...Linux NFS Paper Today I will be talking about NFS, or Network File system, and it used widely to share files across multiple servers and computers. Let me just clarify how the NFS system will work, a file will be taken from the directory, or NFS file system, the file will then be exported to the NFS client, then you would need to mount the file to the client, to make sure it was accessible throughout the entire system. With the system mount you can also see the IP addresses accessing the system, which isn’t that secure, seeing how anyone could simply scam their way into your system, which you really want to protect against. Today we want to learn how to properly secure that you have to cover the 3 main resources, or places to secure. The Portmapper, the server security, and the client security are the 3 things you must secure. The Portmapper is basically the root to the NFS, you want to make sure the ports are being used correctly, and are giving access to the right people, and is connected to an outside trusted network. You can simply use the etc/hosts command to check the ports, but you can also use that to allow and deny ports to anybody across the network. That’s a bit drastic, but can lead to a secure NFS especially if you notice any fishy IP addresses or activities across the network. With the server security, this is where it becomes more of a necessity to keep it secure, because without system security, the whole thing is going to go down the drain. It would be...
Words: 461 - Pages: 2
...NT1430 NFS NFS is an open standard, cross-platform file system utility with implementations available for a wide range of operating systems, architectures, platforms, and appliances, from embedded systems to mainframes and high-performance clusters. NFS provides file sharing for Unix, Linux, mainframes, and other file systems, including Mac OS X. A Network File System (NFS) allows remote hosts to mount file systems over a network and interact with those file systems as though they are mounted locally. This enables system administrators to consolidate resources onto centralized servers on the network. Currently, there are three versions of NFS. NFS version 2 (NFSv2) is older and is widely supported. NFS version 3 (NFSv3) has more features, including 64bit file handles, Safe Async writes and more robust error handling. NFS version 4 (NFSv4) works through firewalls and on the Internet, no longer requires portmapper, supports ACLs, and utilizes stateful operations. Red Hat Enterprise Linux supports NFSv2, NFSv3, and NFSv4 clients, and when mounting a file system via NFS, Red Hat Enterprise Linux uses NFSv3 by default, if the server supports it. All versions of NFS can use Transmission Control Protocol (TCP) running over an IP network, with NFSv4 requiring it. NFSv2 and NFSv3 can use the User Datagram Protocol (UDP) running over an IP network to provide a stateless network connection between the client and server. When using NFSv2 or NFSv3 with UDP, the stateless UDP connection...
Words: 350 - Pages: 2
...Carr NT1430 Unit 7 Sharing Files with NFS Network File System (NFS) is a distributed file system protocol originally developed by Sun Microsystems in 1984, allowing a user on a client computer to access files over a network much like local storage is accessed. NFS, like many other protocols, builds on the Open Network Computing Remote Procedure Call (ONC RPC) system. The Network File System is an open standard defined in RFCs, allowing anyone to implement the protocol. NFS is the most-known service using remote procedure call (RPC). It is an excellent way of sharing files between Linux and other UNIX systems. NFS also allows for machines to mount without authentication, at boot, which is great if you have a cluster of systems or if you want to use a centralized home directory system (using an NFS-mounted directory for home directories to keep your configurations and files identical on multiple systems). The computer where directory located is called the server and computers or devices connecting to that server are called clients. Clients usually 'mount' the shared directory to make it a part of their own directory structure. NFS is perhaps best for more 'permanent' network mounted directories such as /home directories or regularly accessed shared resources. If you want a network share that guest users can easily connect to, Samba is more suited. This is because tools exist more readily across old and proprietary operating systems to temporarily mount and detach from Samba shares...
Words: 711 - Pages: 3
...COMPARATIVE OPERATING SYSTEMS TERM PAPER SUMMER 2001 COMPARISON OF NETWORK OPERATING SYSTEMS BY MUKUNDAN SRIDHARAN COMPARISON OF NETWORK OPERATING SYSTEM S Abstract We are in a era of computing in which networking and distributed computing is the norm and not a exception. The ability of a operating system to support networking has become crucial for its survival in the market. In today’s picture there is no operating system, which doesn’t support networking. This paper tries to give a review of various network operating systems or the networking support of a operating system, in relevance to the modern operating systems. The emphasis is on basic design and architecture, not their specifications or services. The paper considers various operating systems like Novell Netware, the sun NFS, the Styx, CIFS/SMB and Microsoft Windows 2000 server. Again the concentration is on modern and evolving operating systems like the Novell Netware and Microsoft’s Windows 2000. The objective of the paper is to study and compare various operating systems and to bring out the inherent advantages and disadvantages in using them. 1.0 INTRODUCTION Individual computers are connected together to form computer networks. The operating system, protocols and services which help us in interconnecting the computers are collectively called Network Operating systems. The webopedia.com defines Network Operating Systems as follows: An operating system that includes special...
