Official website for Linux User & Developer
FOLLOW US ON:
Jun
28

Linux system administration part 2

Posted by Mihalis Tsoukalos

Find out what it takes to become a sysadmin in part two of our guide

Web servers

As the moment, the most popular web servers are Apache and Nginx. Apache is the most successful and famous open source project whereas Nginx (pronounced Engine X) is a web server that was developed in Russia by Igor Sysoev back in 2002.

The main difference between the two is that Apache is a process-based server, which means that each simultaneous connection requires a separate thread, while Nginx uses asynchronous sockets, which allows it to handle more requests per process while not having to spawn too many processes. As a result the memory consumption of Nginx is very low when serving static pages while serving them extremely fast. The configuration files of Nginx are also much simpler to read, use and modify than the configuration files found in Apache.

Apache supports ‘.htaccess’ files that provide a way to make configuration changes on a per-directory basis. An .htaccess file, containing one or more configuration directives, is placed in a particular document directory and the directives apply to that directory plus all its subdirectories.

Nginx does not support .htaccess files. The functionality of an .htaccess file is embedded in the configuration file. The good thing is that the equivalent rewrite rules in Nginx are usually fewer and less complex than the ones used in an .htaccess file.

Scripting

A scripting language can help you write relatively small programs that do repetitive tasks, communicate with a database, extract data from log files, send emails if something unusual happens to a Linux system, and so on.

There is a plethora of scripting languages that can be useful to a system administrator but the most popular are Perl, Python and Ruby. Choosing only one of them is difficult but you cannot go wrong if you learn any one of them. Perl was very popular before 2000 and it can still be useful, whereas Python is very popular and well supported today and Ruby is also very capable. If you want to play it safe, learn Python, as it continues to explode in popularity.

Top 5 security tools

Security is one of the most important parts of an SA’s job, so mastering the tools will help you be an effective administrator

Nmap
www.nmap.org

Nmap is an open source tool that supports port scanning, OS detection, version detection and more. Nmap is particularly useful for examining the status of your network.

Nessus vulnerability scanner
www.tenable.com/products/nessus

Nessus is a vulnerability-scanning program that can scan default or blank passwords, DoS attacks against the TCP/IP stack using invalid packets, old software versions and open mail relay, etc. This is a great place to start.

SQLMap
www.sqlmap.org

SQLMap is an open source penetration-testing tool for detecting and exploiting SQL injection flaws. SQLMap supports MySQL, Oracle, DB2, SQLite, PostgreSQL, Firebird and Sybase. Databases can be tricky to keep tightly locked down, so SQLMap should become an essential part of your arsenal.

John the Ripper password cracker
www.openwall.com/john

Weak passwords are the number one security threat so the UNIX administrator to check for this and protect their Linux machines. The John the Ripper utility checks if a password is easy to guess by cracking it using the brute force method, the first port of call for a cracker.

Telnet
www.telnet.org

The main benefit of using telnet (type man telnet to see its man page) to manually simulate client-server interaction is you see the raw data of the connection. Using telnet to connect to a site is better for troubleshooting because you see raw HTML output, so you can get a better grasp on the issue.

Statistics

It is strongly recommended for an SA to know some statistics. A very good statistical package is R and, although R is not easy to learn, it has many advantages; it can be used in UNIX scripts, has a large number of existing packages (CRAN), outstanding graphical capabilities, ability to process lots of data, advanced statistical capabilities, ability to connect to a database, and its programming language. You do not have to use everything at once, but having software with so many capabilities is very convenient.

As an example, R will be used for processing a log file (access.log) from Apache to detect hack attempts. As the log file is from a Drupal site, you want to monitor the “GET /?q=node/add HTTP/1.1″, “GET /?q=user/register HTTP/1.1″, “GET /?q=node/add HTTP/1.0″ and “GET /?q=user/register HTTP/1.0″ requests because they indicate external hack attempts.

The following R commands produce a beautiful and informative graphical output:

> LOGS = read.table("~/Desktop/access.log", sep = " ", header=F)
> newV4 <- strptime(V4 , format('[%d/%b/%Y:%H:%M:%S'))
> day = format(newV4, "%A")
> hours = format(newV4, "%H")
> HACK = subset(LOGS, V6 %in% c("GET /?q=node/add HTTP/1.1", "GET /?q=user/register HTTP/1.1", "GET /?q=node/add HTTP/1.0", "GET /?q=user/register HTTP/1.0" ))
> HACK[1:3] <- list(NULL)
> HACK$V5 <- NULL
> HACK[3:5] <- list(NULL)
> HACK[3:4] <- list(NULL)
> names(HACK)
[1] "V4" "V6"
> newV4 <- strptime(HACK$V4 , format('[%d/%b/%Y:%H:%M:%S'))
> day = format(newV4, "%A")
> barplot( table(factor(day, levels=c("Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday", "Sunday"))), xlab="Day", ylab="Count", col="red", border="blue", main="Hack Attempts!")

Time management tips for system administrators

Do, delegate or record

When a new task comes, you should always complete it, delegate it to a colleague or record it for a later date. New tasks will come up all the time, so you need to manage your time effectively.

Keep it simple, stupid

When you have to decide between two or more possible solutions to a problem, always choose the simplest one available to you that still gets the job done. The path of least resistance is almost always the path best travelled.

Master the ‘To Do’ list

Anyone can write a To Do list, but the key for an effective administrator is to prioritise tasks. A slow web server is a much lower priority than a mail server that isn’t accepting any mail. Understanding your company’s business model will also help shape your priorities.

