network information system
play

Network Information System Saher Hasan Mohammed Department of - PowerPoint PPT Presentation

Nov 30, 2022 •424 likes •706 views

Network Information System Saher Hasan Mohammed Department of Computer Science SIUC smohammed@csmail.cs.siu.edu Outline Introduction Getting Acquainted with NIS Configuration Details Configuring NIS Server NIS Server

  1. Network Information System Saher Hasan Mohammed Department of Computer Science SIUC smohammed@csmail.cs.siu.edu

  2. Outline ● Introduction ● Getting Acquainted with NIS ● Configuration Details ➢ Configuring NIS Server ➢ NIS Server Security ➢ Configuring NIS Client ● Choosing the Right Map ● Pros & Cons of NIS

  3. Introduction ● When running a LAN, the main issue is to provide a network transparent environment for the user ● This can be achieved by keeping vital data such as user information on a central machine ● This provides users with the freedom to move from machine to machine to machine ● Data that is centrally stored doesn't need to be replicated

  4. Contd.. ● Data that is centrally stored does not need to be replicated ● Consistency of the data can be maintained ● Increased flexibility- as the user can move from one host to another ● NIS was developed by Sun, which provides a generic access to database ● NIS is based on RPC

  5. Getting Acquainted with NIS ● NIS keeps database information in files called maps ● Maps contain the information in key value pair ● Maps are stored on a central host running a NIS server ● Clients can retrieve information through various RPC calls

  6. Contd.. ● Maps are usually generated from master text files such as /etc/hosts or /etc/passwd ● Some files can have several maps ● For instance a hosts file can have hosts.byname and host.byaddr if we are searching the hosts file for hostname and IP address respectively

  7. Contd.. ● Master File Map(s) Description /etc/hosts hosts.byname, Maps IP addresses to host ● hosts.byaddr names /etc/networks networks.byname, Maps IP network addresses to ● networks.byaddr network names /etc/passwd passwd.byname, Maps encrypted passwords to ● passwd.byuid user login names /etc/group group.byname, Maps Group IDs to group ● group.bygid names

  8. Contd.. ● Nicknames can be assigned to maps as they are short and easy to type ● Nicknames are only understood by ypcat and ypmatch ● To obtain a full list of nicknames, run the following command ● $ ypcat -x Use " passwd " for " passwd.byname " Use " group " for " group.byname " Use " networks " for " networks.byaddr " Use " hosts " for " hosts.byaddr "

  9. Contd... ● NIS server program is called ypserve ● Network can have any number of NIS server depending of the size of the network ● In case of multipal servers, one of then is master and the rest of them will be slave servers ● Maps are only created on master servers and are distributed to all slave servers

  10. Contd... ● NIS domain is a collection of all hosts that share part of their system configuration data through NIS ● NIS domains have a purely administrative functions ● They are invisible to users ● NIS domain name should be unique on your local network

  11. Contd.. ● To set and display the NIS domain name use the domainname command ● When invoked without any arguments it prints the current NIS domain name ● Only superuser can set the domain name # domainname domain-name ● NIS domains determine which NIS server an application will query

  12. Contd.. ● NIS implementation relyies on a special deamon called ypbind to detect a suitable NIS server in theire domains ● An application first finds out from ypbind which server to use ● ypbind probes for server by broadcasting to the local IP network, the first to respond is assumed to be faster one and is used in all subsequent NIS queries

  13. Configuring NIS Server ● Two possible NIS server configurations master and slave ● Slave server acts as a live backup machine if the master server fails ● Install the server program, ypserv, in /usr/sbin ● Create the directory which holds the maps /var/yp/ domain-name

  14. Contd.. ● Server determines whether it is serving a particular NIS domain by checking if the map directory is present Maps are usually stored in DBM files to speed up the lookups ● Maps are created from the master files using a program called dbmload ● Transforming a master files into a form that dbmload can parse is usuallya tedious process

  15. Contd.. ● The server program, ypserv contains a Makefile program that manages the conversion of the most common master files install it as Makefile in the map directory and edit it to reflect the maps that the NIS server has to share ● After editing the Makefile , while in the map directory , type make ● This will automatically generate and install the maps

