

Service request/response syntaxOften uses English commandsRequest For Comments (RFC) Documentation for protocols and

practices Each revision its own number May have a second classification

For Your Information (FYI) Best Common Practices (BCP) Standards (STD)

Viewing Active Ports

netstat –a – Ports in use Source/destination addresses and ports Protocol used State

LISTENESTABLISHED

lsof –i :service – Process using porttcpdump – View network traffic

Resource Sharing Daemons

Network File System (NFS) nfsd mountd

Line Printing Daemon (lpd)Samba smbd – Microsoft file and print sharing nmbd – Microsoft name resolution

Internet Daemons

telnetd – Remote Accessftpd – File transferBerkeley-R Daemonssshd – Secure ShellElectronic Mail sendmail/postfix – Receiving email imapd, popd – Remote email access

httpd – Web

Infrastructure Daemons

named – DNSdhcpd – Dynamic Host Config Protocolnisd/ldapd – Directory Servicesfingerd – User informationxntpd – System time synchronizationrouted/gated – RoutingFirewall