Thursday, December 8, 2016

Basic IT Questions for Computer Engineer Part 1

1. When creating a vertical page break _______.

A. The active cell must be A1
B. The active cell can be anywhere in the worksheet
C. The active cell must be in row 1
D. The active cell must be in column A
E. None of these

Answer C.The active cell must be in row 1


2. In Computer Operating Systems And Data Storage WYSIWYG Stands For:
a) We You See In We You Ground
b) We Yours In Window Your Gate
c) What You See Is What You Get
d) What You See Is What You Got


Answer c) What You See Is What You Get

3. Microsoft Office Written In Which Computer Language?
a) JAVA
b) C++
c) HTML
d) XML

Answer b) C++


4. Which is NOT a function of a microprocessor?
a) keeps the system unit hot
b) keeps system always cool
c) Keeps the system unit cool
d) dont keep the system unit cool

Answer c) Keeps the system unit cool


5. PC cards, flash memory cards, and smart cards are all examples of:
a) Solid state storage devices
b) hard disk
c) ram
d) rom


Answer a) Solid state storage devices


6. Which of the following is a graphical package?
a) CorelDraw
b) illustrator
c) paint
d) microsoft office


Answer a) CorelDraw


7. This is not a function category in Excel ________
a) Operational
b) Logical
c) Unlogical
d) Functional


Answer b) Logical


8. The operating system that is self-contained in a device and resident in the ROM is
a) Inside operating system
b) Outside operating system
c) Explore operating system
d) Embedded Operating System


Answer d) Embedded Operating System


9. On-line real time systems become popular in ___________ Generation
a) First generation
b) Fifth generation
c) Sixth generation
d) Third Generation


Answer d) Third Generation


10. ___________ is the ability of a device to “jump” directly to the requested data
a) Read only
b) Read write both
c) a and d are correct
d) Random access


Answer d) Random access


11. _______ is the combination of keys to switch between the last four places that you have edited.
a) ALT + CTRL + Z
b) ALT + CTRL + Y
c) ALT + TAB + Z
d) ALT + SHIFT + Z


Answer a) ALT + CTRL + Z


12. Superscript, subscript, outline, emboss, engrave are known as ______
a) Font effects
b) Size effects
c) Alignment effect
d) Numeric effect

Answer a) font effects



13. Similar to a hub in an Ethernet network, a _________ helps relay data between wireless network nodes.
a) Wireless access point
b) Portable access point
c) Internet access point
d) system access point

Answer a) Wireless access point



14. In CSMA/CD, the computer sends a fixed unit of  data called a(n)_______
a) Racket
b) Joint
c) Packet
d) Point

Answer c) Packet



15. The uniform resource locator (URL) is case sensitive in the ______
a) Directory
b) Bibliography
c) Packet
d) Internet

Answer a) Directory



16. ASCII is a(n)________
a) Encoding standard used to represent point and characters.
b) Encoding standard used to represent letters and characters.
c) Encoding standard used to represent letters and algorithm.
d) Encoding standard used to represent logics and characters.

Answer b) Encoding standard used to represent letters and characters.



12. Who designed the first electronic computer -ENIAC?

a) Hal Abelson

b) Van Neuman

c) Abiteboul

d) Samson Abramsky

Answer b) Van Neuman



17. ________ is the process of carrying out commands
a) Executing
b) Relate
c) Rescued
d) Turn on

Answer a) Executing



18. In word, when you indent a paragraph, you _______
a) Push the text in with respect to the outline
b) Push the text in with respect to the trim
c) Push the text in with respect to the margin
d) Push the text in with respect to the bleed

Answer c) Push the text in with respect to the margin



19. What is a popular program for creating documents that can be read on both a PC and a Macintosh computer?
a) Adobe Acrobat
b) Adobe reader
c) Adobe photoshop
d) Adobe edit

Answer a) Adobe Acrobat



20. Which Of The Following Is Used For Close a Tab On a Browser?
a) Ctrl + T
b) Ctrl + W
c) Ctrl + A For Select All
d) Ctrl +Z

Answer b) Ctrl + W


21. When More Than One Window Is Open, To Switch To The Next Window — Is The Key Combination.
a) CTRL+F5
b) CTRL+F6
c) CTRL+F7
d) CTRL+F8

Answer b) CTRL+F6


22. What Is The Shortcut Key To Indent The Paragraph In Ms Word?
a) Ctrl + M
b) Ctrl + P
c) Shift + M
d) Ctrl + I

Answer a) Ctrl + M



23. The ______ is device which connects in inputs to outputs
a) RAM
b) Cross Point
c) Modem
d) Crossbar

Answer c) Modem



24. ___________ gathers user information and sends it to some one through Internet
a) Spybot
b) Logic Bomb
c) Security
d) Patch
e) Virus

Answer a) Spybot



25. Function of Router in a Network _________
a) forwards a packet to the next free outgoing links
b) determines on which outgoing link a packet is to be forwarded
c) forwards a packet to all outgoing links except the originated link
d) forwards a packet to all outgoing links

Answer b) determines on which outgoing link a packet is to be forwarded

26. Custom Software developed to address specific needs of a company is known as ___________
a) Proprietary
b) Developmental
c) Privately owned
d) Copyrighted

Answer a) Proprietary

27. ________ Values can be represented by a single Byte
a) 16
b) 4
c) 64
d) 256

Answer d) 256

28. _________ malware typically has a tendency to reside in/to get attach to a computer program
a) All the above
b) Worm
c) Computer Virus
d) Trojan Horse

