Server+ Certification Cram Notes

Firewall

A firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. In the context of servers, firewalls are used to protect the server from unauthorized access and potential security threats.

Ports, in this context, refer to the communication endpoints that are used by network applications to send and receive data. A port is identified by a number, ranging from 1 to 65535, and is used to differentiate between different types of traffic. For example, web traffic typically uses port 80 for HTTP traffic and port 443 for HTTPS traffic.

Firewalls use ports to regulate traffic by opening or closing them based on the defined rules. For example, a firewall might be configured to allow traffic on port 80 for web traffic, but block traffic on other ports to prevent unauthorized access. It is important to ensure that only necessary ports are opened and that they are protected by strong authentication mechanisms.

Configure firewall on a linux server:

Configuring a firewall on a Linux server typically involves using a firewall software program such as iptables or firewalld. Here are the general steps for configuring a firewall on a Linux server using iptables:

1. Check the status of the firewall:

sudo iptables -L

2. Define the default policy for incoming traffic:

sudo iptables -P INPUT DROP

3. Allow traffic for specific services:

sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT

4. Allow traffic from specific IP addresses or networks:

sudo iptables -A INPUT -s 192.168.1.0/24 -j ACCEPT

5. Save the rules to the iptables configuration file:

sudo iptables-save > /etc/sysconfig/iptables

6. Restart the iptables service:

sudo service iptables restart

Note: The exact commands and steps may vary depending on the Linux distribution and firewall software being used. It is important to carefully review the documentation for the specific software and version being used to ensure proper configuration.

Configure firewall on a Windows server:

In Windows Server, the built-in firewall is called Windows Defender Firewall. Here are the steps to configure it:

1. Open the Windows Defender Firewall management console. You can do this by searching for "Windows Defender Firewall" in the Start menu or by going to Control Panel > System and Security > Windows Defender Firewall.

2. Click on "Advanced settings" on the left-hand side of the console.

3. In the left-hand pane, click on "Inbound Rules" or "Outbound Rules" depending on whether you want to configure incoming or outgoing traffic.

4. Click on "New Rule" in the right-hand pane to create a new rule.

5. Choose the type of rule you want to create (e.g. port, program, etc.) and follow the prompts to configure the rule.

6. Once you have finished configuring the rule, give it a name and click "Finish" to save it.

7. Repeat this process to create any additional rules you need to configure.

Note: It's important to be careful when configuring firewall rules, as they can potentially block legitimate traffic and cause issues with network connectivity. It's a good idea to test any new rules in a non-production environment before deploying them in a live environment.

Static vs. dynamic

Static and dynamic are two different types of network configurations.

Static configuration means that the network settings of a device are manually set and do not change automatically. For example, a server might be assigned a static IP address, subnet mask, default gateway, and DNS server addresses. This configuration provides a fixed network identity and can be useful in situations where the device needs to be reached consistently and without any changes.

Dynamic configuration, on the other hand, means that the network settings are automatically assigned by a service such as the Dynamic Host Configuration Protocol (DHCP). DHCP allows a device to obtain its network settings automatically from a DHCP server. When a device connects to the network, it sends a request to the DHCP server, which assigns it an IP address, subnet mask, default gateway, and DNS server addresses. This configuration is useful in situations where a large number of devices need to be deployed, and manual configuration is not practical.

To configure DHCP on a Windows Server machine, follow these steps:

1. Open the Server Manager: Click on the Start menu, then click on Server Manager.

2. Add the DHCP Server role: In the Server Manager window, click on Add roles and features.

3. Select the DHCP Server role: In the Add Roles and Features Wizard, select DHCP Server under Server Roles and click on Next.

4. Configure the DHCP server options: Follow the prompts to configure the DHCP server options, such as the IP address range and lease duration.

5. Activate the DHCP server: Once the configuration is complete, right-click on the DHCP server in the Server Manager and select Activate

6. Configure the DHCP client: On the client machine, open the Network and Sharing Center, click on Change adapter settings, right-click on the network adapter, select Properties, select Internet Protocol Version 4 (TCP/IPv4), and select the Obtain an IP address automatically option.

Automatic Private IP Addressing (APIPA) is a feature of Microsoft Windows operating systems that allows a device to automatically assign itself an IP address in the event that no DHCP server is available. When a device with APIPA is unable to obtain a DHCP lease, it assigns itself an IP address from the 169.254.x.x address range. This address range is reserved for APIPA and is not routable, meaning that devices with APIPA addresses can only communicate with other devices on the same subnet that also have APIPA addresses. APIPA is a useful fallback mechanism for home or small office networks, but it is not recommended for larger or more complex networks.

MAC addresses

A Media Access Control (MAC) address is a unique identifier assigned to a network interface controller (NIC) for use as a network address in communications within a network segment. It is a six-byte hexadecimal address and is usually represented in a format like "00-1B-63-84-45-E6". The first three bytes of a MAC address are known as the Organizationally Unique Identifier (OUI) and identify the manufacturer of the NIC. The last three bytes are assigned by the manufacturer and serve as the unique identifier for the NIC. MAC addresses are used in the data link layer of the OSI model for communication between devices on a local area network (LAN).

MAC address configuration on a Linux server:

MAC address configuration on a Linux server can be done using the ip command or by editing the network configuration files.

1. Using the ip command: To change the MAC address using the ip command, follow these steps:

Open a terminal or connect to the server via SSH
Run the following command to identify the name of the network interface:

ip link show

Take note of the name of the interface, for example, eth0
Run the following command to change the MAC address:

sudo ip link set dev [interface-name] address [new-MAC-address]

Replace [interface-name] with the name of the interface identified in the previous step and [new-MAC-address] with the desired MAC address in the following format: XX:XX:XX:XX:XX:XX
Verify the new MAC address by running the ip link show command again.

2. Editing configuration files: To change the MAC address by editing configuration files, follow these steps:

Open the network configuration file using a text editor. The location of the file may vary depending on the distribution and version of Linux, but it is usually located at /etc/sysconfig/network-scripts/ifcfg-[interface-name]
Add the following line to the file:HWADDR=[new-MAC-address]
Replace [new-MAC-address] with the desired MAC address in the following format: XX:XX:XX:XX:XX:XX
Save the file and exit the text editor
Restart the network service for the changes to take effect by running the following command:

sudo systemctl restart network