KEMBAR78
Computer Hardware and System Administration-Notes | PDF | Bios | Printer (Computing)
100% found this document useful (3 votes)
4K views302 pages

Computer Hardware and System Administration-Notes

The document provides information about the "Computer Hardware and System Administration" course. It includes details like the course code, credits, duration, prerequisites and outcomes. The course aims to teach students about identifying computer components, different system boards, network components and establishing different network types. It also covers installation and configuration of Windows 2012 server and Linux. The course contents are spread across 6 topics that deal with hardware, motherboards, processors, networking, Windows and Linux administration.

Uploaded by

Kiran Reddy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
100% found this document useful (3 votes)
4K views302 pages

Computer Hardware and System Administration-Notes

The document provides information about the "Computer Hardware and System Administration" course. It includes details like the course code, credits, duration, prerequisites and outcomes. The course aims to teach students about identifying computer components, different system boards, network components and establishing different network types. It also covers installation and configuration of Windows 2012 server and Linux. The course contents are spread across 6 topics that deal with hardware, motherboards, processors, networking, Windows and Linux administration.

Uploaded by

Kiran Reddy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 302

Computer Hardware and System Administration

Course Title : Computer Hardware and System Course Code : 18CM502C


Administration
Course Group : Core
Semester :V
Teaching Scheme in Periods (L:T:P) :45:15:0 Credits :3

Type of course : Lecture + Tutorial Total Contact Periods: 60 Periods


CIE : 60 Marks SEE : 40 Marks

Prerequisites
Knowledge of PC components

Course Outcomes
Upon completion of the course the student shall be able to
Course Outcome
CO1 Identify the PC components
CO2 Learn different system boards
CO3 Learn different network components
CO4 Establish different types of network
CO5 Installation and configuration of Windows 2012 server
CO6 Installation and configuration of Linux

Course Contents
1. Understand PC hardware and its Components. 7 periods
Hardware and software - the BIOS hardware interaction, importance of BIOS, BIOS functions
configuration of a general purpose computer ( P-IV Compatible), identification of various
components on the motherboard - Input Devices- various input devices used with a general
purpose computer, installation of Keyboard, optical and opto-mechanical mouse , flat bed
scanner, Webcam - Output Devices- working principle of CRT Monitor ,working principle of
LCD/TFT, printers(Impact and Non-Impact) working principle of Dot matrix printer, inkjet
printer, Laser printer.

2. System Board and Mass storage devices 12 periods


Mother Board- motherboards based on the form factor: such as AT, ATX, micro ATX,
mini ATX , Baby AT, BTX, NLX, various I/O ports available on the motherboard
Processors- various processors used in the system: INTEL P4, Celeron, XEON, Itanium
processors, AMD athelon, Dual core, Core 2 Duo, Quad core and i-series (i3,i5 and i7), features
of above chipset and their advantages, importance of SMPS over linear voltage power supply,
connectors from SMPS and list the voltage levels of each wire in various connectors based on the
standard color of the wire
RAM- static and dynamic RAM, Mass storage devices - Hard disk Drive, jumper settings, hard
disk interfacings standards like IDE/SCSI/SATA/PATA.

3. Introduction to Networks and LAN components 10 periods


Need for network-Network classification- network standards-Topologies-Network Components-
connectors-network devices

4. Network Addressing and Management 10 periods


Network addressing -Network protocols, Monitoring and Troubleshooting – Remote,
Monitoring, Establishment of LAN, Network status.

5. Windows-2012 server administration


Need of system administration, responsibilities of administrator, Analyze the Installation &
Configuration of Windows 2012 Server, Installation and configuration of Active directory with
DNS, Discuss User & Group Managements, Know about Share Permissions for files and folders,
Analyze the working of Device Manager, Drivers Signing & Signature, analyze Verification &
Managing Ports, Installation and configuration of DHCP, DFS, Know about disk quotas.

6. LINUX administration
Introduction to Linux, pre-Installation, Installation of Linux, Discuss Desktop Environments,
shells & their Types, Familiarization with LINUX editors and commands, Discuss basic filtering
techniques in LINUX, Discuss basic piping techniques in LINUX, Discuss about Managing Users
and Groups, Analyze the process of Configuring DHCP in LINUX , Describe Configuring DNS
in LINUX, Configuring internet access, Configuring web server, Describe Linux Security ,
Explain the process of Backup of data in Linux.

Recommended Books
1 Enhanced Guide to Managing -- Jean Andrews (Thomson)
And Maintaining Your PC
2. Basics of Networking -- NIIT PHI publications
3. PC Hardware A Beginners Guide -- Gilster (TMH)
4. PC Upgrading -- Stephen Bigelow (TMH)
5. Trouble Shooting Your PC -- Stone & poor
6. Computer Networks -- Andrew S. Tanenbaum
7. Windows server 2012 by Charlie Russel and Craig zacker
1. Unix and Linux System Administration hand book 4th edition by Garth snyder

Specific Learning Outcomes:

Upon completion of the course the student shall be able to

1.0 Understand PC hardware and its Components.


1.1 Define PC Hardware and Software
1.2 State the importance of BIOS
1.3 Explain the BIOS functions of (i) POST, (ii) Bootstrap loading
1.4 Identify mother board components - processor, chipset, SMPS, Disk Drives, RAM,PCI,IDE,ISA
slots, mouse, AGP, Keyboard, monitor, printer, speaker, USB ports, Parallel port, Serial Port, and
Modem of the system.
1.5 Explain various kind of input devices- keyboard, mouse(optical & opto mechanical), flat bed
scanner, webcam.
1.6 Explain various kind of output devices - working principles of CRT Monitor, LCD/TFT,
Dot matrix printer, inkjet printer & Laser printer.
1.7 Identify various cables that connect peripherals to the rear side of system

2.0 System Board and Mass storage devices


2.1 Mother Board
2.1.1 Explain various motherboards based on the form factor : such as AT, ATX, micro
ATX, mini ATX , Baby AT,BTX,NLX etc
2.1.2 List various components on motherboard.
2.1.3. List the I/O ports available on motherboard
2.2 Processors
2.2.1 Describe the features and advantages of various processors: INTEL P4, Celeron, XEON,
Itanium processors, AMD Athlon, Dual core, Core 2 Duo, Quad core and i-series (i3, i5
and i7).
2.2.2 State the importance of SMPS over linear voltage power supply
2.2.3 Use connectors from SMPS and list the voltage levels of each wire in various connectors
based on the standard color of the wire
2.3 Mass storage devices
2.3.1 Give the constructional details and working of a Hard disk Drive
2.3.2 Explain the importance of jumper settings and give details of it
2.3.3 Familiarize with hard disk interfacings standards like IDE/SCSI /SATA /PATA
2.3.4 Distinguish RAM types - SDRAM, DDR(1-3), Rambus RAM
2.3.5 Explain the procedure to upgrade RAM capacity of the system by adding additional
RAMs

3.0 Introduction to Networks and LAN components.


3.1 State the Need for Networking.
3.2 Classification of Networks –LAN, MAN, WAN
3.3 Explain LAN Devices such as (Repeaters, Hubs, Switches, Bridges, Network
Interface Cards (NICs), Routers, Modems, Wireless network adapters.
3.4 Know about UTP cable, Optical Fiber Cable, and Connectors.
3.5 ISO/OSI Reference model.
3.6 TCP/TP Model.
3.7 Network topologies (Star, Mesh, Ring, Bus, Hybrid)

4.0 Network Addressing and Management


4.1 Introduction to Network Addressing.
4.2 Know about TCP/IP Addressing Scheme.
4.3 Components of IP Address
4.4 Know IP Address Classes
4.5 Understand IP Subnetting
4.6 Classify the two types of Internet Protocol addressing IPv4 and IPv6 and state the need
for IPv6.
4.7 Describe Internet protocol version-6 (IPv6) addressing.
4.8 Wifi networking standards and encryption types.
4.9 Networking trouble shoot components
4.10 Preparation of straight and cross cable
4.11 Establishment of LAN
5.0 Windows-2012 server administration
5.1 Need for System Administration
5.2 Responsibilities of System Administrator
5.3 Analyse the Installation & Configuration of Windows 2012 Server
5.4 Installation and configuration of Active directory with DNS
5.5 Discuss User & Group Managements.
5.6 Know about Share Permissions for files and folders.
5.7 Analyze the working of Device Manager, Drivers Signing & Signature
5.8 Analyze Verification & Managing Ports.
5.9 Installation and configuration of DHCP, DFS
5.10 Know about disk quotas.

6.0 LINUX administration


6.1 Introduction to Linux, pre-Installation.
6.2 Installation of Linux
6.3 Discuss Desktop Environments, Shells.
6.4 Familiarization with LINUX editors and commands
6.5 Discuss basic filtering techniques in LINUX like, Give the working of filter commands
and Discuss the usage of grep, egrep, fgrep.
6.6 Discuss basic piping techniques in LINUX
6.7 Discuss about Managing Users and Groups.
6.8 Analyze the process of Configuring DHCP in LINUX
6.9 Describe Configuring DNS in LINUX.
6.10 Configuring internet access
6.11 Configuring web server.
6.12 Describe Linux Security
6.13 Explain the process of Backup of data in Linux

Suggested Activities
Student activity like mini-project, quizzes, etc. should be done in group of 5-10 students.
1. Each group should do any one of the following type of activity or any other similar activity
related to the course with prior approval from the course coordinator and programme coordinator
concerned.
2. Each group should conduct different activity and no repetition should occur.
3. Explore and analyse topics to improve the level of creativity and analytical skill by taking Quiz/
tests/ assignments. Documents have to be maintained as a record.
4. Create a power point presentation on the topic relevant to course or advanced topic as an
extension to the course to improve the communication skills. Documents have to be maintained
as a record.
5. Visit different sites relevant to topics. Listen to the lectures and submit a handwritten report
6. Coding competitions

Suggested E-learning references


1. https://www.tutorialspoint.com/computer_fundamentals/computer_fundamentals_tutorial.
pdf
2. http://www.garfieldcs.com/wordpress/wordpress/wp-content/uploads/2011/09/Computer-
Hardware-Basics.pdf
3. https://abiiid.files.wordpress.com/2010/12/pc-hardware-a-beginners-guide.pdf
4. https://www.tutorialspoint.com/windows_server_2012/windows_server_2012_tutorial.pdf
5. https://ptgmedia.pearsoncmg.com/images/9780735684690/samplepages/0735684693.pdf
6. https://docentinrete.files.wordpress.com/2012/05/manuale-2008-98-365-windowsserver.pdf
7. https://www.tutorialspoint.com/linux_admin/linux_admin_tutorial.pdf
8. https://www-uxsup.csx.cam.ac.uk/courses/moved.linuxadmin/whole.pdf

CO-PO Mapping Matrix


Course Outcome CL Linked PO Teaching
Hours
CO1 Understand PC hardware and its Components R 1,2,3,10 10
CO2 Learn different system boards & Mass storage R,U,A 1,2,3,10 10
devices
CO3 Learn different network components R,U,A 1,2,3,10 10
CO4 Establish different types of network R,U,A 1,2,3,10 10
CO5 Understand Windows-2012 server administration R,U,A 1,2,3,10 10
CO6 Understand LINUX administration R,U,A 1,2,3,10 10
Total Sessions 60
MID SEM-I EXAM
S.No Unit Name R U A Remarks
5(a) 7(a)
1 Unit-I 1, 2
5(b) 7(b)

6(a) 8(a)
2 Unit-II 3, 4
6(b) 8(b)
Total Questions 4 4 4

MID SEM –II EXAM


S.No Unit Name R U A Remarks
5(a) 7(a)
1 Unit-III 1, 2
5(b) 7(b)
6(a) 8(a)
2 Unit-IV 3, 4
6(b) 8(b)
Total Questions 4 4 4

Semester End Examination

Questions to be set for SEE Remarks


Sl No Unit No.
R U A
1 I
1 9(a) 13(a)
2 II
3 III
2 10(a) 14(a)
4 IV
9(b) 13(b)
5 V 4 5, 6
11(a) 15(a)

3 11(b) 15(b)
10(b) 14(b)
6 VI 7,8 12(a) 16(a)
12(b) 16(b)
Total Questions 8 8 8
Remembering (R) 1 Mark

Legend: Understanding (U) 3 Marks


Application (A) 5 Marks

18CM502C, V Semester

STATE BOARD OF TECHNICAL EDUCATION & TRAINING:TS:HYDERABD

18CM502C, V Semester, Computer Hardware and System Administration

MID EXAM - I MODEL QUESTION PAPER

Time: 1 hour Max. Marks: 20

PART-A

Answer All questions. Each carries 1 marks. 4X1=4 Marks

1. What is BIOS?

2. List any four out put devices?

3. What is SATA?

4. What is SMPS?

PART-B

Answer TWO questions out of Four questions. Each carries 3marks. 2X3=6 Marks

5(a). Difference between impact and non impact printers? ( OR)

5(b) Write the configuration of P-IV computer

6(a) Distinguish between dual core and core2 duo (OR)

6(b). Write any two differences between static RAM and dynamic RAM

PART-C
Answer TWO questions out of four questions. Each carries 5 marks. 2X5 =10Marks

7(a) Explain the BIOS functions of POST (OR)


7(b) Explain working principal of CRT monitor

8(a) Explain different motherboard types (OR)

8(b) List the voltage levels of each wire in SMPS various connectors based on the standard color of the
wire

18CM-502C, V Semester

STATE BOARD OF TECHNICAL EDUCATION & TRAINING:TS:HYDERABD

18CM502C, V Semester, Computer Hardware and System Administration

MID EXAM - II MODEL QUESTION PAPER

Time: 1 hour Max. Marks:20

PART-A

Answer All questions. Each carries 1 marks. 4X1=4 Marks

1. Define MAN.
2. What is the need of networking?
3. List any four out put devices
4. What is an opto mechanical mouse?
PART-B

Answer TWO questions out of Four questions. Each carries 3marks. 2X3=6Marks

5(a) Write any two differences between impact and non impact printers (OR)

5(b) Explain about router

6(a) Write about IP Sub netting (OR)


6(b) Differentiate between IPV4 and IP6

PART-C

Answer TWO questions out of Four questions. Each carries 5 marks. 2X5=10Marks

7(a) Explain the procedure of LAN establishment with a neat diagram (OR)

7(b) Explain the classification of LAN, WAN and MAN

8(a) Describe Internet protocol version-6 (IPv6) addressing (OR)

8(b) Write the required steps to verify network status

C18-Semester End Examination (SEE)

Model Paper- 18CM502C, V Semester, (Computer Hardware and System Administration)

Time: 2 Hours Total Marks: 40

PART – A
Instructions: 8 X 1 M = 8 Marks
i) Answer all the following questions:
ii) Each question carries two marks
1. What is POST?
2. What is the need of networking?
3. Define Shell.
4. Write any two differences between IPV4 and IPV6
5. Write minimum configuration required for installation of Windows 2012 Sever
6. What is driver signing?
7. What is DNS?
8. List Linux editors.

PART – B 4X3=12Marks
Answer any 2 questions from each group
9(a). Explain working principle of flat bed scanner
Define Cache memory and explain how it improves the performance of PC (OR)
9(b). what is pipe? Explain piping concept with the help of example
10(a). Write any four applications of modem (OR)
10(b). Write the process of Configuring DHCP in LINUX
11(a) Write the procedure for installing and configuring of DFS (OR)
11(b) Write share permissions for files and folders
12(a) Write a note on any two desktop environments (OR)
12(b) write a note on grep, egrep and fgrep

PART – C 4X5=20Marks
Answer any Two questions from each group
13(a) Draw the motherboard architecture and indicate atleast 10 components (OR)
13(b) Explain installation procedure of Windows 2012 Server
14(a) Explain about IP Classes (OR)
14(b) Explain installation procedure of Linux
15(a) Explain about creation of user and group accounts in Windows 2012 server (OR)

15(b) Explain the installation of Active directory with DNS

16(a) Write the procedure to configure a web server in LINUX (OR)


16(b) Write any five editor commands with examples.
UNIT-1
1.0 Understand PC hardware and its Components.
Today’s personal computer, like the one shown in Figure 1-1, is a much more powerful computer
than the PCs of just five years ago. Not to mention how different the PC is from computers way back
in the early days of its development. Remember that the whole of the computer’s history is compacted
into a little more than 50 years and the personal computer has only been around for a little over 20
years. In fact, the PC’s most spectacular development has probably been made in just the past five to
ten years. It is also safe to say that the computer of today will be nothing compared to what we’ll have
in five to ten more years. The one bit of good news in all of this is that the PC will most likely
continue to have the same basic hardware components.

A BRIEF LOOK AT THE EVOLUTION OF


COMPUTERS
Twenty-five years ago, it was virtually unthinkable that somebody would want to have a computer on
their desk. Many of the “big” thinkers of the time could not even conceive of what anyone would
possibly do with such a thing. It was a time of mainframes and minicomputers, which served the
needs of corporations, companies, and departments. The idea that a single person could possibly have
use for a computer all to themselves was just unthinkable.

Figure 1-1. Personal computers come in several styles

Types of Computers
1. Mainframe Computers
2. Mini Computers
3. Super Computers
4. Embedded computers

Mainframe Computers

Until the dawn of the personal computer in the early 1980s, computers were large, multiple cabinet affairs
that required special room conditions and trained operators and programmers. Mainframe computers, the
larger of the computers (see Figure 1-2) can literally fill a room. These large computers, sold by IBM,
Amdahl, Unisys, Hitachi, and others, are used to fulfill the computing needs of large companies and
corporations and are also used in large telecommunications centers. They are very powerful with huge
amounts of storage and processing capability. The drawbacks to the mainframe computer for use as a
personal computer are its size, its immense amount of computing power, and its price, which can run into
the millions of dollars. Before the personal computer, each mainframe user worked at a terminal, which is
a device (see Figure 1-3) that combines a display monitor with a keyboard and is attached directly to the
mainframe computer by a dedicated cable. The terminal, so called because it terminates the connection
line, allows the user to send large blocks of data—the contents of the entire display screen, actually—to
the mainframe for processing, and the results are displayed on the terminal’s monitor. The early
mainframe user did not have use of a mouse, and all data was entered as text. Graphical user interfaces
(GUI) such as Microsoft Windows or X Windows were yet to come.
Today’s mainframe user is more likely to be connected to the mainframe over a local network and
to use a PC as a terminal device.

For more information on the history of the mainframe and its uses today, visit the following Web
sites:

▼ Rock Painter's Mainframe Links www.texasrock.com/oem.shtml

■ Techweb Encyclopedia www.techweb.com/encyclopedia

■ The Machine That Changed the World ei.cs.vt.edu/~history/TMTCTW.html

▲ Stanford University gobi.stanford.edu/computer_history/


Minicomputers
The minicomputer (see Figure 1-4) was developed to serve the computing needs of smaller companies
and the larger departments of corporations. The minicomputer, also known today as a midrange computer,
has essentially the same functionality of the larger mainframe computer but on a smaller scale—and not
much smaller, at that. The minicomputer was developed largely to open new markets for computers after
most of the larger companies had purchased mainframes. The mainframe was scaled into a smaller
package with most of its functions remaining and a little less storage and processing power, sold at a
reduced price. There are computing devices today, made by Hewlett Packard, Compaq, and others, that
are manufactured under the name minicomputer that are in fact midlevel computers that are more
powerful than personal computers and less powerful than a mainframe. Because of advances in
technology, today’s minicomputer can

Super Computers

A supercomputer is a computer with a high level of performance as compared to a general-purpose


computer. The performance of a supercomputer is commonly measured in floating-point operations per
second (FLOPS) instead of million instructions per second (MIPS). Here is a figure 1.5 showing the
supercomputer.

Embedded computers
Figure 1.6 Embedded Computers with in-built functionality devices
An embedded computer is a microprocessor-based system, specially designed to perform a specific
function and belong to a larger system. It comes with a combination of hardware and software to achieve
a unique task and withstand different conditions. Figure 1.6 Shows Embedded Computers.

AN OVERVIEW OF SYSTEMS AND COMPONENTS

Figure 1-7 The hardware of a typical PC

The items in Figure 1-12 correspond to the following:

▼ The monitor, which is also called the display, the visual display unit (VDU), or the screen

■ The keyboard

■ The system unit, which contains the motherboard, disk drives, expansion cards, and input/output ports

▲ The mouse the desktop computer in Figure 1-7, where the monitor sits on top of the system unit, is a
very common configuration for personal computers. Other popular PC configurations are the tower and
minitower computers, in which the system units sits on the floor or other surface and the monitor sits
separately on a desktop or wherever. Figure 1-8 shows a tower-style computer.
Computers also come in small packages. The notebook computer (see Figure 1-9) has made
power-computing very portable. The pocket-sized palmtop computer, such as the Casio Cassiopeia
(Figure 1-10), and the personal digital assistant (PDA), such as the 3Com Palm Pilot or the Mind spring
Visor (see Figure 1-11), has the ability to perform many personal productivity applications.

Figure 1-8: A personal computer with a tower case. Photo courtesy of IBM Corporation

Figure 1-9: A Notebook Computer


Figure 1-10: An example of a palmtop computer. Photo courtesy of Casio

Figure 1-11 : A personal digital assistant (PDA). Photo courtesy of Handspring, Inc

Regardless of the size of the package, personal computers all have the same six groups of hardware
components:

▼ Input devices

■ Output (display) devices

■ Processor/motherboard

■ Storage devices
■ Adapters/peripherals

▲ Power supply

Input Devices

Computers process data into information; simulate an action or animation; and, among other
actions, replicate hand motions to draw an image. What each of these actions or processes has in common
is that each requires some form of interaction with an operator. At least so far, the operator is generally
human and the human needs to provide instructions, data, or other stimuli (called inputs) to the computer
so it can do its thing. To facilitate this interaction, the computer must provide devices that the operator
can use to give it its inputs. Reasonably enough, these devices are called input devices.

Over the years, the most common input device has been the keyboard. However, in the past few
years, it has been a dead heat between the keyboard and mouse (see Figure 1-12) because virtually every
computer sold has both devices. Newer hybrid devices now even combine the two, replacing the mouse
with a touchpad built right into the keyboard. This hybrid style is very common on notebook computers,
as shown in Figure 1-13. See Chapter 18 for more information on keyboards and other input devices.

Figure 1-12: A standard keyboard and mouse. Photo courtesy of Logitech International.
Figure 1-13. The touchpad and keyboard on a notebook computer.

Output Devices
The output devices of any computer are linked to the senses of its human operator. If you haven’t
made this connection before, give it some thought. The computer must communicate with its operator
through one of their senses, most likely sight and sound. These two human senses allow the operator to
see and hear the outputs produced by the computer. The other human senses could be used, but at least so
far the computer has not had much success with using the operator’s senses of touch, taste, and smell.
(You know systems that produce real-time smells can’t be too far into the future, and there are already
printers that can produce their output in Braille for sight-impaired users.)

Printers and Displays


The human sense of sight is by far the sense most often used to view a computer’s output. Text
and graphics can be permanently placed on paper by a printer (like the one in Figure 1-14) or viewed
temporarily on the monitor (see Figure 1-15). Some outputs of the computer, some of which may not
even seem like outputs—like the Windows desktop—do not need to be printed for permanent reference,
while others need to be printed so they can be viewed away from the computer and shared with others.
See Chapters 16 and 17 for more information about displays and printers, respectively.
Figure 1-14. A laser printer. Photo courtesy of Lexmark International

Figure 1-15. A flat-panel monitor. Photo courtesy of View Sonic, Inc.

Sound Devices
The other common output from a personal computer is sound. Whether it is as simple as the beep
codes produced through the system speaker when the computer is started up or the near-high fidelity
sounds produced from a CD-ROM or DVD, digital systems and sound are a match made in audio heaven.

Processor/motherboard
The motherboard is at the center of what makes a PC work. It houses the CPU and is a hub that
all other hardware runs through. The motherboard acts as a brain; allocating power where it’s needed,
communicating with and coordinating across all other components – making it one of the most important
pieces of hardware in a computer.
The CPU (Central Processing Unit or processor) is responsible for processing all information
from programs run by your computer. The ‘clock speed’, or the speed at which the processor processes
information, is measured in gigahertz (GHz). This means that a processor advertising a high GHz rating
will likely perform faster than a similarly specified processor of the same brand and age.

Storage devices

The hard drive is a storage device responsible for storing permanent and temporary data. This data comes
in many different forms, but is essentially anything saved or installed to a computer: for example,
computer programs, family photos, operating system, word-processing documents, and so on. Find out
more about hard drives and how they work.

There are two different types of storage devices: the traditional hard disk drive (HDD) and the newer
solid state drive (SSD). Hard disk drives work by writing binary data onto spinning magnetic disks called
platters that rotate at high speeds, while a solid-state drive stores data by using static flash memory chips.

Adapters/peripherals

An adapter in regard to computing can be either a hardware component (device) or software that allows
two or more incompatible devices to be linked together for the purpose of transmitting and
receiving data. Given an input, an adapter alters it in order to provide a compatible connection between
the components of a system. Both software and hardware adapters are used in many different devices
such as mobile phones, personalcomputers, servers and telecommunications networks for a wide range of
purposes. Some adapters are built into devices, while the others can be installed on a computer's
motherboard or connected as external devices.

Power Supply Unit

A power supply unit, commonly abbreviated as PSU, does more than just supply your computer with
power. It is the point where power enters your system from an external power source and is then allocated
by the motherboard to individual component hardware. Not all power supplies are made equally however,
and without the right wattage PSU your system will fail to work.

1.1 Define PC Hardware and Software

1. HARDWARE

Computer hardware parts are the physical parts or components of a computer, such as the
monitor, keyboard, computer data storage, graphic card, sound card and motherboard.

By contrast, software is instructions that can be stored and ran by hardware.

EG: Processor, Keyboard, Mouse, Printer, Screen, etc..

b. SOFTWARE

Software can be defined as programmed instructions stored in the memory of flash drives of
computers for execution by the processor.
EG: Operating system, firmware, Drivers, Third party softwares( Vlc, skype. etc..).

State the importance of BIOS

BIOS enables computers to perform certain operations as soon as they are turned on. The principal job
of a computer's BIOS is to govern the early stages of the startup process, ensuring that the operating
system is correctly loaded into memory. BIOS is vital to the operation of most modern computers, and
knowing some facts about it could help you troubleshoot issues with your machine.

1.3Explain the BIOS functions of (i) POST, (ii) Bootstrap loading

POST

The first job of the BIOS after you switch your computer on is to perform the Power On Self
Test. During the POST, the BIOS checks the computer's hardware in order to ensure that it is
able to complete the startup process. If the POST is completed successfully, the system usually
emits a beep. If the test fails, however, the system generally emits a series of beeps. You can
use the number, duration and pattern of these beeps to identify the cause of the test failure.

Bootstrapping Process
The bootstrapping process does not require any outside input to start. Any software can be
loaded as required by the operating system rather than loading all the software automatically.
The bootstrapping process is performed as a chain i.e. at each stage, it is the responsibility of the
simpler and smaller program to load and execute the much more complicated and larger
program. This means that the computer system improves in increments by itself.
The booting procedure starts with the hardware procedures and then continues onto the software
procedures that are stored in the main memory. The bootstrapping process involves self-tests,
loading BIOS, configuration settings, hypervisor, operating system etc.

Identify mother board components


The motherboard is the foundation on which a PC is built. It provides the interconnecting
circuitry through which the primary components of the motherboard receive their power and pass
control signals, data, addresses, and instructions to each other. An NLX motherboard and riser
board. Photo courtesy of Intel Corporation Motherboards 81 microprocessor installed on the
motherboard, it is essentially the computer.
Major parts of the motherboard:
▼ CPU slot and socket The CPU mounts to the motherboard through either a slot or socket
mounting. See Chapter 3 for information on CPU mountings.
■ Chipset Many of the circuit and CPU level functions are contained in the chipset. See Chapter
5 for information on chipsets.
■ Memory sockets Depending on the age of the PC, its memory is mounted on the motherboard
as individual memory chips that fit into separate DIP (dual inline packaging) sockets or as
memory modules, such as a SIMM (single inline memory module) or a DIMM (dual inline
memory module), that snap into edge connector mountings. See Chapter 7 for more information
on memory systems.
■ BIOS ROM The BIOS (Basic Input/output System) is stored as firmware on a read-only
memory (ROM) chip. The BIOS is used to start the PC up when the power is turned on and
provides a link for the CPU to the PC’s peripheral devices. See Chapter 6 for more information
on PC BIOS. Figure 4-6. A motherboard and its components Power connector Chipset CPU
socket CMOS battery BIOS ROM Expansion Slots Memory sockets I/O connectors 82 PC
Hardware: A Beginner’s Guide
■ CMOS battery The configuration of a PC at the systems level is stored in a type of memory,
CMOS (Complementary Metal Oxide Semiconductor), that requires very little power to hold its
contents. The CMOS battery supplies a steady power source to store the system configuration for
use during the PC’s boot sequence. See Chapter 6 for more information on the BIOS and the
information stored in CMOS.
■ Power connector A connection must be made to the power supply so that power is available to
the circuitry on the motherboard. Motherboards use different voltages of power for different
components on the board. See Chapter 14 for more information on the power supply and the
voltage requirements of the PC.
■ I/O connectors The motherboard includes a variety of external I/O connectors that allow
external devices to communicate with the CPU. See Chapter 19 for information on the ports and
connectors found on the motherboard and PC.
▲ Expansion slots External peripherals and internal devices are interconnected into the
motherboard and CPU through the expansion bus. The motherboard features a variety of
expansion slots that usually include three or more of the different expansion buses available. See
Chapter 11 for more information on the expansion buses and expansion cards.