Words: 12519 - Pages: 51
...First, let us analyze what file sharing in a centralized storage area on a server means. It means that basically when you store a file it will be stored in a predetermined place on a server instead of on the system. Now let us analyze what file replication is. File replication would be the server backing up by replicating to another server. Both of these are extremely helpful services provided by servers. How are these beneficial services increasing the ease of administration? Well, all of the different users will be storing their work to the server. That means they can login and access their files from any workstation on the local network. So I have come up with some examples showing different scenarios where this would be helpful. Example 1: As a student, if all of your files were being stored on a server you could login from any computer and access your files allowing for great mobility. Example 2: This one isn’t about a local network but I felt it was a great example anyway. When your access your e-mails they are stored on a server. Allowing you to login from anywhere and access the mail. Also, you can send yourself attachments so that you can access them at any time from any place. Example 3: Say you work in a lab and you want to do an experiment. You could search the server to find helpful information from other people’s work that is being shared. All of these examples benefit from replication as well. These servers replicating which would be backing up to the other servers...
Words: 492 - Pages: 2
...Network management systems are giving IT professional an advantage on their own networks. This is giving them access to software and hardware at a moment’s notice without leaving the comfort of their desk or home. The NMS consists of a set of software and hardware tools that is integrated into the network. This management system is able to identify devices that are on the network. The NMS can also be used to monitor all devices and rate how the device is performing and if it is matching the device expectations. This system can track the performance of the bandwidth, if there was any packet loss, and the performance of all the routers/switches. The network management system will give the IT department notifications if anything seems to be off with the network. This will give the IT personnel time to isolate or fix before the problem effects the network (Hale, 2013). Cisco is a big company that has a very large network. They manage millions of endpoint devices and with a huge network that require a significant amount of monitoring from the IT department. “Cisco Connected Grid Network Management System is a software platform that helps to enable a clear separation between communications network management and utility operational applications. These include Distribution Management System (DMS), Outage Management System (OMS), and Meter Data Management (MDM)” (Cisco Connected Grid Network Management System, 2014). This management system can monitor multiple networks and all of...
Words: 733 - Pages: 3
...The first network file system—called File Access Listener—was developed in 1976 by Digital Equipment Corporation (DEC). An implementation of the Data Access Protocol (DAP), it was part of the DECnet suite of protocols. Like TCP/IP, DEC published protocol specifications for its networking protocols, which included the DAP. NFS was the first modern network file system (built over the IP protocol). It began as an experimental file system developed in-house at Sun Microsystems in the early 1980s. Given the popularity of the approach, the NFS protocol was documented as a Request for Comments (RFC) specification and evolved into what is known as NFSv2. As a standard, NFS grew quickly because of its ability to interoperate with other clients and servers. The standard continued to evolve into NFSv3, defined by RFC 1813. This iteration of the protocol was much more scalable than previous versions, supporting large files (larger than 2GB), asynchronous writes, and TCP as the transport protocol, paving the way for file systems over wide area networks. In 2000, RFC 3010 (revised by RFC 3530) brought NFS into the enterprise setting. Sun introduced NFSv4 with strong security along with a stateful protocol (prior versions of NFS were stateless). Today, NFS exists as version 4.1 (as defined by RFC 5661), which adds protocol support for parallel access across distributed servers (called the pNFS extension). The timeline of NFS, including the specific RFCs that document its behavior, is shown...