Document everything!

Document everything you do and how you do it. Not only does this help for personal reference in the future, but it ensures your colleagues can work effectively in systems you administer.

If you can, automate

Automating repetitive tasks will save you so much time that you’ll soon be considered an SA wizard. If a task has to be done on a regular basis, try to automate it. Not only can automated tasks be delegated easier but you wont need a checklist as long as your arm to keep on top of your tasks.

What’s your peak time?

We all have a natural peak during our working day. Some people work best early in the morning, others come into their own mid-afternoon. Find your peak time and schedule your most difficult or critical tasks for during that period.

TCP/IP

TCP/IP is a family of protocols that helps the internet operate. The name TCP/IP came from the two most well-known protocols, TCP and IP. TCP stands for Transmission Control Protocol;  its main characteristic is that it is a reliable protocol, which means that it makes sure that a packet was delivered. If there is no proof of the packet delivery, TCP resends the packet. IP stands for Internet Protocol. The main characteristic of IP is that it is not a reliable protocol by nature; however a programmer can program reliable applications that use IP by implementing their own error-checking code.

Every device that uses TCP/IP must have an IP address, which must be unique at least to its local network. It also needs a network mask (used for dividing big IP networks into smaller networks) that is related to the current network, one or more DNS servers (used for translating an IP address to a human-memorable format and vice versa) and, optionally, if you want to communicate with devices beyond your local network, the IP of a device that acts as the default gateway (the network device that TCP/IP sends a network packet when it does not ‘know’ where else to send it).

Databases

database terms
Database terms can differ depending on the platform you're working with

Databases are everywhere and it is a big advantage for an SA to understand them. The two popular kinds of databases are relational and NoSQL. Relational databases store their data in tables that are defined and organised according to the relational model and support the SQL database query language for interacting with data. NoSQL databases are designed for the web and do not support joins, complex transactions and other features of the SQL language. MongoDB is a very popular NoSQL database.

You may wonder why you might use a NoSQL database such as MongoDB instead of a traditional DBMS like MySQL, Oracle or PostgreSQL. MongoDB is generally faster for storing web data and unstructured data. The schema of a relational database is not designed for frequent changes, whereas the data schema of MongoDB may change without downtime. MongoDB supports replication and sharding – the process of separating a single database across a cluster of machines.

Administering a database usually involves many tasks including installation, backup and restore, optimisation, replication, user management, etc. An SA can be turned into a database administrator (DBA), so if you want to learn a database system, start with MySQL.

Essential reading

Check out our light reading list to understand the various tasks of system administration

UNIX and Linux System Administration Handbook 4th Edition

If you’re looking for a book that describes almost every task of a system administrator, this is the one. Let’s hope your bookshelf is right next to your desk, because you’ll be reaching for this almost all the time.

The Practice Of System And Network Administration 2nd Edition

This book is broken down into four main sections that have been designed to build your knowledge with the foundational elements
of system administration. It’s not cheap, but you get what you pay for.

The Design Of The UNIX Operating System

If you want to learn the nuts and bolts of the UNIX operating system, then you should, without doubt, read The Design Of The UNIX Operating System. It is an advanced book, but stick with it – it’s highly recommended.

The Unix Programming Environment

This is the best introductory book on programming in the UNIX programming environment that we know of. It caters for first-timers and experienced programmers alike and describes the programming environment and philosophy thereof in great detail.

UNIX Power Tools 3rd Edition

This is – as the name suggests – probably the best book if you’re looking to learn the various UNIX command line tools like a UNIX guru. It’s affectionately referred to as ‘the’ UNIX book, by its ever-expanding army of fans.

Sysadmin FAQ

Is system administration a 24/7 job?

In theory, yes, but in practice obviously that’s not the case. If you’re following the advice in this feature and are doing your job properly, though, you should be able to sleep at night.

Which is the single most important piece of advice you can give me?

Get the fundamentals right and everything else will fall into place. Don’t try to cover every minute detail when you build a new system or put a new practice in place; nail the basics and the rest should follow.

What are Puppet and Chef? Should I be making use of them?

Puppet and Chef can help you manage a large number of Linux systems by propagating changes of a configuration file to any number of systems quickly and conveniently. They are called configuration management systems and you should learn at least one of them if
you value your sanity!

What is IPv6?

IPv6 was developed by IETF (Internet Engineering Task Force) and its purpose is to solve the forthcoming problem of IPv4 address exhaustion. IP uses 32-bit addresses whereas IPv6 uses 128-bit addresses, offering more than 7.91028 times as many as IPv4.

Are there any other general pieces of advice you can give that would serve me well?

Always be nice to people – especially developers – and always run tests on a development machine before you deploy anything. Most important of all, though: never make changes to a production server on a Friday afternoon if you value your weekend!

Which are the two most important tasks of a system administrator?

If you’re not sure by now, you’re probably barking up the wrong tree, but just to be sure, it’s backup and security. These are the bare-bones fundamentals – get these right and you’re pointing in the right direction.

  • Tell a Friend
  • Follow our Twitter to find out about all the latest Linux news, reviews, previews, interviews, features and a whole more.
    • Saúl Briones

      Thanks for the tips!!! They will help me to perform my skills as a SA

    • Timothy LePés

      Where’s the link to part one? Or the author’s submissions, so I can find it easily? I don’t understand why you would not want to include a link to the first part right at the top of the article, for those coming late to the series. I can’t be the only one wondering why there is no obvious link.