Lab 2 - UNIX Network Administration

Description
This laboratory activity furthers your understanding of the UNIX family of operating systems and UNIX system
administration. You will configure your UNIX hosts to interoperate on the network to integrate them with each other
and your Windows server.
To ensure everyone gets the opportunity to experience each of the UNIX environments you will work individually
on this laboratory activity. Due to the individual work the laboratory report for this activity is scaled back. Your
report will only consist of your procedures and a comparison of the various UNIX varieties deployed. The
comparison should focus on the things that must be done differently to meet the project objectives across the various
platforms. While the differences can be conveyed in an outline format, there must be enough supporting text to fully
describe them.

Objectives
Phase I Network Services (1 weeks)
Implement SSH
o Demonstrate that ssh can connect to other UNIX hosts and that scp can copy files between
hosts.
Install and configure NFS file sharing
o Install NFS server and client packages on your UNIX and Windows machines
o Ensure user UIDs and GIDs match on both UNIX machines
o Create and export /var/nfs as export on each UNIX machine
o Create and export \var\nfs on the Windows machine
o Create mount points under /mnt for each NFS source on each UNIX machine per the task section
o Demonstrate the ability to mount exports from each UNIX and Windows machine to the other two
machines with mount on both UNIX and Windows Server 2008
Install Samba on each UNIX host to share directories between all UNIX and Windows hosts
o Create and share /var/smb as xxxxsmb where xxx is cent or BSD on each UNIX
machine
o Create and share \var\smb as winsmb on the Windows machine
o Create mount points under /mnt on each UNIX machine per the task section
o Demonstrate the ability to mount samba shares from each UNIX and Windows machine to the
other two machines with mount on UNIX and net use on Windows Server 2008

Phase II Security & X-Windows (1 weeks)

Secure your UNIX systems:
o Shut down all non-required network services
Demonstrate that only the required services are running with ps
o Implement and configure process accounting
All commands from all users should be logged
Demonstrate that logging is occurring
o Implement Security Enhanced Linux on CENTOS in enforcing mode and configure it to
support all required services
Demonstrate that SEL is in enforcing mode and show its configuration

Implement X-Windows:
o Show the ability to interact graphically on the console of each UNIX host @1024x768 at 24+
bit color
o Start X-Windows manually
o Send the graphical output of each UNIX host to the other UNIX host and the underlying
Windows host via SSH tunneling
o Demonstrate the ability to display the output of applications running on each UNIX on the
other UNIX and on Microsoft Windows
Patch the UNIX machines to the latest versions of all installed software
o Demonstrate that there are minimal uninstalled updates
o A few uninstalled updates from the days immediately preceding check-off is acceptable
In other words - dont update everything five minutes before check-off and end up
breaking something

Tasks
Webmin
Webmin is not allowed in this laboratory. Use of Webmin will result in an automatic zero for the lab.
File Sharing Mount Points
Create mount points on each UNIX machine as follows:
FreeBSD
/mnt/windowsnfs
/mnt/windowssamba
/mnt/centnfs
/mnt/centsamba

CENTOS
/mnt/windowsnfs
/mnt/windowssamba
/mnt/freebsdnfs
/mnt/freebsdsamba

NFS
NFS assumes that UIDs are consistent between participating UNIX machines. Be sure that users are
assigned the same UID on all UNIX hosts.
There are multiple NFS clients available for Windows that can be used to allow your Windows host to
interact with the UNIX hosts via NFS. The preferred solution is to use the built-in client in Windows Server
2008 although you may use any that you choose.
Samba
Samba allows a UNIX host to emulate a Windows server and participate in Windows networks using the
SMB protocol. Once installed your Windows hosts should be able to access data on UNIX hosts natively
and your UNIX hosts should be able to access data on other UNIX hosts via SMB/CIFS. Information on
Samba can be found at http://www.Samba.org.
Securing UNIX Systems
Be sure that there are not any non-required services running on your hosts. Typical non-required services
include MOTD, time, and font servers. Modify your start-up configurations to ensure that nothing not
required for the laboratory is running on your hosts. At check-off you will show the listening ports on your
UNIX machines to verify only required services are open.
Implement Security Enhanced Linux on CentOS and configure it with an enforcing policy that supports all
services required for the lab.
There are many different means of ensuring you have the latest available patches. Each UNIX derivative
includes some mechanism for patch management. You are only responsible for those patches that are freely
available if a patch requires a support purchase just note it during check-off.
2

X-Windows
A basic installation of X-Windows that supports 1024x768 in at least 24 bit color is required. X-Windows
should be invoked manually the system should not start up in graphical mode. There is no requirement for
any special fonts, languages, or widgets. All X11 data connections should take place over an SSH tunnel.
Your installation must allow for full interoperability across all UNIX versions and with a Windows client.
A Windows X client is available on RTFM. You may use it or any other X client that you choose.
You will need to re-configure VMware tools after installing x-windows to ensure maximum video
performance.