Explain various kinds of input devices


Following are some of the important input devices which are used in a computer −

 Keyboard
 Mouse
 Joy Stick
 Light pen
 Track Ball
 Scanner
 Graphic Tablet
 Microphone
 Magnetic Ink Card Reader(MICR)
 Optical Character Reader(OCR)
 Bar Code Reader
 Optical Mark Reader(OMR)

Keyboard
Keyboard is the most common and very popular input device which helps to input data to the
computer. The layout of the keyboard is like that of traditional typewriter, although there are
some additional keys provided for performing additional functions.

Keyboards are of two sizes 84 keys or 101/102 keys, but now keyboards with 104 keys or 108
keys are also available for Windows and Internet.
The keys on the keyboard are as follows –

S.No Keys & Description

Typing Keys
1
These keys include the letter keys (A-Z) and digit keys (09) which generally give the
same layout as that of typewriters.

Numeric Keypad
2
It is used to enter the numeric data or cursor movement. Generally, it consists of a set of
17 keys that are laid out in the same configuration used by most adding machines and
calculators.

Function Keys
3 The twelve function keys are present on the keyboard which are arranged in a row at the
top of the keyboard. Each function key has a unique meaning and is used for some
specific purpose.

Control keys
4 These keys provide cursor and screen control. It includes four directional arrow keys.
Control keys also include Home, End, Insert, Delete, Page Up, Page Down,
Control(Ctrl), Alternate(Alt), Escape(Esc).

Special Purpose Keys


5
Keyboard also contains some special purpose keys such as Enter, Shift, Caps Lock, Num
Lock, Space bar, Tab, and Print Screen.

Mouse
Mouse is the most popular pointing device. It is a very famous cursor-control device having a
small palm size box with a round ball at its base, which senses the movement of the mouse and
sends corresponding signals to the CPU when the mouse buttons are pressed.
Generally, it has two buttons called the left and the right button and a wheel is present between
the buttons. A mouse can be used to control the position of the cursor on the screen, but it
cannot be used to enter text into the computer.

Advantages

 Easy to use
 Not very expensive
 Moves the cursor faster than the arrow keys of the keyboard.

Joystick
Joystick is also a pointing device, which is used to move the cursor position on a monitor
screen. It is a stick having a spherical ball at its both lower and upper ends. The lower spherical
ball moves in a socket. The joystick can be moved in all four directions.

The function of the joystick is similar to that of a mouse. It is mainly used in Computer Aided
Designing (CAD) and playing computer games.

Light Pen
Light pen is a pointing device similar to a pen. It is used to select a displayed menu item or
draw pictures on the monitor screen. It consists of a photocell and an optical system placed in a
small tube.

When the tip of a light pen is moved over the monitor screen and the pen button is pressed, its
photocell sensing element detects the screen location and sends the corresponding signal to the
CPU.
Track Ball
Track ball is an input device that is mostly used in notebook or laptop computer, instead of a
mouse. This is a ball which is half inserted and by moving fingers on the ball, the pointer can be
moved.

Since the whole device is not moved, a track ball requires less space than a mouse. A track ball
comes in various shapes like a ball, a button, or a square.

Scanner
Scanner is an input device, which works more like a photocopy machine. It is used when some
information is available on paper and it is to be transferred to the hard disk of the computer for
further manipulation.
Scanner captures images from the source which are then converted into a digital form that can
be stored on the disk. These images can be edited before they are printed.

Digitizer
Digitizer is an input device which converts analog information into digital form. Digitizer can
convert a signal from the television or camera into a series of numbers that could be stored in a
computer. They can be used by the computer to create a picture of whatever the camera had
been pointed at.

Digitizer is also known as Tablet or Graphics Tablet as it converts graphics and pictorial data
into binary inputs. A graphic tablet as digitizer is used for fine works of drawing and image
manipulation applications.

Microphone
Microphone is an input device to input sound that is then stored in a digital form.

The microphone is used for various applications such as adding sound to a multimedia
presentation or for mixing music.
Magnetic Ink Card Reader (MICR)
MICR input device is generally used in banks as there are large number of cheques to be
processed every day. The bank's code number and cheque number are printed on the cheques
with a special type of ink that contains particles of magnetic material that are machine readable.

This reading process is called Magnetic Ink Character Recognition (MICR). The main
advantages of MICR is that it is fast and less error prone.

Optical Character Reader (OCR)


OCR is an input device used to read a printed text.

OCR scans the text optically, character by character, converts them into a machine readable
code, and stores the text on the system memory.
Bar Code Readers
Bar Code Reader is a device used for reading bar coded data (data in the form of light and dark
lines). Bar coded data is generally used in labelling goods, numbering the books, etc. It may be
a handheld scanner or may be embedded in a stationary scanner.

Bar Code Reader scans a bar code image, converts it into an alphanumeric value, which is then
fed to the computer that the bar code reader is connected to.

Optical Mark Reader (OMR)


OMR is a special type of optical scanner used to recognize the type of mark made by pen or
pencil. It is used where one out of a few alternatives is to be selected and marked.

It is specially used for checking the answer sheets of examinations having multiple choice
questions.

Explain various kind of output devices


Following are some of the important output devices used in a computer.

 Monitors
 Graphic Plotter
 Printer

Monitors
Monitors, commonly called as Visual Display Unit (VDU), are the main output device of a
computer. It forms images from tiny dots, called pixels that are arranged in a rectangular form.
The sharpness of the image depends upon the number of pixels.
There are two kinds of viewing screen used for monitors.

 Cathode-Ray Tube (CRT)


 Flat-Panel Display
Cathode-Ray Tube (CRT) Monitor
The CRT display is made up of small picture elements called pixels. The smaller the pixels, the
better the image clarity or resolution. It takes more than one illuminated pixel to form a whole
character, such as the letter ‘e’ in the word help.

A finite number of characters can be displayed on a screen at once. The screen can be divided
into a series of character boxes - fixed location on the screen where a standard character can be
placed. Most screens are capable of displaying 80 characters of data horizontally and 25 lines
vertically.
There are some disadvantages of CRT −

 Large in Size
 High power consumption
Flat-Panel Display Monitor
The flat-panel display refers to a class of video devices that have reduced volume, weight and
power requirement in comparison to the CRT. You can hang them on walls or wear them on
your wrists. Current uses of flat-panel displays include calculators, video games, monitors,
laptop computer, and graphics display.

The flat-panel display is divided into two categories −


 Emissive Displays − Emissive displays are devices that convert electrical energy into
light. For example, plasma panel and LED (Light-Emitting Diodes).
 Non-Emissive Displays − Non-emissive displays use optical effects to convert sunlight
or light from some other source into graphics patterns. For example, LCD (Liquid-
Crystal Device).

Printers
Printer is an output device, which is used to print information on paper.
There are two types of printers −

 Impact Printers
 Non-Impact Printers
Impact Printers
Impact printers print the characters by striking them on the ribbon, which is then pressed on the
paper.
Characteristics of Impact Printers are the following −

 Very low consumable costs


 Very noisy
 Useful for bulk printing due to low cost
 There is physical contact with the paper to produce an image
These printers are of two types −

 Character printers
 Line printers
Character Printers
Character printers are the printers which print one character at a time.
These are further divided into two types:

 Dot Matrix Printer(DMP)


 Daisy Wheel
Dot Matrix Printer
In the market, one of the most popular printers is Dot Matrix Printer. These printers are popular
because of their ease of printing and economical price. Each character printed is in the form of
pattern of dots and head consists of a Matrix of Pins of size (5*7, 7*9, 9*7 or 9*9) which come
out to form a character which is why it is called Dot Matrix Printer.

Advantages

 Inexpensive
 Widely Used
 Other language characters can be printed
Disadvantages

 Slow Speed
 Poor Quality
Daisy Wheel
Head is lying on a wheel and pins corresponding to characters are like petals of Daisy (flower)
which is why it is called Daisy Wheel Printer. These printers are generally used for word-
processing in offices that require a few letters to be sent here and there with very nice quality.
Advantages

 More reliable than DMP


 Better quality
 Fonts of character can be easily changed
Disadvantages

 Slower than DMP


 Noisy
 More expensive than DMP
Line Printers
Line printers are the printers which print one line at a time.

These are of two types −

 Drum Printer
 Chain Printer
Drum Printer
This printer is like a drum in shape hence it is called drum printer. The surface of the drum is
divided into a number of tracks. Total tracks are equal to the size of the paper, i.e. for a paper
width of 132 characters, drum will have 132 tracks. A character set is embossed on the track.
Different character sets available in the market are 48 character set, 64 and 96 characters set.
One rotation of drum prints one line. Drum printers are fast in speed and can print 300 to 2000
lines per minute.
Advantages

 Very high speed


Disadvantages

 Very expensive
 Characters fonts cannot be changed
Chain Printer
In this printer, a chain of character sets is used, hence it is called Chain Printer. A standard
character set may have 48, 64, or 96 characters.
Advantages

 Character fonts can easily be changed.


 Different languages can be used with the same printer.
Disadvantages

 Noisy
Non-impact Printers
Non-impact printers print the characters without using the ribbon. These printers print a
complete page at a time, thus they are also called as Page Printers.
These printers are of two types −

 Laser Printers
 Inkjet Printers
Characteristics of Non-impact Printers

 Faster than impact printers


 They are not noisy
 High quality
 Supports many fonts and different character size
Laser Printers
These are non-impact page printers. They use laser lights to produce the dots needed to form the
characters to be printed on a page.
Advantages

 Very high speed


 Very high quality output
 Good graphics quality
 Supports many fonts and different character size
Disadvantages

 Expensive
 Cannot be used to produce multiple copies of a document in a single printing
Inkjet Printers
Inkjet printers are non-impact character printers based on a relatively new technology. They
print characters by spraying small drops of ink onto paper. Inkjet printers produce high quality
output with presentable features.
They make less noise because no hammering is done and these have many styles of printing
modes available. Color printing is also possible. Some models of Inkjet printers can produce
multiple copies of printing also.
Advantages

 High quality printing


 More reliable
Disadvantages

 Expensive as the cost per page is high


 Slow as compared to laser printer

1.7 Identify various cables that connect peripherals to the rear side of system
The bus architecture of the PC is made up of the wires, connectors, and devices that move data and instructions
around the PC (see Chapter 11 for more information on expansion bus architectures). The bus structure, which
got its name from the fact that it resembles the lines on a city bus map, connects the controllers on the
motherboard, the CPU, memory, I/O ports, and expansion slots.
The PC’s bus architecture becomes very important when you add additional device controller cards to
the motherboard’s expansion slots. Most of the latest motherboard designs include expansion slots for multiple
bus structures, including PCI (Peripheral component Interconnect) and AT Bus, and possibly SCSI. Each of the
bus architectures supported on a motherboard requires a bus controller chip.
While not technically a bus architecture, another interface type you will see listed as a major feature of
some, especially the newer chipsets, is support for AGP (Accelerated Graphics Port). AGP is a 66MHz bus that
is usually combined with a 32-bit 33MHz PCI bus to provide advanced support and faster data transfers from
main memory for video and graphics adapters.
AT Bus The AT expansion bus is included on current PC motherboards primarily for backward
compatibility to expansion cards from older systems, such as network adapters. The AT bus, which runs at
8MHz and uses a 16-bit data path, is commonly referred to as ISA (Industry Standard Architecture). However,
the ISA bus standard also includes the 8-bit PC XT bus, which is rarely used on any current PC.
Another bus related to the AT bus is the Extended Industry Standard Architecture, or EISA, bus. EISA
bus expansion slots have been included on some motherboards since the time of the 386 processor. It is a 32-bit
bus but is also backward compatible to the AT and ISA buses.

Local Bus
AT and ISA bus structures are unable to keep up with the speeds required for high-resolution graphics
and faster processors, so many manufacturers have moved to what are called local bus architectures. Local bus
architecture is more directly connected to the microprocessor than nonlocal buses by communicating directly to
the processor through its dedicated controller and bypassing the standard bus controller. Although they provide
for faster data movement, local buses do not support many devices, which is why most motherboards also
include AT or ISA expansion slots as well.
The most common of the local bus architectures are the PCI and the VESA (Video Electronics
Standards Association) local bus, or VL-bus. Of these two, the PCI, promoted by Intel, is becoming the de facto
standard for virtually all Pentium class computers.

SCSI Bus
The Small Computer System Interface or SCSI (pronounced skuzzy”) is a bus architecture that attaches
peripheral devices to a PC through a dedicated controller card. SCSI supports very fast data transfer and
multiple devices over the same I/O bus structure. Very few PCs, outside of the Macintosh, feature a SCSI
interface as a standard, and if this bus is desired, it must be added to the PC through an expansion slot, typically
a PCI slot.

USB
The Universal Serial Bus, or USB, is an emerging standard for device connectors and interface. USB is
a plug-and-play architecture that allows users to add a wide range of peripheral devices to the PC without the
need of an expansion card. It is considered a low-speed interface and works best for a keyboard, mouse, scanner,
or printer.
UNIT-2

2 System Board and Mass storage devices


Mother Board- Motherboards based on the form factor

In computing, the form factor is the specification of a motherboard – the dimensions, power supply
type, location of mounting holes, number of ports on the back panel, etc. Specifically, in the IBM PC
compatible industry, standard form factors ensure that parts are interchangeable across competing vendors and
generations of technology, while in enterprise computing, form factors ensure that server modules fit into
existing rack mount systems. Traditionally, the most significant specification is for that of the motherboard,
which generally dictates the overall size of the case. Small form factors have been developed and implemented.

Overview of form Factors


A PC motherboard is the main circuit board within a typical desktop computer, laptop or server. Its
main functions are as follows:

 To serve as a central backbone to which all other modular parts such as CPU, RAM,
and hard drives can be attached as required to create a computer
 To be interchangeable (in most cases) with different components (in particular CPU
and expansion cards) for the purposes of customization and upgrading.
 To distribute power to other circuit boards.
 To electronically co-ordinate and interface the operation of the components.

The different form factors such as AT, ATX, micro ATX, mini ATX , Baby AT, BTX, NLX, various
I/O ports available on the motherboard are mentioned below.

AT (form factor):
The AT form factor referred to the dimensions and layout (form factor) of the motherboard for the IBM
AT. Like the IBM PC and IBM XT models before it, many third-party manufacturers produced motherboards
compatible with the IBM AT form factor, allowing end users to upgrade their computers for faster processors.
The IBM AT became a widely copied design in the booming home computer market of the 1980s. IBM
clones made at the time began using AT compatible designs, contributing to its popularity. In the 1990s many
computers still used AT and its variants. Since 1997, the AT form factor has been largely supported by ATX.

ATX (Form Factor):


ATX (Advanced Technology eXtended) is a motherboard and power supply configuration specification
developed by Intel in 1995 to improve on previous de facto standards like the AT design. It was the first major
change in desktop computer enclosure, motherboard and power supply design in many years, improving
standardization and interchangeability of parts. The specification defines the dimensions; the mounting points;
the I/O panel; and the power and connector interfaces among a computer case, a motherboard, and a power
supply.

MicroATX (Form Factor):

microATX (sometimes referred to as μATX, uATX[1] or mATX)[2] is a standard


for motherboards that was introduced in December 1997.[3] The maximum size of a microATX
motherboard is 9.6 × 9.6 in (244 × 244 mm). The standard ATX size is 25% longer, at 12 × 9.6 in
(305 × 244 mm).
Currently available microATX motherboards support CPUs from VIA, Intel or AMD.

MiniATX (Form Factor):


Mini ATX or Mini-ATX is a name used for various motherboard form factors, mainly a
15 × 15 cm (5.9 × 5.9 in) size developed by AOpen Inc.. This Mini-ATX definition is slightly smaller
than Mini-ITX. There is no single widely accepted form factor by this name.
Mini-ATX motherboards were designed with MoDT (Mobile on Desktop Technology) which adapt
mobile CPUs for lower power requirements and less heat generation, which may be beneficial for home
theater PCs (HTPC), in-car PCs, or industrial use.

Baby AT (Form Factor)


In 1985, IBM introduced Baby AT and soon after all computer makers abandoned AT for the
cheaper and smaller Baby AT form factor, using it for computers that spanned several generations, from
those that used 286 processors to the P5 Pentium and a limited number of Pentium II systems. These
motherboards have similar mounting hole positions and the same eight card slot locations as those with
the AT form factor, but are 2 inches (5 cm) narrower and marginally shorter. The size 13 × 8.5 in
(330 × 216 mm) and flexibility of this kind of motherboard were the key to success of this format. The
development of bigger CPU coolers—and the fact that they blocked full-length PCI and ISA cards—
spelled the end of Baby AT and was the main impetus for its successor ATX. While the AT standard is
now considered to be mostly obsolete, some industrial computers still use it.

BTX (Form Factor):

BTX (for Balanced Technology eXtended) is a form factor for motherboards, originally intended
to be the replacement for the aging ATX motherboard form factor in late 2004 and early 2005.
It was designed to alleviate some of the issues that arose from using newer technologies (which often
demand more power and create more heat) on motherboards compliant with the circa
1996 ATX specification. The ATX and BTX standards were both proposed by Intel. However, future
development of BTX retail products by Intel was canceled in September 2006 following Intel's decision
to refocus on low-power CPUs after suffering scaling and thermal issues with the Pentium 4.
The first company to implement BTX was Gateway Inc, followed by Dell and MPC. The first generation
of Apple's Mac Pro used some elements of the BTX design system as well, but was not BTX-compliant,
instead using a proprietary form factor.

NLX (Form Factor):

NLX (short for New Low Profile eXtended) was a form factor proposed by Intel and developed
jointly with IBM, DEC, and other vendors for low profile, low cost, mass-marketed retail PCs. Release
1.2 was finalized in March 1997 and release 1.8 was finalized in April 1999. NLX was similar in overall
design to LPX, including a riser card and a low-profile slimline case. It was modernized and updated to
allow support for the latest technologies while keeping costs down and fixing the main problems
with LPX. It specified motherboards from 10 × 8 in (254 × 203 mm) to 13.6 × 9 in (345 × 229 mm) in
size.
Officially, the NLX form factor was designed to use ATX power supplies and featured the same soft
power function. However, some NLX cases instead used the smaller SFX form factor or proprietary form
factors with the same 20-pin connector.

Input/Output Ports:

A connection point that acts as interface between the computer and external devices like mouse, printer,
modem, etc. is called port. Ports are of two types −
 Internal port − It connects the motherboard to internal devices like hard disk drive, CD drive,
internal modem, etc.
 External port − It connects the motherboard to external devices like modem, mouse, printer,
flash drives, etc.

Serial Port
Serial ports transmit data sequentially one bit at a time. So they need only one wire to transmit 8 bits.
However it also makes them slower. Serial ports are usually 9-pin or 25-pin male connectors. They are
also known as COM (communication) ports or RS323C ports.
Parallel Port
Parallel ports can send or receive 8 bits or 1 byte at a time. Parallel ports come in form of 25-pin female
pins and are used to connect printer, scanner, external hard disk drive, etc.

USB Port
USB stands for Universal Serial Bus. It is the industry standard for short distance digital data connection.
USB port is a standardized port to connect a variety of devices like printer, camera, keyboard, speaker,
etc.
PS-2 Port
PS/2 stands for Personal System/2. It is a female 6-pin port standard that connects to the male mini-DIN
cable. PS/2 was introduced by IBM to connect mouse and keyboard to personal computers. This port is
now mostly obsolete, though some systems compatible with IBM may have this port.

Infrared Port
Infrared port is a port that enables wireless exchange of data within a radius of 10m. Two devices that
have infrared ports are placed facing each other so that beams of infrared lights can be used to share
data.

Bluetooth Port
Bluetooth is a telecommunication specification that facilitates wireless connection between phones,
computers and other digital devices over short range wireless connection. Bluetooth port enables
synchronization between Bluetooth-enabled devices. There are two types of Bluetooth ports −
 Incoming − It is used to receive connection from Bluetooth devices.
 Outgoing − It is used to request connection to other Bluetooth devices.

FireWire Port
FireWire is Apple Computer’s interface standard for enabling high speed communication using serial
bus. It is also called IEEE 1394 and used mostly for audio and video devices like digital camcorders.
Processors- various processors used in the system:

A processor (CPU) is the logic circuitry that responds to and processes the basic instructions that drive a
computer. The CPU is seen as the main and most crucial integrated circuitry (IC) chip in a computer, as it is
responsible for interpreting most of computers commands. CPUs will perform most basic arithmetic, logic and
I/O operations, as well as allocate commands for other chips and components running in a computer.

Various Processors used in the System

Types of Processors
Processors can be of the following categories −
 General Purpose Processor (GPP)
o Microprocessor
o Microcontroller
o Embedded Processor
o Digital Signal Processor
o Media Processor
 Application Specific System Processor (ASSP)
 Application Specific Instruction Processors (ASIPs)
 GPP core(s) or ASIP core(s) on either an Application Specific Integrated Circuit (ASIC) or a
Very Large Scale Integration (VLSI) circuit.

The examples of Processors include INTEL P4, Celeron, XEON, Itanium processors, AMD Athelon,
Dual core, Core 2 Duo, Quad core and i-series (i3, 5 and i7).
Intel Pentium 4
The latest of the Intel processors is the Intel Pentium 4 (Figure 3-23), which is available with processor
speeds of 1.3 to 1.5 GHz (gigahertz). The Pentium 4 uses a new proprietary micro-architecture called
Net-Burst, which features a 400 MHz system bus, advanced on-board caching, enhanced floating point
math and multimedia support, and hyper pipelining technology. The Pentium 4 also supports the use of
dual-channel RDRAM.
Celeron
Developed from use in desktop and portable computers, the Celeron microprocessor, shown in Figure 3-
16, is the low-cost model of the Pentium II processor series. It features two choices for mountings, the
Pentium II’s Slot 1 and a socket style named after the number of pins in use, Socket 370, shown in Figure
3-16. The Celeron is released in versions with clock speeds of 333MHz to 500MHz, with newer models,
built on the Pentium III core, to offer clock speeds of 566MHz or faster.
Xeon
Pentium II Xeon processor, which is the successor to the Pentium Pro as a network server processor. To
enhance its ability as a network server microprocessor, the Xeon features a range of L2 cache size
choices, ranging from 512K, 1MB, and 2MB. The Xeon is capable of addressing and caching up to 64GB
of memory with its 36-bit memory address bus. The PII Xeon can be configured with four to eight CPUs
in one server.

AMD Athlon
The honor of having the new powerhouse processor may have moved to AMD with the release of its
1GHz AMD Athlon, pictured in Figure 3-22. The Athlon boasts 22 million transistors, support for Intel’s
MMX and AMD’s 3DNow, and improved FPU functions. It also has the power to decode more
instructions simultaneously than the Pentium III, with 256KB of L2 cache and 128KB of L1 cache on the
chip. The Athlon is plug compatible with the Slot 1 connector, but it is designed for AMD’s Slot A bus,
which runs at bus speeds of 200MHz to 400MHz.
A derivative of the Athlon is the AMD Duron. The AMD Duron processor is designed for
general computing, including business, home user, and portable applications. The Duron processor is
available at clock speeds of 600MHz, 650MHz, and 700MHz.
Dual Core Processor
The Pentium Dual-Core brand was used for mainstream x86-architecture microprocessors from Intel from 2006 to
2009 when it was renamed to Pentium. The processors are based on either the 32-bit Yonah or (with quite
different microarchitectures) 64-bit Merom-2M, Allendale, and Wolfdale-3M core, targeted at mobile or desktop
computers.

Core 2 Duo
Intel Core 2 is a processor family encompassing a range of Intel's consumer 64-bit x86-64 single-, dual-, and quad-
core microprocessors based on the Core micro-architecture. The single- and dual-core models are single-die, whereas
the quad-core models comprise two dies, each containing two cores, packaged in a multi-chip module.

Quad Core
A quad-core CPU has four processing cores in a single chip. It is similar to a dual-core CPU, but has four
separate processors (rather than two), which can process instructions at the same time. Quad-core CPUs have
become more popular in recent years as the clock speeds of processors have plateaued.

I-Series (i3, i5, i7)


Intel’s current core processors are divided into three ranges(Core i3, Core i5 and Core i7), with several models
in each range.The differences between these ranges aren’t same on laptop chips as on desktops. Desktop chips
follow a more logical pattern as compared to laptop chips, but many of the technologies and terms, we are about
to discuss, such as cache memory, the number of cores, Turbo boost and Hyper-Threading concepts is same.
Laptop processors have to balance power efficiency with performance – a constraint that doesn’t really apply to
desktop chips.

Features of above Chipsets


Pentium chipsets (referred to as fifth-generation chipsets) were more closely tied to the design of the processor
than were the 486 chipsets. When Intel created the Pentium processor, it also developed the PCI bus and a
chipset to support and integrate the capabilities of these two developments. This PCIset, as it became known,
was developed as an exact match for the Pentium processor. Intel chipsets are designated in numbered series: the
420 for 486 chipsets, the 430 for Pentium chipsets, the 440 series for Pentium II, and the 450 series for Pentium
Pro chipsets (along with the 440FX). The newer 460 and 800 series chipsets just being announced are designed
to support the IA-64 (Intel Architecture—64 bits) processors, such as the Itanium, now emerging. Here are some
of the more common Intel Pentium and above chipsets:
▼ 430LX (Mercury) The 430LX was the first Pentium chipset developed to support the 60MHz and 66MHz 5V
processors. The Mercury chipset included the PCI bus and supported up to 128MB of RAM. This chipset was
made obsolete by the chipsets that supported the 90MHz and 100MHz 3.3V processors.
■ 430NX (Neptune) The 430NX was developed to support Intel’s secondgeneration Pentium chips. It supported
Pentium processors running at 90MHz to 133MHz. Some of the improvements offered over the 430LX chipset
are support for dual processors, 512MB of RAM, and 512 KB of L2 cache.
■ 430FX (Triton I) This was the first of the Triton chipsets. It featured support for EDO RAM, pipelined burst
and synchronous cache, Plug-and-Play, and PCI level 2.0 compliance. However, it only supported 128MB of
RAM (down from the 512MB supported by the Neptune chipset) and did not have dual processor capabilities. ■
430MX (Mobile Triton) This is a version of the 430FX designed for laptop, notebook, and other portable PCs. ■
430HX (Triton II) This chipset supported EDO RAM and concurrent PCI buses and was designed for use in
business-level servers. It was the next generation of the 430NX and included support for 512MB of RAM and
L2 cache.
■ 430VX (Triton III) This chipset was developed to support the home PC market. It featured support for USB,
SDRAM, and PCI interfaces.
■ 430TX with this chipset, Intel dropped the Triton label for its chipsets. The 430TX was adaptable for both
desktop and mobile use and provided PCI, USB, DMA, and other interfaces.
■ 440LX Designed for the Pentium II, this AGPset chipset provides support for the LS-120 “super disk,” Ultra
DMA, AGP, USB, SDRAM, ECC RAM, and the PC97 power management specification. Figure 5-5 shows this
chipset.
■ 440LXR A low-end version of the 440LX chipset.
■ 440BX Another Pentium II chipset that supports 100MHz bus, dual processors, FireWire, and up to 1GB of
RAM.
■ 440GX This chipset, shown in Figure 5-6, is designed for midrange workstations and supports dual CPUs and
up to 2GB of SDRAM, along with dual AGP interfaces. This is an AGPset.
■ 440FX (Natoma) This chipset supported both the Pentium II and the Pentium Pro processors with USB, EDO
RAM, ECC memory, dual processors, and PCI.
■ 450GX (Orion server) The 450GX chipset and the 450KX share the same basic design. However, the GX
version is optimized for the Pentium Pro and supports four processors and 8GB of RAM but FPM memory only.
■ 450KX (Orion workstation) The workstation version of the Orion chipset supports dual processors and 1GB
of RAM.
■ 450NX This is a high-powered chipset designed for Xeon workstations and servers. It supports up to four
CPUs, 2MB of L2 cache, 8GB of EDO memory, and two 32-bit or one 64-bit PCI interface. Figure 5-7 shows
the group of chips that make up this chipset.
■ 460GX (Merced) This chipset supports very high-end servers and workstations with supports for four CPUs
and other high-performance features. You will see this chipset linked to the new high-powered Itanium
processor.
■ 810 This chipset is designed for value-priced PCs. It includes support for integrated 3-D graphics (AGP) with
MPEG-2, 100MHz system bus, two USB ports, and the Intel Accelerated Hub, which features a 266MB per
second bus speed between memory and peripherals.
■ 810e This chipset, shown in Figure 5-8, is an extended version of the 810 chipset based on the 440BX chipset
and intended for home market and office PCs. Its features are the same as the 810 chipset, with added support
for 133MHz system bus and the ATA-66 interface.
■ 815 The Intel 815 chip set is specifically designed to work with the Pentium III processor, but it also provides
backward compatibility to other Intel processors.
■ 820 Another extension of the 810 chipset designed to support high-end desktops and workstations.
▲ 850 The Intel 850 chip set was designed in tandem with the Pentium 4 processor and supports, among many
high-performance innovations and features, a 400 MHz system bus that provides over 3 times the bandwidth of
previous chipset and processor technologies.

Importance of SMPS over linear voltage power supply


Switched mode power supplies or SMPS act as DC to DC converters. The switched mode power
supply act as a DC to DC converter first rectifies an AC input voltage converts it to DC and
depending upon the design considerations chosen, chops this DC in a "chopper" and converts it to a
higher or lower level of DC or perhaps both a higher AND lower level of DC.

The linear power supply has the following three major advantages.