Answer c) Computer Virus


29.The Advantage Of “Touch Screen” Is ___________
a) That It Is Natural To Touch Things
b) That It Uses A Little Screen Space For Each Choice
c) That It Is Not As Tiring As The Keyboard Input
d) All The Above

Answer a) That It Is Natural To Touch Things


30. Which One Of The Following Problem Causes Exception?
a) A Problem In Calling Function
b) A Run-Time Error
c) A Syntax Error
d) Missing Semicolon In Statement In Main

Answer b) A Run-Time Error


31. _______ Was A Search Engine System For The Gopher Protocol
a) Gobbler
b) Archie
c) Veronica
d) Mikky

Answer c) Veronica


32. Which Backup Method Only Backs Up Files That Have Been Modified Since The Last Backup?
a) Incremental Backup
b) Decreamental Backup
c) RAM Backup
d) ROM Backup

Answer a) Incremental Backup


33. In Word, You Can Change Page Margins By
a) Clicking The Right Mouse Button On The Ruler
b) Clicking The Left Mouse Button On The Ruler
c) Clicking The Middle Mouse Button On The Ruler
d) Clicking The Mouse Button On The Ruler

Answer a) Clicking The Right Mouse Button On The Ruler

34. Which Part Of The Computer Helps To Store Information?
a) Disk – Drive
b) Common-Drive
c) Rare-Drive
d) Reel Memory

Answer a) Disk – Drive


35. Perforated Paper Used As Input Or Output Media Is Known As _____
a) Paper Tape
b) Media
c) Desktop
d) Disk Drive

Answer a) Paper Tape


36. FPI stands for____
a.File pre insert
b.File per insert
c.Frames per insert
d.Frames per inch

Answer d.Frames per inch


37. Which is not the portable computer?
a.parallel computers
b.Series Computers
c.mainframe computers
d.mini computers

Answer b.Series Computers


38. A ………… is an additional set of commands that the computer displays after you make a selection from the main menu
a.Dialog box
b.Tool bar
c.Menu bar
d.On screen

Answer a.Dialog box


39. Which of the following is NOT one of the four major data processing functions of a computer?
a.Input of the data
b.Analyzing the data or information
c.Interpret data
d.output of the data

Answer b.Analyzing the data or information


40. Which of the following is not a term pertaining to the Internet?
a.Mouse
b.Keyboard
c.Joystick
d.Monitor

Answer b.Keyboard


41. __________are ‘attempts by individuals to obtain confidential information from you by falsifying their identity.
a.Phishing
b.Hacking
c.Hacker
d.Curuption

Answer a.Phishing


42. Which of the following helps describe the Windows .NET Server?
a. It is designed for different levels of network complexity
b. Phising
c. Windows key
d. RAM

Answer a. It is designed for different levels of network complexity


43. The process of analyzing large data sets in search of new, previously undiscovered relationships is known as:
a. Data mining
b. Data entry
c. Data storage
d. Data compiler

Answer a.Data mining


44. On a CD-RW you can
a.Read, write and rewrite information
b.Read, write and rewrite
c.Read and write
d.Read and rewrite information

Answer a. Read, write and rewrite information



45. What is the function of Recycle Bin?
a.Store deleted file
b.Do not store deleted file
c.Remove store files
d.All

Answer a.Store deleted file


46. Which type of network requires HPNA adapters for communication between network nodes?
a.Computer lane
b.Phone line
c.Phone Operator
d.Internet

Answer d. Internet



47. Which of the following may be necessary for you to do after you install new application software?
a.Cool boost
b.Do a warm boot
c.Hot boot
d.all

Answer a.Cool boost[/su_spoiler


48. Which of the following is NOT part of the motherboard?
a.Connector
b.Protactor
c.Translator
d.Compiler

Answer a.Connector

49. Information that comes from an external source and fed into computer software is called …………….
a.Output
b.Translator
c.Input
d.RAM

Answer c.Input


50. The basic unit of a worksheet
a.Cell
b.Bar
c.Table
d.Lines

Answer a.Cell

Friday, October 28, 2016

OSPF routing between Cisco Router and Mikrotik Router

For this I have used GNS3 for cisco router and Virtual box for mikrotic router. Cisco router in GNS3 is connected to a host which is configured by my LAN card adapter. Mikrotic router  is connected to also LAN  by bridging in virtualbox.
GNS3 Settings

Virtual box setting
C

Cisco Router IP                                           Mikrotic Router IP
      G0/0: 192.168.0.60/24                                 ether1: 192.168.0.50/24
      loopback1: 2.2.2.2/24                                    loopback1:1.1.1.1/24
      ospf area 400                                                 ospf area id: 0.0.1.144
                                                                           
Area ID calculation in Mikrotic, convert 400 decimal into binary (i.e. 110010000). The binary number needs to show 32 digits, representing the digits of the 4 octets in the IP type format. So, 110010000 binary = 00000000.00000000.0000001.10010000 as broken into octets. Finally, convert each octet into a decimal value. (e.g. 00000000.00000000.0000001.10010000 = 0.0.1.144). Therefore, 400 = 0.0.1.144
Command in Cisco 
R1>ena
R1#conf t
R1(config)#int loopback 1
R1(config-if)#ip address 2.2.2.0 255.255.255.0
R1(config-if)#no shut
R1(config)#int G0/0 
R1(config-if)#ip address 192.168.1.0 255.255.255.0
R1(config-if)#no shut

R1(config)#router ospf 1
R1(config-router)#network 192.168.0.0 0.0.0.255 area 400
R1(config-router)#network 2.2.2.0 0.0.0.255 area 400
R1(config-router)#

Command in Mikrotic


[jahid@MikroTik] >
[jahid@MikroTik] > interface bridge add name=loopback1
[jahid@MikroTik] > ip address add address=1.1.1.1/24 interface=loopback1
[jahid@MikroTik] > ip address add address=192.168.0.50/30 interface=ether1
[jahid@MikroTik] >
[jahid@MikroTik] > routing ospf
[jahid@MikroTik] /routing ospf> area add name=area400 area-id=0.0.1.144
[jahid@MikroTik] /routing ospf> network add network=192.168.0.0/24 area=

Area ::= area1 | area2 | area5 | area400 | limon | ...

