Ultimate IT solutions

Popular Questions (Find your question and click to view) 1. Give a brief introduction to UNIX. 2. Introduction to Linux. 3. What is GNU project? 4. What are Linux Distributions? 5. Who is System administrator? 6. What are servers? 7. Explain the process of installing and configuring application software. 8. Explain the process of creating and maintaining user accounts in Linux. 9. Explain the backing up and restoring files in Linux. 10. How monitoring and tuning performance of system is done by system administrator. 11. How to configure secure system in Linux. 12. Explain the tools used to monitor system security. 13. Explain the boot process in Linux. 14. Explain the Boot loader GRUB used in Linux. 15. How to use GRUB during the Boot process? 16. Explain the ‘/sbin/init’ or ‘init’ program. 17. Explain the runlevels in Linux. 18. Explain the rc script and how they can be managed by manually. 19. Explain the GRUB configuration file. 20. Explain file system structu

72.What are the server and client security considerations? Ans. Server security considerations: 1. Always use the root_squash option in /etc/exports. 2. Enabled by default so do not disable it. 3. With root squashing clients root account can’t even access or change files that only server’s root account can change or access. Client security considerations: 1. Disable SUID (set UID) programs on NFS mounts using nosuid option. 2. Prevents server’s root account from creating an SUID root program on an exported FS, logging in to the clients as a normal user, and then using the UID root program to become root on the client.

71.Discuss security issues in Network File system. Ans. 1. NFS protocol version 3 and older have some security problems that make it unsuitable for use across the Internet and potentially unsafe for use even in trusted network. 2. One NFS weakness, in general terms, is the /etc/exports file, if a cracker is able to spoof or take over a trusted address, an address listed in /etc/exports then your exported NFS mount are accessible. 3. NFS has normal Linux file system access controls that take over once a client has mounted an NFS export, once this happens normal user and group permissions on the files take over access control. 4. The 1st way to defense is to use host access control, to limit access to services , particularly the portmapper, which has long been target of exploits attempts. 5. For this add the entries in /etc/hosts.clevy lockd, statd, mountd and rquoted. 6. Careful use of IS packet firewall, using netfilter, dramatically increases NFS server security.

70.How to use Automount services? Ans. 1. autofs is used for automatic mounting of NFS exports when the file system is first accessed. 2. autofs uses the automount daemon to mount and unmount. 3. autofs uses a set of map files to control automounting. 4. The master map file i.e. /etc/auto.master, associates mount points with the secondary map files. The secondary map files in turn control the file system mounted under the corresponding mount points. For example consider the following /etc/auto.master autofs configuration file:  /media /etc/auto.home /var /etc/auto.var -timeout 600 This file associates the secondary map file /etc/auto.home with the mount point /home and the map file /etc/auto.var with the /var mount point 5. Each entry in /etc/auto.master, refer to as master map files, and consist of at least two and possibly 3 fields: 1st field is the mount point. 2nd field identifies the full path to the secondary map file that controls the map point. 3rd

69.How to configure Network file system version 4 (NFSv4) client? Ans. 1. There are two new options listed in NFSv4 are introduced as: clientaddr and ports 2. The version 3 of NFS introduced NFS over TCP, which improved NFS’s reliability. 3. In NFSv3, users use the mount option i.e., tcp as client whether client wants to use TCP or UDP to communicate with the server. NFSv4 replaces tcp or udp with a single option i.e. ports=tcp or udp 4. The default buffer size for NFSv4 is 8192 bytes, but it can grow to as large and by 32,678 bytes, which results performance improvements. 5. Following are the mount options: clientaddr=n – Declares client to be multihomed proto=type – Declares port as either udp or tcp resize=n – declares read size of clients buffer wsize=n – Declares write size of clients buffer sec=mod – Declares security model as either krb, krb5 etc.

68.How to configure Network file system (NFS) client? Ans. 1. To configure client, make sure that the portmapper, NFS file locking daemons statd & lockd, mount command are avaialbe. 2. NFS client needs the portmapper running in order to process and route RPC calls and returns from the server to the appropriate port and programs. 3. We can ensure portmapper is running or not by using following command: #service portmap status 4. If portmapper is not running then it’ll show us portmapper is stopped to start portmapper we’ll use following command: #service portmap start 5. Mounting can be done using following commands: For example we wants to mount /media from the server configured at the end then we’ll execute following commands: #mount –t nfs 192.168.166.5:/media /media 6. If user wish, he/she can specify client mount options using mounts arguments as; #mount –t nfs 192.168.166.5:/media /media -o resize=8292,wsize=8192, hard, nolock 7. Following are t