Simplicity:
One can purchase an entire linear regulator in a package and simply add two filter capacitors for
storage and stability. Even if a Design Engineer plans to design a linear regulator from scratch, with
the help of design books and some little effort, he can achieve it.

Quiet Operation & Load-handling Capability:


The linear regulator generates a negligible amount of electrical noise on its output. It's dynamic load
response time (The time power supply takes to respond to changes in the load current) is very short.

Low Cost:
For output power of less than 10W, linear power supply's component costs and manufacturing costs
are less than the comparable switching power supply's cost.

Disadvantages of Linear Power Supply

Range of application:
It can be used only as a step down regulator. In case of AC-DC power supplies, a transformer with
rectification and filtering must be placed before the linear power supply. This pre-power conditioning
increases the cost.

Number of Outputs:
It has only one output voltage. To get additional output voltage, an entire separate linear regulator
must be added. It increases system cost.

Average Efficiency:
Normally linear regulators have 30% to 60% efficiency. It means for every watt delivered to the load,
more than one watt is lost within the supply. This loss is called headroom loss. It occurs in the pass-
transistor. Heat sink is required over the transistor for the heat dissipation. It occupies space and
increase in system.

Advantages of Switching Power Supply:


Higher Efficiency:

 Switching Power supplies have efficiency of 68% to 90% regardless of the input voltage.
Thus drastically reducing heat sink size, cost.
Low cost and size:
Frequency of operation of magnetic components (Inductors, Capacitors) are very much greater than
line frequency. It reduces the size and cost of components particularly at high power levels.

Disadvantages of Switching Power Supply:


The design is more complicated and time-consuming.

We had seen the linear regulator and smps advantages disadvantages. Now we will see the
applications of them.

Applications of Linear and Switching Power Supplies:

1. Linear regulators are chosen for low power, board level regulation where the power
distribution system within the product is highly variable and load's supply voltage needs
are restricted.
2. They are uses in circuits where a quiet supply voltage is necessary, such as analog, audio,
or interface circuits.
3. They are also used where a low overhead cost is required and heat generation is not a
problem.
4. Switching power supplies are used in situations where high supply efficiency is necessary
and the handheld applications where battery life and internal external temperatures are
important.

SMPS or switched mode power supply is an electronics device that is used to convert AC to DC,
AC to AC, DC to DC and DC to AC voltages. The circuit consists of transformer, rectifier,
voltage regulator and a filter. The input supply is turned On and Off by MOSFETs and outputs a
high efficiency, regulated voltage. The SMPS used in computers is of AC to DC type supply.
SMPS parts and Connectors

Power-IN. The power-IN connector as shown in the figure is the input for MAINS supply. A
power cable is inserted here, the other end of which is connected to mains supply. The input
supply gets converted to DC supply.

Power-OUT. The power-OUT connector is connected directly to the Power-IN connector from
inside the supply unit. It supplies the same AC supply that is fed to power-IN socket. The power-
OUT connector is used to give supply to monitors or any display unit.

FAN. If you look at the back side of Computer-SMPS, you will find a FAN at the right side. The
FAN as you can see, blows the air out and is only used to dissipate the internal heat from the
SMPS since the switching is done at high frequencies which create a lot of heat inside.

ATX connector. As you can see in the image, it is a 24-pin female connector which is used to
supply DC supply to the motherboards. Various color-coded wires connect to this connector and
each colored wire supplies distinct DC voltage which is explained in the chart below.
Wire colour DC Voltage

Red +5 V

Yellow +12V

Black Ground

Blue -12V

Grey Power Good

Green Power On
Purple +5V StandBy

Orange +3.3V

Brown/Orange +3.3V Sense

White -5V (optional)

ATX-12V connector. Latest SMPS power supplies are accompanied by an extra 4-pin connector which
supplies 12 volts to energize the central processing unit and other components of the motherboard.

AT Connectors. Earlier motherboards used to support AT connectors (6-pin each) also called P8
and P9 connectors to supply power to these motherboards (up to 486 boards).
Wire Colour DC Voltage

Red +5V

White -5V

Black Ground or 0V

Blue -12V

Yellow +12V
Orange + 5V ( PG)

4-PIN connectors. There are multiple 4-pin connectors that draw out from the SPMS unit. These
connectors are used to supply DC power to various peripherals of computer like a floppy disk
drive, hard disk drive or DVD-writers.

Wire Colour DC Voltage Used For

Yellow +12 V Motors

Black GND

Black GND
Red +5V Logic circuit

SATA-output connector. To feed the power to latest SATA hard drives, these connectors are
used.

How to test computer SMPS

RAM
RAM (Random Access Memory) is the internal memory of the CPU for storing data, program,
and program result. It is a read/write memory which stores data until the machine is working. As
soon as the machine is switched off, data is erased.
Access time in RAM is independent of the address, that is, each storage location inside the
memory is as easy to reach as other locations and takes the same amount of time. Data in the
RAM can be accessed randomly but it is very expensive.

RAM is volatile, i.e. data stored in it is lost when we switch off the computer or if there is a
power failure. Hence, a backup Uninterruptible Power System (UPS) is often used with
computers. RAM is small, both in terms of its physical size and in the amount of data it can hold.

RAM is of two types

 Static RAM (SRAM)


 Dynamic RAM (DRAM)

Static RAM (SRAM)

The word static indicates that the memory retains its contents as long as power is being supplied.
However, data is lost when the power gets down due to volatile nature. SRAM chips use a matrix
of 6-transistors and no capacitors. Transistors do not require power to prevent leakage, so SRAM
need not be refreshed on a regular basis.

There is extra space in the matrix, hence SRAM uses more chips than DRAM for the same
amount of storage space, making the manufacturing costs higher. SRAM is thus used as cache
memory and has very fast access.

Characteristic of Static RAM

 Long life
 No need to refresh
 Faster
 Used as cache memory
 Large size
 Expensive
 High power consumption

Dynamic RAM (DRAM)

DRAM, unlike SRAM, must be continually refreshed in order to maintain the data. This is done
by placing the memory on a refresh circuit that rewrites the data several hundred times per
second. DRAM is used for most system memory as it is cheap and small. All DRAMs are made
up of memory cells, which are composed of one capacitor and one transistor.

Characteristics of Dynamic RAM

 Short data lifetime


 Needs to be refreshed continuously
 Slower as compared to SRAM
 Used as RAM
 Smaller in size
 Less expensive
 Less power consumption

Mass storage devices

The first invention that revolutionized storage for the personal computer industry was the
introduction of floppy disks. Similar to tape, these magnetic storage devices were flat discs that
rotated within a sleeve. The original 5-inch size soon had an 8-inch larger version to store more
data, and both of these were eventually replaced by a smaller 3½-inch size that actually stored
more data–up to 1.44 megabytes. These were great improvements, but speed and reliability were
still a problem. Today, floppy disks have been almost entirely replaced by other storage devices,
such as CDs and DVDs, that are faster, more reliable, and have huge storage capacities.

Hard Disk Drives

Modern external hard drive

The addition of hard disk drives finally gave personal computers more reliable storage, with
faster loading and saving of programs and data. Similar to the concept of floppy disks, the
magnetic medium was placed on a hard metal platter that could spin much faster. Hard drives
soon became standard internal devices on PCs, although storage capacities of 20, 32 and 40
megabytes were filled rather rapidly. External hard drives, which are still in use, became
desirable add-ons. Today, however, external hard drives are small, fast, inexpensive and
available in storage capacities of 500 gigabytes and even 1 terabyte (1,000 gigabytes).

Jumper Settings on Mass Storage Devices

How to physically install, set jumper settings, and set up a Serial ATA, EIDE, or SSD drive in Windows
Physical Installation: Critical: Hard drives and Solid State drives (SSD) are highly sensitive precision
instruments that read, write, and store information. Special handling is required to protect hard drives
from damage. Hard drives can be damaged by Electrostatic Discharge (ESD). Before handling, please use
a grounding strap to protect your hard drive and other electronic computer equipment from ESD damage.

1. Turn the system's power off

2. Mount the drive in the system o Desktop Drives: The drive can be mounted in a standard 3.5"device
bay. The drive can be mounted sideways, on end, or even upside down as long as the mounting screws are
used properly. Use either the four bottom screws or four of the side mounting screws to support the drive.
This will prevent vibration and provide additional electrical grounding. o Mobile Drives: Mobile drive
installation will vary based on the manufacturing of the system it is being placed in. Please contact your
system manufacturer for instructions on mounting your drive in your system.

3. Set the jumpers Jumper settings will vary, depending on the drive model. There is generally no need to
change the default jumper setting in order to use the drive. Your drive's label will show the exact jumper
settings your drive supports. See the images below for examples of our most common jumper settings.
Serial ATA (SATA) I, II, and 6 Gb/s Hard Drive Jumper Settings for 3.5" drives:

Important: Caviar Black drives that have a model number of WD1002FAEX-00Y9A0 use the SATA 3.0
Gb/s pin layout - setting Jumpers 5 & 6 on these model drives will enable OPT1 which will set your drive
to 1.5 Gb/s. Please Contact Us with any questions or issues with the jumper settings on this model drive.
Advanced Format Special Jumper Setting: (for select 3.5" ADF drives only) SATA Mobile Hard Drive
Jumper Settings: EIDE (PATA) Desktop Hard Drive Jumper Settings: EIDE (PATA) Mobile Hard Drive
Jumper Settings:

4. Attach the power supply cable To supply power to the drive you may use either the SATA power
connector or the legacy ATA-4-pin (Molex) power connector on the back of the drive (see image below).
Important: If your drive has both power connectors, do not connect both the SATA and the legacy ATA
power cable to the drive at the same time. This may result in damage to the drive.

5. Attach the EIDE (PATA) or SATA interface cable: SATA Drives: The drive can be
configured in one of two ways: o Connected to a SATA host adapter card installed to the
system. o Connected directly to a Serial ATA connector on the motherboard Unlike EIDE
cables, either end of a standard SATA cable can be connected to the drive. Once you
have connected the cable to the drive, connect the other end into the SATA host adapter
card, or the motherboard. SATA interface cables have keyed connectors to prevent
incorrect installation. Make sure the cable is no longer than 39 inches to minimize line
noise and to remain within the SATA specification.
(This illustration shows the drive being connected the motherboard.)

EIDE (PATA) Drives:

o Connect the EIDE (PATA) Interface Cable to the hard drive(s):

a. If installing the hard drive as the only drive on the cable: Connect the black connector of the EIDE
(PATA) interface cable to the drive.

b. If installing two drives on the same EIDE (PATA) interface cable: Jumper the bootable drive as
Master, and the other drive as Slave; then connect the Master drive to the black connector of the EIDE
(PATA) interface cable, and the Slave drive to the gray connector.
o Connect the IDE Interface Cable to the Motherboard: Attach the blue end of the IDE interface cable to
the 40-pin connector on the motherboard. Match pin 1 on the IDE interface cable to the connector on the
motherboard.

6. Power on Your Computer

1. Replace the system cover, reconnect the power cord, and power on the system. At startup, the
computer will display all the devices detected on the system.

2. If the drive you installed is not detected, restart the computer.

3. At startup, run the CMOS Setup program and configure your BIOS so your drive is detected. Your
system or motherboard manual should provide these instructions. If it does not you will need to contact
your system or motherboard manufacturer for assistance.

4. Restart the system to make sure the drive is detected.


UNIT-3
Introduction to Networks and LAN components
NETWORK BASICS
What Is a Network?
A Network is two or more computers that are connected with a communications line for purposes of sharing
resources.
Need for network
Basic network that connects two PC’s so that they can share each other’s files.

Network classification
So, if two (or more) computers connect to each other over a telephone line or through a piece of cable or even
through a wireless connection and the users are able to access ad share files and peripheral devices on the other
computers, a network is formed.

As you might guess, there are different levels and types of networks. Networks are classified by the size and
scope of the area they serve. The most common classifications for networks are as follows:
▼ Local area network (LAN) usually computers connected to a network that is confined to a single office or
building. The network in an office or a school’s computer lab is typically a LAN.
■ Campus area network (CAN) A variation of a LAN that extends to include computers in buildings that are in
close proximity to one another, such as in an office park or campus setting. The network that connects the
buildings of a college or a manufacturing company’s buildings is an example of a CAN.
■ Wide area network (WAN) Interconnects LANs and computers that are located over a large geographical area.
Typically, the WAN is built on dedicated high-speed communications lines. The big WAN is the Internet, which
is actually a network of networks (something called a nexus), but the network that connects the New York office
of a company to its plant in Washington State is also a WAN.
▲ Metropolitan area network (MAN) A type of WAN that interconnects LANs and computers within a specific
geographical area, such as a city or a cluster of campuses or office parks. Several cities, including Cleveland,
Chicago, and Spokane, have established MANs to provide connectivity to downtown businesses.

Network Standards
Networking standards define the rules for data communications that are needed for
interoperability of networking technologies and processes. Standards help in creating and
maintaining open markets and allow different vendors to compete on the basis of the quality of
their products while being compatible with existing market products.
During data communication, a number of standards may be used simultaneously at the different
layers. The commonly used standards at each layer are −

 Application layer − HTTP, HTML, POP, H.323, IMAP


 Transport layer − TCP, SPX
 Network layer −IP, IPX
 Data link layer − Ethernet IEEE 802.3, X.25, Frame Relay
 Physical layer −RS-232C (cable), V.92 (modem)
Types of Standards
Standards are of two types

 De facto − These are the standards that are followed without any formal plan or approval by any
organization. They have come into existence due to traditions or facts. For example, the HTTP
had started as a de facto standard.
 De jure − These standards are the ones which have been adopted through legislation by any
officially recognized standards organization. Most of the communication standards that are used
today are de jure standards.
Standards Organizations
Some of the noted standards organizations are

 International Standards Organization (ISO)


 International Telecommunication Union (ITU)
 Institute of Electronics and Electrical Engineers (IEEE)
 American National Standards Institute (ANSI)
 Internet Research Task Force (IETF)
 Electronic Industries Association (EIA)
Standards in the network world work the same way. There are regulated standards such as those published by
the International Telecommunication Union (ITU), the American National Standards Institute (ANSI), and the
Institute of Electrical and Electronics Engineers (IEEE). There are also de facto standards, such as those put
forth by network vendors, such as Cisco, and adopted over time by everyone else.

ITU (International Telecommunication Union)


TheInternational Telecommunication Union (ITU) is made up of telecommunication policy makers and
regulators, network operators, equipment manufacturers, hardware and software developers, regional
standards-making organizations, and financing institutions. The activities, policies, and strategic direction of
the ITU are determined and shaped by the industry it serves.
The three sectors of the ITU are Radiocommunication (ITU-R), Telecommunication Standardization (ITU-T),
and Telecommunication Development (ITU-D).
 ITU-R draws up the technical characteristics of terrestrial and space-based wireless services and
systems, and develops operational procedures. It also undertakes the important technical studies,
which serve as a basis for the regulatory decisions made at radio communication conferences.
 ITU-T experts prepare the technical specifications for telecommunication systems, networks, and
services, including their operation, performance, and maintenance. Their work also covers the tariff
principles and accounting methods used to provide international service.
 ITU-D experts focus their work on the preparation and development of recommendations, opinions,
guidelines, handbooks, manuals and reports. These documents provide decision makers with "best
business practices" relating to a host of issues ranging from development strategies and policies to
network management.
Each of the three ITU sectors works through conferences and meetings at which members negotiate the
agreements that serve as the basis for the operation of global telecommunication services. The activities of the
ITU cover all aspects of telecommunication: setting standards that facilitate seamless interworking of
equipment and systems on a global basis; adopting operational procedures for the vast and growing array of
wireless services; and designing programs to improve telecommunication infrastructure in the developing
world.

ANSI (American National Standards Institute)


American National Standards Institute (ANSI) serves as administrator and coordinator of the United States
private-sector voluntary standardization system. ANSI was founded in 1918 by five engineering societies and
three governmental agencies, and is a private, nonprofit membership organization. ANSI ensures each foot-
long ruler is accurate in its dimensions, for instance, essentially using a ruler to measure a ruler. ANSI ensures
that each inch on the ruler is in fact 1 inch, and that the foot-long ruler is in fact made up of 12 of these inches.
ANSI, like the ITU, regulates telecommunications standards; unlike the ITU, however, ANSI regulates
standards in North America, whereas the ITU regulates standards in Europe. For example, ANSI regulates
the T1 telecommunications standard, whereas the ITU regulates the E1 telecommunications standard in
Europe.

IEEE 802 Group


The Institute of Electrical and Electronics Engineers (IEEE, pronounced "eye-triple-E") is a nonprofit,
technical professional association in 150 countries. The IEEE is a leading authority in technical areas ranging
from computer engineering, to biomedical technology, to telecommunications, to electric power, to aerospace
and consumer electronics. The IEEE produces 30 percent of the world's published literature in electrical
engineering, computers, and control technology and has nearly 900 active standards with 700 under
development.
Some of the best-known IEEE standards are as follows:
 IEEE 802.1 (LAN/MAN)
 IEEE 802.3 (Ethernet)
 IEEE 802.5 (Token Ring)
 IEEE 802.11 (Wireless LAN)
IEEE 802.1 LAN/MAN Standards

The IEEE 802.1 group defined internetworking standards, with IEEE 802.1d and IEEE 802.1q used in the
local-area networking environment. The standards are as follows:
 IEEE 802.1d?Spanning Tree Protocol (STP)? STP is a link-management protocol that is part of the
IEEE 802.1 standard for Media Access Control bridges and is used for Layer 2 redundancy. Using the
spanning-tree algorithm, STP provides redundant paths through the LAN while preventing loops in
the LAN that are created by multiple active paths between stations. These multiple paths, or loops,
occur when there are alternative routes between hosts. To establish path redundancy, STP creates a
tree that spans all the switches in an extended network, forcing redundant paths into a standby, or
blocked, state. STP allows for one active path at a time between any two network devices, preventing
loops, but establishing the redundant links as a backup (in case the primary link fails). If a change
occurs in the LAN, such as a network segment becoming unreachable, the spanning-tree algorithm
reconfigures the tree topology and reestablishes the link by activating the standby path. Without STP
in place, both primary and redundant connections might be simultaneously live, resulting in an endless
loop of traffic on the LAN. Chapter 7, "Spanning Tree Protocol (STP)," discusses STP in more detail.
 IEEE 802.1q?virtual LANs (VLANs)? A VLAN is a network of computers that behaves as if the
computers are connected to the same physical network segment, even though these computers might
be physically located on different segments of a LAN. VLANs are configured in software and are not
limited by physical location or to specific switch ports. This makes VLANS flexible to use within a
network. One of the advantages of VLANs is that when a computer is physically moved to another
location, it can stay on the same VLAN without any end-device or protocol reconfiguration. Chapter
9, "Switching Security," discusses VLANs in more detail.
IEEE 802.3 Ethernet Standards

Several Ethernet standards are used in today's network environment. Some of these standards dictate the
bandwidth and operation of the Ethernet LAN, such as Ethernet and Fast Ethernet, whereas other standards
dictate how these Ethernet networks function, such as the STP.
Ethernet is a half-duplex shared-media LAN in which each station on the segment uses part of the total
bandwidth. The total LAN bandwidth for Ethernet is 10 megabits per second (Mbps?Ethernet) or 100 Mbps
(Fast Ethernet). Ethernet and Fast Ethernet can operate in either half-duplex or full-duplex mode; half-duplex
Ethernet shares the LAN media, whereas full-duplex mode has separate LAN media dedicated to the sending
and receiving side of the network interface card (NIC). The 1000 Mbps (Gigabit Ethernet) is not a shared-
media LAN implementation because Gigabit Ethernet operates in full-duplex mode only. Hubs enable shared-
media LANs, and switches enable dedicated-media LANs. With switched Ethernet, each sender and receiver
pair has the full bandwidth available for use, as illustrated in Figure 2-5
Note:-Switched Ethernet networks enable the creation of virtual LANs, or VLANs.
The IEEE 802.3 standards define how the Ethernet standard is used in the networking environment. These
802.3 standards are as follows:
 IEEE 802.3 (Ethernet)? 10-Mbps Ethernet specification developed by Xerox, served as the basis for
the IEEE 802.3 standard. This specification describes the use of carrier sense multiple access collision
detect (CSMA/CD) in handling the simultaneous demands for network access. Often used in LAN
environments.
 IEEE 802.3u (Fast Ethernet)? 100-Mbps Ethernet specification working at 10 times the speed of 10-
Mbps Ethernet. Often used in LAN environments.
 IEEE 802.3z (Gigabit Ethernet)? 1000-Mbps/1-Gbps Ethernet specification that transfers data at 1
gigabit per second (1000 Mbps). Often used in large LAN environments at the core layer.
 IEEE 802.3ae (10Gigabit Ethernet)? 10,000-Mbps/10-Gbps Ethernet specification that transfers data
at 10 gigabits per second (10,000 Mbps). Often used in metropolitan-area networks (MANs).

Note:-CSMA/CD is a standard enabling Ethernet hosts to detect a collision.


In a half-duplex Ethernet environment, collisions occur when two nodes
begin sending traffic at the same time. Collisions do not occur in full-duplex
Ethernet environments. After detecting a collision, the host waits a random
amount of time and then tries retransmitting the message. If the sending host
detects a collision again when trying to send the same frame, the host waits an
exponentially increasing amount of time after each transmission attempt
before resending.

IEEE 802.5 Token Ring Standards

With Ethernet, any host on the network can send data at any time, as long as no one else is on the line. In
contrast, the Token Ring works by passing a token around the network, almost like a relay-race runner passing
the baton to the next runner. When a host has possession of this token, it has the right to send data across the
network, just as the relay runner can run only when in possession of the baton. If a host has nothing to send, it
passes the token to the next host down the line in the network.
IEEE 802.5 is a related specification and compatible with the Token Ring standard developed by IBM. Token
Ring refers to both IBM Token Ring and IEEE 802.5 network implementations. IBM originally developed the
Token Ring network in the 1970s; however, IBM gave up on Token Ring in favor of Ethernet several years
ago.
Token Ring is a LAN in which all the hosts are arranged in a logical circle. A special frame, called the token,
travels around the circle. To send a message, a host catches the token, attaches its data, and then lets it continue
to travel around the network. Token Ring is not found in many LANs nowadays because of its slow speed as
compared to Ethernet LANs.
Note:-The IEEE 802.5 specification was modeled after the IBM Token Ring
specification.

IEEE 802.11 Wireless LAN (WLAN) Standards


The IEEE 802.11 standard refers to a family of specifications developed for wireless LAN technology. IEEE
802.11 specifies an over-the-air interface between a wireless client and a base station, such as a wireless laptop
and a wireless base unit or between two wireless clients, such as between two wireless laptops.
Figure 2-6 illustrates a wireless LAN between a laptop and a base unit, with the base unit connected to the
Internet, either in the home or the office. The base unit can enable multiple users to share the same Internet
connection as long as each user has a wireless-LAN-capable device. The benefit here is straightforward: no
wires to get tangled or cables to be hidden. Wireless LANs raise other issues? the most notable is the broadcast
of your data into the open air. Wireless LANs should not be implemented without some sort of encryption to
protect your data from being stolen out of the air.
Figure 2-6. Wireless LAN Between a Laptop and a Base Unit

Note:-The printer itself does not have to be wireless capable or wireless ready; the printer can be attached to a
wireless base unit to enable wireless connectivity.

Topologies:-
A Network Topology is the arrangement with which computer systems or network devices are
connected to each other. Topologies may define both physical and logical aspect of the network.
Both logical and physical topologies could be same or different in a same network.
Point-to-Point
Point-to-point networks contains exactly two hosts such as computer, switches or routers,
servers connected back to back using a single piece of cable. Often, the receiving end of one
host is connected to sending end of the other and vice-versa.

If the hosts are connected point-to-point logically, then may have multiple intermediate devices.
But the end hosts are unaware of underlying network and see each other as if they are connected
directly.

Bus Topology
In case of Bus topology, all devices share single communication line or cable.Bus topology may
have problem while multiple hosts sending data at the same time. Therefore, Bus topology
either uses CSMA/CD technology or recognizes one host as Bus Master to solve the issue. It is
one of the simple forms of networking where a failure of a device does not affect the other
devices. But failure of the shared communication line can make all other devices stop
functioning.

Both ends of the shared channel have line terminator. The data is sent in only one direction and
as soon as it reaches the extreme end, the terminator removes the data from the line.
Star Topology
All hosts in Star topology are connected to a central device, known as hub device, using a point-
to-point connection. That is, there exists a point to point connection between hosts and hub. The
hub device can be any of the following:

 Layer-1 device such as hub or repeater


 Layer-2 device such as switch or bridge
 Layer-3 device such as router or gateway

As in Bus topology, hub acts as single point of failure. If hub fails, connectivity of all hosts to
all other hosts fails. Every communication between hosts, takes place through only the hub.Star
topology is not expensive as to connect one more host, only one cable is required and
configuration is simple.

Ring Topology
In ring topology, each host machine connects to exactly two other machines, creating a circular
network structure. When one host tries to communicate or send message to a host which is not
adjacent to it, the data travels through all intermediate hosts. To connect one more host in the
existing structure, the administrator may need only one more extra cable.
Failure of any host results in failure of the whole ring.Thus, every connection in the ring is a
point of failure. There are methods which employ one more backup ring.

Mesh Topology
In this type of topology, a host is connected to one or multiple hosts.This topology has hosts in
point-to-point connection with every other host or may also have hosts which are in point-to-
point connection to few hosts only.
Hosts in Mesh topology also work as relay for other hosts which do not have direct point-to-
point links. Mesh technology comes into two types:

 Full Mesh: All hosts have a point-to-point connection to every other host in the network. Thus
for every new host n(n-1)/2 connections are required. It provides the most reliable network
structure among all network topologies.
 Partially Mesh: Not all hosts have point-to-point connection to every other host. Hosts connect
to each other in some arbitrarily fashion. This topology exists where we need to provide
reliability to some hosts out of all.

Tree Topology
Also known as Hierarchical Topology, this is the most common form of network topology in
use presently.This topology imitates as extended Star topology and inherits properties of bus
topology.
This topology divides the network in to multiple levels/layers of network. Mainly in LANs, a
network is bifurcated into three types of network devices. The lowermost is access-layer where
computers are attached. The middle layer is known as distribution layer, which works as
mediator between upper layer and lower layer. The highest layer is known as core layer, and is
central point of the network, i.e. root of the tree from which all nodes fork.
All neighboring hosts have point-to-point connection between them.Similar to the Bus
topology, if the root goes down, then the entire network suffers even.though it is not the single
point of failure. Every connection serves as point of failure, failing of which divides the
network into unreachable segment.

Daisy Chain
This topology connects all the hosts in a linear fashion. Similar to Ring topology, all hosts are
connected to two hosts only, except the end hosts.Means, if the end hosts in daisy chain are
connected then it represents Ring topology.

Each link in daisy chain topology represents single point of failure. Every link failure splits the
network into two segments.Every intermediate host works as relay for its immediate hosts.

Hybrid Topology
A network structure whose design contains more than one topology is said to be hybrid
topology. Hybrid topology inherits merits and demerits of all the incorporating topologies.
The above picture represents an arbitrarily hybrid topology. The combining topologies may
contain attributes of Star, Ring, Bus, and Daisy-chain topologies. Most WANs are connected by
means of Dual-Ring topology and networks connected to them are mostly Star topology
networks. Internet is the best example of largest Hybrid topology.

Network Components
Computer networks components comprise both physical parts as well as the software required
for installing computer networks, both at organizations and at home. The hardware components
are the server, client, peer, transmission medium, and connecting devices. The software
components are operating system and protocols.
The following figure shows a network along with its components −
Hardware Components
 Servers −Servers are high-configuration computers that manage the resources of the network.
The network operating system is typically installed in the server and so they give user accesses to
the network resources. Servers can be of various kinds: file servers, database servers, print servers
etc.
 Clients − Clients are computers that request and receive service from the servers to access and
use the network resources.
 Peers − Peers are computers that provide as well as receive services from other peers in a
workgroup network.
 Transmission Media − Transmission media are the channels through which data is transferred
from one device to another in a network. Transmission media may be guided media like coaxial
cable, fibre optic cables etc; or maybe unguided media like microwaves, infra-red waves etc.
 Connecting Devices − Connecting devices act as middleware between networks or computers, by
binding the network media together. Some of the common connecting devices are:
a. Routers
b. Bridges
c. Hubs
d. Repeaters
e. Gateways
f. Switches

Software Components
 Networking Operating System − Network Operating Systems is typically installed in the server
and facilitate workstations in a network to share files, database, applications, printers etc.
 Protocol Suite − A protocol is a rule or guideline followed by each computer for data
communication. Protocol suite is a set of related protocols that are laid down for computer
networks. The two popular protocol suites are −
o a. OSI Model ( Open System Interconnections)
o b. TCP / IP Model

Connectors:
RJ-11, RJ-45

STP cable uses IBM data connector (IDC) or universal data connector (UDC) ends and connects to token ring
networks. While you need to know STP for the exam, you are not required to have any knowledge of the
connectors associated with it. You must, however, know that most UTP cable uses RJ-45 connectors, which
look like telephone connectors (RJ-11) but have eight wires instead of four.

Network devices
1. Repeater – A repeater operates at the physical layer. Its job is to regenerate the signal over the
same network before the signal becomes too weak or corrupted so as to extend the length to
which the signal can be transmitted over the same network. An important point to be noted about
repeaters is that they do not amplify the signal. When the signal becomes weak, they copy the
signal bit by bit and regenerate it at the original strength. It is a 2 port device.