[jahid@MikroTik] /routing ospf> network add network=192.168.0.0/24 area=area400
[jahid@MikroTik] >
[jahid@MikroTik] >

Then Checking in cisco



Then Checking in Mikrotik






Thank you everybody. 





Tuesday, October 25, 2016

NTP Configuration in Cisco Router

The NTP Server is the master NTP server in this activity. You will configure authentication on the NTP server and the routers. You will configure the routers to allow the software clock to be synchronized by NTP to the time server. Also, you will configure the routers to periodically update the hardware clock with the time learned from NTP.





Configuring NTP 

Step 1: Enable NTP authentication on PC-A. 

On PC-A, click NTP under the Services tab to verify NTP service is enabled.
To configure NTP authentication, click Enable under Authentication. Use key 1 and password NTPpa55

Step 2: Configure R1, R2, and R3 as NTP clients. 

R1(config)# ntp server 192.168.1.5
R2(config)# ntp server 192.168.1.5
R3(config)# ntp server 192.168.1.5

Verify client configuration using the command show ntp status.

Step 3: Configure routers to update hardware clock. 

Configure R1, R2, and R3 to periodically update the hardware clock with the time learned from NTP.
R1(config)# ntp update-calendar
R2(config)# ntp update-calendar
R3(config)# ntp update-calendar
Exit global configuration and verify that the hardware clock was updated using the command show clock.

Step 4: Configure NTP authentication on the routers. 

Configure NTP authentication on R1, R2, and R3 using key 1 and password NTPpa55.
R1(config)# ntp authenticate
R1(config)# ntp trusted-key 1
R1(config)# ntp authentication-key 1 md5 NTPpa55

R2(config)# ntp authenticate
R2(config)# ntp trusted-key 1
R2(config)# ntp authentication-key 1 md5 NTPpa55

R3(config)# ntp authenticate
R3(config)# ntp trusted-key 1
R3(config)# ntp authentication-key 1 md5 NTPpa55

Step 5: Configure routers to timestamp log messages. 

Configure timestamp service for logging on the routers.
R1(config)# service timestamps log datetime msec
R2(config)# service timestamps log datetime msec
R3(config)# service timestamps log datetime msec

Then this command is used to show the current time
R1(config)#show clock
or
R1(config)#show clock details

Friday, April 8, 2016

RIP routing protocol


The Routing Information Protocol (RIP) is one of the oldest distance-vector routing protocols which employ the hop count as a routing metric. RIP prevents routing loops by implementing a limit on the number of hops allowed in a path from source to destination.

RIP is a relatively old but still commonly used interior gateway protocol created for use in small, homogeneous networks.
RIP uses broadcast User Datagram Protocol (UDP) data packets to exchange routing information. This RIP routing protocol updates routing in every 30 seconds to active interface, which is termed advertising. If a router does not receive an update from another router for 180 seconds or more, it marks the routes served by the non updating router as being unusable. If there is still no update after 240 seconds, the router removes all routing table entries for the non updating router.

RIP sends updates to the interfaces in the specified networks. If the network of an interface network is not specified, it will not be advertised in any RIP update.

RIP Version 2 supports authentication, key management, route summarization, CIDR, and VLSMs.
In One sentence RIPv1 is a classful routing protocol but RIP v2 is a classless routing protocol.

(This information is enough for CCNA. For more information go to http://www.9tut.com/rip-routing-protocol-tutorial. There is no any LAB of RIP in CCNA Exam).





***R0***

Router#
Router#conf t
Router(config)#router rip
Router(config-router)#ver
Router(config-router)#version 2
Router(config-router)#network 1.1.1.0
Router(config-router)#exit
Router(config)#exit
Router#

***R1***

Router#
Router#conf t
Router(config)#router rip
Router(config-router)#ver
Router(config-router)#version 2
Router(config-router)#network 1.1.1.0
Router(config-router)#exit
Router(config)#exit
Router#


</div>

RHCE exam Syllabus

 RHCE  Syllabus
    System configuration and management
   Route IP traffic and create static routes.
    Use iptables to implement packet filtering and configure network address translation (NAT).
    Use /proc/sys and sysctl to modify and set kernel runtime parameters.
    Configure a system to authenticate using Kerberos.
    Build a simple RPM that packages a single file.
    Configure a system as an iSCSI initiator that persistently mounts an iSCSI target.
    Produce and deliver reports on system utilization (processor, memory, disk, and network).
    Use shell scripting to automate system maintenance tasks.
    Configure a system to log to a remote system.
    Configure a system to accept logging from a remote system.

Network services
Network services are an important subset of the exam objectives. RHCE candidates should be capable of meeting the following objectives for each of the network services listed below:
    Install the packages needed to provide the service.
    Configure SELinux to support the service.
    Configure the service to start when the system is booted.
    Configure the service for basic operation.
    Configure host-based and user-based security for the service.