  16. NIS Server Security ● NIS server security is based on securenets ● It simply restricts access to the NIS server to certain hosts, based on their IP address or network number ● ypserv implements this feature in three ways ● The first option is to use the /etc/hosts.allow and /etc/hosts.deny

  17. Contd... ● To restricts access to hosts from within a particular domain, add the following lines to hosts.allow ypser: 172.16.2. ● This will allow all hosts from IP network 172.16.2.0 access the NIS server ● Similarly to shut out other hosts add the following entry in hosts.deny ypser:ALL

  18. Contd.. ● The second option relies on a special configuration file called /etc/ypserv.securenets ● This configuration file is simple in structure ● Each line describes a host that will be allowed access to the server ● Any address not describes by an entry in this file will be refused access

  19. Contd... ● A third option is to use the secure portmapper instead of the securenet option on ypserv ● The secure portmapper uses the hosts.allow scheme as well, but offers this for all RPC server, not just ypserv ● Both the securenets option and the secure portmapper should not be used at the same time, because of the overhead this authorization incurs

  20. Configuring NIS Client ● The first step is to tell the NIS client which server to use for the NIS services ● ypbind is used to configure the NIS server to use ● The default behavior is to query the server on the local network ● If the host is mobile it is better to leave the /etc/yp.conf file empty and it would query on the local network for the local NIS server wherever it happens to be

  21. Contd... ● A more secured configuration is to set the server name in the /etc/yp.conf configuration file # yp.conf–YP configuration for the GNU libc library # ypserver server-name ● The ypserver statement tells the hosts to use the supplied NIS server for the local domain ● Alternatively IP address can also be used as an argument

  22. Contd... ● In the from shown above, the ypserver command tells ypbind to use the named server regardless of what the current NIS domain may be ● If the client is moving between different NIS domains frequently, information for several domains can be kept in the yp.conf file

  23. Contd... ● Information can be maintained on the servers for various NIS domains in the yp.conf by using the domain statement # yp.conf – YP configuration for the GNU libc library # domain A server server-nameA domain B server server-nameB ● This lets the laptop to be used in either of the two domains at the boot time using the domainname command

  24. Choosing The Right Map ● It is important to decide which configuration files to replace or augment with NIS maps ● Commonly NIS map are used for host and password lookup functions ● Generally choice has to be made when a look up function uses the local files, when it queries he NIS server, and when it uses other servers such as DNS

  25. Contd.. ● This is controlled through /etc/nsswitch.conf, which stands for Name Service Switch ● For any of the data lookup function this file contains a line naming the service to use ● The right order of the services depends on the type of the data each service is offering ● services.byname map will contain same entries as present in local services file, so its better to query the local files first

  26. Contd... ● Host name information may change frequently so the NIS server should always have the most accurate account, while the local hosts file is only kept as a backup if the NIS should fail ● For hostsnames, check the local file last

  27. Pros & Cons of NIS ● NIS is easy to learn and implement ● NIS is not suitable for managing a large of machines ● NIS does not have any process to link NIS domains ● NIS slave server needs to poll the master server regularly to get the latest information on maps ● If slave server is inaccessible then slave will have a different version of maps

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

On the Role of Interaction in Network Information Theory Young-Han Kim University of California,

On the Role of Interaction in Network Information Theory Young-Han Kim University of California,

On the Role of Interaction in Network Information Theory Young-Han Kim University of California, San Diego Banff Workshop on Interactive Information Theory January Networked Information Processing System Communication network

882 views • 49 slides
System Architectures Using Network Attached Peripherals Rodney Van Meter USC/Information Sciences

System Architectures Using Network Attached Peripherals Rodney Van Meter USC/Information Sciences

System Architectures Using Network Attached Peripherals Rodney Van Meter USC/Information Sciences Institute rdv@isi.edu http://www.isi.edu/netstation/ USC Integrated Media Systems Center Student Council Seminar October 30, 1997 1 Talk

474 views • 31 slides
PAWIKAN: A Scalable Network Management System for the Philippine Research, Education, and

PAWIKAN: A Scalable Network Management System for the Philippine Research, Education, and

PAWIKAN: A Scalable Network Management System for the Philippine Research, Education, and Government Information Network (PREGINET) http://pawikan.sourceforge.net Authors: Edwin Vinas, Jerremeo Gabas, Paul Afroilan and Rey Babilonia