2. Hub – A hub is basically a multiport repeater. A hub connects multiple wires coming from
different branches, for example, the connector in star topology which connects different stations.
Hubs cannot filter data, so data packets are sent to all connected devices. In other
words, collision domain of all hosts connected through Hub remains one. Also, they do not have
intelligence to find out best path for data packets which leads to inefficiencies and wastage.

Types of Hub
 Active Hub:- These are the hubs which have their own power supply and can clean, boost
and relay the signal along with the network. It serves both as a repeater as well as wiring
centre. These are used to extend the maximum distance between nodes.

 Passive Hub :- These are the hubs which collect wiring from nodes and power supply from
active hub. These hubs relay signals onto the network without cleaning and boosting them
and can’t be used to extend the distance between nodes.

3. Bridge – A bridge operates at data link layer. A bridge is a repeater, with add on the
functionality of filtering content by reading the MAC addresses of source and destination. It is
also used for interconnecting two LANs working on the same protocol. It has a single input and
single output port, thus making it a 2 port device.

Types of Bridges
 Transparent Bridges:- These are the bridge in which the stations are completely unaware of the
bridge’s existence i.e. whether or not a bridge is added or deleted from the network, reconfiguration
of
the stations is unnecessary. These bridges make use of two processes i.e. bridge forwarding and
bridge learning.

 Source Routing Bridges:- In these bridges, routing operation is performed by source station and
the frame specifies which route to follow. The hot can discover frame by sending a special frame
called discovery frame, which spreads through the entire network using all possible paths to
destination.

4. Switch – A switch is a multiport bridge with a buffer and a design that can boost its
efficiency(a large number of ports imply less traffic) and performance. A switch is a data link
layer device. The switch can perform error checking before forwarding data that makes it very
efficient as it does not forward packets that have errors and forward good packets selectively to
correct port only. In other words, switch divides collision domain of hosts, but broadcast
domain remains same.
5. Routers – A router is a device like a switch that routes data packets based on their IP
addresses. Router is mainly a Network Layer device. Routers normally connect LANs and
WANs together and have a dynamically updating routing table based on which they make
decisions on routing the data packets. Router divide broadcast domains of hosts connected
through it.

6. Gateway – A gateway, as the name suggests, is a passage to connect two networks together
that may work upon different networking models. They basically work as the messenger agents
that take data from one system, interpret it, and transfer it to another system. Gateways are also
called protocol converters and can operate at any network layer. Gateways are generally more
complex than switch or router.

7. Brouter – It is also known as bridging router is a device which combines features of both
bridge and router. It can work either at data link layer or at network layer. Working as router, it is
capable of routing packets across networks and working as bridge, it is capable of filtering local
area network traffic.

UNIT-4
Network Addressing and Management
Network Addressing
o Network Addressing is one of the major responsibilities of the network layer.
o Network addresses are always logical, i.e., software-based addresses.
o A host is also known as end system that has one link to the network. The boundary between the host and
link is known as an interface. Therefore, the host can have only one interface.
o A router is different from the host in that it has two or more links that connect to it. When a router forwards
the datagram, then it forwards the packet to one of the links. The boundary between the router and link is
known as an interface, and the router can have multiple interfaces, one for each of its links. Each interface
is capable of sending and receiving the IP packets, so IP requires each interface to have an address.
o Each IP address is 32 bits long, and they are represented in the form of "dot-decimal notation" where each
byte is written in the decimal form, and they are separated by the period. An IP address would look like
193.32.216.9 where 193 represents the decimal notation of first 8 bits of an address, 32 represents the
decimal notation of second 8 bits of an address.

Let's understand through a simple example.

o In the above figure, a router has three interfaces labeled as 1, 2 & 3 and each router interface contains its
own IP address.
o Each host contains its own interface and IP address.
o All the interfaces attached to the LAN 1 is having an IP address in the form of 223.1.1.xxx, and the
interfaces attached to the LAN 2 and LAN 3 have an IP address in the form of 223.1.2.xxx and 223.1.3.xxx
respectively.
o Each IP address consists of two parts. The first part (first three bytes in IP address) specifies the network
and second part (last byte of an IP address) specifies the host in the network.

Classful Addressing
An IP address is 32-bit long. An IP address is divided into sub-classes:

o Class A
o Class B
o Class C
o Class D
o Class E

An ip address is divided into two parts:

o Network ID: It represents the number of networks.


o Host ID: It represents the number of hosts.

In the above diagram, we observe that each class have a specific range of IP addresses. The class of IP address is
used to determine the number of bits used in a class and number of networks and hosts available in the class.

Class A
In Class A, an IP address is assigned to those networks that contain a large number of hosts.
o The network ID is 8 bits long.
o The host ID is 24 bits long.

In Class A, the first bit in higher order bits of the first octet is always set to 0 and the remaining 7 bits determine the
network ID. The 24 bits determine the host ID in any network.

The total number of networks in Class A = 27 = 128 network address

The total number of hosts in Class A = 224 - 2 = 16,777,214 host address

Class B
In Class B, an IP address is assigned to those networks that range from small-sized to large-sized networks.

o The Network ID is 16 bits long.


o The Host ID is 16 bits long.

In Class B, the higher order bits of the first octet is always set to 10, and the remaining14 bits determine the network
ID. The other 16 bits determine the Host ID.

The total number of networks in Class B = 214 = 16384 network address

The total number of hosts in Class B = 216 - 2 = 65534 host address

Class C
In Class C, an IP address is assigned to only small-sized networks.

o The Network ID is 24 bits long.


o The host ID is 8 bits long.

In Class C, the higher order bits of the first octet is always set to 110, and the remaining 21 bits determine the
network ID. The 8 bits of the host ID determine the host in a network.

The total number of networks = 221 = 2097152 network address


The total number of hosts = 28 - 2 = 254 host address

Class D
In Class D, an IP address is reserved for multicast addresses. It does not possess subnetting. The higher order bits of
the first octet is always set to 1110, and the remaining bits determines the host ID in any network.

Class E
In Class E, an IP address is used for the future use or for the research and development purposes. It does not possess
any subnetting. The higher order bits of the first octet is always set to 1111, and the remaining bits determines the
host ID in any network.

Rules for assigning Host ID:


The Host ID is used to determine the host within any network. The Host ID is assigned based on the following rules:

o The Host ID must be unique within any network.


o The Host ID in which all the bits are set to 0 cannot be assigned as it is used to represent the network ID of
the IP address.
o The Host ID in which all the bits are set to 1 cannot be assigned as it is reserved for the multicast address.

Rules for assigning Network ID:


If the hosts are located within the same local network, then they are assigned with the same network ID. The
following are the rules for assigning Network ID:
o The network ID cannot start with 127 as 127 is used by Class A.
o The Network ID in which all the bits are set to 0 cannot be assigned as it is used to specify a particular host
on the local network.
o The Network ID in which all the bits are set to 1 cannot be assigned as it is reserved for the multicast
address.

Network protocols
Network Protocols are a set of rules governing exchange of information in an easy, reliable and
secure way. Before we discuss the most common protocols used to transmit and receive data
over a network, we need to understand how a network is logically organized or designed. The
most popular model used to establish open communication between two systems is the Open
Systems Interface (OSI) model proposed by ISO.

OSI Model
OSI model is not a network architecture because it does not specify the exact services and
protocols for each layer. It simply tells what each layer should do by defining its input and
output data. It is up to network architects to implement the layers according to their needs and
resources available.
These are the seven layers of the OSI model −
 Physical layer −It is the first layer that physically connects the two systems that need to
communicate. It transmits data in bits and manages simplex or duplex transmission by
modem. It also manages Network Interface Card’s hardware interface to the network,
like cabling, cable terminators, topography, voltage levels, etc.
 Data link layer − It is the firmware layer of Network Interface Card. It assembles
datagrams into frames and adds start and stop flags to each frame. It also resolves
problems caused by damaged, lost or duplicate frames.
 Network layer − It is concerned with routing, switching and controlling flow of
information between the workstations. It also breaks down transport layer datagrams
into smaller datagrams.
 Transport layer − Till the session layer, file is in its own form. Transport layer breaks it
down into data frames, provides error checking at network segment level and prevents a
fast host from overrunning a slower one. Transport layer isolates the upper layers from
network hardware.
 Session layer − This layer is responsible for establishing a session between two
workstations that want to exchange data.
 Presentation layer − This layer is concerned with correct representation of data, i.e.
syntax and semantics of information. It controls file level security and is also
responsible for converting data to network standards.
 Application layer − It is the topmost layer of the network that is responsible for sending
application requests by the user to the lower levels. Typical applications include file
transfer, E-mail, remote logon, data entry, etc.
It is not necessary for every network to have all the layers. For example, network layer is not
there in broadcast networks.
When a system wants to share data with another workstation or send a request over the network,
it is received by the application layer. Data then proceeds to lower layers after processing till it
reaches the physical layer.
At the physical layer, the data is actually transferred and received by the physical layer of the
destination workstation. There, the data proceeds to upper layers after processing till it reaches
application layer.
At the application layer, data or request is shared with the workstation. So each layer has
opposite functions for source and destination workstations. For example, data link layer of the
source workstation adds start and stop flags to the frames but the same layer of the destination
workstation will remove the start and stop flags from the frames.
Let us now see some of the protocols used by different layers to accomplish user requests.

TCP/IP
TCP/IP stands for Transmission Control Protocol/Internet Protocol. TCP/IP is a set of
layered protocols used for communication over the Internet. The communication model of this
suite is client-server model. A computer that sends a request is the client and a computer to
which the request is sent is the server.
TCP/IP has four layers −
 Application layer − Application layer protocols like HTTP and FTP are used.
 Transport layer − Data is transmitted in form of datagrams using the Transmission
Control Protocol (TCP). TCP is responsible for breaking up data at the client side and
then reassembling it on the server side.
 Network layer − Network layer connection is established using Internet Protocol (IP) at
the network layer. Every machine connected to the Internet is assigned an address called
IP address by the protocol to easily identify source and destination machines.
 Data link layer − Actual data transmission in bits occurs at the data link layer using the
destination address provided by network layer.
TCP/IP is widely used in many communication networks other than the Internet.

FTP
As we have seen, the need for network came up primarily to facilitate sharing of files between
researchers. And to this day, file transfer remains one of the most used facilities.The protocol
that handles these requests is File Transfer Protocol or FTP.

Using FTP to transfer files is helpful in these ways −


 Easily transfers files between two different networks
 Can resume file transfer sessions even if connection is dropped, if protocol is configure
appropriately
 Enables collaboration between geographically separated teams
PPP
Point to Point Protocol or PPP is a data link layer protocol that enables transmission of TCP/IP
traffic over serial connection, like telephone line.

To do this, PPP defines these three things −


 A framing method to clearly define end of one frame and start of another, incorporating
errors detection as well.
 Link control protocol (LCP) for bringing communication lines up, authenticating and
bringing them down when no longer needed.
 Network control protocol (NCP) for each network layer protocol supported by other
networks.
Using PPP, home users can avail Internet connection over telephone lines.

IP SUBNETTING
Each IP class is equipped with its own default subnet mask which bounds that IP class to have
prefixed number of Networks and prefixed number of Hosts per network. Classful IP addressing
does not provide any flexibility of having less number of Hosts per Network or more Networks
per IP Class.
CIDR or Classless Inter Domain Routing provides the flexibility of borrowing bits of Host
part of the IP address and using them as Network in Network, called Subnet. By using
subnetting, one single Class A IP address can be used to have smaller sub-networks which
provides better network management capabilities.

Class A Subnets
In Class A, only the first octet is used as Network identifier and rest of three octets are used to
be assigned to Hosts (i.e. 16777214 Hosts per Network). To make more subnet in Class A, bits
from Host part are borrowed and the subnet mask is changed accordingly.
For example, if one MSB (Most Significant Bit) is borrowed from host bits of second octet and
added to Network address, it creates two Subnets (21=2) with (223-2) 8388606 Hosts per Subnet.
The Subnet mask is changed accordingly to reflect subnetting. Given below is a list of all
possible combination of Class A subnets –

In case of subnetting too, the very first and last IP address of every subnet is used for Subnet
Number and Subnet Broadcast IP address respectively. Because these two IP addresses cannot
be assigned to hosts, sub-netting cannot be implemented by using more than 30 bits as Network
Bits, which provides less than two hosts per subnet.
Class B Subnets
By default, using Classful Networking, 14 bits are used as Network bits providing (214) 16384
Networks and (216-2) 65534 Hosts. Class B IP Addresses can be subnetted the same way as
Class A addresses, by borrowing bits from Host bits. Below is given all possible combination of
Class B subnetting −

Class C Subnets
Class C IP addresses are normally assigned to a very small size network because it can only
have 254 hosts in a network. Given below is a list of all possible combination of subnetted
Class B IP address −
4.6 Classify the two types of Internet Protocol addressing IPv4 and IPv6 and state the need
for IPv6.

IPv4 & IPv6 Q&A


Q: What is IPv4? A: IPv4 stands for Internet Protocol version 4. It is the underlying technology that
makes it possible for us to connect our devices to the web. Whenever a device access the Internet
(whether it's a PC, Mac, smart phone or other device), it is assigned a unique, numerical IP address
such as 99.48.227.227. To send data from one computer to another through the web, a data packet
must be transferred across the network containing the IP addresses of both devices.

Without IP addresses, computers would not be able to communicate and send data to each other. It's
essential to the infrastructure of the web.

Q: What is IPv6? A: IPv6 is the sixth revision to the Internet Protocol and the successor to IPv4. It
functions similarly to IPv4 in that it provides the unique, numerical IP addresses necessary for
Internet-enabled devices to communicate. However, it does sport one major difference: it utilizes
128-bit addresses. I'll explain why this is important in a moment.

Q: Why are we running out of IPv4 addresses? A: IPv4 uses 32 bits for its Internet addresses. That
means it can support 2^32 IP addresses in total — around 4.29 billion. That may seem like a lot, but
all 4.29 billion IP addresses have now been assigned to various institutions, leading to the crisis we
face today.

Q: How does IPv6 solve this problem? A: As previously stated, IPv6 utilizes 128-bit Internet
addresses. Therefore, it can support 2^128 Internet addresses —
340,282,366,920,938,000,000,000,000,000,000,000,000 of them to be exact. That's a lot of
addresses, so many that it requires a hexadecimal system to display the addresses. In other words,
there are more than enough IPv6 addresses to keep the Internet operational for a very, very long time.

4.7 Describe Internet protocol version-6 (IPv6) addressing

An IPv6 address is a 128-bit alphanumeric string that identifies an endpoint device in the
Internet Protocol Version 6 (IPv6) addressing scheme. IPv6 addresses are preferred by
professional users such as network engineers, tech companies, datacenters and mobile
carriers.

It has been a concern for some time that the IPv4 addressing scheme was running out of
potential addresses. The IPv6 format was created to enable the trillions of new IP
addresses required to connect not only an ever-greater number of computing devices but
also the rapidly expanding numbers of items with embedded connectivity. In the Internet
of Things (IoT) scenario, objects, animals and people are provided with unique
identifiers and the ability to automatically transfer data over a network without requiring
human-to-human or human-to-computer interaction.

IPv6 expands the available address space sufficiently to enable anything conceivable to
have an IP address. The number of potential IPv6 addresses has been calculated as over
340 undecillion. According to Computer History Museum docent Dick Guertin, that
number allows an IPv6 address for each atom on the surface of the planet-- with enough
left over for more than 100 more similar planets.

Format of an IPv6 address

In precise terms, an IPv6 address is 128 bits long and is arranged in eight groups, each of
which is 16 bits. Each group is expressed as four hexadecimal digits and the groups are
separated by colons.

An example of a full IPv6 address could be:

FE80:CD00:0000:0CDE:1257:0000:211E:729C

An IPv6 address is split into two parts, a network and a node component. The network
component is the first 64 bits of the address and is used for routing. The node component
is the later 64 bits and is used to identify the address of the interface. It is derived from
the physical, or MAC, address using the IEEE’s EUI-64 format.

The network node can be split even further into a block of 48 bits and a block of 16 bits.
The upper 48 bit section is used for global network addresses. The lower 16 bit section is
controlled by network administrators and is used for subnets on an internal network.

Further, the example address can be shortened as the addressing scheme allows the
omission of any leading zero as well as any sequences consisting of only zeroes. The
shortened version would look like:
FE80:CD00:0:CDE:1257:0:211E:729C

Types of IPv6 addresses

The three types of IPv6 addresses are as follows:

1. Global unicast addresses- These addresses are routable on the internet and start with
2001: as the prefix group. Global unicast addresses are the equivalent of IPv4 public
addresses.

2. Link local addresses- This is one of the two internal address types that are not routed
on the internet. Link local addresses are used inside an internal network, are self-
assigned and start with fe80: as the prefix group.

3. Unique local addresses- This is the other type of internal address that is not routed on
the internet. Unique local addresses are equivalent to the IPv4 addresses 10.0.0.0/8,
172.16.0.0/12 and 192.168.0.0/16.
Advantages and disadvantages of IPv6 addresses

Converting to an IPv6 network, and thus, IPv6 addresses can bring a variety of benefits,
including:

 More efficient routing with smaller routing tables and aggregation of prefixes.

 More simplified packet processing due to more streamlined packet headers.

 Support of multicast packet flows.

 Hosts can generate their own IP addresses.

 Eliminates the need for network address translation (NAT).

 Easier to implement services like peer-to-peer (P2P) networks, VoIP and stronger
security.
One drawback to using an IPv6 address is that IPv4 is still widely used. Communication
between IPv4 and IPv6 machines is not possible directly and requires gateway
equipment. Switching from IPv4 to IPv6 also requires a lot of technical skill, effort and
time. Additionally, IPv6 addresses are more complex, harder to read and difficult to
remember.

4.8 Wi-Fi networking standards and encryption types.


An Overview of Wireless Networking Standards and encryption standards

The wireless networking is done in the same manner all over the world. So, there is the standard
which has been fixed by the relevant authorities so that everyone can follow the same standard.
For the past many years, the standard of the 802.11 have changed so much. Now, there are the
new standards which include the 802.11a, 802.11 g, 802.11 b etc. are here. Also, with the new
standards, the new encryption types have also been introduced so pretty much of the part has
been changed. So, one should get a knowledge about them all. Here are the networking standards
and the encryptions which are available for the users;

Standards:
There are various IEEE 802.11 standards there. These are the standards which have been
maintained by the IEEE committee and they are the LAN/MAN standards. Here comes the
section of IEEE which is 802. Also, there are many wireless standards that are being changed all
the time. One can always check for the latest update at the official website of IEEE.
The standards which are being followed these days are mentioned below;

802.11 a/b/g/n:
802.11a: More than a decade ago, the first wireless standard came out which was named as the
802.11a. it works in the range of 5Ghx and one can also get special licence to get it used up to
the 3.7 GHz or even the higher power. Hence, these protocols can be used at some really large
distances. But most of the implementations are done using the 5 GHz range. The speed that this
standard uses is around 54mbit/s. it is the maximum speed speaking theoretically. When it was
introduced, many organizations got attracted towards it since it had some amazing speed. Now,
the newer version has outrun it since it has come with the more range.

802.11b: it is the new version of the version. It came out almost the same as the first one did. The
both came out at the same time. But there is something negative which is associated to it. There
are some devices which are associated to it and they use the frequencies. So while using the
802.11b, one has to be very careful else there would be too much interferences of the existing
devices.

802.11g: This is the version which has come out. It is a great upgrade to the b version and is also
works with the 2.4 GHz range. So, the range is almost the same as the range of b versions. But, it
was faster and one could get up to the 54mb/s as they did in 802.11a's time. The good part about
it was that it was made backwards compatible with the b version. So the old b device was able to
communicate with the g one. Also, one didn't have to swipe everyone's wireless adaptors. So, the
802.11g could be installed and then people were encouraged to move towards the faster speed.
Since the frequency of the 802.11g and 802.11b were the same, so the same problem which
happened to later one happened to this version as well. That is because the physics' laws cannot
be changed anywhere. If something is out there that is sending out some signals with the speed of
2.4 GHz, then it would surely conflict with signals that were being sent with the 802.11g.

802.11n: it is the one of the newest standard which has been introduced and it has the advantages
that the user gets the options to use 2 various kinds of the frequencies ranges and even both, at
the exact time. For 802.11n, there is the 2.4 GHz and 5 GHz available. Also, one can now get
lots of the throughput. The maximum speed of the 802.11n is, theoretically speaking, 600mbit/s.
hence one can observe easily that what a great improvement in speed this version has brought.
Speeds, distances and frequencies:
The type 802.11a runs at the speed of 5 GHz which can be improved to the 3.7 GHz if a special
licence is obtained. The speed is the 54Mbits per second. The area covered by it is really big.
With the special licence it can go up to the 5000 meters. The 802.11b has the 2.5 GHz
technology and it runs at the speed of 11Mbit/second. It can go only till 140 meters and the area
covered is small. The main problem here is, that there are some other frequencies which and
mess up with its frequency and hence one can face some problems using it. 802.11g is the
upgraded version and it also has the 2.4 GHz range. The seed is 54Mbit.second. The latest
version which is the 802.11n runs at the speed of 600 Mbit/second. Hence it is a great
innovation.

Encryption Types:

The truth is that if the wireless networks do not include any complex types of encryptions, then
they are somehow, useless. There is one challenge which is associated with the wireless network.
That is, that every wireless network also has the properties of the radio transmitter and the radio
receiver. Everyone can listen to what's happening and if one isn't the part of the network, he can
just turn on the radio station on his dial. To overcome such problems, the encryptions are used. It
is done in a way that if one can listen to what's happening; he cannot understand that what it is.
To do this, the each of the byte and the bit is encrypted so one can never understand the meaning.
Here are the some encryption types which are being used these days;
WEP: WEP is basically the original standard for the encryption. It stands for the wires equivalent
privacy. There are two various kinds of the encryption which were done in here. One was the
128 bit and the other was the 64 bit key. But there were some specific weaknesses which were
found with this protocol. One was able to work with all of the key streams. At the beginning of
each stream, one could find some raw data which was pretty non-random. So, by using that
information, people got enable to out all the packets together and then figure out the secret keys
for the network. Once the secret key was gained, one could have the power to know what
happening. So was, it was such a huge issue. People got to determine that what were the keys
and they could figure it out with in some minutes only by sending some packet to those wireless
networks. So, now the WEP isn't used. It is possible that it is available in one's access point. But
the new access points which are in some new wireless connections do not allow the users to even
choose this type. They don't even put it in as an option. Even if someone sees it, it is very
strongly recommended to never ever use this type of encryption.

WPA: When the problem with the WEP came to the light, then there was a very quick and large
need that arose and it demanded to have a new encryption type. It was called the WPA. Is means
the Wi-Fi Protected Access. The method which was used by WPA was called as the RC4 with
the other things called as the TKIP. The TKIP gave a new solution and each of the packets was
given a different name. Hence, some of the problems which were found in the WEP were
covered up. But it happened only for a short time. It didn't take the others long enough to figure
out another way. The security still had some flaws and there was the need to have new
encryption type.

WPA2: This one was the final replacement for the WEP. It is safe to say that it was the
replacement for the WPA as well. But since it was kind of an upgraded version of WPA, it was
named as WPA2. The methods which are used by this to encrypt the data are very difficult and
hard to figure out. Hence it provided some more security to the data that was transmitted through
one point to another. The previous version of WPA used the RC4. This version came up with the
AES. AES stands for the advance encryption standard. It works more effectively than the RC4.
Also, the TKIP was replaced as well. And instead of it, a newer protocol as introduced which
was named as the CCMP.

The WPA2 has some even newer version as well. It is known as the WPA 2 Enterprise. This is
the encryption type which is now being used by the large organizations. The method of the
access has changed here as well. Before this, one used to get connected through the pre shared
key, Also, now one cannot use the authentication which is done by the username and the
passwords. Now, there is some whole new way of accessing the network which doesn't include
the pre shared key and the network can't be accessed from home by using the authentication
username and password.

TKIP: This is the encryption protocol which is the vital part of the wireless LANS. It has been
designed to provide some secured encryption which couldn't be interpreted by anyone. It came
and fixed the problems which arise then the WEP was being used. Hence it replaced the WEP in
the WLAN products. It is like, a suit of the algorithms which work like a wrapper for the WEP
which has allowed the users having the outdate WLAN equipment's to get updated to the TKIP.
Hence they can replace without spending money on the new hardware. WEP's original
programming is used by the TKIP but the additional code has been wrapped at the beginning and
the end. Hence it has been modified. Hence this new kind of encryption can now encrypt the
each and very packet of the data. This way, the breaking into the security becomes too difficult
since one cannot make sense of the all packets and hence cannot understand the message. But,
the TKIP is only good when it comes to upgrading the security which is on the devices which
have been equipped with the WEP to begin with. It cannot answer to the security issues which
arise and are faced by the WLAN. So, it is not that reliable and efficient.

AES: This is the encryption type which is mainly used when someone wants to send some really
sensitive data through the emails. It is sued if someone wants to put some text in the encrypted
form. The result of this encryption is shown in the form of base64 which is encoded so that the
character encoding problems can be avoided. It is actually the short form of the systematic
encryption algorithm. AES has successfully been designed to become efficient and effective in
both the software's and the hardware. It can support the block having the lengths of 128 bits and
the key's length which can be supported are if 192, 256 and 128 bits.

The thing is that AES has got some strong encryption technology and it is the right choice. It is
assumed that all the devices on the work can support it. But, TKIP is strong enough and has the
tendency to be supported by the more of the equipment's available in the market once they can
save some money. But still, it is advised that AES should be the first option and TKIP is a good
option too, but always made it as the second option.

Now, one can see properly that there are many standards which have been changed and may of
the encryption types are out there in the market and the news is that in those encryption tapes,
some are not so safe. So, one should be having the knowledge about all of these so that when he
is about to select the protocol or the encryption options, he can make the best choice without any
hesitation. Also, the safes encryption and the protocol choice have to be chosen if one wants to
protect the precious data. There are the types of encryption which can save money, like TKIP,
but this money is worthless if it cannot protect the data and the data can be stolen easily.

4.9 Networking trouble shoot components

Monitoring and Troubleshooting

Network monitoring tool

Network monitoring tool is the networking tool that is used to examine usage of local area
network and provide a statistical data of uploads and downloads in a network. Monitoring tool is
usually used to monitor I/P traffic between the LAN and the internet. It is a network diagnostic
system that is used to monitor local area network and provide a statistical display of the same.
The data can be further used to improve the network efficiency. Other problems such as locating
the down server, receiving incorrect work request etc can also be removed.

Simple network management protocol

Simple network management protocol (SNMP) is based on agent/manager model. The model
consists of an agent, a manager, a database containing information about the management and
the network protocols. In SNMP the administrative computer which is more commonly called as
manager has the task of monitoring and managing a group of systems in a network. The systems
that are managed by the manager have a continuous program running known as agent, which
reports the information to the manager via SNMP. Devices such as Routers, printers, servers etc
use SNMP

WinPcap

It is a freeware which is used for direct network access under windows. WinPcap provides
architecture for network analyses and packet capturing for win32 platform. WinPcap can
facilitate: Raw packet capturing & filtering the packets according to the set of rules defined by
the user. To gather statistical data related to network traffic.

Troubleshooting
Network Troubleshooting & Problem Identification

 Trouble Shooting Network Performance Issues

a. Baseline Network Performance


b. Collect Network Device Performance metrics
c. Switch/Router CPU utilization
d. Switch/Router Memory Utilization
e. Interface/Bandwidth utilization

• Troubleshooting Bandwidth and Traffic

a. Netflow
b. Applications
c. Protocols
d. Top Talkers

Baseline Network Performance

• Baseline your Network


• Compare Current Performance

i. Against baseline
ii. Against Vendor Best Practices
iii. Against Service level Agreements

• Reference networking and equipment forums

Collect Network Device Performance Metrics

• Helps to quickly identify the source of a problem.


• Using Simple Network Management Protocol (SNMP) we can measure the performance
conditions that are specific to that device.
• You can monitor these device statistics using a commercially available network monitoring
software products.

Switch/Router CPU utilization

Common Symptoms of high CPU utilization within your Switch/router include:

• High percentages in the show process CPU command output


• Input queue drops
• Slow Performance
• Services such as Telnet, Console response, ping response or updates fail
• High buffer failures

The CPU hog message looks like this:


• SNMP-4-HIGHCPU: Process exceeds 200ms threshold (200ms IOS quantum)
for GET of rmon.19.16.0--result rmon.19.16.0

Switch/Router Memory utilization

• Refused Telnet Sessions


• The show processor memory command is displayed no matter what command you type on a
console.
• No output from some show commands
• “Low on Memory” messages
• The console message “ Unable to create EXEC- no memory or too many processes”
• Router hanging, no console response.
• Possible cause of memory failure include:

i. In Process Memory
ii. Memory Size Does not Support Cisco IOS Software image
iii. Memory leak bug
iv. Large Quantum of Memory used for Normal or Abnormal Processes
v. Memory fragmentation problem or bug
vi. Memory Allocation failure at process = <interrupt level>

• In Packet Memory

i. Not enough shared memory for the interfaces


ii. Buffer leak Bug
iii. Router Running Low on Fast Memory

• Interface/Bandwidth utilization

i. Monitor the overall bandwidth utilization to determine problems


ii. Open source or free tools simplify the process of gathering bandwidth
utilization data and present it in an easy-to-consume graphical format.
iii. Solar Winds free Real-Time Bandwidth Analyzer is a commercially developed
free tool that displays network device interface utilization.

Troubleshooting Bandwidth and Traffic

Bandwidth monitoring and traffic analysis helps to identify the network needs and uses of servers and
their hosted applications and also delivers hard data that objectively verifies the ability of the network
to meet Service Level Agreements(SLAs).