HTTP/HTTPS
    Configure a virtual host.
    Configure private directories.
    Deploy a basic CGI application.
    Configure group-managed content.

DNS
    Configure a caching-only name server.
    Configure a caching-only name server to forward DNS queries.
    Note: Candidates are not expected to configure master or slave name servers.

FTP
    Configure anonymous-only download.

NFS
    Provide network shares to specific clients.
    Provide network shares suitable for group collaboration.

SMB
    Provide network shares to specific clients.
    Provide network shares suitable for group collaboration.

SMTP
    Configure a mail transfer agent (MTA) to accept inbound email from other systems.
    Configure an MTA to forward (relay) email through a smart host.

SSH
    Configure key-based authentication.
    Configure additional options described in documentation.

NTP
    Synchronize time using other NTP peers.
    Provide network shares to specific clients.
    Provide network shares suitable for group collaboration.

SMB
    Provide network shares to specific clients.
    Provide network shares suitable for group collaboration.

SMTP
    Configure a mail transfer agent (MTA) to accept inbound email from other systems.
    Configure an MTA to forward (relay) email through a smart host.

SSH
    Configure key-based authentication.
    Configure additional options described in documentation.

NTP
   Synchronize time using other NTP peers.

Security Attack

Types of attack:
There are five types of attack:

Passive Attack
 "Passive attack" is a attack where attacker attempts to learn information from the network to further attack but does not affect network resources. A passive attack monitors unencrypted traffic and looks for clear-text passwords and sensitive information that can be used in other types of attacks. Passive attacks include traffic analysis, monitoring of unprotected communications, decrypting weakly encrypted traffic, and capturing authentication information such as passwords. Passive interception of network operations enables adversaries to see upcoming actions. Passive attacks result in the disclosure of information or data files to an attacker without the consent or knowledge of the user.

Active Attack
"Active attack" is a attack where attacker attempts to alter system resources or affect their operation.In an active attack, the attacker tries to bypass or break into secured systems. This can be done through stealth, viruses, worms, or Trojan horses. Active attacks include attempts to circumvent or break protection features, to introduce malicious code, and to steal or modify information. These attacks are mounted against a network backbone, exploit information in transit, electronically penetrate an enclave, or attack an authorized remote user during an attempt to connect to an enclave. Active attacks result in the disclosure or dissemination of data files, DoS, or modification of data.

Distributed Attack
A distributed attack requires that the adversary introduce code, such as a Trojan horse or back-door program, to a “trusted” component or software that will later be distributed to many other companies and users Distribution attacks focus on the malicious modification of hardware or software at the factory or during distribution. These attacks introduce malicious code such as a back door to a product to gain unauthorized access to information or to a system function at a later date.

Insider Attack
An insider attack involves someone from the inside, such as a disgruntled employee, attacking the network Insider attacks can be malicious or no malicious. Malicious insiders intentionally eavesdrop, steal, or damage information; use information in a fraudulent manner; or deny access to other authorized users. No malicious attacks typically result from carelessness, lack of knowledge, or intentional circumvention of security for such reasons as performing a task

Close-in Attack
A close-in attack involves someone attempting to get physically close to network components, data, and systems in order to learn more about a network Close-in attacks consist of regular individuals attaining close physical proximity to networks, systems, or facilities for the purpose of modifying, gathering, or denying access to information. Close physical proximity is achieved through surreptitious entry into the network, open access, or both.
One popular form of close in attack is social engineering in a social engineering attack, the attacker compromises the network or system through social interaction with a person, through an e-mail message or phone. Various tricks can be used by the individual to revealing information about the security of company. The information that the victim reveals to the hacker would most likely be used in a subsequent attack to gain unauthorized access to a system or network.

Phishing Attack
In phishing attack the hacker creates a fake web site that looks exactly like a popular site such as the SBI bank or paypal. The phishing part of the attack is that the hacker then sends an e-mail message trying to trick the user into clicking a link that leads to the fake site. When the user attempts to log on with their account information, the hacker records the username and password and then tries that information on the real site.

Hijack attack
Hijack attack In a hijack attack, a hacker takes over a session between you and another individual and disconnects the other individual from the communication. You still believe that you are talking to the original party and may send private information to the hacker by accident.

Spoof attack
Spoof attack In a spoof attack, the hacker modifies the source address of the packets he or she is sending so that they appear to be coming from someone else. This may be an attempt to bypass your firewall rules.

Buffer overflow
Buffer overflow A buffer overflow attack is when the attacker sends more data to an application than is expected. A buffer overflow attack usually results in the attacker gaining administrative access to the system in a ommand prompt or shell.

Exploit attack
Exploit attack In this type of attack, the attacker knows of a security problem within an operating system or a piece of software and leverages that knowledge by exploiting the vulnerability.

Password attack
Password attack An attacker tries to crack the passwords stored in a network account database or a password-protected file. There are three major types of password attacks: a dictionary attack, a brute-force attack, and a hybrid attack. A dictionary attack uses a word list file, which is a list of potential passwords. A brute-force attack is when the attacker tries every possible combination of characters.

Brute force attack:  
Brute force attack is a term of attack which work by calculating every possible combination that could make up a password and apply it to see whether it is correct password or not. As the password’s length increases, the amount of time to find the correct password increases exponentially. Some common popular tools or software used for penetration testing are hydra, hydra-gtk, rainbowcrack, john the ripper etc.

