New SA Training Topic 13: Other topics These are other topics that are important in our...

13
New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth. Mail Fault Tolerance Ethics Forensics Scripting Printing

Transcript of New SA Training Topic 13: Other topics These are other topics that are important in our...

Page 1: New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth.

New SA TrainingTopic 13: Other topics

These are other topics that are important in our organization, but that we won’t have time to cover in any depth.Mail Fault Tolerance Ethics Forensics Scripting Printing

Page 2: New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth.

Mail

Mail may be the most visible area of systems administration failure to users

Mail relies on a number of services/software packages Mail User Agent (E-Mail client) Mail Submission Agent (connects MUA to MTA) Mail Delivery Agent (accepts mail, routes to user box

or forwards, may be part of MTA) Mail Transport Agent (E-Mail server)

Protocols POP3 (download to client) IMAP (client accesses mail, leaving it on server) SMTP (upload to server and server to server)

Page 3: New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth.

Fault Tolerance

The ability of a system to respond gracefully to an unexpected hardware or software failure. There are many levels of fault tolerance, the lowest being the ability to continue operation in the event of a power failure. Many fault-tolerant computer systems mirror all operations -- that is, every operation is performed on two or more duplicate systems, so if one fails the other can take over.

Page 4: New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth.

Fault Tolerance (cont.)

Fault-tolerance methods Replication: Providing multiple identical instances of the

same system, directing tasks or requests to all of them in parallel, and choosing the correct result on the basis of a quorum [EX – load balancing servers]

Redundancy: Providing multiple identical instances of the same system and switching to one of the remaining instances in case of a failure (fall-back or backup) [EX – RAID Mirror]

Diversity: Providing multiple different implementations of the same specification, and using them like replicated systems to cope with errors in a specific implementation [EX – N-version programming]

Page 5: New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth.

Ethics

Ten Commandments Of Computer Ethics1. Thou Shalt Not Use A Computer To Harm Other People.2. Thou Shalt Not Interfere With Other People’s Computer Work.3. Thou Shalt Not Snoop Around In Other People’s Computer Files.4. Thou Shalt Not Use A Computer To Steal.5. Thou Shalt Not Use A Computer To Bear False Witness.6. Thou Shalt Not Copy Or Use Proprietary Software For Which

You have Not Paid.7. Thou Shalt Not Use Other People’s Computer Resources

Without Authorization Or Proper Compensation.8. Thou Shalt Not Appropriate Other People’s Intellectual Output.9. Thou Shalt Think About The Social Consequences Of The

Program You Are Writing Or The System You Are Designing.10. Thou Shalt Always Use A Computer In Ways That Insure

Consideration And Respect For Your Fellow Humans.

Dr. Ramon C. Barquin, Computer Ethics Institute

Page 6: New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth.

Ethics (cont.)

What are the possible ethical implications of the following?

In your position as a SAGE II SA for our organization, your supervising SAGE IV SA asks you to run l0phtcrack on your domain controller. In a sentence or two, explain your response.

Page 7: New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth.

Forensics

“At a basic level, computer forensics is the analysis of information contained within and created with computer systems and computing devices, typically in the interest of figuring out what happened, when it happened, how it happened, and who was involved”- Steve Hailey

- http://www.cybersecurityinstitute.biz/forensics.htm

Page 8: New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth.

Forensics (cont.)

Deals first with computer evidence Preservation Identification Extraction Interpretation Documentation

Also includes Rules of evidence Legal processes Integrity of evidence Factual reporting of the information found Providing expert opinion in a court of law or other legal

and/or administrative proceeding as to what was found Considers uses of electronic data in an organization

Page 9: New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth.

Forensics (cont.)

Requires awareness of various laws that impact on computer forensics examinations Search and seizure Privacy Discovery laws Laws governing the prevention of evidence tampering

Some areas of work Network attacks, intrusions, and network-oriented

crimes Fraud and Financial Crimes E-Mail extraction and analysis On-line criminal activity such as phishing, child

pornography, warez sites, etc.

Page 10: New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth.

Scripting

What is scripting?Writing a computer program, usually a small one, to help

with the automation of various SA related tasks

Windows Starts with .cmd scripting Evolves into WSH and/or MSH (probably using

VBscript - as many students would find it familiar), involving wscript/cscript/WMI/ADSI 

Also other languages like perl, python, etc.

Linux Starts with basic shell scripts (bash, csh, etc.) Add AWK, sed or other functionality Again, other languages like perl, python, etc.

Page 11: New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth.

Scripting (cont.) Scripting can be useful in our organization for

tasks such as: Text/file manipulation Creating logon scripts (maybe to capture

the username, then connect the user to a printer/remote filesystem, etc)

Updating files on remote workstations (maybe installing a package based on some conditions being met)

Creating shares, setting share permissions, setting filesystem permissions, etc.

Some types of service management Registry/configuration manipulation - locally or

remotely

Page 12: New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth.

Scripting (cont.) Some of my other views on the topic:

Start simple, using .cmd scripts with the built-in + resource kit commands

Remember that there are situations where using .cmd scripts would be fine, but that they may be inadequate at other times  

Scripting is less about a particular tool or a language and more about a way of defining a problem and implementing a solution

Good SA’s use scripts as problem solvers who know enough about the available languages and tools to get the job done

They also are able to make informed selections between the tools so that they not only get the job done, but do so in a manner which is efficient/advantageous based on a given situation

Page 13: New SA Training Topic 13: Other topics These are other topics that are important in our organization, but that we won’t have time to cover in any depth.

Printing

Local printing vs. Network printing Printers - Physical print devices Print server - The machine which manages the print

queues. It will have a local device defined and is responsible for all the local spooling before it sends the job to the printer itself

Print client - The machine where the print job is submitted

Queue - A group of documents waiting to be printed Spooling - The process of writing the contents of a

print job to a file on disk