Traditional Packet-based monitoring tools enable peering into individual packets to determine their
contents, the transactions between systems, and the details of communications being passed along that
network.

Flow Analysis provides insight into the flow traffic within the network, specifically the who and what
of traffic consumption.

To help you understand the differences in perspective here, let’s take a look at common ways used to
measure traffic on a network:

Protocol Analyzers

i. Analyzes conversations between devices on the network.


ii. Gives detail view of individual transactions between two devices and the specific
data being transferred between them.

Hardware Probes and distributed analyzers


i. Can be positioned all across the network for the gathering of information and it
provides the whole-system perspective

Traffic flow Analyzers

ii. Leverages the data flow capture capabilities of the network devices.

• Netflow
iii. Netflow is a network traffic monitor protocol developed by Cisco Systems for
collecting IP traffic information.

• Applications
iv. Applications on network that consume more than its fare share of network
bandwidth.

• Protocols
v. Unlike packet based tools flow analysis tools helps identify:

a. Source
b. Destination
c. Protocol of Streams across the network

vi. It crafts the effective network policies to stream protocols while preventing the
ones that negatively impact the network functionality

• Top talkers
vii. The top talkers feature of NetFlow can be useful for analyzing and
troubleshooting network traffic in any one of the following ways:

a. Security by Viewing a list of top talkers to see if traffic


patterns are consistent with Denial of Service (Dos
Attacks)
b. Load balancing through the identification of the most
heavily used parts of your network.
c. General traffic Study and planning for your network

4.12 Preparation of straight and cross cable


5 STEP 1: Choose the right cable…
1. To Connect PC to PC à Cross Cable.

2. To Connect PC to HUB/SWITCH/ROUTER à Straight Cable.


3. To Connect HUB/SWITCH/ROUTER to HUB/SWITCH/ROUTER àStraight
Cable

STEP 2: Understanding CAT 5 Cables…

Wires: CAT 5 Cable has 4 pairs of copper wire inside it.

Colors: Standard cables has BROWN, BROWN WHITE, GREEN, GREEN-


WHITE, BLUE, BLUE WHITE, ORANGE, ORANGE WHITE.

STEP 3: Making Straight Cable…

Nomenclature: let us first give a number scheme for cabling which we will
follow throughout this tuto. BROWN (8), BROWN WHITE (7),
GREEN (6), GREEN WHITE (3), BLUE (4), BLUE WHITE (5),
ORANGE (2), ORANGE WHITE (1)

Requirements: Two RJ45 Connectors, Crimping tool & CAT 5 cable of desired
length(less than 250 meters).

STEP 3.1:

There are two standards adopted for Cabling EIA/TIA 568A & EIA/TIA 568B.

When you use single standard (either EIA/TIA 568A or EIA/TIA 568B) on both the end of cable then the resulting cable
is STRAIGHT CABLE.

On the other hand if you use different cabling standard on the ends of cable then the resulting cable is CROSS CABLE

I’ll use EIA/TIA 568B standard for creating cross and straight cable

The figure below very well define the EIA/TIA 568B standard…

1. Remove the covering of CAT 5 cable.


2. Straighten the eight wires of the cable.
3. Using Crimping tool’s cutter cut the end of wires so that they are of same length
4. Arrange the wire in order 1, 2, 3, 4, 5, 6, 7 & 8 respectively as I have mention or as shown in the diagram.
5. Insert the arranged cable in the RJ45 connector with clip pointing down exactly as shown in the figure.
6. In crimping tool insert the head of RJ45 connector and crimp (press) it hardly.
7. Follow same step with same color order for the other end of cable too.
8. The wire you made by following these steps is a STRAIGHT cable.

STEP 4: Making CROSS Cable…

Of the Eight wires in Cat 5 not all are used for data transfer when using 100Mbps Ethernet card. Only 2 pairs of cable are
used i.e. 2 wire for transmitting signal and two wires for receiving signal. So now you can guess why we have to make
CROSS CABLE for connecting same kind of devices. Because if use same color coding on both the side than transmitter of
one m/c will send data to transmitter of another and data packets will lost, so we have to change wiring code so that
transmitter of one connects to reciver of other and vice-versa.
Steps 1 to 6 are same as for STRAIGHT through cables
7. Only difference is in color coding of other side of wire.
8. Wire that is on 1st number on A-side (one end) should be on 3rd number on B-
side (other side) & vice-versa.
9. Wire that is on 2st number on A-side (one end) should be on 6rd number on B-
side (other side) & vice versa.
10. Now Crimp the RJ45 connector.
11. Your CROSS wire is completed.

4.13 Establishing a Local Area Network

1. ____ Setup a physical LAN

a) First, determine which cables are necessary for the available hardware
b) Insert one end of the cable into the Hub/Switch and the other end of the
cable into the host computer.
c) Connect all host computers to the Hub/Switch as in the figure below

192.168.1.1 192.168.1.2 192.168.1.3

1 2 3

HUB/Switch

………………………………………………………………………………………………
2. ____ Host set-up (e.g. IP address and netmask) using ifconfig

a. ifconfig command usage for this part of the lab will be to configure network interface devices.
This includes adding the IP address and the netmask for the host.

b. Boot each host machine and log on with your user-name.

c. Open a new terminal on each host and log on as root.

$ su -

# password

d. Check network interface settings using ifconfig

# ifconfig –a

e. Verify that eth0 exists on each host by checking the output from above

f. Set the ethernet interface at each host using ifconfig

This will assign an ip address and network mask to the host. The following is a sample.

For host 1: # ifconfig eth0 192.168.1.1 netmask 255.255.255.0

g. Verify communication among the machines by using the ping command.

On host 1 ping the other two hosts.

# ping 192.168.1.2

--------output------
# ping 192.168.1.3

--------output------

On host A run traceroute to the other hosts

#traceroute 192.168.1.2

---------output---------

#traceroute 192.168.1.3

---------output---------

h. Changes using ifconfig at this point are not permanent and will be lost on reboot. To
make the configuration effective on reboot you need to edit the file
/etc/sysconfig/networks-scripts/ifcfg-eth0 to have the following settings.

# contents of ifcfg-eth0

DEVICE = eth0

BROADCAST = 192.168.1.255

IPADDR = 192.168.1.1

NETMASK = 255.255.255.0

NETWORK = 192.168.1.0

ONBOOT = yes

BOOTPROTO = none

i. Check that the network script has been added to the default init levels.

# chkconfig --list

j. If the network script is not on add it using chkconfig. This command adds the network
script to the current run level.
# chkconfig --add network

3. ____ Manipulate routing tables using route

a. The route command is used to look at the hosts routing table and can be used to add or delete
routes from the table. It has the following syntax:

route add|del –net|-host target [gateway] [metric] [device]

route manipulates the kernel's IP routing table. Its primary use is to set up static routes to specific
hosts or networks via an interface after it has been configured with the ifconfig command. The
command route with no arguments displays the routing table.

b. After the steps from part 2 the route to the network 192.168.1.0 will be in the routing
table. Verify the network is in the routing table using the route command.

# route

---output---

a. To illustrate the use and functionality of the command route, we will delete an entry and
add an entry to the table. Delete the network 192.168.1.0 using the route command.
# route del –net 192.168.1.0 netmask 255.255.255.0

b. Check the routing table and verify that the network has been removed from the routing
table.
# route

c. Verify the deleted network is no longer reachable.


# ping 192.168.1.3

d. Add individual hosts to the routing table to allow communication.


# route add –host 192.168.1.2 dev eth0

# route add –host 192.168.1.3 dev eth0

e. Verify these hosts are in the routing table.


# route

f. Use the ping command to verify communication among the machines has been restored.
# ping 192.168.1.2

# ping 192.168.1.3

g. Notice the machines were reachable when either the network or the individual host was in
the routing table. Note also that the exercise manipulating the routing table was
unnecessary since the ifconfig command places the network in the routing table for us.
UNIT-5

Windows-2012 server administration

5.1 Need for System Administration

A system administrator, or sysadmin, is a person who is responsible for the upkeep, configuration, and
reliable operation of computer systems; especially multi-user computers, such as servers. The system
administrator seeks to ensure that the uptime, performance, resources, and security of the computers they
manage meet the needs of the users, without exceeding a set budget when doing so.
To meet these needs, a system administrator may acquire, install, or upgrade computer components and
software; provide routine automation; maintain security policies; troubleshoot; train or supervise staff; or
offer technical support for projects.

5.2 responsibilities of administrator

A system administrator's responsibilities might include:

 Analyzing system logs and identifying potential issues with computer systems.
 Applying operating system updates, patches, and configuration changes.
 Installing and configuring new hardware and software.
 Adding, removing, or updating user account information, resetting passwords, etc.
 Answering technical queries and assisting users.
 Responsibility for security.
 Responsibility for documenting the configuration of the system.
 Troubleshooting any reported problems.
 System performance tuning.
 Ensuring that the network infrastructure is up and running.
 Configuring, adding, and deleting file systems.
 Ensuring parity between dev, test and production environments.
 Training users
 Plan and manage the machine room environment

5.3 Analyze the Installation & Configuration of Windows 2012 Server


System Requirements Although most of the servers nowadays probably have the necessary
requirements for Windows Server 2012. It will certainly be useful to know them in case you
want to upgrade from an older system. The main requirements are: CPU socket minimum 1.4
GHz (64-bit processor) or faster for single core and
 Microsoft recommends is 3.1 GHz (64-bit processor) or faster multi-core. RAM memory
minimum is 2GB, but Microsoft recommends 8GB.
 160 GB hard disk with a 60 GB system partition space in your hard disk.
 One important thing to note here is that the installation process itself will verify your computer
hardware and let you know if it qualifies for a Windows Server 2012 installation. If not, then you
will need to upgrade your hardware.
Installation The following steps are to be adhered for the installation of Windows Server 2012.
Step 1: We can download the evaluation ISO of Windows Server 2012 R2 from the following
link:
https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2012-r2
But you will need to sign in first with a Microsoft account like Hotmail for example in order to
complete the download and the good thing is that the evaluation period will last for 180 days, so
you will have enough time to know if it will be the right product for you or not.
At the end, if you decide to buy the license of your Windows server 2012 R2. You can purchase
it online via a Microsoft online store found
http://www.microsoftstore.com/store/msusa/en_US/list/WindowsServer/categoryID.70676900?ic
id=BusinessR_Software_80_Windows_Server_112315
For the Enterprise solution, I would recommend to purchase it via a Microsoft partner that is
found in your country.

Step 2: After downloading the ISO of Microsoft, create a boot USB driver which can be created
with the Microsoft tool called Windows USB/DVD Download Tool and can be downloaded
from the following link:
https://www.microsoft.com/en-us/download/windows-usb-dvd-download-tool
After downloading the EXE file, open it and select the ISO file location and then click next like
in the following screenshot, and wait up to the end when the Boot USB is created.
Step 3: After completing the above given steps, plug-in the USB to the server and wait for a
while till it loads the files. This will continue for about a couple of minutes as shown in the
following screenshot.

Step 4: After the files are loaded, you will see the screen of language settings of installation,
keyboard, time and currency format. Generally, all the default ones are also good enough to start
with. Click Next.
Step 5: Click “Install now”.

Step 6: Once you have clicked on Install Now, the setup will start and it will load all the files
and the screen will look as shown in the following screenshot. Windows Server 2012 7
Step 7: Wait until the files are loaded and then you will see the following screen. Let’s select
Windows Server 2012 DataCenter Evaluation (Server with GUI) and click Next.

Step 8: Click “I accept the license terms” and then click on the Next button as shown in the
following screenshot. Windows Server 2012
Step 9: The following screen will appear. In “Driver Options” you can create a new partition,
delete or format the Hard disk. After you have done this process then you can select the partition
where the Windows server 2012 R2 will be installed in our case we have one partition. Once all
this is done, then click on Next. Windows Server 2012

Step 10: Let’s wait until this process finishes during this time and then the server will reboot.
Step 11: Once the reboot is done the following screen will appear. Set the password for the
server and then click on “Finish”. Windows Server 2012 10
Step 12: It will take some minutes until the setup finishes completely. Step 13: Once all this is
done, you have completed the installation process and the following screen will appear.
Congratulations…
5.4 Installation and configuration of Active directory with DNS

Install Active Directory

Use the following steps to install Active Directory on the server:

1. Open the Server Manager from the task bar.


2. From the Server Manager dashboard, select Add roles and features.
The Roles and Features Wizard launches. This wizard enables you to make modifications to the Windows
Server 2012 instance.

3. On the Installation Type screen, select Role-based or features-based and click Next.

Note: Roles represent the major feature sets of the server, such as Internet Information Services (IIS).
Features provide additional functionality for a given role.
4. By default, the current server is selected. Click Next.
5. On the Server Roles screen, select the check box next to Active Directory Domain Services.
A notice displays that explains that you must also install additional roles, services, or features in order to
install Domain Services. These additional capabilities include certificate services, federation services,
lightweight directory services, and rights management.

To select additional capabilities, click Add Features.


6. On the Select features screen, select the check boxes next to the features that you want to install during the
AD DS installation process and click Next.
7. Review the information on the AD DS tab, then click Next.
8. Review the information on the Confirm installation selections screen, then click Install.

Note: Information on the progress of the installation displays. After the installation is complete, the AD DS
role displays on the Server Manager landing page.
Start the remote registry service

Before you can promote the server to domain controller, you must start the remote registry service by using the
following steps:

1. Click Start > Control Panel.


2. Under Services, right-click Remote Registry and open the Properties menu.
3. From the Startup type: drop-down menu, select Automatic.
4. Under Service Status, select Start.
The remote registry service starts.

Configure Active Directory

After you have installed the AD DS role, you must configure the server for your domain by using the
following steps:

1. From the task bar, click Open the Server Manager.


2. Select the yellow notifications icon in the top navigation bar of the Server Manager window.

The Notifications Pane opens and displays a Post-deployment Configuration notification. Click
the Promote this server to a domain controller link that appears in the notification.
3. From the Deployment Configuration tab, select Radial options > Add a new forest. Enter your root
domain name in the Root domain name field and click Next.
4. Select a Domain and a Forest functional level.

Note: These selections affect features and server domain controller eligibility. For further information on
domains and forest functional levels, see the official Microsoft documentation.
Enter a password for Directory Services Restore Mode (DSRM) in the Password field.

Note: The DSRM password is used when booting the Domain Controller into recovery mode.
5. Review the warning on the DNS Options tab and select Next.
6. Confirm or enter a NetBIOS name and click Next.
7. Specify the locations of the Database, Log files, and SYSVOL folders, then click Next.
8. Review the configuration options and click Next.
9. The system checks if all of the necessary prerequisites are installed on the system. If the system passes
these checks, click Install.

Note: The server automatically reboots after the installation is complete.


10. After the server reboots, reconnect to it by using Microsoft Remote Desktop Protocol (RDP).

5.5 Discuss User & Group Managements

Accessing Local Users and Groups


1. From the Server 2012 Start screen, press Windows Key + X. This will open a context menu.

2. Select Computer Management from the context menu. This will open the Computer
Management window.
3. Select Local Users and Groups from the navigation tree to the left of the Computer
Management window. At this stage you can double click Users in the context window, or click
the arrow icon next to Local Users and Groups to reveal the Users and Groups sub categories.

4. To add additional users, right-click on Users and select "New User...". This option is also
available from the "Action" menu at the top of the window. At this stage you can add as many
user accounts as your deployment requires, and manage accounts that have already been
created.

5.6 Know about Share Permissions for files and folders

NTFS (New Technology File System) permissions can be applied to files, folders and drives
formatted with NTFS file system. NTFS permissions are same since the release of Windows
Server 2000. NTFS permissions control the access of files and folders in NTFS formatted
partition. NTFS permissions once applied is effective for both network users and local users. In
this post, I will explain Server 2012 NTFS file and folder permissions. Two important rules of
NTFS permission are: –
1. By default, the permissions are inherited from parent folder. But if you define the file or
folder permission explicitly, the explicit permission takes precedence over those that are
inherited from parent folder.
2. If the folder have conflicting NTFS permission, deny permission will override conflicting
permission. For example, a user is explicitly denied to access a folder called Marketing.
The user is also a member of Marketing group and the Marketing group has
explicit allow NTFS permission. In this case, the user will be denied to access the folder
because deny permission will override conflicting allow permissions.
NTFS permission will apply in the following order if there is conflict: –
 Explicit Deny
 Explicit Allow
 Inherited Deny
 Inherited Allow

Server 2012 NTFS File and Folder Permissions


To configure NTFS permission for folder or file, open the properties of the object. Then
select Security tab. Under Group or user names, select or add user or group.
Under permissions, allow or deny permissions. There are two types of NTFS permission,
standard and advanced. Those permissions displayed under permissions area in Test folder
properties is standard NTFS permissions.
Advanced permission is configured by clicking the Advanced button under permissions area.
You can add new user or groups to apply NTFS settings. You can select the user or group and
click Edit to configure advanced NTFS permission settings.
You will see following windows after clicking Edit option by selecting the object. Configure some advanced
NTFS permissions and click OK to apply the permission.

Select the auditing tab in advanced NTFS settings window. This option allows you to logs success or failure
of folder access by users or groups. Click Add to configure the setting.
You will see following screen as shown below after clicking Add button. Click select a principal to
configure auditing option for user or group. On type, select All to log both success and failure of the folder
access by the user AJones. Click OK to apply the settings.
Now let’s play with Effective access option. Effective access is a very quick and handy method to test or
check the NTFS permission of user or group for accessing files and folders. Click Effective Access tab on
advanced NTFS permission window. Here, you can test the permission effects for each user or group. To
check the effective permission for user AJones, click select a user and add user AJones. Then click View
effective access. You can see the effective access of user AJones for this Test folder. Here, user AJones
doesn’t have full control of the folder, but the user can read and list items of the folder.

This is how you configure NTFS permission in files, folders or drives. NTFS permission and share permissions
are different entity. Shared folder permission is only effective while accessing the file or folder from network.
But NTFS permission is effective in both case, whether local or network access of a file or folder.

5.7 Analyze the working of Device Manager


Windows Device Manager is used to list hardware and software devices in the current
system. Device Manager also used to check drivers, firmware and configuration of the
devices. In this tutorial, we will learn how to open and list hardware information with
Device Manager on Windows XP, Windows ME, Windows Vista, Windows 7, Windows
8, Windows 10, Windows Server 2003, Windows Server 2008, Windows Server 2012,
Windows Server 2016, Windows Server 2019.
There are plenty of ways of opening the Windows Device Manager. We will look at the
most useful and practical of them.

Open From Start Menu

Start menu provides a lot of useful functionality. We can open Device Manager from
the start menu. We will just type the Device Manager to the start menu where the
matched programs will be listed.

Open From Start Menu

This will work for all different versions without problem.

Open From Control Panel


Control Panel provides access to the Administrative tools like Keyboard, Mouse, User Accounts etc. We
can also access to the Device Manager from Control Panel like below.
Open From Control Panel
Open from MS-DOS Command Line with devmgmt.msc

MS-DOS Command line seems a nightmare for most of the users. But MS-DOS provides very useful and
practical shortcuts for regular jobs like opening Device Manager. We can use devmgmt.msc command in
order to open Device Manager like below.
> devmgmt.msc
Open From MS-DOS Command Line

Open From PowerShell

PowerShell is the new way to manage Windows systems from command line. It provides
a lot more than MS-DOS. We can use most of the MS-DOS commands from PowerShell
so we can use devmgmt.msc command in order to open Device Manager.
PS> devmgmt.msc
Open From Power Shell

Open From Run Dialog Box

We can also open Device Manager from Run Dialog Box. Run Dialog box execute given command in the
command line. So we will use devmgmt.msc in order to open Device Manager from Run Dialog Box.

Open From Run Dialog Box


Open From Computer Management Console

Computer Management Console is used to manage core Windows components. We can also use the
Computer Management Console in order to open Device Manager. Device Manager will be opened inside
Computer Management windows like below.

Open From Computer Management Console

5.8 Drivers Signing & Signature


5.9 analyze Verification & Managing Ports

System services ports

This section provides a description of each system service, includes the logical name that
corresponds to the system service, and displays the ports and the protocols that each service requires.

Click the name of a system service in the following list to see the description:

1. Active Directory (Local Security Authority)

Application protocol Protocol Ports


Active Directory Web Services (ADWS) TCP 9389
Active Directory Management Gateway Service TCP 9389
Global Catalog TCP 3269
Global Catalog TCP 3268
ICMP No port number
LDAP Server TCP 389
LDAP Server UDP 389
LDAP SSL TCP 636
IPsec ISAKMP UDP 500
NAT-T UDP 4500
RPC TCP 135
1024 - 5000
RPC randomly allocated high TCP ports¹ TCP
49152 - 65535²
SMB TCP 445

2. Application Layer Gateway Service


System service name: ALG
Application protocol Protocol Ports
FTP control TCP 21

3. ASP.NET State Service

System service name: aspnet_state


Application protocol Protocol Ports
ASP.NET Session State TCP 42424

4. Certificate Services

System service name: CertSvc


Application protocol Protocol Ports
RPC TCP 135
SMB TCP 445, 139
random port number between 1024 - 65535
Randomly allocated high TCP
TCP random port number between 49152 -
ports¹
65535²

5. Cluster Service
System service name: ClusSvc
Application Protocol Ports
UDP and
Cluster Service 3343
DTLS1
3343 (This port is required during a node join
Cluster Service TCP
operation.)
RPC TCP 135
Cluster Administrator UDP 137
Random port number between 1024 and
Randomly allocated high UDP 65535
UDP
ports2 Random port number between 49152 and
655353

6. Computer Browser

System service name: Browser


Application protocol Protocol Ports
NetBIOS Datagram Service UDP 138
NetBIOS Name Resolution UDP 137
NetBIOS Session Service TCP 139

7. DHCP Server

System service name: DHCPServer


Application protocol Protocol Ports
DHCP Server UDP 67
MADCAP UDP 2535
DHCP Failover TCP 647

8. Distributed File System Namespaces

System service name: Dfs


Application protocol Protocol Ports
NetBIOS Datagram Service UDP 138³
NetBIOS Session Service TCP 139³
LDAP Server TCP 389
LDAP Server UDP 389
SMB TCP 445
RPC TCP 135
random port number between 1024 - 65535
Randomly allocated high TCP
TCP random port number between 49152 -
ports¹
65535²

9. Distributed File System Replication

System service name: DFSR


Application protocol Protocol Ports
RPC TCP 135
RPC TCP 5722³
random port number between 1024 - 65535
Randomly allocated high TCP
TCP random port number between 49152 -
ports¹
65535²

10. Distributed Link Tracking Server

System service name: TrkSvr


Application protocol Protocol Ports
RPC TCP 135
random port number between 1024 - 65535
Randomly allocated high TCP
TCP random port number between 49152 -
ports¹
65535²

11. Distributed Transaction Coordinator

System service name: MSDTC


Application protocol Protocol Ports
RPC TCP 135
random port number between 1024 - 65535
Randomly allocated high TCP
TCP random port number between 49152 -
ports¹
65535²

12. DNS Server

System service name:


DNS

Application protocol Protocol Ports

DNS UDP 53

DNS TCP 53

13. Event Log

System service name: Eventlog


Application protocol Protocol Ports
RPC/named pipes (NP) TCP 139
RPC/NP TCP 445
RPC/NP UDP 137
RPC/NP UDP 138

14. Fax Service

System service name: Fax


Application protocol Protocol Ports
NetBIOS Session Service TCP 139
SMB TCP 445
RPC TCP 135
random port number between 1024 - 65535
Randomly allocated high TCP
TCP random port number between 49152 -
ports¹
65535²
15. File Replication

System service name: NtFrs


Application protocol Protocol Ports
RPC TCP 135
random port number between 1024 - 65535
Randomly allocated high TCP
TCP random port number between 49152 -
ports¹
65535²

16. FTP Publishing Service

System service name: MSFTPSVC


Application protocol Protocol Ports
FTP control TCP 21
FTP default data TCP 20
random port number between 1024 - 65535
Randomly allocated high TCP
TCP random port number between 49152 -
ports
65535¹

17. Group Policy

System service name: Group Policy


Application protocol Protocol Ports
random port number between 1024 - 65535
DCOM ¹ TCP + UDP
random port number between 49152 - 65535²
ICMP (ping) ³ ICMP
LDAP TCP 389
SMB TCP 445
135
RPC ¹ TCP random port number between 1024 - 65535
random port number between 49152 - 65535 ²
18. HTTP SSL

System service name: HTTPFilter


Application protocol Protocol Ports
HTTPS TCP 443

19. Hyper-V service

Hyper-V replica
Application protocol Protocol Port
WMI TCP 135
Random port number between 49152 and
Randomly allocated high TCP ports TCP
65535
Kerberos authentication (HTTP) TCP 80
Certificate-based authentication
TCP 443
(HTTPS)

Hyper-V live migration

Application protocol Protocol Port

Live migration TCP 6600

SMB TCP 445

Cluster Service traffic UDP 3343

20. Internet Authentication Service

Hyper-V live migration

Application protocol Protocol Port

Live migration TCP 6600


SMB TCP 445

Cluster Service traffic UDP 3343

20. Internet Authentication Service

System service name: IAS


Application protocol Protocol Ports
Legacy RADIUS UDP 1645
Legacy RADIUS UDP 1646
RADIUS Accounting UDP 1813
RADIUS Authentication UDP 1812

21. Internet Connection Firewall (ICF)/Internet Connection Sharing

System service name:


SharedAccess

Application protocol Protocol Ports

DHCP Server UDP 67

DNS UDP 53

DNS TCP 53

22. IPAM

The IP Address Management (IPAM) client UI communicates with the IPAM server to perform
remote management. This is done by using the Windows Communications Framework (WCF),
which uses TCP as the transport protocol. By default, the TCP binding is performed on port 48885 on
the IPAM server.

BranchCache information

 Port 3702 (UDP) is used to discover the availability of cached content on a client.
 Port 80 (TCP) is used to serve content to requesting clients.
 Port 443 (TCP) is the default port that is used by the hosted cache to accept incoming client
offers for content.

23. ISA/TMG Server

Application protocol Protocol Ports


Configuration Storage (domain) TCP 2171 (note 1)
Configuration Storage (replication) TCP 2173 (note 1)
Configuration Storage (workgroup) TCP 2172 (note 1)
Firewall Client Application TCP/UDP 1025-65535 (note 2)
Firewall Client Control Channel TCP/UDP 1745 (note 3)
Firewall Control Channel TCP 3847 (note 1)
RPC TCP 135 (note 6)
random port number between 1024 - 65535
Randomly allocated high TCP ports
TCP random port number between 10000 - 65535
(note 6)
(note 7)
Web Management TCP 2175 (note 1, 4)
Web Proxy Client TCP 8080 (note 5)

24. Kerberos Key Distribution Center

System service name:


kdc
Application protocol Protocol Ports
Kerberos TCP 88
Kerberos UDP 88
Kerberos Password V5 UDP 464
Kerberos Password V5 TCP 464
DC Locator UDP 389
25. License Logging

System service name:


LicenseService
Application protocol Protocol Ports
NetBIOS Datagram Service UDP 138
NetBIOS Session Service TCP 139
SMB TCP 445

26. Message Queuing

System service name: MSMQ


Application protocol Protocol Ports
MSMQ TCP 1801
MSMQ UDP 1801
MSMQ-DCs TCP 2101
MSMQ-Mgmt TCP 2107
MSMQ-Ping UDP 3527
MSMQ-RPC TCP 2105
MSMQ-RPC TCP 2103
RPC TCP 135

27. Microsoft Exchange MTA Stacks

System service name: MSExchangeMTA


Application protocol Protocol Ports
X.400 TCP 102

28. Microsoft POP3 Service

System service name: POP3SVC


Application protocol Protocol Ports
POP3 TCP 110

29. Net Logon

System service name: Netlogon


Application protocol Protocol Ports
NetBIOS Datagram Service UDP 138 ³
NetBIOS Name Resolution UDP 137 ³
NetBIOS Session Service TCP 139 ³
SMB TCP 445
LDAP UDP 389
135, random port number between 1024 - 65535
RPC¹ TCP
135, random port number between 49152 - 65535²

30. NetMeeting Remote Desktop Sharing

System service name: mnmsrvc


Application protocol Protocol Ports
Terminal Services TCP 3389

31. Network News Transfer Protocol (NNTP)

System service name:


NNTPSVC
Application protocol Protocol Ports
NNTP TCP 119
NNTP over SSL TCP 563

5.10 Installation and configuration of DHCP


As you know Dynamic Host Configuration Protocol (DHCP) is commonly implemented
network services in today’s network environments. DHCP is primarily used to automatically
distribute IP configuration settings to network clients, eliminating manually configuring hosts
on TCP/IP-based networks.
To Install DHCP role, you will have to follow the steps given below.
Step 1 − Go to “Server Manager” → Manage → Add Roles and Features.

Step 2 − Click Next.


Step 3 − Select the Role-based or feature-based installation option → click Next.

Step 4 − We will install a Local DHCP Role as it will Select a server from the Server Pool →
then click Next.

Step 5 − From the Roles lists, check the DHCP Server role → click Add Features on the
popup windows as shown in the following screenshots.
Step 6 − Click Next.
Step 7 − Click Next.

Step 8 − Click Install.


Step 9 − Click Close.
Post-deployment Configuration
In this section, we will see how to do the post-deployment configuration of the DHCP. Please
follow the steps given below.
Step 1 − Click on the warning icon and then click on “Complete DHCP Configuration”.

Step 2 − Click Next.