Friday, April 1, 2016

Shell Scripting for Dovecot configuring in Linux

Dovecot is an open-source IMAP and POP3 server for Linux/UNIX-like frameworks, composed essentially with security in mind. Timo Sirainen began Dovecot and first discharged it in July 2002. Dovecot engineers basically mean to deliver a lightweight, quick and simple to-set-up open-source mailserver.
 
 
echo "****  Configuring Dovecot    **************************"
   if rpm -qa|grep dovecot
   then
   {
   echo "**************   Dovecot Installation  ****************"
   echo  '!include conf.d/*.conf' > /etc/dovecot/dovecot.conf
   echo "protocols = imap pop3 lmtp">>/etc/dovecot/dovecot.conf
   echo 'mbox_write_locks = fcntl
   mail_location = maildir:~/Maildir
   '>/etc/dovecot/conf.d/10-mail.conf
   echo 'disable_plaintext_auth = no
   !include auth-system.conf.ext
   auth_mechanisms = plain login'>/etc/dovecot/conf.d/10-auth.conf
 
   echo "********* Service Dovecot Restart *********************"
   clear
   echo ""
   echo ""
   service dovecot restart
   echo ""
   echo "  *************************************************************"
   echo "  *    Dovecot configuration has benn completed               *"
   echo "  *                Enjoy it                                   *"
   echo "  *************************************************************"
   }
 else
  echo "   *************************************************************"
  echo "   *           There is no rpm for dovecot                     *"
  echo "   *           So please install rpm first                     *"
  echo "   *************************************************************"
  fi
 
 

For Basic Configuration This is enough to receive mail. We will must add rules in IPTABLES for this.
 

Scripting for Postfix Mail Server configuration

echo "    *************** First RPM check ***********"
if rpm -qa|grep postfix
 then
 {
  echo "Write down your domain name"
  read "l"
  echo "write down your hostname"
  read "h"
  echo "write down your network like 192.168.1.0/24"
  read "n"
  echo ""
  echo '
  inet_interfaces = all
  myhostname = '$h'
  myorigin = '$l'
  mydomain = '$l'
  mydestination = $myhostname, $mydomain, $myorigin
  relayhost = [smtp.'$l']
  mynetworks = '$n' 127.0.0.0/8
  ' > /etc/postfix/main.cf


  #************************
  echo "which one u use ?"
  echo "  1: Squirrel"
  echo "  2: Open Webmail"
  echo "  3: Other"
  read a
  if [ $a -eq 1 ]
    then 
    {
     echo "home_mailbox = Mailbox" >>/etc/postfix/main.cf
    }
  elif [ $a -eq 2 ]
    then
    {
     echo "#home_mailbox = !default" >>/etc/postfix/main.cf
    }
  else
    {
     echo "home_mailbox = Maildir">>/etc/postfix/main.cf
    }
  fi
  echo ""
  clear
  echo ""
  echo ""
  service postfix restart
  echo ""
  echo "************************************************************"
  echo "*    Postfix configuration has been completed              *"
  echo "*                   Enjoy It                               *"
  echo "************************************************************"
 }
else 
 {
 clear
 echo ""
 echo ""
 echo "  *************************************************************"
 echo "  *          No rpm installed for postfix                     *"
 echo "  *          Please install the rpm first                     *"
 echo "  *************************************************************"
 }
fi
echo "******  Do u want to configure dovecot ?  **********************"
echo "  1 > press 1 for yes"
echo "  2 > press 2 for no "
echo ""
read a
if [ $a -eq 1 ]
 then
  {
   ./dovecot.sh
  }
else 
 echo "***** Ok Dovecot is not configured *******"
fi
 

Friday, March 25, 2016

AAA

What is AAA?

 Security for user access to the network and the ability to dynamically define a user’s profile to gain access to network resources is concerning issue in data communication environment. AAA network security services provide the primary framework through which a network administrator can set up access control on network which is usually the function of a router or access server. It is strongly recommended that network and administrative access security in the Cisco environment is based on a modular architecture that has three functional components: authentication, authorization and accounting.

Authentication:  Authentication is the way a user is identified prior to being allowed access to the network and network services. AAA authentication is configured by defining a named list of authentication methods, and then applying that list to various interfaces. The method list defines the types of authentication to be performed and the sequence in which they will be performed; it MUST be applied to a specific interface before any of the defined authentication methods will be performed. All authentication methods, except for local, line password, and enable authentication, MUST be defined through AAA.

Authorization:  Authorization provides the method for remote access control, including one-time authorization or authorization for each service, per-user account list and profile, user group support, Telnet etc.  AAA authorization works by assembling a set of attributes that describe what the user is authorized to perform. These attributes are compared to the information contained in a database for a given user and the result is returned to AAA to determine the user's actual capabilities and restrictions. The database can be located locally on the access server or router, or it can be hosted remotely on a RADIUS or TACACS+ security server.  As with authentication, AAA authorization is configured by defining a named list of authorization methods, and then applying that list to various interfaces.

Accounting: Accounting provides the method for collecting and sending security server information used for billing, auditing, and reporting - user identities, start and stop times, executed commands, number of packets, and number of bytes. Accounting enables tracking of the services users are accessing as well as the amount of network resources they are consuming. With AAA accounting activated, the NAS reports user activity to the RADIUS or TACACS+ security server in the form of accounting records. Each accounting record is comprised of accounting AV pairs and is stored on the access control server. This data can then be analyzed for network management, client billing, and/or auditing. All accounting methods must be defined through AAA. Accounting is configured by defining a named list of accounting methods, and then applying that list to various interfaces.




What is RADIUS?

