Derald Mullenaux A. Networking in General 1.

Name three pieces of hardware/types of connections that UNIX can use to hook up to a network/the internet (Think about high speed connections for example). Wi-fi, Ethernet, isdn 2. What is meant by TCP/IP? What does it do? Transmission Control Protocol/Internet Protocol. It provides a standard that people can follow when writing internet enabled applications. For example, because of tcp, everyone know that pop3 is on port 110, and the have the format of the packets to send over to start and continue communication. 3. What is DNS? What is it used for? Domain Naming System. It is the system that turns ip addresses into something meaningful and back again. Example tritan.cordernet.com -> 10.0.0.153, and 10.0.0.161 -> scorpius.cordernet.com. DNS does that. 4. What is DHCP? What does it do for us? Dynamic Host Configuration Protocol. It provides an easy way to manage a lan. It hands our important network information(dns, netmask, gateway) and assigns ip addresses. 5. What do they mean by Client/Server? Server is the one that serves out the information, or is the authority. Clients get or coordinate with the server to do a task. 6. Name 4 servers that you have running right now (unless you have turned them all off. If so just name 4 servers that you USED to have running. pop3, SMTP (sendmail), apache (httpd), ftpd A. Networking in Specific 7. What do you get when you type /sbin/ifconfig by itself? You get your network interfaces and some nifty info about them. For example, IP, dns servers, gateways, netmask, you know, the good stuff. 8. What is this lo 127.0.0.1 thing? What is it for? It is the localhost, or loopback. Gives services a way to talk with each other, or the user to talk to his own machine. 9. What is the IP address for the machine you are using? (I'm assuming you are either in BA1W or BA1S for this. Give me the number/name of the machine and the IP and HOW you got the IP address) 10.0.0.33 and I got it from my dhcp server (isa server), my computer in the lab was 140.198.???.??? I forget, but I had to use the redhat-confignetwork to assign it. 10. I have found an IP address of 198.182.196.56...what is the 'name' for this address? How would I look it up? If your lucky, you could ping it and it would return the host name, or just type host 198.182.196.56 and it would give you all the host names. 11.What utility would I use to try and figure out how many computers my internet connection is going through, and what parts are the slowest? traceroute 12.What standard port does ftp run on? 21

13.What port for telnet? Secure ssh? 23 for telnet, and 22 for ssh 14.Where do you find the listing of standard port #'s? /etc/services 15. What is important about resolv.conf in /etc ? This is where the ip addresses are for you name servers. Without that www.google.com is bupkiss. B. Network and System Security 16. Someone keeps trying to log in as root from several machines on the same domain (w34.lib.mc.maricopa.edu, w45.lib.mc.maricopa.edu, w87.lib.mc.maricopa.edu). How would you block all of the .lib.mc.maricopa.edu sites from your ftp server? (Hint: Files in /etc and what controls vsftpd?) Add a line like sshd: lib.mc.maricopa.edu to your hosts.deny file. 17. What do programs like SAINT and Nessus do? How can you detect if someone is using it against your system? SAINT with try to open each port on your computer and return if it was able or not. That way, you know what is and is not open. 18. Explain how a Distributed Denial of Service attack works. DDOS attacks are when a bunch of computers try to connect a lot to one computer in hopes it can overwhelm that computer and bind it up. Is more effective if you use faked packets. 19. Why is ssh better/safer to use than telnet? telnet is clear text. So all the passwords you type can be sniffed out with packet sniffers. 20. List 3 other forms of attack on a network server. You could get a worm that opens a backdoor, DDOS, or my favorite, the insider with the password who is pissed off at the world. (the last is often the most painful!) 21. List 3 services (servers) that are vulnerable to attack, and should not be run unless you truly need them? Print server, Open SSH, Telnet A. Recompiling the Kernel 22. Why would you want to recompile/build a kernel? To say you did! You could always make it faster and more streamlined too. 23. What directory do you need to be in to recompile? /usr/src/linux-2.4.20-10.7.x 24. What is the difference between make config and make xconfig? Make xconfig runs a graphical interface, but they will both bring the same results. 25. What is the purpose of modules? What's the advantage? Are there any disadvantages? With modules, you can share them and use them without recompiling. Disadvantages, you have to match it with your kernel, so you may have to wait for someone else to compile them.