Words: 1317 - Pages: 6
...Intrusion Detection Systems CMIT368 August 12, 2006 Introduction As technology has advanced, information systems have become an integral part of every day life. In fact, there are not too many public or private actions that can take part in today’s society that do not include some type of information system at some level or another. While information systems make our lives easier in most respects, our dependency upon them has become increasingly capitalized upon by persons with malicious intent. Therefore, security within the information systems realm has introduced a number of new devices and software to help combat the unfortunate results of unauthorized network access, identity theft, and the like – one of which is the intrusion detection system, or IDS. Intrusion detection systems are primarily used to detect unauthorized or unconventional accesses to systems and typically consist of a sensor, monitoring agent (console), and the core engine. The sensor is used to detect and generate the security events, the console is used to control the sensor and monitor the events/alarms it produces, and the engine compares rules against the events database generated by the sensors to determine which events have the potential to be an attack or not (Wikipedia, 2006, para. 1-3). IDS generally consist of two types – signature-based and anomaly-based. Signature-based IDS operate by comparing network traffic against a known database of attack categories. In fact...
Words: 1749 - Pages: 7
...When looking to strengthen our network designs we looked at the typical threats and risks that they pose. Here are some of the attacks we used as of priority to protect ourselves when looking to see what we would be up against: • DOS/DDOS Attacks • Man In the Middle Attacks / Spoofing • Buffer Overflow • Fragmentation Attacks • Session Hijacking • Social Engineering • SQL Injection / Injection attacks • Eavesdropping • Replay Attacks There are many more attacks possible but these are the attack we focused on. With each threat, we analyzed how these attacks could be used against us and what counter measures would be used to prevent or mitigate such events from happening. DOS/DDOS Attacks- In general, Denial of Service attacks are used to flood an infrastructure with requests to the point where systems cannot keep up with the volume and crash as a result. As a business that relies on bidding and some public access, this can be troublesome as it would crash the website and stop business at critical times. In order to prevent such attacks, a NIDS or Network Intrusion Detection System can and should be implemented to “weed out” false requests from IP addresses that are flooding the system. For further protection the use of a “Honeypot” or trap for hackers can be used to direct any incoming attacks towards a lesser valuable target. Man in the Middle attacks- Man in the middle attacks are exactly...
Words: 1272 - Pages: 6
...Lab #10 Securing the Network with an Intrusion Detection System (IDS) Introduction Nearly every day there are reports of information security breaches and resulting monetary losses in the news. Businesses and governments have increased their security budgets and undertaken measures to minimize the loss from security breaches. While cyberlaws act as a broad deterrent, internal controls are needed to secure networks from malicious activity. Internal controls traditionally fall into two major categories: prevention and detection. Intrusion prevention systems (IPS) block the IP traffic based on the filtering criteria that the information systems security practitioner must configure. Typically, the LAN-to-WAN domain and Internet ingress/egress point is the primary location for IPS devices. Second to that would be internal networks that have or require the highest level of security and protection from unauthorized access. If you can prevent the IP packets from entering the network or LAN segment, then a remote attacker can’t do any damage. A host-based intrusion detection system (IDS) is installed on a host machine, such as a server, and monitors traffic to and from the server and other items on the system. A network-based IDS deals with traffic to and from the network and does not have access to directly interface with the host. Intrusion detection systems are alert-driven, but they require the information systems security practitioner to configure them properly. An IDS provides...
Words: 3209 - Pages: 13
...Contrast Three Intrusion Detection Systems (IDS) Devon Hopkins Webster University Introduction In the today’s society security is of paramount importance, whether it’s your business, home, vehicle, or computer. Companies are responsible for securing their employees, work area and the technology they use to operate their business. On a daily basis companies are under attack making them vulnerable to more and more worms, viruses, denial of service (DoS) attacks and hacking, shutting them down for various periods of times. With the advance technology more and more companies are storing information digitally. Having unsecure networks are leading to enormous amount of private information being public. The networks should protect data and maintain confidentiality, integrity and availability of the network. Companies should implement intrusion detection systems (IDS) because hackers are smarter and their intrusions are getting harder to trace. Intrusion Detection System An intrusion detection system or IDS is a system that attempts to identify intrusions, which can be defined to be unauthorized uses, misuses, or abuses of the computer systems by either authorized users or external perpetrators [1]. The in the past the major ways that intrusion detection systems were described were host based IDS (HIDS) and network based IDS (NIDS). An addition to the IDS family is perimeter intrusion detection systems (PIDS). A perimeter intrusion detection system will be installed within the...
