Internet Engineering Course - PowerPoint PPT Presentation

1 / 44

About This Presentation

Title:

Internet Engineering Course

Description:

Incredibly confused directory structure and its adverse impact on system recovery ... responds in a reasonably timely fashion to reported and serious security ... – PowerPoint PPT presentation

Number of Views:69

Avg rating:3.0/5.0

Slides: 45

Provided by: ZhiLi7

Category:

more less

Transcript and Presenter's Notes

Title: Internet Engineering Course

1
Internet Engineering Course

OS Selection

2
Servers vs. Desktop Systems

Servers
Should not contain functionality not required for
the intended function
Minimal service set
Dont install anything unless you really need it
Avoid unnecessary exposure to new risks
Faster with redundant components
Increased reliability
Has more of everything
Much more customizable
To perform specific tasks and optimizing them to
do so
Administration and maintenance requires special
training
Security, Reliability, Stability and are highly
critical
Standardizing on a single OS for all purposes is
not a goal!

3
Operating Systems we will study

Mainly
Microsoft Windows Server family
Linux
Somewhat
OpenBSD from BSD family
There are many others that we do not study here
Other variants of UNIX
Solaris, HP/UX, AIX
Other variants in BSD category FreeBSD, NetBSD,
Other variants in GNU category GNU/Hurd,
GNU/Mach,
And so many other OSs out there

4
Evaluation criteria

Applications
Stability and Reliability
Security
Scalability
Usability
Staff Issues
Total Cost of Ownership (TCO)

5
Applications

OS must support the application you will run!
e.g. Exchange Server ? OS Windows
A constraint for choosing OS
If needs are identified but no specific product
Look for the product and OS that supports it side
by side
You are not limited to some specific OSs.
Will not result in an OS that is difficult to
support or costly.
Less diversity in OSs is desirable (standardizing
server OSs)
For selecting OS
Look at what is generally available on the
platform.
What is included in the OS by default?

6
Applications cont.

Supplementary applications
Intended to supplement a function of OS
Resource Kit/Support Tools for Microsoft Windows
Unix tools for windows
Native OS completeness
There are no functions that an administrator
(skilled in Perl/shell scripting) cannot do in
UNIX systems
Windows administrators have difficulty doing
management tasks without third party or
supplementary utilities
OS vendor is not supposed to support third party
utilities and the side effects they may have!

7
Applications cont.

Niche Area Support
Greater diversity of applications available on
Windows
Windows is great from this point of view
Diversity in Windows and Linux family
Specific products may not run across the entire
family
Enough high quality server products for Linux
Newer system now necessarily backward compatibe
OpenBSD
A lot less third party products than either
Windows or Linux
Includes compatibility modes with several OSs
It should not be used extensively (e.g. Many
Linux applications ? OS should be Linux)

8
Applications cont.

Application Integration
Difference between integrated and integrable!
Features of Microsoft products works better
with/only with Microsoft products!
Usage of one Microsoft product will lead to use
of other Microsoft products
Less tension to be compliant with other products.
Their implementations are not fully compliant
with standards and therefore other
implementations.
Other products should try to be integrable!
Application support
Windows is the best, Linux is second and OpenBSD
is third.

9
Applications cont.

Market Products
Small vendors cannot afford to support various
OSs
They are pulled towards Windows Server family
Cause Growth of various Windows based market
applications
Windows NT started with a target bellow the
high-end commercial UNIX systems
Enhancements in each release ? Higher performance
market
Reducing costs of an application
Major advantage for small businesses
Linux entering the server market
Linux will be a more obvious choice for small
businesses.

10
Applications cont.

Included With Core OS
Windows
File and print services, DNS, DHCP, IIS, FTP and
other additional components
Linux and OpenBSD
Includes much more standard Internet servers
Even support for Microsoft file and print sharing
As open source operating systems are free, one
might say that any free software that runs on the
OS is part of it.

11
Applications cont.

open source Applications
Majority of these projects have been developed on
Linux
Unless they are platform neutral, theyll run on
Linux with less effort than any other OS
Microsoft repeatedly made system design decisions
that
Make little or no technical sense, but make
excellent business sense, i.e. they make it more
difficult and expensive for a developer to port a
Windows application to other OSs.
open source is by no means a UNIX only phenomena,
but
Most open source development has been done on
UNIX systems
With the UNIX like open source operating systems,
Linux and BSD family, playing the leading roles

12
Applications cont.

open source Applications
Some open source applications (visit
www.sourceforge.net)
Apache
BIND (Berkeley Internet Name Domain)
DHCPd (Dynamic Host Configuration Protocol )
PHP, Perl, Python
Web traffic analysis packages like Webalizer,
Analog
MySQL, PostgreSQL
Snort, PF, IP Filters, GuardDog
NTP
vsFTPd
OpenOffice (replacement for Microsoft Office
Suite)
GIMP (replacement for Adobe Photoshop)

13
Applications cont.

OS Versions and Fragmentation
Every several years, Microsoft introduces a
fundamentally different operating environment or
system with major changes in the UI.
Windows is designed to hide technical details,
but these changes introduces a major learning
curve!
Technical users may effectively loose a
significant part of their knowledge of how
Windows works and need start over with the new
system
These differences are mostly seamless from one
version of UNIX to another

14
Applications (Summary)

There are many more applications for Windows
Not all needed functionalities are included in
the OS
Enough products available for the cost of the OS
that some businesses can run mostly on open
source solutions
As Linux is eating into Windows server market
share, expect the application advantage for
Windows servers to shrink and perhaps disappear.
Maintaining an application for Linux and other
UNIX variants is minor compared to Windows.