 RADIUS is an access server that uses AAA protocol. It is a system of distributed security that secures remote access to networks and network services against unauthorized access. RADIUS comprises three components: a protocol with a frame format that utilizes User Datagram Protocol (UDP)/IP, server and client.
A network access server (NAS) operates as a client of RADIUS. The client is responsible for passing user information to designated RADIUS servers, and then acting on the response that is returned. RADIUS servers are responsible for receiving user connection requests, authenticating the user, and returning all configuration information necessary for the client to deliver service to the user. The RADIUS servers can act as proxy clients to other kinds of authentication servers.


Authentication and Authorization checking are bundled together. When the client device requests authentication from the server, the server replies with both authentication attributes and authorization attributes. These functions cannot be performed separately. The accounting features of the RADIUS protocol can be used independently of RADIUS authentication or authorization. RADIUS encrypts only the password in the access-request packet. The remainder of the packet is unencrypted.



What is TACACS+?

 TACACS+ stands for Terminal Access Control Access Control Server. TACACS+ is some enhancement to the TACACS application. The main goal of TACACS+ is to provide a centralized database against which to perform Authentication, Authorization, and Accounting (AAA).
TACACS+ uses a client server model approach. The server is questioned by the client and the server in turn reply by stating whether the user passed or failed the authentication. It is important to note that the client is not the user or the user's machine, but rather the device that is trying to determine if the user should be allowed entry into the network (typically a router or a firewall). TACACS+ uses TCP as the transport protocol –the default port is 49. If required, the server can be configured to listen on other ports. TACACS+ is similar to RADIUS (Remote Access Dial In User Server) with a few key differences.


All three AAA functions (authentication, authorization, and accounting) can be used independently. Therefore, one method such as Kerberos can be used for authentication, and a separate method such as TACACS+ can be used for authorization. While TACACS+ can use usernames and passwords it can also use other mechanisms such as "one time" passwords that prevent hackers from accessing system.
Both TACACS+ and RADIUS use a shared secret key to provide encryption. TACACS+ encrypts entire payload when communicating and the user's password between the client and the server. TACACS+ uses MD5 hash function in its encryption and decryption algorithm.

what is firewall, function and its types

                                                              Firewall 
What is Firewall?

A firewall acts as a shield to protect our system from the untrusted, non-reliable systems connected to the Internet. Conceptually, it derives from the barriers made of fire-resistant material- used to prevent the spread of fires. A firewall on your PC, however, listens to all ports on your system for any attempts to open a connection; when it detects such an attempt, it reacts according to a predefined set of rules. Put more technically, a firewall is a piece of software, hardware, or both, that allows only selected packets to pass from the Internet to your private network or system.



Describe the types of Firewall.

Answer: Several types of firewalls exist:

Packet filtering
The system examines each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.


Advantages:

Simplicity

Transparency to users
High speed
Disadvantages:
Difficulty of setting up packet filter rules
Lack of Authentication

Circuit-level gateway implementation
 This process applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.

Application-level Gateway

A proxy server is a type of gateway that hides the true network address of the computer(s) connecting through it. A proxy server connects to the Internet, makes the requests for pages, connections to servers, etc., and receives the data on behalf of the computer(s) behind it. The firewall capabilities lie in the fact that a proxy can be configured to allow only certain types of traffic to pass (e.g., HTTP files, or web pages). A proxy server has the potential drawback of slowing network performance, since it has to actively analyze and manipulate traffic passing through it.


Advantages:
Higher security than packet filters
Only need to scrutinize a few allowable applications
Easy to log and audit all incoming traffic

Disadvantages:
Additional processing overhead on each connection (gateway as splice point)

Web application firewall

 A web application firewall is a hardware appliance, server plug-in, or some other software filter that applies a set of rules to a HTTP conversation. Such rules are generally customized to the application so that many attacks can be identified and blocked.


What are Inbound and Outbound rules?

Answer: Inbound rules: These are to do with other things accessing your computer. If you are running a Web Server on your computer then you will have to tell the Firewall that outsiders are allowed to connect to it.

Outbound rules: These are so that you can let some programs use the Internet, and Block others. You will want to let your Web Browser (Internet Explorer, Firefox, Safari, Chrome, Opera...) have access to the Internet, so you will tell Windows Firewall that it's allowed.


Some Benefits and limitations of Firewall.

Benefit
  >Prevent intrusion
  >Choke point for security audit
  >Reduce attacks by hackers
  >Hide network behind a single IP address
  >Part of total network security policy


Limitations
Cannot protect against
    >inside attacks
    >malicious insiders
    >connections that circumvent it
    >completely new threats
    >some viruses
    >the administrator that does not correctly set it up
    >Cannot block attacks at higher level of the protocol stack.

Firewall vs. IDS 

Firewall - A device or application that analyzes packet headers and enforces policy based on protocol type, source address, destination address, source port, and/or destination port. Packets that do not match policy are rejected.

Intrusion Detection System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected a log message is generated detailing the event.

Sunday, March 6, 2016

Network Topology

Star topology:


In a star topology, each device has a dedicated point-to-point link only to a central controller, usually called a hub. The devices are not directly linked to one another. Unlike a mesh topology, a star topology does not allow direct traffic between devices. The controller acts as an exchange: Ifone device wants to send data to another, it sends the data to the controller, which then relays the data to the other connected device 



Advantages of Star Topology

1)  As compared to Bus topology it gives far much better performance, signals don’t necessarily get transmitted to all the workstations. A sent signal reaches the intended destination after passing through no more than 3-4 devices and 2-3 links. Performance of the network is dependent on the capacity of central hub.
2)  Easy to connect new nodes or devices. In star topology new nodes can be added easily without affecting rest of the network. Similarly components can also be removed easily.
3)  Centralized management. It helps in monitoring the network.
4)  Failure of one node or link doesn’t affect the rest of network. At the same time its easy to detect the failure and troubleshoot it.