Step 3 − Select a domain user account that has permissions to create objects in the Net Services
container in Active directory or a domain admin account → click Next.
Step 4 − Click Close.

Scope Implementation of DHCP


Now we have to configure the service to make it useful for the computers. To do this, we need
to follow the steps given below.
Step 1 − Server Manager screen → Tools → DHCP.

Step 2 − Right-click on the DHCP Server → then click on “Add/Remove Bindings… “


Step 3 − Ensure the static IP address of the server should appear as shown in the following
screenshot.
Step 4 − Right-click on IPv4 → Select “New Scope”.

Step 5 − Click “Next”.


Step 6 − Enter Scope Name and description as shown in the following screenshot and then →
Next.

Step 7 − Enter the Start and End IP address, the Subnet mask, leave the Length as default “24”
for class C subnet → click Next.
Step 8 − Enter your IP range in the exclusion list. If you have devices on the network that
require static IP address and also ensure that the excluded range falls with the Start and End
range earlier specified, then → click Next.

Step 9 − Enter the desired lease duration for the assigned IP’s or leave as default → then click
Next.
Step 10 − Select → Yes, I want to configure these options now to configure the DHCP
options for the new scope → then click on Next.

Step 11 − Enter the default gateway which is the IP of your Router → then click Next.
Step 12 − Add DNS IP → click Next (we can put Google DNS or if it is a Domain environment
you can put the DC IP there) then click → Next.

Step 13 − Specify your WINS Server if any and then click → Next.
Step 14 − Select Yes, I want to activate this scope now option to activate the scope
immediately and then click → Next.

Step 15 − Click Finish.


5.11 , DFS

What Is DFS?

Normally for domain users, to access a file share, they might use Universal Naming Convention (UNC) name
to access the shared folder content.

Many large company have 100 of file servers that are dispersed geographically throughout an organization.

This is very challenging for users who are trying to find and access files efficiently.

So by using a namespace, DFS can simplify the UNC folder structure. In addition, DFS can replicate the
virtual namespace and the shared folders to multiple servers within the organization. This can ensure that the
shares are located as close as possible to users, thereby providing an additional benefit of fault tolerance for
the network shares.

Orait, that’s a just a bit of DFS introduction, for more information, please do refer
to http://technet.microsoft.com/en-us/library/jj127250.aspx, or for those who interested to “feel” the hands-on
on the DFS, please do join my Server 2012 training, please refer to my website for more information
: http://compextrg.com/

So, enough said, lets get started with our DFS deployment.

** as usual, for this DFS demo, I’m using 3 server 2012 (DC01, SVR01, COMSYS-RODC01) and Window
Client (Surface01).
** I will install DFS into SVR01 and COMSYS-RODC01 Server

1 – Always be aware that to deploy DFS you need 2 Servers so that the Folder will replicate each other, so I
will install DFS into SVR01 and COMSYS-RODC01 server, you can install DFS simultaneously.

To install DFS in Svr01 server, open Server Manager, on the Dashboard click Add Roles and Features…

2 – In the Before you begin box, click Next…


3 – On the Select installation type box, click Next to proceed (make sure Role-based or feature-based installation is
selected)…

4 – On the Select destination server box, click Next to proceed…


5 – On the Select server roles page, expand File and Storage Services, expand File and iSCSI Services, and then
select the DFS Namespaces check box, in the Add Roles and Features pop-up box, click Add Features…

6 – Next, make sure you select the DFS Replication check box, and then only click next to proceed…
7 – Next, on the Select features box, click Next…

8 – On the Confirm installation selections box, click Install…


9 – Wait for few minutes for the installation to complete and when the installation completes, click close…
** As I mentioned previously, you need to install DFS in another server also which is in my demo is a COMSYS-
RODC01 server…

** Once you confirm both of the Server has been installed with DFS, please proceed with DFS namespace
configuration.

10 – 1st, open DFS Management from Server Manager…


11 – Next, on the DFS console, right-click Namespaces, and then click New Namespace (A namespace is a
virtual view of shared folders in your server)…

12 – In the New Namespace Wizard, on the Namespace Server page, under Server, type svr01, and then click
Next…
13 – Next, on the Namespace Name and Settings box, under Name, type MarketingDocs, and then click Edit
Settings…

14 – In the Edit Settings box, under Local Path of shared folder: type C:\DFSRoots\MarketingDocs and select
Administrator have full access; other users have read and write permissions, then click OK…
15 – Next, on the Namespace Type box, verify that Domain-based namespace is selected. Take note that the
namespace will be accessed by \\comsys.local\MarketingDocs, ensure also that the Enable Windows Server 2008
mode check box is selected, and then click Next…

16 – On the Review Settings and Create Namespace page, click Create…


17 – On the Confirmation box, verify that the Create namespace task is successful, and then click Close…

18 – Next, you need to enable access-based enumeration for the MarketingDocs namespace.

To do so, under Namespaces, right-click \\comsys.local\MarketingDocs, and then click Properties…


19 – In the \\comsys.local\MarketingDocs Properties box, click the Advanced tab, then select the Enable access-
based enumeration for this namespace check box, and then click OK…

20 – Next, let’s add the Brochures folder to the MarketingDocs namespace…


To do that, right-click \\comsys.local\MarketingDocs , and then click New Folder…

21 – In the New Folder box, under Name, type Brochures then click Add…

22 – In the Add Folder Target dialog box, type \\comsys-rodc01\Brochures, and then click OK…
23 – In the Warning box, click Yes…

24 – In the Create Share box, in the Local path of shared folder box, type C:\MarketingDocs\Brochures, and
select Administrator have full access; other users have read and write permissions, then click OK…
25 – In the Warning box, click Yes to proceed…

26 – Click OK again to close the New Folder dialog box…


27 – Next, I want to add the OnlineAdvert folder to the MarketingDocs namespace, so to do that, right-click
\\comsys.local\MarketingDocs, and click New Folder, then In the New Folder box, under Name, type
OnlineAdvert, and then, click Add…

28 – In the Add Folder Target box, type \\svr01\OnlineAdvert, and then click OK…
29 -In the Warning box, click Yes to create OnlineAdvert folder…

30 – Next, in the Create Share box, in the Local path of shared folder box,
type C:\MarketingDocs\OnlineAdvert, make sure also you select Administrator have full access; other users have
read and write permissions, then click OK…
31 – In the Warning box, click Yes…
32 – Click OK again to close the New Folder dialog box (verify that \\svr0\OnlineAdvert is listed) and
also Brochures and OnlineAdvert folder is listed under \\comsys.local\MarketingDocs namespaces…
33 – Now lets verify our MarketingDocs namespace and its folder can be access using UNC, open RUN and
type \\comsys.local\MarketingDocs, then in the MarketingDocs window, verify that both Brochures
and OnlineAdvert is display.

34 – Now is the the second important task which is to configure DFS replication (DFS-R), but before that, why
don’t we to create another folder target for Brochures…

Right-click Brochures, and then click Add Folder Target…


35 – In the New Folder Target box, under Path to folder target, type \\svr01\Brochures, and then click OK…
36 – In the Warning box, click Yes to create the shared folder on svr01 server…

37 – Next, in the Create Share box, under Local path of shared folder, type C:\MarketingDocs\Brochures, don’t
forget to select Administrator have full access; other users have read and write permissions, then click OK…
38 – In the Warning box, click Yes to create the folder on svr01 server…

39 – In the Replication box, click Yes. The Replicate Folder Wizard starts…
40 – Next, in the Replicate Folder Wizard, on both the Replication Group and Replicated Folder Name page, accept
the default settings, and then click Next…

41 – On the Replication Eligibility page, click Next…


42 – On the Primary Member box, I choose SVR01 server to be my Primary DFS server, and then click Next…
43 – On the Topology Selection box, select Full Mesh, and then click Next…

44 – On the Replication Group Schedule and Bandwidth, I choose Full and then click next…
45 – On the Review Settings and Create Replication Group box, click Create…

46 – On the Confirmation box, click Close (verify that all status is Success)…
47 – In the Replication Delay box, click OK…

48 – Next, expand Replication, and then click comsys.local\marketingdocs\brochures, on the right pane, under
Memberships tab, verify that both comsys-rodc01 and svr01 server is listed….
49 – To make sure all replication process is running without any issue and also to verify that our second server
which is COMSYS-RODC01 server is having same function on DFS, log on into COMSYS-RODC01 server, open
DFS and right click namespace and click Add Namespace to Display…
50 – In the Add Namespace to Display box, verify that domain is Comsys.local and under Namespace:,
\\Comsys.local\MarketingDocs is listed and then click OK…

51 – Next, in the DFS console on the Comsys-RODC01 server, you should see that both Brochures and
OnlineAdvert folder is listed…

52 – Lastly, log on into your client PC as any domain users, open RUN and
type \\Comsys.local\MarketingDocs and press enter, and you should notice that marketingdocs folder is pop
up with Brochures and OnlineAdvert folder is inside…
5.12 Know about disk quotas

Disk Quota is used to restrict the user so that he can use only a particular amount of space. In this way disk space
can be used in an efficient manner and can be assigned to multiple users.

Step 1

First of all open your computer and right click on the drive to open it's Properties.
In the properties window many options will be available and Total Space and Used Space will be shown to you.
Step 2

In these options you will find an option named "Quota", click on it. Here first of all check the first two options and
then provide the amount of space for the disk that will be the maximum amount of space allotted on this drive.
Also provide the amount of space after which a warning will be generated for the user to delete some data from the
drive as his allotted space is going to be fully filled very soon.
Step 3

After that click on "Quota Entries" button. This button will open a new window where you can provide the name of
the user of which you want to assign the restricted space.
To provide the name of the user you need to click on the "Blank Page" Icon provided at the left hand corner of the
window.

Step 4

Now you will be asked to select the user's, for this click on "Advanced Button".
Now on the New Window click on Find Now.

All the available user's will be shown at the bottom of the window. Click on the user to which you want to assign the
disk space.
Step 5

Now name of the the selected user will be shown, click on "OK" button.
As you click on the "OK" button you must provide the amount of space to be restricted.

Now all the information will be shown about this user.


UNIT-6
LINUX administration
Introduction to Linux

Linux is an operating system that evolved from a kernel created by Linus Torvalds when he was a student
at the University of Helsinki. Generally, it is obvious to most people what Linux is. However, both for
political and practical reasons, it needs to be explained further. To say that Linux is an operating system
means that it's meant to be used as an alternative to other operating systems, Windows, Mac OS, MS-
DOS, Solaris and others. Linux is not a program like a word processor and is not a set of programs like an
office suite. Linux is an interface between computer/server hardware, and the programs which run on it.

Pre-Installation of Linux

Assumptions:

1. You are interested in installing Linux on a PC (386 upwards).


2. You have a CDROM drive on your PC. You have made sure that your proposed version of Linux
supports this CDROM drive. Check latest version of the hardware how to at the Linux
Documentation Project (LDP).
3. You have at least one 3½" floppy diskette drive on your system.
4. The 3½" diskette drive is a BOOTABLE drive.
5. You will keep readily available, three, bad-sector-free, formatted (3½"), blank diskettes, for use
in the installation procedure.
6. If you wish to install Linux over a LAN, you have confirmed that your network interface card is
supported by your version of Linux. Check latest version of the hardware how to at the LDP.

Installation of Linux

Installing Linux using USB stick

This is one of the easiest methods of installing Ubuntu or any distribution on your computer. Follow the
steps.

Step 1) Download the .iso or the OS files on your computer from this link.
Step 2) Download free software like 'Universal USB installer to make a bootable USB stick.

Step 3) Select an Ubuntu Distribution form the dropdown to put on your USB

Select your Ubuntu iso file download in step 1.

Select the drive letter of USB to install Ubuntu and Press create button.

Step 4) Click YES to Install Ubuntu in USB.


Step 5) After everything has been installed and configured, a small window will appear Congratulations!
You now have Ubuntu on a USB stick, bootable and ready to go.
Installing Linux using CD-ROM

Step 1) Download the .iso or the OS files onto your computer from this link

http://www.ubuntu.com/download/desktop.

Step 2) Burn the files to a CD.

Step 3) Boot your computer from the optical drive and follow the instructions as they come.

Installing Linux using Virtual Machine


This is a popular method to install a Linux operating system. The virtual installation offers you the
freedom of running Linux on an existing OS already installed on your computer. This means if you have
Windows running, then you can just run Linux with a click of a button.

Virtual machine software like Oracle VM can install Ubuntu in easy steps. Let us look at them.

Here the brief steps

PART A) Download and Install Virtual Box


Download Virtual box using this link

Depending on your processor and OS, select the appropriate package. In our case, we have selected
Windows with AMD
Once the download is complete, Open setup file and follow the steps below:

Step-1) Click On next


Step-2) Select you're the directory to install Virtual Box and click on next

Step-3) Select Desktop icon and click on next, now click on yes
Step-4) Click On install.

Step-5) Now installation of the virtual box will start. Once complete, click on Finish Button to start
Virtual Box
The virtual box dashboard looks like this-

PART B) Download Ubuntu

Visit this link to download Ubuntu.


You can select 32/64-bit versions as per your choice.

PART C) Create a Machine in Virtual Box

Step-1) Open Virtual box and click on new button


Step-2) In next window, give the name of your OS which you are installing in virtual box. And select OS
like Linux and version as Ubuntu 32 bit. And click on next
Step-3) Now Allocate Ram Size To your Virtual OS. I recommended keeping 1024mb (1 GB) ram to
run Ubuntu better. And click on next.

Step-4) Now To run OS in virtual box we have to create virtual hard disk, click on create a virtual hard
drive now and click on create button.

The virtual hard disk is where the OS installation files and data/applications you create/install in this
Ubuntu machine will reside
Step-5) select VHD (virtual hard disk) option and click on next.
Step-6) Click on dynamic allocated and click on next. This means that the size of the disk will increase
dynamically as per requirement.

Step-7) Allocate memory to your virtual hard drive .8GB recommended. Click on create button.
Step-8) Now you can see the machine name in left panel

So a Machine (PC) with 8GB Hardisk, 1GB RAM is ready.

PART D) Install Ubuntu on the Machine

Step 1) Select the Machine and Click on Start


Step 2) Select the Folder Option

Step 3) Select the Ubuntu iso file


Step 4) Click Start
Step-5) You have an option to Run Ubuntu WITHOUT installing. In this tutorial will install Ubuntu

Step-6) Click continue.


Step-7) Select option to erase the disk and install Ubuntu and click on install now. This option installs
Ubuntu into our virtual hard drive which is we made earlier. It will not harm your PC or Windows
installation

Step-8) Select your location for setting up time zone, and click on continue
Step-9) Select your keyboard layout, by default English (US) is selected but if you want to change then,
you can select in the list. And click on continue
Step-10) Select your username and password for your Ubuntu admin account. This information has
been needed for installing any software package into Ubuntu and also for login to your OS. Fill up
your details and tick on login automatically to ignore login attempt and click on continue

Step-11) Installation process starts. May take up to 30 minutes. Please wait until installation process
completes.
Step-12) After finishing the installation, you will see Ubuntu Desktop.

Discuss Desktop Environments

1. KDE
KDE is one of the most popular desktop environments out there. You may also refer it as the “Plasma”
desktop. Even though it’s not my primary choice, it is highly customizable and extremely lightweight.

Pros

 Modern and polished user interface


 Highly customizable and flexible experience
 Several useful tools built-in
 Extremely lightweight
Cons

 The customization options and tools might be a little too overwhelming for newbie’s,
leading to potential confusion.

3. MATE

MATE Desktop Environment is based on GNOME 2. MATE was initially developed for
the users who were disappointed with the latest iteration of GNOME shell — GNOME 3.

Pros
 Easy to use and robust experience
 Lightweight
 Simple yet Customizable

Cons
 May not offer the most intuitive user experience.
3. GNOME

GNOME is arguably the most popular desktop environment out there. Many of the popular
Linux distress use GNOME as their default desktop environment and it has some popular
forks, such as Cinnamon.

Pros

 Solid and intuitive


 Modern UI, elegant looks
 Seamless desktop experience
Cons

 Available only on few distributions (can be installed on your own manually)

6. LXQt
LXQt is a lightweight Qt desktop environment. When compared to LXDE, it’s safe to say that LXQt is
indeed a lightweight desktop environment while providing a better user experience than LXDE (in terms
of its look and feel).

Pros

 Extremely fast performing and lightweight


 Decent UI for a lightweight desktop environment
Cons

 User interface may seem unappealing


 Not much customizable
 Available only on few distributions (can be installed on your own manually)

7. Xfce

Xfce is one of the most lightweight desktop environments out there. Unlike LXQt, you will find a lot of
major Linux distributions support XFCE editions.

Xfce is light on resources but proves to provide a feature-rich user experience. If you need a performance-
centric desktop environment without needing advanced customizations, Xfce is a great choice to go with.

Pros

 Lightweight and adaptable to old hardware


 Modern and visually appealing
 Windows-like familiar UI

Cons
 No advanced customization

8. Deepin

Sometimes it’s not enough to offer customization options or being light on resources. There’s a lot of
users who prefer an eye candy user interface by compromising the performance of the desktop
environment.

Pros

 Eye candy user interface


 Sleek animations
Cons

 Heavy on resource usage and sluggish at time

Types of Shells in Linux


Why do you need the different Linux Shells?

Shells are like brands. Everyone has a favourite and religiously defends that choice and ever so often, tells
you why you should switch. The different Types of Shells in Linux can offer various capabilities, but at
their core, they’re basically implementing ideas that were developed decades ago.

Different Types of Shells in Linux and Why Should You Choose Them

Each of these shells has its own flavour and is meant for people seeking solutions to different problems.
You can see how similar or dissimilar these popular shells are from each other through their respective
scripts which are written to perform the same task,i.e, finding all executable files.

1. Bourne-Again Shell
Bash stands for Bourne Again Shell and it is the default shell on many Linux distributions today. It is
also a sh-compatible shell and offers practical improvements over sh for programming and interactive use
which includes:

 Command line editing


 Job Control
 Unlimited size command history
 Shell Functions and Aliases
 Unlimited size Indexed arrays
 Integer arithmetic in any base from two to sixty-four

2. TENEX C Shell

Tcsh is enhanced C shell, it can be used as an interactive login shell and shell script command processor.

Tcsh has the following features:

 C like syntax
 Command-line editor
 Programmable word and filename completion
 Spelling correction
 Job control

If you are a network or systems administrator in a Unix environment, you will almost certainly run into
the C shell, so it is good to at least have some familiarity with it.

3. Korn Shell

Ksh stands for Korn shell and was designed and developed by David G. Korn. It is a complete,
powerful, high-level programming language and also an interactive command language just like many
other Unix/GNU Linux shells.

The Korn shell includes features from other shells and provides several more advanced features found in
modern scripting languages such as;

 associative arrays
 floating point arithmetic
 job control
 command aliasing
 command history
 supports POSIX standards

 backward compatibility with bash

This Shell is a Unix shell programming language you can use interactively to execute commands from the
command line or programmatically to create scripts that can automate many computer maintenance and
system administration tasks.
4. Z Shell

Zsh is designed to be interactive and it incorporates many features of other Unix/GNU Linux shells such
as bash, tcsh, and ksh.

It is also a powerful scripting language just like the other shells available. Though it has some unique
features that include:

 Filename generation
 Startup files
 Login/Logout watching
 Closing comments
 Concept index
 Variable index
 Functions index
 Key index and many more that you can find out in man pages

5. Scheme Shell

The Scheme shell (scsh) is an exotic shell that offers a scripting environment using Scheme, which is a
derivative of the Lisp language. The Pyshell is an attempt to create a similar script that uses the Python
language.

The script may appear foreign, but it implements similar functionality to the scripts provided thus far.
This script includes three functions and directly executable code at the end to test the argument count. I’d
like to draw your attention to the show files function, which iterates a list, calling write-ln after each
element of the list. This list is generated by iterating the named directory and filtering it for files that are
executable.

Familiarization with LINUX editors and commands

You can use the vi editor to edit an existing file or to create a new file from scratch. You can also use
this editor to just read a text file.
Starting the vi Editor

The following table lists out the basic commands to use the vi editor −

Sr.No. Command & Description

1
vi filename
Creates a new file if it already does not exist, otherwise opens an existing file.
2
vi -R filename
Opens an existing file in the read-only mode.

3
view filename
Opens an existing file in the read-only mode.

Following is an example to create a new file testfile if it already does not exist in the current working
directory −
$vi testfile
The above command will generate the following output −
|
~
~
~
~
~
~
~
~
~
~
~
~
"testfile" [New File]
You will notice a tilde (~) on each line following the cursor. A tilde represents an unused line. If a line
does not begin with a tilde and appears to be blank, there is a space, tab, newline, or some other non-
viewable character present.
You now have one open file to start working on. Before proceeding further, let us understand a few
important concepts.
Operation Modes

While working with the vi editor, we usually come across the following two modes −
 Command mode − This mode enables you to perform administrative tasks such as saving the
files, executing the commands, moving the cursor, cutting (yanking) and pasting the lines or
words, as well as finding and replacing. In this mode, whatever you type is interpreted as a
command.
 Insert mode − This mode enables you to insert text into the file. Everything that's typed in this
mode is interpreted as input and placed in the file.
vi always starts in the command mode. To enter text, you must be in the insert mode for which simply
type i. To come out of the insert mode, press the Esc key, which will take you back to the command
mode.
Hint − If you are not sure which mode you are in, press the Esc key twice; this will take you to the
command mode. You open a file using the vi editor. Start by typing some characters and then come to
the command mode to understand the difference.
Getting Out of vi

The command to quit out of vi is :q. Once in the command mode, type colon, and 'q', followed by return.
If your file has been modified in any way, the editor will warn you of this, and not let you quit. To
ignore this message, the command to quit out of vi without saving is :q!. This lets you exit vi without
saving any of the changes.
The command to save the contents of the editor is :w. You can combine the above command with the
quit command, or use :wq and return.
The easiest way to save your changes and exit vi is with the ZZ command. When you are in the
command mode, type ZZ. The ZZ command works the same way as the :wq command.
If you want to specify/state any particular name for the file, you can do so by specifying it after the :w.
For example, if you wanted to save the file you were working on as another filename called filename2,
you would type :w filename2 and return.
Moving within a File

To move around within a file without affecting your text, you must be in the command mode (press Esc
twice). The following table lists out a few commands you can use to move around one character at a time

Sr.No. Command & Description

1
k
Moves the cursor up one line

2
j
Moves the cursor down one line

3
h
Moves the cursor to the left one character position

4
l
Moves the cursor to the right one character position

The following points need to be considered to move within a file −


 vi is case-sensitive. You need to pay attention to capitalization when using the commands.
 Most commands in vi can be prefaced by the number of times you want the action to occur. For
example, 2j moves the cursor two lines down the cursor location.
There are many other ways to move within a file in vi. Remember that you must be in the command
mode (press Esc twice). The following table lists out a few commands to move around the file −
Given below is the list of commands to move around the file.

Sr.No. Command & Description

1
0 or |
Positions the cursor at the beginning of a line

2
$
Positions the cursor at the end of a line

3
w
Positions the cursor to the next word

4
b
Positions the cursor to the previous word

5
(
Positions the cursor to the beginning of the current sentence

6
)
Positions the cursor to the beginning of the next sentence

7
E
Moves to the end of the blank delimited word

8
{
Moves a paragraph back

9
}
Moves a paragraph forward

10
[[
Moves a section back

11
]]
Moves a section forward

12
n|
Moves to the column n in the current line

13
1G
Moves to the first line of the file

14
G
Moves to the last line of the file

15
nG
Moves to the nth line of the file

16
:n
Moves to the nth line of the file

17
fc
Moves forward to c

18
Fc
Moves back to c

19
H
Moves to the top of the screen
20
nH
Moves to the nth line from the top of the screen

21
M
Moves to the middle of the screen

22
L
Move to the bottom of the screen

23
nL
Moves to the nth line from the bottom of the screen

24
:x
Colon followed by a number would position the cursor on the line number represented by x

Control Commands

The following commands can be used with the Control Key to performs functions as given in the table
below −
Given below is the list of control commands.

Sr.No. Command & Description

1
CTRL+d
Moves forward 1/2 screen

2
CTRL+f
Moves forward one full screen

3
CTRL+u
Moves backward 1/2 screen

4
CTRL+b
Moves backward one full screen

5
CTRL+e
Moves the screen up one line

6
CTRL+y
Moves the screen down one line

7
CTRL+u
Moves the screen up 1/2 page

8
CTRL+d
Moves the screen down 1/2 page

9
CTRL+b
Moves the screen up one page

10
CTRL+f
Moves the screen down one page

11
CTRL+I
Redraws the screen

Editing Files

To edit the file, you need to be in the insert mode. There are many ways to enter the insert mode from
the command mode −

Sr.No. Command & Description

1
i
Inserts text before the current cursor location

2
I
Inserts text at the beginning of the current line

3
a
Inserts text after the current cursor location

4
A
Inserts text at the end of the current line

5
o
Creates a new line for text entry below the cursor location

6
O
Creates a new line for text entry above the cursor location

Deleting Characters

Here is a list of important commands, which can be used to delete characters and lines in an open file −

Sr.No. Command & Description

1
x
Deletes the character under the cursor location

2
X
Deletes the character before the cursor location

3
dw
Deletes from the current cursor location to the next word

4
d^
Deletes from the current cursor position to the beginning of the line

5
d$
Deletes from the current cursor position to the end of the line

6
D
Deletes from the cursor position to the end of the current line

7
dd
Deletes the line the cursor is on

As mentioned above, most commands in vi can be prefaced by the number of times you want the action
to occur. For example, 2x deletes two characters under the cursor location and 2dd deletes two lines the
cursor is on.
It is recommended that the commands are practiced before we proceed further.
Change Commands

You also have the capability to change characters, words, or lines in vi without deleting them. Here are
the relevant commands −

Sr.No. Command & Description

1
cc
Removes the contents of the line, leaving you in insert mode.

2
cw
Changes the word the cursor is on from the cursor to the lowercase w end of the word.

3
r
Replaces the character under the cursor. vi returns to the command mode after the replacement
is entered.

4
R
Overwrites multiple characters beginning with the character currently under the cursor. You
must use Esc to stop the overwriting.

5
s
Replaces the current character with the character you type. Afterward, you are left in the insert
mode.

6
S
Deletes the line the cursor is on and replaces it with the new text. After the new text is entered,
vi remains in the insert mode.

Copy and Paste Commands

You can copy lines or words from one place and then you can paste them at another place using the
following commands −

Sr.No. Command & Description

1
yy
Copies the current line.

2
yw
Copies the current word from the character the lowercase w cursor is on, until the end of the
word.

3
p
Puts the copied text after the cursor.

4
P
Puts the yanked text before the cursor.

Advanced Commands

There are some advanced commands that simplify day-to-day editing and allow for more efficient use of
vi −
Given below is the list advanced commands.

Sr.No. Command & Description

1
J
Joins the current line with the next one. A count of j commands join many lines.
2
<<
Shifts the current line to the left by one shift width.

3
>>
Shifts the current line to the right by one shift width.

4
~
Switches the case of the character under the cursor.

5
^G
Press Ctrl and G keys at the same time to show the current filename and the status.

6
U
Restores the current line to the state it was in before the cursor entered the line.

7
u
This helps undo the last change that was done in the file. Typing 'u' again will re-do the change.

8
J
Joins the current line with the next one. A count joins that many lines.

9
:f
Displays the current position in the file in % and the file name, the total number of file.

10
:f filename
Renames the current file to filename.

11
:w filename
Writes to file filename.

12
:e filename
Opens another file with filename.
13
:cd dirname
Changes the current working directory to dirname.

14
:e #
Toggles between two open files.

15
:n
In case you open multiple files using vi, use :n to go to the next file in the series.

16
:p
In case you open multiple files using vi, use :p to go to the previous file in the series.

17
:N
In case you open multiple files using vi, use :N to go to the previous file in the series.

18
:r file
Reads file and inserts it after the current line.

19
:nr file
Reads file and inserts it after the line n.

Word and Character Searching


The vi editor has two kinds of searches: string and character. For a string search, the / and ? commands
are used. When you start these commands, the command just typed will be shown on the last line of the
screen, where you type the particular string to look for.
These two commands differ only in the direction where the search takes place −
 The / command searches forwards (downwards) in the file.
 The ? command searches backwards (upwards) in the file.
The n and N commands repeat the previous search command in the same or the opposite direction,
respectively. Some characters have special meanings. These characters must be preceded by a backslash
(\) to be included as part of the search expression.

Sr.No. Character &Description


1
^
Searches at the beginning of the line (Use at the beginning of a search expression).

2
.
Matches a single character.

3
*
Matches zero or more of the previous character.

4
$
End of the line (Use at the end of the search expression).

5
[
Starts a set of matching or non-matching expressions.

6
<
This is put in an expression escaped with the backslash to find the ending or the beginning of a
word.

7
>
This helps see the '<' character description above.

The character search searches within one line to find a character entered after the command.
The f and F commands search for a character on the current line only. f searches forwards and F searches
backwards and the cursor moves to the position of the found character.
The t and T commands search for a character on the current line only, but for t, the cursor moves to the
position before the character, and T searches the line backwards to the position after the character.

Set Commands
You can change the look and feel of your vi screen using the following :set commands. Once you are in
the command mode, type :set followed by any of the following commands.

