Unit 4 - Server & Linux - cyops Flashcards
What are servers?
Servers are computers with software installed that enables them to provide services to clients across the network.
There are many types of services. Some provide external resources such as files, email messages, or web pages to clients upon request. Other services run maintenance tasks such as log management, memory management, disk scanning, and more. Each service requires separate server software. For example, the server in the figure uses file server software to provide clients with the ability to retrieve and submit files.
What protocol use the following ports?
Port 20/21
Port 22
Port 23
20/21
File Transfer Protocol (FTP)
22
Secure Shell (SSH)
23
Telnet remote login service
What protocol use the following ports?
25
53
67/68
25
Simple Mail Transfer Protocol (SMTP)
53
Domain Name System (DNS)
67/68
Dynamic Host Configuration Protocol (DHCP)
What protocol use the following ports?
69
80
110
69
Trivial File Transfer Protocol (TFTP)
80
Hypertext Transfer Protocol (HTTP)
110
Post Office Protocol version 3 (POP3)
What protocol use the following ports?
123
143
161/162
443
123
Network Time Protocol (NTP)
143
Internet Message Access Protocol (IMAP)
161/162
Simple Network Management Protocol (SNMP)
443
HTTP Secure (HTTPS)
In order that a computer can be the server for multiple services, _____ are used.
In order that a computer can be the server for multiple services, ports are used. A server is said to be “listening” on a port when it has associated itself to that port.
While the administrator can decide which port to use with any given service, many clients are configured to use a specific port by default. It is common practice to leave the service running in its default port. The table lists a few commonly used ports and their services. These are also called “well-known ports”.
What is a port said to be?
A port is a reserved network resource used by a service.
What are clients?
Clients are programs or applications designed to communicate with a specific type of server.
Client is a hardware/software combination that people use directly.
Also known as client applications, clients use a well-defined protocol to communicate with the server. Web browsers are web clients that are used to communicate with web servers through the Hyper Text Transfer Protocol (HTTP) on port 80. The File Transfer Protocol (FTP) client is software used to communicate with an FTP server. The figure shows a client uploading files to a server.
How are services managed in Linux?
In Linux, services are managed using configuration files.
Common options in configuration files are port number, location of the hosted resources, and client authorization details. When the service starts, it looks for its configuration files, loads them into memory, and adjusts itself according to the settings in the files. Configuration file modifications often require restarting the service before the changes take effect.
List some basic best practices for hardening.
The following are basic best practices for device hardening.
Ensure physical security Minimize installed packages Disable unused services Use SSH and disable the root account login over SSH Keep the system updated Disable USB auto-detection Enforce strong passwords Force periodic password changes Keep users from re-using old passwords
Name three events that are recorded in log files?
Kernel, services, and application events are all recorded in log files. It is very important for an administrator to periodically review the logs of a computer to keep it healthy. By monitoring Linux log files, an administrator gains a clear picture of the computer’s performance, security status, and any underlying issues. Log file analysis allows an administrator to guard against upcoming issues before they occur.
In Linux, log files can be categorized as?
In Linux, log files can be categorized as:
Application logs
Event logs
Service logs
System logs
What is a daemon?
A daemon is a background process that runs without the need for user interaction. For example, the System Security Services Daemon (SSSD) manages remote access and authentication for single sign-on capabilities.
/var/log/messages
/var/log/messages
This directory contains generic computer activity logs.
It is mainly used to store informational and non-critical system messages.
In Debian-based computers, /var/log/syslog directory serves the same purpose.
/var/log/boot.log
/var/log/boot.log
This file stores boot-related information and messages logged during the computer startup process.
What is the Swap File System?
Swap File System
The swap file system is used by Linux when it runs out of RAM.
Technically, it is a swap partition that does not have a specific file system, but it is relevant to the file system discussion.
When this happens, the kernel moves inactive RAM content to the swap partition on the disk.
While swap partitions (also known as swap space) can be useful to Linux computers with a limited amount of memory, they should not be considered as a primary solution.
Swap partition is stored on disk which has much lower access speeds than RAM.
What is HFS+
HFS Plus or HFS+ (Hierarchical File System Plus)
A file system used by Apple in its Macintosh computers. The Linux kernel includes a module for mounting HFS+ for read-write operations.