Disadvantages of Star Topology

1)  Too much dependency on central device has its own drawbacks. If it fails whole network goes down.
2)  The use of hub, a router or a switch as central device increases the overall cost of the network.
3)   Performance and as well number of nodes which can be added in such topology is depended on capacity of central device.


Mesh Topology

Mesh In a mesh topology, every device has a dedicated point-to-point link to every other device. The term dedicated means that the link carries traffic only between the two devices it connects. To find the number of physical links in a fully connected mesh network with n nodes, we first consider that each node must be connected to every other node. Node 1must be connected to n - I nodes, node 2 must be connected to n - 1 nodes, and finally node n must be connected to n - 1 nodes. We need n(n - 1) physical links. However, if each physical link allows communication in both directions (duplex
mode), we can divide the number of links by 2. In other words, we can say that in a mesh topology, we need
                                            n(n -1) /2



Advantages of Mesh topology

1) Data can be transmitted from different devices simultaneously. This topology can withstand high traffic.
2) Even if one of the components fails there is always an alternative present. So data transfer doesn’t get affected.
3) Expansion and modification in topology can be done without disrupting other nodes.

Disadvantages of Mesh topology

1) There are high chances of redundancy in many of the network connections.
2) Overall cost of this network is way too high as compared to other network topologies.
3) Set-up and maintenance of this topology is very difficult. Even administration of the network is tough.

Ring Topology

In a ring topology, each device has a dedicated point-to-point connection with only the two devices on either side of it. A signal is passed along the ring in one direction, from device to device, until it reaches its destination. Each device in the ring incorporates a repeater. When a device receives a signal intended for another device, its repeater regenerates the bits and passes them along



Advantages of Ring Topology

1)   This type of network topology is very organized. Each node gets to send the data when it receives an   empty token. This helps to reduces chances of collision. Also in ring topology all the traffic flows in only one  direction at very high speed.
2)   Even when the load on the network increases, its performance is better than that of Bus topology.
3)   There is no need for network server to control the connectivity between workstations.
4)   Additional components do not affect the performance of network.
5)   Each computer has equal access to resources.

Disadvantages of Ring Topology

1)   Each packet of data must pass through all the computers between source and destination. This makes it slower than Star topology.
2)   If one workstation or port goes down, the entire network gets affected.
3)   Network is highly dependent on the wire which connects different components.
4)   MAU’s and network cards are expensive as compared to Ethernet cards and hubs.


Bus Topology

In Bus Topology One long cable acts as a backbone to link all the devices in a network.Nodes are connected to the bus cable by drop lines and taps. A drop line is a connection running between the device and the main cable. A tap is a connector that either splices into the main cable or punctures the sheathing of a cable to create a contact with the metallic core. As a signal travels along the backbone, some of its energy is transform into heat. Therefore, it becomes weaker and weaker as it travels farther and farther. this reason there is a limit on the number of taps a bus can support and on the distance between those taps.




Advantages of  Bus Topology

1)  It is easy to set-up and extend bus network.
2)  Cable length required for this topology is the least compared to other networks.
3)  Bus topology costs very less.
4) Linear Bus network is mostly used in small networks. Good for LAN.

Disadvantages of Bus Topology

1)  There is a limit on central cable length and number of nodes that can be connected.
2)  Dependency on central cable in this topology has its disadvantages.If the main cable (i.e. bus ) encounters   some problem, whole network breaks down.
3)  Proper termination is required to dump signals. Use of terminators is must.
4)  It is difficult to detect and troubleshoot fault at individual station.
5)  Maintenance costs can get higher with time.
6)  Efficiency of Bus network reduces, as the number of devices connected to it increases.
7)  It is not suitable for networks with heavy traffic.
8)  Security is very low because all the computers receive the sent signal from the source.

Basic of Networking

Netowrk 

In computer Science network is a set of computers connected together for the purpose of sharing resources. The most common resource shared today is connection to the Internet. Other shared resources can include a printer or a file server.
A network Computers  can be connected through twisted pair cables, telephone lines, radio waves, satellites or optical fiber cables. The first computer network was designed by ‘Advanced Research Projects Agency Network (ARPANET)’ in the United States Department of Defense. There are three type of network technologies.

LAN: Local Area Network

A Local Area Network (LAN) is a network that is bound to a smaller physical areas like a university, house or a small office. Approximately all current LANs whether wired or wireless are based on Ethernet. On a ‘Local Area Network’ data transfer speeds are higher than WAN and MAN that can extend to a 10.0 Mbps (Ethernet network) and 1.0 Gbps (Gigabit Ethernet).

MAN:Metropolitan Area Network

We can take Bank network as a example of Metropolitan Area Network where all branches located in different districts are interconnected through head office by using fiber optic cables. In one sentense A Metropolitan Area Network (MAN) is a network that connects two or more computers, communicating devices or networks in a single network that has geographic area larger than that covered by even a large ‘Local Area Network’ but smaller than the region covered by a ‘Wide Area Network’.


WAN:Wide Area Network 

Internet is a perfect exaple of WAN. Wide Area Network is a computer network that covers relatively larger geographical area such as a state or country. It provides a solution to companies or organizations operating from distant geographical locations who want to communicate with each other for sharing and managing central data or for general communication.
WAN is made up of two or more Local Area Networks (LANs) or Metropolitan Area Networks (MANs) that are interconnected with each other, thus users and computers in one location can communicate with users and computers in other locations.