Sr.No. Command & Description

1
:set ic
Ignores the case when searching

2
:set ai
Sets autoindent

3
:set noai
Unsets autoindent

4
:set nu
Displays lines with line numbers on the left side

5
:set sw
Sets the width of a software tabstop. For example, you would set a shift width of 4 with this
command — :set sw = 4

6
:set ws
If wrapscan is set, and the word is not found at the bottom of the file, it will try searching for it
at the beginning

7
:set wm
If this option has a value greater than zero, the editor will automatically "word wrap". For
example, to set the wrap margin to two characters, you would type this: :set wm = 2

8
:set ro
Changes file type to "read only"

9
:set term
Prints terminal type

10
:set bf
Discards control characters from input

Running Commands
The vi has the capability to run commands from within the editor. To run a command, you only need to
go to the command mode and type :! command.
For example, if you want to check whether a file exists before you try to save your file with that
filename, you can type :! ls and you will see the output of ls on the screen.
You can press any key (or the command's escape sequence) to return to your vi session.
Replacing Text

The substitution command (:s/) enables you to quickly replace words or groups of words within your
files. Following is the syntax to replace text −
:s/search/replace/g
The g stands for globally. The result of this command is that all occurrences on the cursor's line are
changed.

Important Points to Note


The following points will add to your success with vi −
 You must be in command mode to use the commands. (Press Esc twice at any time to ensure that
you are in command mode.)
 You must be careful with the commands. These are case-sensitive.
 You must be in insert mode to enter text.

Discuss basic filtering techniques in LINUX

1. Awk Command
Awk is a remarkable pattern scanning and processing language, it can be used to build useful filters in
Linux.

2. Sed Command
sed is a powerful stream editor for filtering and transforming text.

3. Grep, Egrep, Fgrep, Rgrep Commands


These filters output lines matching a given pattern. They read lines from a file or standard input, and print
all matching lines by default to standard output.

Note: The main program is grep, the variations are simply the same as using specific grep options as
below (and they are still being used for backward compatibility):

$ egrep = grep -E

$ fgrep = grep -F

$ rgrep = grep -r

Below are some basic grep commands:

tecmint@TecMint ~ $ grep "aaronkilik" /etc/passwd


aaronkilik:x:1001:1001::/home/aaronkilik:

tecmint@TecMint ~ $ cat /etc/passwd | grep "aronkilik"


aaronkilik:x:1001:1001::/home/aaronkilik:

4. head Command
head is used to display the first parts of a file, it outputs the first 10 lines by default. You can use the -
n num flag to specify the number of lines to be displayed:

tecmint@TecMint ~ $ head /var/log/auth.log


Jan 2 10:45:01 TecMint CRON[3383]: pam_unix(cron:session): session opened for user
root by (uid=0)
Jan 2 10:45:01 TecMint CRON[3383]: pam_unix(cron:session): session closed for user
root
Jan 2 10:51:34 TecMint sudo: tecmint : TTY=unknown ; PWD=/home/tecmint ;
USER=root ; COMMAND=/usr/lib/linuxmint/mintUpdate/checkAPT.py
Jan 2 10:51:34 TecMint sudo: pam_unix(sudo:session): session opened for user root by
(uid=0)
Jan 2 10:51:39 TecMint sudo: pam_unix(sudo:session): session closed for user root
Jan 2 10:55:01 TecMint CRON[4099]: pam_unix(cron:session): session opened for user
root by (uid=0)
Jan 2 10:55:01 TecMint CRON[4099]: pam_unix(cron:session): session closed for user
root
Jan 2 11:05:01 TecMint CRON[4138]: pam_unix(cron:session): session opened for user
root by (uid=0)
Jan 2 11:05:01 TecMint CRON[4138]: pam_unix(cron:session): session closed for user
root
Jan 2 11:09:01 TecMint CRON[4146]: pam_unix(cron:session): session opened for user
root by (uid=0)

tecmint@TecMint ~ $ head -n 5 /var/log/auth.log


Jan 2 10:45:01 TecMint CRON[3383]: pam_unix(cron:session): session opened for user
root by (uid=0)
Jan 2 10:45:01 TecMint CRON[3383]: pam_unix(cron:session): session closed for user
root
Jan 2 10:51:34 TecMint sudo: tecmint : TTY=unknown ; PWD=/home/tecmint ;
USER=root ; COMMAND=/usr/lib/linuxmint/mintUpdate/checkAPT.py
Jan 2 10:51:34 TecMint sudo: pam_unix(sudo:session): session opened for user root by
(uid=0)
Jan 2 10:51:39 TecMint sudo: pam_unix(sudo:session): session closed for user root

Learn how to use head command with tail and cat commands for effective usage in Linux.
5. tail Command
tail outputs the last parts (10 lines by default) of a file. Use the -n num switch to specify the number of
lines to be displayed.

The command below will output the last 5 lines of the specified file:

tecmint@TecMint ~ $ tail -n 5 /var/log/auth.log


Jan 6 13:01:27 TecMint sshd[1269]: Server listening on 0.0.0.0 port 22.
Jan 6 13:01:27 TecMint sshd[1269]: Server listening on :: port 22.
Jan 6 13:01:27 TecMint sshd[1269]: Received SIGHUP; restarting.
Jan 6 13:01:27 TecMint sshd[1269]: Server listening on 0.0.0.0 port 22.
Jan 6 13:01:27 TecMint sshd[1269]: Server listening on :: port 22.

Additionally, tail has a special option -f for watching changes in a file in real-
time (especially log files).
The following command will enable you monitor changes in the specified file:

tecmint@TecMint ~ $ tail -f /var/log/auth.log


Jan 6 12:58:01 TecMint sshd[1269]: Server listening on :: port 22.
Jan 6 12:58:11 TecMint sshd[1269]: Received SIGHUP; restarting.
Jan 6 12:58:12 TecMint sshd[1269]: Server listening on 0.0.0.0 port 22.
Jan 6 12:58:12 TecMint sshd[1269]: Server listening on :: port 22.
Jan 6 13:01:27 TecMint sshd[1269]: Received SIGHUP; restarting.
Jan 6 13:01:27 TecMint sshd[1269]: Server listening on 0.0.0.0 port 22.
Jan 6 13:01:27 TecMint sshd[1269]: Server listening on :: port 22.
Jan 6 13:01:27 TecMint sshd[1269]: Received SIGHUP; restarting.
Jan 6 13:01:27 TecMint sshd[1269]: Server listening on 0.0.0.0 port 22.
Jan 6 13:01:27 TecMint sshd[1269]: Server listening on :: port 22.

Read through the tail man page for a complete list of usage options and instructions:

$ man tail

6. sort Command
sort is used to sort lines of a text file or from standard input.
Below is the content of a file named domains.list:

tecmint@TecMint ~ $ cat domains.list


tecmint.com
tecmint.com
news.tecmint.com
news.tecmint.com
linuxsay.com
linuxsay.com
windowsmint.com
windowsmint.com

You can run a simple sort command to sort the file content like so:

tecmint@TecMint ~ $ sort domains.list


linuxsay.com
linuxsay.com
news.tecmint.com
news.tecmint.com
tecmint.com
tecmint.com
windowsmint.com
windowsmint.com

You can use sort command in many ways, go through some of the useful articles on sort
command as follows:

7. uniq Command
uniq command is used to report or omit repeated lines, it filters lines from standard input
and writes the outcome to standard output.
After running sort on an input stream, you can remove repeated lines with uniq as in the
example below.
To indicate the number of occurrences of a line, use the -c option and ignore differences
in case while comparing by including the -i option:

tecmint@TecMint ~ $ cat domains.list


tecmint.com
tecmint.com
news.tecmint.com
news.tecmint.com
linuxsay.com
linuxsay.com
windowsmint.com

tecmint@TecMint ~ $ sort domains.list | uniq -c


2 linuxsay.com
2 news.tecmint.com
2 tecmint.com
1 windowsmint.com

Read through the uniq man page for further usage info and flags:

$ man uniq

8. fmt Command
fmt simple optimal text formatter, it reformats paragraphs in specified file and prints
results to the standard output.
The following is the content extracted from the file domain-list.txt:
1.tecmint.com 2.news.tecmint.com 3.linuxsay.com 4.windowsmint.com

To reformat the above content to a standard list, run the following command with -
w switch is used to define the maximum line width:

tecmint@TecMint ~ $ cat domain-list.txt


1.tecmint.com 2.news.tecmint.com 3.linuxsay.com 4.windowsmint.com

tecmint@TecMint ~ $ fmt -w 1 domain-list.txt


1.tecmint.com
2.news.tecmint.com
3.linuxsay.com
4.windowsmint.com

9. pr Command
pr command converts text files or standard input for printing. For instance
on Debian systems, you can list all installed packages as follows:

$ dpkg -l

To organize the list in pages and columns ready for printing, issue the following
command.

tecmint@TecMint ~ $ dpkg -l | pr --columns 3 -l 20

2017-01-06 13:19 Page 1

Desired=Unknown/Install ii adduser ii apg


| Status=Not/Inst/Conf- ii adwaita-icon-theme ii app-install-data
|/ Err?=(none)/Reinst-r ii adwaita-icon-theme- ii apparmor
||/ Name ii alsa-base ii apt
+++-=================== ii alsa-utils ii apt-clone
ii accountsservice ii anacron ii apt-transport-https
ii acl ii apache2 ii apt-utils
ii acpi-support ii apache2-bin ii apt-xapian-index
ii acpid ii apache2-data ii aptdaemon
ii add-apt-key ii apache2-utils ii aptdaemon-data

2017-01-06 13:19 Page 2

ii aptitude ii avahi-daemon ii bind9-host


ii aptitude-common ii avahi-utils ii binfmt-support
ii apturl ii aview ii binutils
ii apturl-common ii banshee ii bison
ii archdetect-deb ii baobab ii blt
ii aspell ii base-files ii blueberry
ii aspell-en ii base-passwd ii bluetooth
ii at-spi2-core ii bash ii bluez
ii attr ii bash-completion ii bluez-cups
ii avahi-autoipd ii bc ii bluez-obexd

.....

The flags used here are:

--column defines number of columns created in the output.

-l specifies page length (default is 66 lines).


10. tr Command
This tool translates or deletes characters from standard input and writes results to
standard output.

The syntax for using tr is as follows:

$ tr options set1 set2

Take a look at the examples below, in the first command, set1( [:upper:] ) represents the case
of input characters (all upper case).
Then set2([:lower:]) represents the case in which the resultant characters will be. It’s same
thing in the second example and the escape sequence \n means print output on a new line:
tecmint@TecMint ~ $ echo "WWW.TECMINT.COM" | tr [:upper:] [:lower:]
www.tecmint.com

tecmint@TecMint ~ $ echo "news.tecmint.com" | tr [:lower:] [:upper:]


NEWS.TECMINT.COM

11. more Command


more command is a useful file perusal filter created basically for certificate viewing. It
shows file content in a page like format, where users can press [Enter] to view more
information.
You can use it to view large files like so:

tecmint@TecMint ~ $ dmesg | more


[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Initializing cgroup subsys cpuacct
[ 0.000000] Linux version 4.4.0-21-generic (buildd@lgw01-21) (gcc version 5.3.1
20160413 (Ubuntu 5.3.1-14ubuntu2) ) #37-Ubuntu SMP Mon Apr 18 18:33:37 UTC
2016 (Ubuntu 4.4.0-21.37-generic
4.4.6)
[ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-4.4.0-21-generic
root=UUID=bb29dda3-bdaa-4b39-86cf-4a6dc9634a1b ro quiet splash vt.handoff=7
[ 0.000000] KERNEL supported cpus:
[ 0.000000] Intel GenuineIntel
[ 0.000000] AMD AuthenticAMD
[ 0.000000] Centaur CentaurHauls
[ 0.000000] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256
[ 0.000000] x86/fpu: Supporting XSAVE feature 0x01: 'x87 floating point registers'
[ 0.000000] x86/fpu: Supporting XSAVE feature 0x02: 'SSE registers'
[ 0.000000] x86/fpu: Supporting XSAVE feature 0x04: 'AVX registers'
[ 0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using
'standard' format.
[ 0.000000] x86/fpu: Using 'eager' FPU context switches.
[ 0.000000] e820: BIOS-provided physical RAM map:
[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009d3ff] usable
[ 0.000000] BIOS-e820: [mem 0x000000000009d400-0x000000000009ffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000000e0000-0x00000000000fffff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000a56affff] usable
[ 0.000000] BIOS-e820: [mem 0x00000000a56b0000-0x00000000a5eaffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000a5eb0000-0x00000000aaabefff] usable
--More--

12. less Command


less is the opposite of more command above but it offers extra features and it’s a little
faster with large files.
Use it in the same way as more:

tecmint@TecMint ~ $ dmesg | less


[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Initializing cgroup subsys cpuacct
[ 0.000000] Linux version 4.4.0-21-generic (buildd@lgw01-21) (gcc version 5.3.1
20160413 (Ubuntu 5.3.1-14ubuntu2) ) #37-Ubuntu SMP Mon Apr 18 18:33:37 UTC
2016 (Ubuntu 4.4.0-21.37-generic
4.4.6)
[ 0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-4.4.0-21-generic
root=UUID=bb29dda3-bdaa-4b39-86cf-4a6dc9634a1b ro quiet splash vt.handoff=7
[ 0.000000] KERNEL supported cpus:
[ 0.000000] Intel GenuineIntel
[ 0.000000] AMD AuthenticAMD
[ 0.000000] Centaur CentaurHauls
[ 0.000000] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256
[ 0.000000] x86/fpu: Supporting XSAVE feature 0x01: 'x87 floating point registers'
[ 0.000000] x86/fpu: Supporting XSAVE feature 0x02: 'SSE registers'
[ 0.000000] x86/fpu: Supporting XSAVE feature 0x04: 'AVX registers'
[ 0.000000] x86/fpu: Enabled xstate features 0x7, context size is 832 bytes, using
'standard' format.
[ 0.000000] x86/fpu: Using 'eager' FPU context switches.
[ 0.000000] e820: BIOS-provided physical RAM map:
[ 0.000000] BIOS-e820: [mem 0x0000000000000000-0x000000000009d3ff] usable
[ 0.000000] BIOS-e820: [mem 0x000000000009d400-0x000000000009ffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000000e0000-0x00000000000fffff] reserved
[ 0.000000] BIOS-e820: [mem 0x0000000000100000-0x00000000a56affff] usable
[ 0.000000] BIOS-e820: [mem 0x00000000a56b0000-0x00000000a5eaffff] reserved
[ 0.000000] BIOS-e820: [mem 0x00000000a5eb0000-0x00000000aaabefff] usable
:

Discuss basic piping techniques in LINUX


What is a Pipe in Linux?
The Pipe is a command in Linux that lets you use two or more commands such that
output of one command serves as input to the next. In short, the output of each process
directly as input to the next one like a pipeline. The symbol '|' denotes a pipe.

Pipes help you mash-up two or more commands at the same time and run them
consecutively. You can use powerful commands which can perform complex tasks in
a jiffy.

Let us understand this with an example.

When you use 'cat' command to view a file which spans multiple pages, the prompt
quickly jumps to the last page of the file, and you do not see the content in the middle.

o avoid this, you can pipe the output of the 'cat' command to 'less' which will show
you only one scroll length of content at a time.

cat filename | less

An illustration would make it clear.


'pg' and 'more' commands
Instead of 'less', you can also use.

cat Filename | pg

or

cat Filename | more


And, you can view the file in digestible bits and scroll down by simply hitting the
enter key.

The 'grep' command


Suppose you want to search a particular information the postal code from a text file.

You may manually skim the content yourself to trace the information. A better option
is to use the grep command. It will scan the document for the desired information and
present the result in a format you want.

Syntax:

grep search_string

Let's see it in action -

Here, grep command has searched the file 'sample', for the string 'Apple' and 'Eat'.
Following options can be used with this command.

Option Function

-v Shows all the lines that do not match the searched string

-c Displays only the count of matching lines

-n Shows the matching line and its number

-i Match both (upper and lower) case

-l Shows just the name of the file with the string

Let us try the first option '-i' on the same file use above -

Using the 'i' option grep has filtered the string 'a' (case-insensitive) from the all the
lines.

The 'sort' command


This command helps in sorting out the contents of a file alphabetically.

The syntax for this command is:

sort Filename

Consider the contents of a file.


Using the sort command

There are extensions to this command as well, and they are listed below.

Option Function

-r Reverses sorting

-n Sorts numerically

-f Case insensitive sorting

The example below shows reverse sorting of the contents in file 'abc'.

What is a Filter?
Linux has a lot of filter commands like awk, grep, sed, spell, and wc. A filter takes
input from one command, does some processing, and gives output.

When you pipe two commands, the "filtered " output of the first command is given to
the next.
Let's understand this with the help of an example.

We have the following file 'sample'

We want to highlight only the lines that do not contain the character 'a', but the result
should be in reverse order.

For this, the following syntax can be used.

cat sample | grep -v a | sort - r

Let us look at the result.


Summary:
 Pipes '|' send the output of one command as input of another command.
 The Filter takes input from one command, does some processing, and gives
output.
 The grep command can be used to find strings and values in a text document
 Piping through grep has to be one of the most common uses
 'sort' command sorts out the content of a file alphabetically
 less ,pg and more commands are used for dividing a long file into readable bits

Discuss about Managing Users and Groups


Users of the system may be human users — people who log into the system or they can be
system users — used to start non-interactive background services such as databases. From the
perspective of the operating system, there is no distinction between human users and system
users and all the information is stored in the same file.

However, there is a range of user IDs reserved for human users and another range for system
users. To view this range, execute the following command:

me@home:~$ grep UID /etc/login.defs


UID_MIN 1000
UID_MAX60000
SYS_UID_MIN 100
SYS_UID_MAX 999
/etc/passwd File
The information about users is stored in /etc/passwd file. To view the first line of the file,
execute the following command:

me@home:~$ head -1 /etc/passwd


root:x:0:0:root:/root:/bin/bash
The first root is the username.

The character x is used as a placeholder for password.


0 is the user ID for this user.

0 is the group ID for this user.

The next root is a comment about this user.

/root is the home directory for this user.

And finally /bin/bash is the shell for this user.

Adding Users
You can add new users with useradd command. The very minimum needed by the useradd
command is a username. However, you’ll generally need more than just a username. Execute the
following commands to create a user named john:

me@home:~$ useradd -c “John from Accounts” -m -s /bin/bash john


The -c flag adds a comment in the /etc/passwd file for this account.

-m automatically creates the home directory for this user under /home with the same name as the
username i.e. /home/john

-s assigns the shell for the user.

To see the entry created for this new user, execute the following command:

me@home:~$ grep john /etc/passwd


john:x:1001:1001:John from Accounts:/home/john:/bin/bash
The user john has been assigned the user ID 1001 and the group ID 1001. You can manually
specify the user ID using the -u flag followed by the user ID. When this is not specified, the first
available user ID is chosen. If the group name is not assigned using the -g flag, a group is created
with the same name and ID as the user and is made the primary group of the user. Note that the
user has not been assigned a password yet.

The following paragraph summarizes some of the flags that can be used with useradd:

-c Adds a comment. -c “John from Accounts”

-d Specifies home directory for the user. Use this if the name of the home directory is different
from the username. -d /home/accounts/john

-e Specifies the expiration date for the account in YYYY-MM-DD format. -e 2017-01-01

-g Specifies the primary group of the user. The group must already exist in the /etc/group file. -g
accounts

-G Specifies the additional groups to which the user belongs. -G employees


-k Specifies the skeleton directory. The contents from the skeleton directory are copied into the
user’s home directory. This flag can only be used in conjunction with the -m flag. The default
skeleton directory is /etc/skel. -k /skelton/accounts

-p Specifies the password to be associated with this account. This must be an encrypted
password. You can assign the password later using passwd command. -p hashed_password

-s Specifies the shell to be associated with this account. -s /bin/bash

-u Specifies the user ID to be used with this account. Without -u flag, the first available user ID
will be assigned. -u 1005

Setting a Password
The newly made account has no password. The passwd command is used to add a password to
the account. Execute the following command:

me@home:~$ sudo passwd john


[sudo] password for me:
Enter new UNIX password:
Retype new Unix Password:
passwd: password updated successfully
Modifying Users
The usermod command is used to modify any existing user account. Suppose we want to change
the username of john to johnny, here’s how we’d do it:

me@home:~$ sudo usermod -l johnny john


[sudo] password for me:
me@home:~$ grep john /etc/passwd
johnny:x:1001:1001:John from Accounts:/home/john:/bin/bash
Notice that the username has changed but the home directory is still the same. Let’s change the
home directory. Execute the following command:

me@home:~$ sudo usermod -m -d /home/johnny johnny


[sudo] password for me:
me@home:~$
If you were to now look at the entry in /etc/passwd, you’d notice that the home directory has
been changed. The -d flag specifies the new home directory and the -m flag copies the contents
over from the old home directory to the new one.

You can even lock and unlock the account by using the -L and -U flags respectively. Execute the
following command to lock the account:

me@home:~$ sudo usermod -L johnny


[sudo] password for me:
me@home:~$ sudo grep johnny /etc/shadow
johnny:!$6$mC3IOEDs$TMWBP2IJfxgDHKjW6cxFk80BY9aqFThvN8MfED/P
JnVqI.mB7Ddtqn35VM5Q4Rm4l8bNIsOd3PXhRktJPwMlc0:16479:17104:0:99999:7:::
Because the user account has been locked, there is an exclamation mark before the hash of the
password. To unlock the account, execute the following:

me@home:~$ sudo usermod -U johnny


[sudo] password for me:
me@home:~$
You can change the primary group of the user using the -g flag. Suppose John has moved from
accounts to HR. To update the primary group, execute the following:

me@home:~$ sudo usermod -g hr johnny


[sudo] password for me:
me@home:~$
Similarly, you can add the user to more groups using the -Ga flag. If you want to replace the
additional groups the user was a part of, instead of adding new groups, use the -G flag. To add
the user johnny to manager group, execute the following:

me@home:~$ sudo usermod -Ga manager johnny


[sudo] password for me:
me@home:~$
You can change the user ID of the user using the -u flag. Execute the following command to
change the user ID of the user johnny.

me@home:~$ sudo usermod -u 3000 johnny


[sudo] password for me:
me@home:~$
The paragraph below summarizes some of the flags that can be used with usermod command.

-c Changes the username associated with the account. -c johnny

-d Changes the home directory associated with the account. -c /home/johnny

-e Changes the expiration date associated with the account. Must be written in YYYY-MM-DD
format. -e 2018-01-01

-g Changes the primary group for the account. -g employee

-G Changes the additional groups the user is part of. If you want to add the user to more groups,
use the -Ga flag. Using -G will replace the existing list of groups.

-m Specifies that the contents of the old home directory should be copied over to the new one.
Can only used with -d flag.

Deleting Users
userdel command is used to delete users. Here’s how you’d delete the user johnny.
me@home:~$ sudo userdel --remove-all-files johnny
[sudo] password for me:
me@home:~$
This not only deletes the user but also removes all the files that belong to the user including those
that are outside the home directory.

Groups
Groups are a collection of users. Assigning users to groups makes it easier to manage
permissions. For example, you can set permissions to ensure that files are accessible to people in
a particular group like accounts, hr, etc.

Whenever a user is created, by default, they are added to a new group with the same name as the
username. This is called the primary group of the user. A user john would be added to a group
named john.

Akin to users, a range of IDs is reserved for regular groups and system groups. You can view this
range by executing the command below:

me@home:~$ grep GID /etc/login.defs


GID_MIN 1000
GID_MAX60000
SYS_GID_MIN 100
SYS_GID_MAX 999
/etc/group File
Information about group is stored in the /etc/group file.

me@home:~$ grep $(whoami) /etc/group


adm:x:4:syslog,me
cdrom:x:24:me

The first part is the name of the group.

x is a placeholder for password.

The next part is the group ID.

The last part is a comma-separated list of usernames that belong to that group.

Adding Groups
groupadd command is used to create a new group. To create a group, execute the following
command:

me@home:~$ sudo groupadd manager


[sudo] password for me:
me@home:~$
This creates a new group named manager and assigns a group ID to it. With the -g flag, you can
manually assign a group ID to it. Once a group has been created, you can assign it to a user using
the usermod command.

Modifying Groups
groupmod command is used to modify an existing group. Here’s how you’d modify the ID of the
group:

me@home:~$ sudo groupmod -g 300 manager


[sudo] password for me:
me@home:~$
You can change the name of the group as follows:

me@home:~$ sudo groupmod -n managers manager


[sudo] password for me:
me@home:~$

Deleting Groups
groupdel command is used to delete a group. Here’s how you’d delete the managers group:

me@home:~$ sudo groupdel managers


[sudo] password for me:
me@home:~$
Managing Groups with gpasswd
gpasswd command can be used to add users to a group, remove them, and set admins for the
group.

To add a user to a group, execute the following command:

me@home:~$ sudo gpasswd -a john manager


[sudo] password for me:
me@home:~$
To add multiple users to a group, execute the following command:

me@home:~$ sudo gpasswd -M john,jane manager


[sudo] password for me:
me@home:~$
To remove a user from a group, execute the following command:

me@home:~$ sudo gpasswd -d john manager


[sudo] password for me:
me@home:~$
To make the user an admin to the group, execute the following command:
me@home:~$ sudo gpasswd -A jane manager
[sudo] password for me:
me@home:~$
This brings us to the end of the guide on managing users and groups in Linux.

Analyze the process of Configuring DHCP in LINUX

Configuring a DHCP Server


To configure an Oracle Linux system as a DHCP server:

1. Install the dhcp package:

# yum install dhcp

2. Edit the /etc/dhcp/dhcpd.conf file to store the settings that the DHCP server can provide to the clients.

The following example configures the domain name, a range of client addresses on the 192.168.2.0/24
subnet from 192.168.2.101 through 192.168.2.254 together with the IP addresses of the default gateway
and the DNS server, the default and maximum lease times in seconds, and a static IP address for the
application server svr01 that is identified by its MAC address:

option domain-name "mydom.org";


option domain-name-servers 192.168.2.1, 10.0.1.4;
option broadcast-address 192.168.2.255;
option routers 192.168.2.1;

subnet 192.168.2.0 netmask 255.255.255.0 {


range 192.168.2.101 192.168.2.254;
default-lease-time 10800;
max-lease-time 43200;
}

host svr01 {
hardware ethernet 80:56:3e:00:10:00;
fixed-address 192.168.2.100;
max-lease-time 86400;
}

The DHCP server sends the information in the option lines to each client when it requests a lease on an IP
address. An option applies only to a subnet if you define it inside a subnet definition. In the example, the
options are global and apply to both the subnet and host definitions. The subnet and host definitions have
different settings for the maximum lease time.
For more information and examples, see /usr/share/doc/dhcp-version/dhcpd.conf.sample and the dhcp-
options(5) manual page.

3. Edit /etc/sysconfig/dhcpd to configure settings for the DHCP server itself. For example, the following
setting specifies the interfaces on which the server listens for DHCP requests:

DHCPDARGS="eth0 eth1"

For more information, see the dhcpd(8) manual page.

4. Touch the /var/lib/dhcpd/dhcpd.leases file, which stores information about client leases:

# touch /var/lib/dhcpd/dhcpd.leases

5. Enter the following commands to start the DHCP service and ensure that it starts after a reboot:
6. # service dhcpd start
# chkconfig dhcpd on

Describe Configuring DNS in LINUX

A DNS server, or name server, is used to resolve an IP address to a hostname or vice versa.

You can set up four different types of DNS servers:

 A master DNS server for your domain(s), which stores authoritative records for your domain.
 A slave DNS server, which relies on a master DNS server for data.
 A caching-only DNS server, which stores recent requests like a proxy server. It otherwise refers to
other DNS servers.
 A forwarding-only DNS server, which refers all requests to other DNS servers.

Before configuring BIND to create a DNS server, you must understand some basic DNS
concepts.

The entire hostname with its domain such as server.example.com is called a fully qualified
domain name (FQDN). The right-most part of the FQDN such as .com or .net is called the top
level domain, with the remaining parts of the FQDN, which are separated by periods, being sub-
domains.

These sub-domains are used to divide FQDNs into zones, with the DNS information for each
zone being maintained by at least one authoritative name server.

The authoritative server that contains the master zone file, which can be modified to update DNS
information about the zone, is called the primary master server, or just master server.
The additional name servers for the zone are called secondary servers or slave
servers. Secondary servers retrieve information about the zone through a zone transfer from the
master server or from another secondary server. DNS information about a zone is never modified
directly on the secondary server

chroot features
chroot feature is run named as user named, and it also limit the files named can see. When
installed, named is fooled into thinking that the directory /var/named/chroot is actually
the root or / directory. Therefore, named files normally found in the /etc directory are found
in /var/named/chroot/etc directory instead, and those you would expect to find
in /var/named are actually located in /var/named/chroot/var/named.

The advantage of the chroot feature is that if a hacker enters your system via a BIND exploit, the
hacker's access to the rest of your system is isolated to the files under the chroot directory and
nothing else. This type of security is also known as a chroot jail.

Configure dns server


In this example we will configure a dns server and will test from client side.

For this example we are using three systems one linux server one linux clients and one window
clients.

bind and caching-nameserver rpm is required to configure dns. check them for install if not
found install them.

set hostname to server.example.com and ip address to 192.168.0.254


main configuration file for dns server is named.conf. By default this file is not created
in /var/named/chroot/etc/ directory. Instead of named.conf a sample
file /var/named/chroot/etc/named.caching-nameserver.conf is created. This file is use to
make a caching only name server. You can also do editing in this file after changing its name
to named.conf to configure master dns server or you can manually create a
new named.conf file.

In our example we are creating a new named.conf file

We are using bind's chroot features so all our necessary files will be located in chroot directory.
Set directory location to /var/named. Further we will set the location of forward
zone and reverse lookup zone files.