Words: 1372 - Pages: 6
...Date: 2/9/2015 Overview In this lab, you acted as a member of the incident response team who had been assigned an incident response in the form of a help desk trouble ticket. You followed the phases of a security incident response to investigate the event, contain the malware, eradicate the suspicious files, re-test the system in readiness for returning it to service, and complete a detailed security incident response report in the provided template. You used AVG Anti-Virus Business Edition to scan the infected workstation and documented your findings as you proceeded. Lab Assessment Questions & Answers 1. When you are notified that a user's workstation or system is acting strangely and log files indicate system compromise, what is the first thing you should do to the workstation or system and why? Have the user of the machine cease all activity and contain the infected machine by disconnecting from the network (unplug Ethernet cable or disable wireless), leaving it isolated but not powered off. It should be left in its steady state. This isolates the contaminated workstation from the organization’s network and Internet, as well as preventing the contamination from spreading. Logs, memory forensics, footprints, and other malicious activity must be kept in its steady state untouched until you arrive on scene. 2. When an antivirus program identifies a virus and quarantines this file, has the malware been eradicated? No. The file is identified...
Words: 1206 - Pages: 5
...the Samba smbclient program. If there has been no alerts, the selected rule set was set may not have been enabled by the user. Another scenario where alerts may not occur is when another task is being performed. According to (Roesch, 1999) when alerting is unnecessary or inappropriate, such as when network penetrations tests are being performed. 2. If we only went to a few web sites, why are there so many alerts? Snort IDS performs numerous functions that would generate an alert. Alerts are generated based on any suspicious network activity. Although a user may have only visited 5 sites, snort may have generated 12 or more alerts that were generated due to anomalies detected from the 5 sites visited. 3. What are the advantages of logging more information to the alerts file? The advantage of logging additional information within the alerts file is that it can provide additional information as to the origination or source of what caused the alert. If the administrator is better informed on the sources of any anomalies or suspicious activity, he/she can make adjustments to prevent the known source from continuing to make unwarranted attempts to access the network. 4. What are the disadvantages of logging more information to the alerts file? One of the disadvantages of logging more information is that if that information was compromised by an outside threat, the information could...
Words: 1119 - Pages: 5
...amounts. They identified that multiple paychecks with modified amounts were sent to an individual. In their attempts to notify appropriate personnel via email, the emails were sniffed; modified and fictitious communications were conducted between the auditor and the attacker. The attacker was then able to gain additional access into more financial records, whereby more modifications were conducted; to include the presidents and other’s salary and then took those deductions and added them to their paycheck. IT personnel were able to identify that an internal system was conducting a man-in-the-middle attack by spoofing an internal Internet Protocol address, whereby all traffic that was sent to a specific location was involuntarily sent to another system. The culprit was lack of access controls, central reporting systems, authentication controls, and a lack of host based intrusion prevention systems. These controls and systems would have prevented this type or at minimal detected this type of attack and could have saved the company many hours of labor costs. -Identify who needs to be notified based on the type and severity of the incident: In incidents such as this, Management must be notified and kept abreast of the situation each step of the way as they will ultimately be held responsible if fault is identified on their end. The Computer Emergency Response Team or the Emergency Management Team should be notified. They are experts at dealing with similar situations and know the...
Words: 2798 - Pages: 12
...audit carried out by professionals on a routine basis. They noticed that many paychecks which had been doctored were made to a particular person. In a bid to notify the right personnel through mail, the mails were intercepted and fraudulent communications were between the auditor and the attacker. Through this the attacker then gained access to a lot of financial records and altered them; adding the name of the president and that of others in order to deduct money from theirs to add to their own paycheck. However the IT personnel was able to dictate that an internal system had done a middle man attack through an internal internet Protocol address, whereby all traffic meant for a particular location was sent to another system unknowingly. The suspect didn't have the right access control central reporting systems, authentication controls, and a lack of host based intrusion prevention systems. These controls and systems are actually meant to act as guide against this kind of attack and save the company several hours of labor costs. -Who should be notified? In cases like this, the top hierarchy should be alerted and kept informed of the casewhen any move is made becauseeverything stops at their table. The Computer Emergency Response Team or the Emergency Management Team should also be informed. They have the expertise to deal with s cases like this and have knowledge the right processes and procedures needed in locating the cause, the immediate response needed, and analyze thelessons...
Words: 2778 - Pages: 12