Basic IT Questions for exam


Thursday, March 3, 2016

EIGRP Routing Protocols


EIGRP use five types of packets to communicate:

  > Hello    : used to identify neighbors. They are sent as periodic multicasts
  > Update : used to advertise routes, only sent as multicasts when something is changed
  > Ack      : acknowledges receipt of an update. In fact, Ack is Hello packet without data. It is always unicast and uses   UDP.
  > Query  : used to find alternate paths when all paths to a destination have failed
  > Reply  : is sent in response to query packets to instruct the originator not to recompute the route because feasible successors exist. Reply packets are always unicast to the originator of the query

Advertised distance(AD): 
the cost from the neighbor to the destination. 
Feasible distance (FD):
The sum of the AD plus the cost between the local router and the next-hop router
Successor: 
The primary route used to reach a destination. The successor route is kept in the routing table. Notice that successor is the best route to that destination. 

Feasible successor: 
The backup route. To be a feasible successor, the route must have an AD less than the FD of the current successor route


EIGRP Neighbor,Topogoly and Routing Table
EIGRP routers will start sending hello packets to other routers just like OSPF does, if you send hello packets and you receive them you will become neighbors. EIGRP neighbors will exchange routing information which will be saved in the topology table. The best path from the topology table will be copied in the routing table.

Neighbor table: The neighbor relationships are tracked in this table which are the basis for EIGRP routing and convergence activity. The address and the interface of a neighbor is discovered and recorded in a new entry of the neighbor table, whenever a new neighbor is discovered. These tables are used for reliable and sequenced delivery of packets.

Topology table: Routers use topology table which route traffic in a network. All routing tables inside the autonomous system are available in this table, where the router is positioned. Each router uses routing protocol and maintains a topology table for each configured network protocol. The routes leading to a destination are found in the topology table.

Route Table: The routes of particular destinations are stored in the routing tables. The information contains the network topology that is immediately around it. The primary goal of routing protocols and routes is the construction of routing tables. Network id, cost of the packet path and next hop are the details are available in the routing table.



Normal Configuration:

**************
      R1
**************

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#inter g0/0
Router(config-if)#ip address 1.1.1.1 255.255.255.252
Router(config-if)#exit
Router(config)#router eigrp 100
Router(config-router)#network 1.1.1.0
Router(config-router)#exit
Router(config)#exit
Router#
%SYS-5-CONFIG_I: Configured from console by console

Router#

**************
      R2
**************

Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#inter g0/0
Router(config-if)#ip address 1.1.1.2 255.255.255.252
Router(config-if)#exit
Router(config)#router eigrp 100
Router(config-router)#network 1.1.1.0
Router(config-router)#exit
Router(config)#exit
Router#

  In CCNA Exam Lab troubleshoot the eigrp with just changing AS number of this topology



Thats all. Thanks

Saturday, February 27, 2016

Interview questions 3 for Linux System Administrator

Q:16 What are the default ports used for SMTP,DNS,FTP,DHCP,SSH and squid ?

  SMTP         25
  DNS           53
  FTP            20 (data transfer) , 21 ( Connection established)
  DHCP        67/UDP(dhcp server) , 68/UDP(dhcp client)
  SSH           22
  Squid         3128


Q:17 How to check default route and routing table ?


Ans: Using the Commands ‘netstat -nr’ and ‘route -n’ we can see the default route and routing tables.



Q:18 How to check which ports are listening in my Linux Server ?


Ans:  Use the Command ‘netstat –listen’ and ‘lsof -i’



 

Q.19. How to install rpm?
 

Ans: rpm -ivh ***.rpm

 

Q20. How to add or delete a route in your System?
 

Ans: route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.254
    route del -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.1.254

 

Q21. How to give all permission for all user of a file?
 

    Ans: chmod 777 filename

 

Q22. How to check whether pptpd rpm installed or not?
 
     Ans: rpm -qa|grep pptpd



Interview questions 2 for linux system administrator


Q:9 What is umask ?

 
Ans: umask stands for ‘User file creation mask’, which determines the settings of a mask that controls which file permissions are set for files and directories when they are created.

Q:10 How to set the umask permanently for a user?
Ans: To set this value permanently for a user, it has to be put in the appropriate profile file which depends on the default shell of the user.

Q:11 How to change the default run level in linux ?
Ans: To change the run level we have to edit the file “/etc/inittab” and change initdefault entry ( id:5:initdefault:). Using ‘init’ command we change the run level temporary like ‘init 3’ , this command will move the system in runlevl 3.

Q.12 What is SeLinux?

SELinux is an acronym for Security-enhanced Linux. It is an access control implementation and security feature for the Linux kernel. It is designed to protect the server against misconfigurations and/or compromised daemons. It put limits and instructs server daemons or programs what files they can access and what actions they can take by defining a security policy.

Q.13 Explain virtual desktop.

This serves as an alternative to minimizing and maximizing different windows on the current desktop. Using virtual desktops, each desktop is a clean slate where you can open one or more programs. Rather than minimizing/restoring all those programs as needed, you can simply shuffle between virtual desktops with programs intact in each one.

Q.14 What is grep command?

grep a search command that makes use of pattern-based searching. It makes use of options and parameters that is specified along the command line and applies this pattern into searching the required file output.

Q.15 How do you terminate an ongoing process?

Every process in the system is identified by a unique process id or pid. Use the kill command followed by the pid in order to terminate that process. To terminate all process at once, use kill 0.


Previous page     Next page