498 views • 28 slides
Network OS OpenFlow Network OS: distributed system that creates a consistent, up-to-date network

Network OS OpenFlow Network OS: distributed system that creates a consistent, up-to-date network

3/21/2013 Classical network architecture Distributed control plane Distributed routing protocols: OSPF, IS-IS, BGP, etc. Feature Feature Operating System Feature Feature Specialized Packet Forwarding Hardware Operating System

230 views • 3 slides
Network and Certificate System Security Requirements Network and Certificate System Security

Network and Certificate System Security Requirements Network and Certificate System Security

Network and Certificate System Security Requirements Network and Certificate System Security Requirements (NCSSR) Effective 1 January 2013 No amendments since passed Included in WebTrust Principles and Criteria for Certification

253 views • 7 slides
Information System & Database Design CS105 What is an Information System? Storage and

Information System & Database Design CS105 What is an Information System? Storage and

Information System & Database Design CS105 What is an Information System? Storage and organization of data Resource planning Customer relationship management (CRM) Patient management Information System vs. Filesystem Directory

304 views • 9 slides
Global Heat Health Information Network Global Heat Health Information Network Joy

Global Heat Health Information Network Global Heat Health Information Network Joy

Global Heat Health Information Network Global Heat Health Information Network Joy Shumake-Guillemot , WHO/WMO Joint Climate and Health Office, Geneva, Switzerland Juli Trtanj, Hunter Jones , NOAA Washington DC July 2020 GHHIN - A

258 views • 15 slides
A hybrid system for automatic exchanges of routing information Stamatios Maritsas University of

A hybrid system for automatic exchanges of routing information Stamatios Maritsas University of

A hybrid system for automatic exchanges of routing information Stamatios Maritsas University of Amsterdam Informatics Institute Master of Science in System and Network Engineering supervised by Stavros Konstantaras George Thessalonikefs

486 views • 25 slides
System and Network Management Network Management : ability to monitor, control and plan the

System and Network Management Network Management : ability to monitor, control and plan the

1-1 System and Network Management Network Management : ability to monitor, control and plan the resources and components of computer system and networks network management is a problem created by computer! Goal of network management :

189 views • 8 slides
Topology monitoring implementation of network management system in TWAREN hybrid network

Topology monitoring implementation of network management system in TWAREN hybrid network

Topology monitoring implementation of network management system in TWAREN hybrid network National Center for High-Performance Computing 1 ABSTRACT TWAREN (TaiWan Advanced Research and Education Network) is a hybrid network composed of

532 views • 16 slides
IT Telecommunication Technology 1 Information System (IS) Model Performance Control System

IT Telecommunication Technology 1 Information System (IS) Model Performance Control System

INFORMATION SYSTEM & TECHNOLOGY by Kudang B. Seminar, PhD 2/9/2015 1 Definition of Information Technology Information Technology (IT) is an electronic technology for the acquisition, processing, storing, & retrieving of data and

697 views • 7 slides
Linux system hardening thanks to systemd Timothe Ravier French Network and Information Security

Linux system hardening thanks to systemd Timothe Ravier French Network and Information Security

Linux system hardening thanks to systemd Timothe Ravier French Network and Information Security Agency (ANSSI) RMLL 2017 Goal of this talk Goal of this talk Increase the security of standard Linux distributions Use security features

382 views • 37 slides
Overview of the EAGL Information System OCTOBER 7, 2015 Environmental New information system

Overview of the EAGL Information System OCTOBER 7, 2015 Environmental New information system

Overview of the EAGL Information System OCTOBER 7, 2015 Environmental New information system for reporting Accomplishments results of GLRI-funded projects under in the Great Action Plan II Lakes GLNPO-hosted SharePoint platform

816 views • 12 slides
The Sun Network File System (NFS) An implementation and a specification of a software system

The Sun Network File System (NFS) An implementation and a specification of a software system

The Sun Network File System (NFS) An implementation and a specification of a software system for accessing remote files across LANs . NFS The implementation is part of the Solaris and SunOS operating systems running on Sun workstations

327 views • 3 slides
S I C I S I C I an information system on historical an information system on historical