15
Reliability and Stability

Both are related to bugs.
Stability
Relative resistance to crashes and lessening
their affects
Bugs and incompatibilities may cause crashes
Reliability
Specific functions stop responding or return
invalid results
Odd behavior!
Availability
Affected by thing related to reliability and
stability
To do and keep doing what they are supposed to do

16
Reliability and Stability cont.

Reboot required even for minor changes
Microsofts origins in single user systems
Is not a part of UNIX or mainframe environments
Some systems become less stable for longer
uptimes
Rarely necessary for UNIX systems
Windows flaws in architectural design
Windows registry
Incredibly confused directory structure and its
adverse impact on system recovery
System management functions contained in large
complex GUI programs mostly with no command-line
counterparts

17
Reliability and Stability cont.

Windows registry
Central repository for configuration data and
The fallacy is that registry data is accessed by
key name.
Little fundamental difference between accessing
entries in registry and files in different
directories with different filenames
Numerous binary tree lookups, in a large deeply
nested structure, become quite resource intensive
Confirmed by the fact that Windows systems slow
with age as software is added
UNIX systems do not slow with age due to software
installs.

18
Reliability and Stability cont.

Windows GUI Interface Hampers Administrators
Complex GUIs contributes to reliability issues
Such programs are harder to write and more likely
to have their own bugs
Often, no alternative interface is provided
Bug in management interface will result in
inability to perform some administrative tasks
In the UNIX world, essentially all administrative
tasks are performed by relatively simple command
line programs that do only one specific thing.

19
Reliability and Stability cont.

Linux Stability
There is no need to ever reboot except for a
kernel or hardware upgrade or change.
Registry problem is not applicable to Linux
OpenBSD
Said to be the most stable and most reliable OS
Clean code base
Development model

20
Security

File Systems
FAT lacks primary permissions and security
facilities needed for a server environment.
UNIX allows controls only by owner, group and
other. Each of these can be set to any
combination of read, write and execute.
chmod
NTFS is much more customizable and provides
flexible access control list capabilities.
Windows GUI, xcacls (Extended Change Access
Control List ) provided in Windows Support Tools

21
Security cont.

Password Hashes
Windows passwords are weaker and easier to break.
LANMAN hash
BSD MD5 is one of the strongest hashes
Novice administrators really dont know what they
are doing! Making things easy is not that good!
Default Installations
Previously default installation of Windows Server
and related network services made it much more
easier to attack and exposed the system to many
risks.
Unix default installation has basic security
provisions.
You have to enable anything you want.

22
Security cont.

Development Model, Bug Fixes, Security and
Reliability
Linux
The kernel appears to be under pretty much
continuous development and more than one version
is being developed simultaneously.
Development is a purely volunteer, non-commercial
activity.
Windows
Microsoft is the largest software company in the
world and is purely commercial.
Microsoft responds in a reasonably timely fashion
to reported and serious security bugs. It's
primarily such bugs that their security alerts
describe.

23
Security cont.

OpenBSD
OpenBSD is the most secure OS available
They try to find simple software bugs and they
believe that they are the origin of security
issue.
Secure by default
All non-essential services are disable by default
Four years without a remote hole
Outstanding open implementation of security
standards.
Unix Signal Handler and Open Software Fixes
Fix was available the day after the problem was
announced publicly!

24
Scalability

Meanings
How many processors/How much memory in a single
machine, an operating system is capable of
supporting.
Cluster of machines that work together to solve a
common problem.
Recent projects of this type have consisted of
hundreds to thousands of Intel CPUs running
Linux.
System Performance
Confusing benchmarks about performance.
No general statement on this issue.

25
Scalability cont.

Hardware Requirements
Windows has GUI in its kernel
It need reasonably high hardware specifications.
Most Linux servers installations do not have
X-Windowing System.
Hardware specifications of Linux is much smaller
than Windows.
Price Performance Ratio
The starting software cost for a public, Windows
2000 web server, is effectively over 4000.
There exists free Linux distributions and also
commercial ones which costs much less than
Windows servers

26
Usability

Ease of Use, Ease of Learning
Ease of use often regarded as one of the most
important characteristics of any software
product.
Ease of learning is not often used.
Ease of use is nearly always used to mean that a
product is easy to learn to use.
Normally means how easily a user new to a product
can figure out how to perform a specificaction.
Documentation, architecture, support, training
and design
GUI tools
May also make system administration tasks easy to
learn.
May make repetitive task very burdensome
Such tasks can make use of a system scheduler.