Do editing exactly as shown here in image

save this file with :wq and exit


Configure zone file
We have defined two zone files example.com.zone for forward zone and 0.168.192.in-
addr.arpa for reverse zone. These files will be store
in /var/named/chroot/var/named/ location. We will use two sample files for creating these
files.

Change directory to /var/named/chroot/var/named and copy the sample files to name which
we have set in named.conf

Now open forward zone file example.com.zone

By default this file will look like this

Change this file exactly as shown in image below

Now open reverse lookup zone file 0.168.192.in-addr.arpa


By default this file will look like this

Change this file exactly as shown in image below

Now changed the ownership of these zone files to named group

Now start the named service

If service restart without any error means you have successfully configured master name server.

Configure dns slave server


For this example we are using three systems one linux server one linux clients and one window
clients.
We have configured master DNS server with ip address of 192.168.0.254 and
hostname server.example.com on linux server. Now we will configure slave DNS server on
linux clients

To configure slave DNS server go on client1 system.

First test connectivity from dns server by ping commands and check necessary
rpm. bind and caching-nameserver rpm is required to configure dns. check them for install if
not found install them.

set hostname to client1 and ip address to 192.168.0.1 And create a new named.conf file

We are using bind's chroot features so all our necessary files will be located in chroot directory.
Set directory location to /var/named. As we are configuring slave server so we need not to
define the location of zone database files. Zone database file can be created and modified only on
master server. A slave server only copied it's from master server.

Do editing exactly as shown here in image in named.conf

save this file with :wq and exit

Now restart the named service. It should be start without any error.
Congratulation you have configured both Master and client DNS server. Now we will
configure dns client and test it with dns server.

Configure Window DNS Client


Now go on windows xp system and test connectivity from DNS server. And set DNS ip
address in LAN card properties.

Now go on commands prompt and ping from other client by name to test dns.
Alternately You can also verify DNS server by nslookup command

Test also by pinging server from name

Configure Linux DNS clients


RHCE Exam question Dig Server.example.com, Resolve to successfully through DNS
Where DNS server is 192.168.0.254.

RHCE Exam question2

Your System is configured in 192.168.0.0/24 Network and your nameserver is


192.168.0.254. Make successfully resolve to server.example.com.

On command line interface you don't have any options to set DNS ip in network configuration
window. IP of DNS server can be set from /etc/resolv.conf file. Each nameserver line represents
a DNS server, and the search line specifies domain names to try if only the first part of a
hostname is used. For example, if just the name client1 is used as a hostname, client1.
example.com will also be tried if the /etc/resolv.conf file is configured as shown in image below
on the system.

To set DNS ip open /etc/resolv.conf file


set nameserver ip to 192.168.0.254 and search option to example.com

After saving /etc/resolv.conf file restart the network service

dig server.example.com to test dns server

now verify by pinging to other client from name

Configuring internet access

The Red Hat Linux Network Administration Tool simplifies configuration of your system to access the
Internet via a telephone dialup, ISDN, DSL, Ethernet, or wireless connection. The Network Administration
Tool requires you to follow a three-step process:
1. Set up the hardware device associated with the connection.
2. Specify DNS settings and hostnames.
3. Activate the device, if necessary.
The following subsections explain how to perform these steps.
The Network Administration tool supports all these methods of connecting to
the Internet. However, some hardware devices are not compatible with Red
Hat Linux. And, some Internet service providers insist that their customers
use only Windows. In either case, you can experience difficulties in
connecting to the Internet. The final section of this chapter explains some
means of last resort that might help you resolve problems.

10.2.1 Setting Up Hardware Devices


In the past, most computer users connected to the Internet via a POTS (plain old telephone service) dial-up
modem. However, today, many means of connecting to the Internet are available. For example, many home
computer users have high-speed connections using ISDN or DSL. Corporate computer users often connect to
the Internet via a their local area network, using an Ethernet adapter. And wireless network adapters are
becoming quite popular.
To set up a hardware device using the Network Administration Tool, login as root and choose System
Settings Network from the GNOME or KDE menu. The Network Administration Tool appears, as shown
in Figure 10-1.
Figure 10-1. The Network Administration Tool

The Network Administration Tool has four tabs:


Devices

Used to associate a physical device with a network connection


Hardware

Used to set up a physical device


Hosts

Used to specify names of hosts not known to a DNS server


DNS

Used to specify DNS servers and related options


To begin setting up an Internet connection, click the Add button of the Device tab. A dialog box appears,
inviting you to choose the type of your device, as shown in Figure 10-2. Choose the appropriate device type
and click Forward. Then, follow the steps in the following subsection appropriate to the type of your device.
Red Hat Linux supports two schemes used by DSL providers: PPPoE (Point-
to-Point Protocol over Ethernet) and DHCP (Dynamic Host Control
Protocol). If your DSL provider uses DHCP, you should configure your DSL
connection as though it were an Ethernet connection. Otherwise, you should
specify xDSL as the device type.

Figure 10-2. The Add new Device Type dialog box

10.2.1.1 Setting up a dialup modem

When you specify a Modem as the device type, the Network Administration Tool probes for your modem.
This process may take several seconds. Once the Network Administration Tool locates the modem, it displays
the Select Modem dialog box, shown in Figure 10-3, which lets you specify modem characteristics. Generally,
the defaults are acceptable. However, check the documentation for your modem to be sure. If your phone line
does not support touch tone dialing, de-select the Use touch tone dialing checkbox. Then, click Forward to
continue.
Figure 10-3. The Select Modem dialog box
The Select Provider dialog box appears, as shown in Figure 10-4. If your country and provider are listed, select
them. Otherwise, Specify the phone number, name, login name, and password associated with your account.
Then click Forward to continue.
Figure 10-4. The Select Provider dialog box

The main Tool screen reappears. However, this time the screen includes a line identifying your modem as a
ppp (Point-to-Point Protocol) device, as shown in Figure 10-5. Click Apply to save your changes.
Figure 10-5. The Network Administration Tool

If the Network Administration Tool is unable to successfully probe your modem, your
modem may not be compatible with Linux. Many laptops contain incompatible modems.
Some modems?so-called WinModems?are compatible only with Windows. Other
modems?so-called LinModems?are supported by their manufacturer only for Windows,
but have available Linux drivers. To learn more about your modem and its compatibility
with Linux, see http://www.linmodems.org or Rob
Clark's WinModems Are Not Modems page, http://www.idir.net/~gromitkc/winmodem.h
tml. If your modem is not compatible with Linux, you can often work around the
problem by using an external modem. Because external modems connect via the serial
port, essentially every serial modem designed for PC use is compatible with Linux.

10.2.1.2 Setting up an ISDN modem

When you specify an ISDN modem as the device type, the Network Administration Tool presents a list of
supported ISDN modems, as shown in Figure 10-6. Specify the device characteristics and choose the D
Channel Protocol used by your ISDN provider. Click Forward to continue.
Figure 10-6. The Select ISDN Adapter dialog box

The Select Provider dialog box appears, shown earlier in Figure 10-4. If your country and provider are listed,
select them. Otherwise, specify the phone number, name, login name, and password associated with your
account. Then, click Forward to continue. The main Tool screen reappears. However, this time the screen
includes a line identifying your ISDN modem as an ippp (ISDN Point-to-Point protocol) device. Click Apply
to save your changes.
10.2.1.3 Setting up an xDSL modem

Several varieties of DSL are in use, including IDSL, ADSL, and SDSL. The xDSL device type supports each
variety. When you specify DSL modem, the Network Administration Tool presents the Configure DSL
connection dialog box, as shown in Figure 10-7. Specify the Ethernet device associated with your DSL link
and the login name and password associated with your DSL account. Click Forward to continue. The main
Tool screen reappears. However, this time the screen includes a line identifying your DSL modem as a ppp
(Point-to-Point Protocol) device. Click Apply to save your changes.
Figure 10-7. The Configure DSL connection dialog box'

10.2.1.4 Setting up an Ethernet adapter

When you select Ethernet adapter as the device type, the Network Administration Tool probes your system for
supported Ethernet adapters and displays a list of the adapters it finds, as shown in Figure 10-8. Select the
adapter you want to configure and click Forward.
Figure 10-8. The Select Ethernet Device dialog box

The Configure Network Settings dialog box appears, as shown in Figure 10-9. If your ISP provides a DHCP
server that supplies your system with its network configuration, enable the Automatically obtain IP address
settings with radiobutton and choose DHCP from the drop-down list. Also, enable the Automatically obtain
DNS information from provider checkbox. If your provider uses BOOTP, which is now unusual, choose
BOOTP from the drop-down list.
Figure 10-9. The Configure Network Settings dialog box

If your provider requires you to manually specify your system's network configuration, enable the Statically set
IP address radio button. Then, specify the IP address, subnet mask, and default gateway address as directed by
your network administrator. Click Forward to continue. The main Tool screen reappears. However, this time
the screen includes a line identifying your Ethernet adapter as an eth device. Click Apply to save your changes.
10.2.1.5 Setting up a wireless adapter
When you select Wireless adapter as the device type, the Network Administration Tool probes your system for
supported wireless adapters and displays a list of the adapters it finds, as shown in Figure 10-10. Select the
appropriate adapter and click Forward.
Figure 10-10. The Select Wireless Device dialog box

If the adapter is not specifically identified, choose Other Wireless Card and click Forward. The Select Ethernet
Adapter dialog box appears, as shown in Figure 10-11. Choose the appropriate adapter and specify its
characteristics. Click Forward to continue.
Figure 10-11. The Select Ethernet Adapter dialog box

The Configure Wireless Connection dialog box appears, as shown in Figure 10-12. Specify the mode
(Managed or Ad Hoc) in which your wireless access point operates or specify Auto to configure the adapter to
use whatever mode the access point uses.
Figure 10-12. The Configure Wireless Connection dialog box

Access points using Ad Hoc mode are vulnerable to several types of attack.
It's generally best to configure your access points to use Managed mode and
specify Managed rather than Auto as the adapter mode.
Specify the SSID (Service Set Identifier) of your network or specify Auto if you want to connect to any
available network. Then, specify the channel, transmit rate, and key (if any) associated with your network.
Click Forward to continue. The main Tool screen reappears. However, this time the screen includes a line
identifying your Ethernet adapter as an eth device. Click Apply to save your changes.
Many users install access points that operate using the default SSID set by the
manufacturer and no key. Such users' networks are vulnerable to attack by
passersby. For more information, see http://www.wardriving.com.
10.2.2 Specifying DNS Settings and Hostnames
The DNS tab of the Network Configuration Tool, shown in Figure 10-13, lets you configure DNS. However, if
your ISP provides DNS information via DHCP, you don't need to do so.
Figure 10-13. The DNS tab of the Network Configuration Tool

Internet hosts are generally known by both an IP address and hostname. DNS translates hostnames to IP
addresses and IP addresses to hostnames. Translating a hostname to an IP address is
called hostname lookup or address resolution. Translating an IP address to a hostname is called reverse lookup.
DNS is important, but not essential. For instance, without DNS, you'd have to type IP addresses rather than
hostnames when browsing the Web. Doing so would be inconvenient, but workable. However, you wouldn't be
able to simply click hyperlinks specified using hostnames. Instead, you'd have to somehow figure out and type
the proper IP address.
Using the tab, you can specify the hostname of your system, and the IP addresses of primary, secondary, and
tertiary DNS servers. You can also specify one or more domain names that are automatically added to
hostnames when performing hostname lookups. For example, if you frequently access hosts in
the example.com domain, you can include example.com on the search path. Then, you can refer to the
host www.example.com as simply www.

10.2.3 Activating the Device


The Network Administration Tool activates some network devices, such as Ethernet adapters, automatically.
Other network devices, such as dial-up modems, must be manually activated and deactivated. To activate a
device, select its name in the Devices tab of the Network Administration Tool and click Activate. If the device
is a dial-up modem, it will attempt to connect to your ISP.
Once a connection is established, you should be able to access the Internet. Try to ping an Internet host by
issuing a command such as ping www.redhat.com in a terminal window. You should see replies from the host:

PING www.redhat.com (66.187.232.56) from 10.0.0.2 : 56(84) bytes of data.


64 bytes from redhat.com (66.187.232.56): icmp_seq=0 ttl=239 time=94.383 msec
64 bytes from redhat.com (66.187.232.56): icmp_seq=1 ttl=239 time=92.060 msec
64 bytes from redhat.com (66.187.232.56): icmp_seq=2 ttl=239 time=91.961 msec
--- www.redhat.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max/mdev = 91.961/92.801/94.383/1.146 ms

Terminate the ping command by typing Ctrl-C.


If the command doesn't work, perhaps your connection isn't working. Or perhaps your ISP's DHCP server
failed to properly provide DNS information. Try pinging the IP address of a host you know to be available. For
example, issue a command such as:

$ ping -n 66.187.232.56

If pinging the IP address works, simply use the DNS tab to revise your DNS configuration and you're set.
Otherwise, you may have some difficulty getting the connection to work. Use the ifconfig and route commands
to view your network configuration. If you can figure out the problem, again you're set. If not, you may be able
to obtain help from your ISP or from participants in an Internet newsgroup, such
as linux.redhat or linux.redhat.misc.

Configuring web server

Web server installation process

# yum install httpd*

required to install httpd and its dependencies


Enable and Start the Service

# systemctl enable httpd.service

ln -s '/usr/lib/systemd/system/httpd.service' '/etc/systemd/system/multi-
user.target.wants/httpd.service'

# systemctl start httpd.service


# systemctl status httpd.service

 service enable – which means whenever you restart server, service should
automatically enable
 service start – Normally starting service
As per the above commands web server is installed and started
Allow firewall ports to communicate with
clients

# firewall-cmd --permanent --add-service=https

success

# firewall-cmd --reload

success

web server ports are 80 and 143 default for HTTP and HTTPS
in RHEL 7 and Centos 7 version instead of port numbers we can directly mention
the service which will automatically take its related default port
if you would like to mention the port use below commands

# firewall-cmd --permanent --add-port=443/tcp

success

# firewall-cmd --reload

success
Configuring the web server
create a file with any name extension should be .conf under /etc/httpd/conf.d/*.conf

in this case I am going to use main.conf is the configuration file

# cat /etc/httpd/conf.d/main.conf

<VirtualHost *:80>
ServerAdmin root@arkit.co.in
ServerName server1.arkit.co.in
DocumentRoot /var/www/html/
</VirtualHost>
<Directory "/var/www/html/">
AllowOverride none
Require all granted
</Directory>

# vim /etc/httpd/conf.d/main.conf

# systemctl restart httpd.service

# systemctl status httpd.service

Check configuration if you run with any


problems

# apachectl configtest
Syntax OK

Create HTML file for test


Go to path /var/www/html/ and create index.html file and write some HTML code
or some text test your website

# cat /var/www/html/index.html

Web Server Test File

Client side
Web server testing, as you created above test file with some text in it. Now go to
client machine and type server IP / Name to test your web server is working or not

That’s it about Apache / HTTP service installation and configuration.

Describe Linux Security

Security should be one of the foremost thoughts at all stages of


setting up your Linux computer. To implement a good security
policy on a machine requires a good knowledge of the fundamentals
of Linux as well as some of the applications and protocols that are
used.

Although Linux users are must less prone to viruses than


some other major operating systems, there are still
many security issues facing Linux users and
administrators.
One of the most important steps in any task is to identify
why you are doing it. Rather than just saying we need to
make a system secure you need to consider what is
meant by secure, what risks there are associated with
any data that's available, what impact your security
measures will have on your users. Without first
considering any of these factors how else will you know if
you've met your goal of making a system secure.

Security requirements

After establishing why security is to be implemented you


should consider the aspects of security that are required.
The main security requirements are:

Authorisation - Only allow those that need access to


the data
Authenticity - Verifying they are who they say they are
Privacy / Confidentiality - Ensure personal information
is not being compromised
Integrity - Ensuring that the data has not been
tampered with
Non-repudiation - Confirmation that data is received.
The ability to prove it in court
Availability - Ensure that the system can perform it's
required function
Imposed requirements

Some security requirements are not ones that are


directly under your control but are instead imposed upon
you. These may be legal requirements (e.g. Data
Protection Act 1998), compliance with standards (e.g.
ISO 7984-2 International Standards Organisation
Security Standard), or corporate policy. If you handle
credit card transactions then you may be required to
comply with minimum security standards as described by
the Payment Card Industry (PCI).

Some of these standards are very vague (e.g. the Data


Protection Act just specifies that appropriate security
should be in place) whereas some may be more specific
(e.g. a corporate policy may insist on a minimum length
of passwords etc.).

Knowing the enemy

Before being able to effectively protect a computer


system you need to know who it is that is trying to
attack your systems and what they are trying to do. I
have shown some examples by answering a few
questions about those who could potentially attack a
computer system.

1. Who wants to?


2. Why are they doing this?
3. What do they try and achieve?
4. How do they do it?

Hackers, crackers and phreakers

These words are commonly used when referring to


security attacks, however the meanings are often
misinterpreted or understood. I have taken these in
order of how easy the term is to explain so as to avoid
confusing these together. Note that other people may
have different meanings when they use these terms.

Phreakers - Also known as Phone Phreakers, this term


originates from what could be considered to be the
earliest form of attacks against electronic systems. It's
earliest for was to bypass the systems used in telephone
systems allowing free or reduced price international
phone calls. One of the earliest forms of this was when
the American pay phone system used a certain frequency
signal to indicate that a coin had been placed in the
phone. It was discovered that the frequency of the signal
was 2600 Hz, which was also the same frequency
emitted from a toy whistle distributed with a popular
make of cereals. By blowing the whistle into the phone
when a request was made for payment the Phreaker
could fool the operating into thinking that money had
been deposited in the pay phone.
Crackers - These are people that gain unauthorised
access to a computer. When people refer to hackers
breaking into a computer then they are really referring to
crackers.
Hackers - Using the traditional meaning of the word
Hacker is not meant to imply any kind of illegal or
immoral activities. The true meaning is of a computer
enthusiast that understands the inner workings of a
system and uses that knowledge to "hack" together
programs etc. to perform a function. This was different to
the traditional techniques or programming that are
designed to follow a set structure and procedure to
produce a finished piece of software. Due to incorrect
use, including by the press, the word hacker has now
come to take on two meanings

Explain the process of Backup of data in Linux.

Backup Strategy
Throughout the industry, you'll often hear the term 3-2-1 backup model. This is a very
good approach to live by when implementing a backup plan. 3-2-1 is defined as
follows: 3 copies of data; for example, we may have the working copy; a copy put onto
the CentOS server designed for redundancy using rsync; and rotated, offsite USB
backups are made from data on the backup server. 2 different backup mediums. We
would actually have three different backup mediums in this case: the working copy on
an SSD of a laptop or workstation, the CentOS server data on a RADI6 Array, and the
offsite backups put on USB drives. 1 copy of data offsite; we are rotating the USB
drives offsite on a nightly basis. Another modern approach may be a cloud backup
provider.
System Recovery
A bare metal restore plan is simply a plan laid out by a CentOS administrator to get
vital systems online with all data intact. Assuming 100% systems failure and loss of all
past system hardware, an administrator must have a plan to achieve uptime with intact
user-data costing minimal downtime. The monolithic kernel used in Linux actually
makes bare metal restores using system images much easier than Windows. Where
Windows uses a micro-kernel architecture.
A full data restore and bare metal recovery are usually accomplished through a
combination of methods including working, configured production disk-images of key
operational servers, redundant backups of user data abiding by the 3-2-1 rule. Even
some sensitive files that may be stored in a secure, fireproof safe with limited access to
the trusted company personnel.
A multiphase bare metal restore and data recovery plan using native CentOS tools
may consist of −
 dd to make and restore production disk-images of configured servers
 rsync to make incremental backups of all user data
 tar & gzip to store encrypted backups of files with passwords and notes from
administrators. Commonly, this can be put on a USB drive, encrypted and
locked in a safe that a Senior Manager access. Also, this ensures someone else
will know vital security credentials if the current administrator wins the lottery
and disappears to a sunny island somewhere.
If a system crashes due to a hardware failure or disaster, following will be the different
phases of restoring operations −
 Build a working server with a configured bare metal image
 Restore data to the working server from backups
 Have physical access to credentials needed to perform the first two operations

Use rsync for File Level Backups


rsync is a great utility for syncing directories of files either locally or to another
server. rsync has been used for years by System Administrators, hence it is very
refined for the purpose of backing up data. In the author's opinion, one of the best
features of sync is its ability to be scripted from the command line.
In this tutorial, we will discuss rsync in various ways −

 Explore and talk about some common options


 Create local backups
 Create remote backups over SSH
 Restore local backups
rsync is named for its purpose: Remote Sync and is both powerful and flexible in use.
Following is a basic rsync remote backup over ssh −
MiNi:~ rdc$ rsync -aAvz --progress ./Desktop/ImportantStuff/
rdc@192.168.1.143:home/rdc/ Documents/RemoteStuff/
rdc@192.168.1.143's password:
sending incremental file list
6,148 100% 0.00kB/s 0:00:00 (xfr#1, to-chk=23/25)
2017-02-14 16_26_47-002 - Veeam_Architecture001.png
33,144 100% 31.61MB/s 0:00:00 (xfr#2, to-chk=22/25)
A Guide to the WordPress REST API | Toptal.pdf
892,406 100% 25.03MB/s 0:00:00 (xfr#3, to-chk=21/25)
Rick Cardon Technologies, LLC..webloc
77 100% 2.21kB/s 0:00:00 (xfr#4, to-chk=20/25)
backbox-4.5.1-i386.iso
43,188,224 1% 4.26MB/s 0:08:29
sent 2,318,683,608 bytes received 446 bytes 7,302,941.90
bytes/sec
total size is 2,327,091,863 speedup is 1.00
MiNi:~ rdc$
The following sync sent nearly 2.3GB of data across our LAN. The beauty of rsync is it
works incrementally at the block level on a file-by-file basis. This means, if we change
just two characters in a 1MB text file, only one or two blocks will be transferred across
the lan on the next sync!
Furthermore, the incremental function can be disabled in favor of more network
bandwidth used for less CPU utilization. This might prove advisable if constantly
copying several 10MB database files every 10 minutes on a 1Gb dedicated Backup-
Lan. The reasoning is: these will always be changing and will be transmitting
incrementally every 10 minutes and may tax load of the remote CPU. Since the total
transfer load will not exceed 5 minutes, we may just wish to sync the database files in
their entirety.
Following are the most common switches with rsync −
rsync syntax:
rsync [options] [local path] [[remote host:remote path] or [target
path
Switch Action

-a Archive mode and assumes -r, -p, -t, -g, -l

-d Sync only directory tree, no files

-r Recursive into directory

-l Copy symlinks as symlinks

-p Preserve permissions
-g Preserve group

-v Verbose output

-z Compress over network link

-X Preserve extended attributes

-A Preserve ACLs

-t Preserve timestamps

-W Transfer whole file, not incremental blocks

-u Do not overwrite files on target

--progress Show transfer progress

--delete Delete older files on target

--max-size = XXX Max file size to sync

When to use rsync


My personal preference for rsync is when backing up files from a source host to a
target host. For example, all the home directories for data recovery or even offsite and
into the cloud for disaster recovery.

Local Backup With rsync


We have already seen how to transfer files from one host to another. The same
method can be used to sync directories and files locally.
Let's make a manual incremental backup of /etc/ in our root user's directory.
First, we need to create a directory off ~/root for the synced backup −
[root@localhost rdc]# mkdir /root/etc_baks
Then, assure there is enough free disk-space.
[root@localhost rdc]# du -h --summarize /etc/
49M /etc/

[root@localhost rdc]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/cl-root 43G 15G 28G 35% /
We are good for syncing our entire /etc/ directory −
rsync -aAvr /etc/ /root/etc_baks/
Our synced /etc/ directory −
[root@localhost etc_baks]# ls -l ./
total 1436
drwxr-xr-x. 3 root root 101 Feb 1 19:40 abrt
-rw-r--r--. 1 root root 16 Feb 1 19:51 adjtime
-rw-r--r--. 1 root root 1518 Jun 7 2013 aliases
-rw-r--r--. 1 root root 12288 Feb 27 19:06 aliases.db
drwxr-xr-x. 2 root root 51 Feb 1 19:41 alsa
drwxr-xr-x. 2 root root 4096 Feb 27 17:11 alternatives
-rw-------. 1 root root 541 Mar 31 2016 anacrontab
-rw-r--r--. 1 root root 55 Nov 4 12:29 asound.conf
-rw-r--r--. 1 root root 1 Nov 5 14:16 at.deny
drwxr-xr-x. 2 root root 32 Feb 1 19:40 at-spi2
--{ condensed output }--
Now let's do an incremental rsync −
[root@localhost etc_baks]# rsync -aAvr --progress /etc/
/root/etc_baks/
sending incremental file list

test_incremental.txt
0 100% 0.00kB/s 0:00:00 (xfer#1, to-check=1145/1282)

sent 204620 bytes received 2321 bytes 413882.00 bytes/sec


total size is 80245040 speedup is 387.77

[root@localhost etc_baks]#
Only our test_incremental.txt file was copied.

Remote Differential Backups With rsync


Let's do our initial rsync full backup onto a server with a backup plan deployed. This
example is actually backing up a folder on a Mac OS X Workstation to a CentOS
server. Another great aspect of rsync is that it can be used on any platform rsync has
been ported to.
MiNi:~ rdc$ rsync -aAvz Desktop/ImportanStuff/
rdc@192.168.1.143:Documents/RemoteStuff
rdc@192.168.1.143's password:
sending incremental file list
./
A Guide to the WordPress REST API | Toptal.pdf
Rick Cardon Tech LLC.webloc
VeeamDiagram.png
backbox-4.5.1-i386.iso
dhcp_admin_script_update.py
DDWRT/
DDWRT/.DS_Store
DDWRT/ddwrt-linksys-wrt1200acv2-webflash.bin
DDWRT/ddwrt_mod_notes.docx
DDWRT/factory-to-ddwrt.bin
open_ldap_config_notes/
open_ldap_config_notes/ldap_directory_a.png
open_ldap_config_notes/open_ldap_notes.txt
perl_scripts/
perl_scripts/mysnmp.pl
php_scripts/
php_scripts/chunked.php
php_scripts/gettingURL.php
sent 2,318,281,023 bytes received 336 bytes 9,720,257.27
bytes/sec
total size is 2,326,636,892 speedup is 1.00
MiNi:~ rdc$
We have now backed up a folder from a workstation onto a server running a RAID6
volume with rotated disaster recovery media stored offsite. Using rsync has given us
standard 3-2-1 backup with only one server having an expensive redundant disk array
and rotated differential backups.
Now let's do another backup of the same folder using rsync after a single new file
named test_file.txt has been added.
MiNi:~ rdc$ rsync -aAvz Desktop/ImportanStuff/
rdc@192.168.1.143:Documents/RemoteStuff
rdc@192.168.1.143's password:
sending incremental file list
./
test_file.txt

sent 814 bytes received 61 bytes 134.62 bytes/sec


total size is 2,326,636,910 speedup is 2,659,013.61
MiNi:~ rdc$
As you can see, only the new file was delivered to the server via rsync. The differential
comparison was made on a file-by-file basis.
A few things to note are: This only copies the new file: test_file.txt, since it was the only
file with changes. rsync uses ssh. We did not ever need to use our root account on
either machine.
Simple, powerful and effective, rsync is great for backing up entire folders and directory
structures. However, rsync by itself doesn't automate the process. This is where we
need to dig into our toolbox and find the best, small, and simple tool for the job.
To automate rsync backups with cronjobs, it is essential that SSH users be set up
using SSH keys for authentication. This combined with cronjobs enables rsync to be
done automatically at timed intervals.

Use DD for Block-by-Block Bare Metal Recovery Images


DD is a Linux utility that has been around since the dawn of the Linux kernel meeting
the GNU Utilities.
dd in simplest terms copies an image of a selected disk area. Then provides the ability
to copy selected blocks of a physical disk. So unless you have backups, once dd writes
over a disk, all blocks are replaced. Loss of previous data exceeds the recovery
capabilities for even highly priced professional-level data-recovery.
The entire process for making a bootable system image with dd is as follows −

 Boot from the CentOS server with a bootable linux distribution


 Find the designation of the bootable disk to be imaged
 Decide location where the recovery image will be stored
 Find the block size used on your disk
 Start the dd image operation
In this tutorial, for the sake of time and simplicity, we will be creating an ISO image of
the master-boot record from a CentOS virtual machine. We will then store this image
offsite. In case our MBR becomes corrupted and needs to be restored, the same
process can be applied to an entire bootable disk or partition. However, the time and
disk space needed really goes a little overboard for this tutorial.
It is encouraged for CentOS admins to become proficient in restoring a fully bootable
disk/partition in a test environment and perform a bare metal restore. This will take a lot
of pressure off when eventually one needs to complete the practice in a real life
situation with Managers and a few dozen end-users counting downtime. In such a
case, 10 minutes of figuring things out can seem like an eternity and make one sweat.
Note − When using dd make sure to NOT confuse source and target volumes. You can
destroy data and bootable servers by copying your backup location to a boot drive. Or
possibly worse destroy data forever by copying over data at a very low level with DD.
Following are the common command line switches and parameters for dd −
Switch Action

if= In file or source to be copied

of= Out file or the copy of the in file

bs Set both input and output block size

obs Set output file block size

ibs Set input file block size

count Set the number of blocks to copy

conv Extra options to add for imaging

Noerror Do not stop processing an error

sync Pads unfitted input blocks in the event of error or misalignment

Note on block size − The default block size for dd is 512 bytes. This was the standar

You might also like