S I C I S I C I an information system on historical an information system on historical

historical landslides and floods SICI: an information system on CUNY - John Jay College of Criminal Justice URBAN HAZARDS FORUM URBAN HAZARDS FORUM New York, 22-24 January 2002 S I C I S I C I an information system on historical an

205 views • 18 slides
Enhancing Network Traffic Flow by Connecting Railroad Preemption with Advanced Traveler

Enhancing Network Traffic Flow by Connecting Railroad Preemption with Advanced Traveler

ITE- North Dakota State University Chapter Presenting Enhancing Network Traffic Flow by Connecting Railroad Preemption with Advanced Traveler Information System Organized by NOCoE and U.S. DOT ITS JPO PCB 1 Current System Overview Prosper

378 views • 15 slides
Applications Remember this? Application Transport Network Link Physical CSE 461 University

Applications Remember this? Application Transport Network Link Physical CSE 461 University

Applications Remember this? Application Transport Network Link Physical CSE 461 University of Washington 2 Application Communication Needs Vary widely; build on Transport services; some use multiple transport protocols (e.g., Zoom)

687 views • 49 slides
Networking: Application Layer Summer 2011 Cornell University 1 Today DNS End-to-End

Networking: Application Layer Summer 2011 Cornell University 1 Today DNS End-to-End

CS 4410 Operating Systems Networking: Application Layer Summer 2011 Cornell University 1 Today DNS End-to-End Argument 2 DNS When a user wants to communicate with a remote node, is it easier to remember 69.63.176.13 or

303 views • 8 slides
Networking: UDP & DNS 2 User Datagram Protocol

Networking: UDP & DNS 2 User Datagram Protocol

Computer Systems and Networks ECPE 170 Jeff Shafer University of the Pacific Networking: UDP & DNS 2 User Datagram Protocol

699 views • 30 slides
Quantitative Cyber-Security Colorado State University Yashwant K Malaiya CS559 Quick Research

Quantitative Cyber-Security Colorado State University Yashwant K Malaiya CS559 Quick Research

Quantitative Cyber-Security Colorado State University Yashwant K Malaiya CS559 Quick Research Presentations Tu b CSU Cybersecurity Center Computer Science Dept 1 1 Tuesday Everyone must participate Share questions/comments Take

802 views • 41 slides
The DNS security mess D. J. Bernstein University of Illinois at Chicago The Domain Name

The DNS security mess D. J. Bernstein University of Illinois at Chicago The Domain Name

The DNS security mess D. J. Bernstein University of Illinois at Chicago The Domain Name System tue.nl wants to see http://www.utwente.nl . Browser at tue.nl The web server www.utwente.nl has IP address

1.46k views • 120 slides
Worldwide Security and Resiliency of Cyber Infrastructures: the Role of the Domain Name System

Worldwide Security and Resiliency of Cyber Infrastructures: the Role of the Domain Name System

Worldwide Security and Resiliency of Cyber Infrastructures: the Role of the Domain Name System Dr. Igor Nai Fovino Head of the Research Department Global Cyber Security Center The Global Cyber Security Center, is an International not-for-profit

615 views • 33 slides
A Deep Dive into DNS Query Failures Donghui Yang 1,2 , Zhenyu Li 1 , Gareth Tyson 3 1 Institute of

A Deep Dive into DNS Query Failures Donghui Yang 1,2 , Zhenyu Li 1 , Gareth Tyson 3 1 Institute of

A Deep Dive into DNS Query Failures Donghui Yang 1,2 , Zhenyu Li 1 , Gareth Tyson 3 1 Institute of Computing Technology, Chinese Academy of Sciences 2 University of Chinese Academy of Sciences 3 Queen Mary University of London Why to study DNS

595 views • 34 slides
CS101 Lecture 9: Internetworking Internet Protocol IP Addresses Routing Domain Name Services

CS101 Lecture 9: Internetworking Internet Protocol IP Addresses Routing Domain Name Services

10/2/12 CS101 Lecture 9: Internetworking Internet Protocol IP Addresses Routing Domain Name Services Aaron Stevens (azs@bu.edu) 2 October 2012 Computer Science What Youll Learn Today Computer Science What is the Internet? What

546 views • 13 slides

More recommend