27
Usability cont.

Windows Lacks Automation
Automating the task in Linux by scripts
In Windows also possible but is very cumbersome
in comparison with Linux
Automating the procedures that has no counterpart
other than GUI interface should be done with e.g.
emulating mouse events or scripting utilities
like AutoIt that does somehow ease this job!
(Surely not reliable)
Easy to use Windows tools, become cumbersome to
use as the tasks become more repetitive.
There are no scripting skills that are routine
part of Windows administration
Even batch programming skills, as simple (and
limited) as that "language" is, have largely
fallen into disuse.

28
Usability cont.

Most Windows administrators are entirely
dependent on the GUI management interface, and
even where it should be obvious that something
should be automated, do not have the knowledge or
skills to do it.
UNIX administrators, in contrast, are normally
skilled in at least one scripting language, and
routinely expect to automate repetitive parts of
their jobs.
Windows server systems have a pro novice bias and
that UNIX systems have an anti-novice bias.

29
Usability cont.

Support Options
Windows
Microsoft Knowledge Base, Customer Support,
Consultants
Most of the things are solved easily if you have
employed a guru consultant. The really good ones
can solve seemingly very difficult problems, with
ease
Gurus are expensive to employ and cheap ones
learn on your job.
Linux
Community Support, Commercial Support (e.g.
RHEL), Gurus
After gaining mastery and enough experience you
are relaxed.
It does not hide anything from you, so you can
come up with the solution.
Google your problem and there should be a
discussion about it in a community

30
Staff Issues

UNIX administrators cost more than Windows ones.
Main factor Cost per machine
From all previous discussions it is resulted that
maintaining a Linux server needs less effort that
Windows one.
So the staff cost is not a major factor as might
be considered at first

31
Total Cost of Ownership (TCO)

Microsoft says TCO of Windows is much lower than
Linux
Factors
License
Support
Staff
Windows license price
How many simultaneous client connections?
What server applications?
UNIX systems require more up-front learning
effort.
Security, Stability and Reliability
Moving to security, Linux is more secure in a
default install
Given normal installs by typically trained
administrators Windows systems are much less
stable than Linux installs.

32
Summary

No operating system is perfect or even close,
even when limited to server only or desktop only
roles.
Tradeoff
Windows servers
With sufficient resources, they can be made
stable.
Because of variety of third party applications ,
it may be possible to "do more" on Windows
servers than other platforms.
As a particular matter, they rarely live up to
their promise.
Contain enormous array of unused features (may
not be easy to disable, for instance kernel
customization).

33
Summary cont.

Comparatively unreliable, and thus resource
intensive to maintain.
Given the complexity of Windows, tools and
middleware used to build the applications, and
the applications themselves, it's absurd to think
that all the security related bugs can be found
and fixed.
Only hope that the holes that exist are
sufficiently difficult and obscure, that no
skilled malicious intruder actually finds them.
Best hardware support among other OSs.

34
Summary cont.

Linux
The default security characteristics of Linux
depend on the distribution and install options
chosen.
Linux has been used to build powerful parallel
supercomputers so it unquestionably clusters well
The newest kernels should be comparable to
Windows on multiprocessor systems.
Linux has a very large range of applications,
both commercial (proprietary) and open source.
Linux has by far the largest number of open
source applications.
All business needs can be met by Linux
applications.
Linux has the best and most diverse free support
available, which is often better than traditional
commercial support.

35
Choosing a Linux Distribution

Some server candidates
Commercial
Red Hat Enterprise Linux
SUSE Linux Enterprise Server
Mandriva Corporate Server
Non-commercial
Gentoo
Debian
Fedora
Slackware
Arch

36
Choosing a Linux Distribution cont.

Differences
Base operating system
Some customization, e.g. init scripts, kernel
Generally binary compatible
Software management and updating
YUM
APT
Smart
Synaptic
Hardware management
Kudzu of Red Hat
Non-commercial distros never contain proprietary
drivers.
Proprietary extras

37
Choosing a Linux Distribution cont.

Support from server manufacturers mainly
Red Hat Enterprise Linux
SUSE Linux Enterprise Server
Challenging
Gentoo
Debian
Slackware
Arch

38
Choosing a Linux Distribution cont.

Red Hat
Founded in 1994 by Bob Young and Marc Ewing
Leader in development, deployment and Management
of Linux and open source solutions for Internet
infrastructure
Last version in the Red Hat Linux product line ?
Red Hat Enterprise Linux 5
Replaced by Fedora Core in late 2003, officially
sponsored by Red Hat
Developed with community participation
Serves mainly as a testing base for Red Hat
Enterprise Linux
Widely used, excellent community support, lots of
innovation
up2date and YUM as package managers (RPM)
Red Hat Enterprise Linux products best supported
by hardware vendors among other Linux
distributions
Very good commercial support