Network System Administration
VerifiedAdded on 2023/04/21
|17
|1806
|192
AI Summary
The report analyzes network operating system and services, evaluates solutions for configuring VPN services, and explores system architecture development.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: NETWORK SYSTEM ADMINISTRATION
Network System Administration
Name of the Student
Name of the University
Author’s Note
Network System Administration
Name of the Student
Name of the University
Author’s Note
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
NETWORK SYSTEM ADMINISTRATION
Abstract
The report is prepared for analysis of the network operating system and services with the use
of relevant services and protocols. Different mechanism is followed for setting the virtual
private network services and an architectural diagram is created for the management of the
necessary services. The necessary solution that can be implemented for the configuration of
the vpn services is evaluated for meeting the different service requirement. The necessary
mechanism and solution that can be applied for increasing the reliability of the proposed
solution is analysed for development of the system architecture.
NETWORK SYSTEM ADMINISTRATION
Abstract
The report is prepared for analysis of the network operating system and services with the use
of relevant services and protocols. Different mechanism is followed for setting the virtual
private network services and an architectural diagram is created for the management of the
necessary services. The necessary solution that can be implemented for the configuration of
the vpn services is evaluated for meeting the different service requirement. The necessary
mechanism and solution that can be applied for increasing the reliability of the proposed
solution is analysed for development of the system architecture.
2
NETWORK SYSTEM ADMINISTRATION
Table of Contents
Introduction................................................................................................................................3
Background Information............................................................................................................3
Scope and Limitations................................................................................................................3
Literature Review.......................................................................................................................3
Experimental work and analysis................................................................................................5
Conclusion................................................................................................................................14
References:...............................................................................................................................15
NETWORK SYSTEM ADMINISTRATION
Table of Contents
Introduction................................................................................................................................3
Background Information............................................................................................................3
Scope and Limitations................................................................................................................3
Literature Review.......................................................................................................................3
Experimental work and analysis................................................................................................5
Conclusion................................................................................................................................14
References:...............................................................................................................................15
3
NETWORK SYSTEM ADMINISTRATION
Introduction
With the advancement of the technology and the influence of internet in various
domain, it has become important to have high speed and secure internet as the organizations
are moving to the cloud and hosting private and sensitive data there (Dongxu et al. 2018).
Due to this it has become important to protect the data as there are increased number of
cyber-attacks such as traffic hijacking and data breach. Now in order to increase the internet
access for better data protection and data security, VPN is an excellent strategy (Jyothi and
Reddy 2018).
Background Information
The main important feature of the open source software is that it does not require the
manufacturing license and free to access (Genç, Lenzini and Ryan 2018). Hence it is very
useful in the software development field and often considered for various activities like
cloning, evaluation and method for thread identification. The Debian Linux is used for the
configuration of VPN service and
Scope and Limitations
The main scope of the project is configure a vpn server and enabling client server
communication for management of the security issues such as handling different types of
attacks. The sever is configured with VPN service such as IPSec, Tunneling for increasing
the security of communication. Since a virtual environment is used for the configuration there
are some limitation faced for testing the configuration. Different types of attacks is needed to
be tested against the configuration.
Literature Review
Literature review is the systematic approach for reviewing and analysing methods
which are relevant with respect to a particular research topic. One area that has particularly
NETWORK SYSTEM ADMINISTRATION
Introduction
With the advancement of the technology and the influence of internet in various
domain, it has become important to have high speed and secure internet as the organizations
are moving to the cloud and hosting private and sensitive data there (Dongxu et al. 2018).
Due to this it has become important to protect the data as there are increased number of
cyber-attacks such as traffic hijacking and data breach. Now in order to increase the internet
access for better data protection and data security, VPN is an excellent strategy (Jyothi and
Reddy 2018).
Background Information
The main important feature of the open source software is that it does not require the
manufacturing license and free to access (Genç, Lenzini and Ryan 2018). Hence it is very
useful in the software development field and often considered for various activities like
cloning, evaluation and method for thread identification. The Debian Linux is used for the
configuration of VPN service and
Scope and Limitations
The main scope of the project is configure a vpn server and enabling client server
communication for management of the security issues such as handling different types of
attacks. The sever is configured with VPN service such as IPSec, Tunneling for increasing
the security of communication. Since a virtual environment is used for the configuration there
are some limitation faced for testing the configuration. Different types of attacks is needed to
be tested against the configuration.
Literature Review
Literature review is the systematic approach for reviewing and analysing methods
which are relevant with respect to a particular research topic. One area that has particularly
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4
NETWORK SYSTEM ADMINISTRATION
attracted major research interest in this context is the application of debian Linux which is
open source software (Diaz et al. 2014).
IPSEC:
IPsec is the protocol suite that helps to secure communication through internet (Lu
2015). It provide encryption for each and every packet that part of the communication and
transmitted through internet protocol (Chen et al. 2017). Various important features offered
by the IPsec are data integrity, anti-replay, confidentiality along with effective authentication.
Anti-replay provides security at the IP-packets level
Data integrity is preferred for reducing chances for data manipulation.
Confidentiality and authentication is ensured through encrypting
Key Exchange and Authentication Mechanism
This is the most important aspect of the authentication of the IPSec-VPNs. Without
this feature it is not possible to ensure authentication of IPsec-VPNs. A digital certificate can
be considered as a form of document provide electronically (Chen and Li 2018). In order to
access the documents it is important to acquire the permission form the owner of the
certificate to access the documents. Hence certification authentication is required to obtain
for the third party. CA or the certification authentication is implemented with RSA signature
which is validated by Certificate Authority which trusts the third parties organizations and
hence it is also an important feature (Genç, Lenzini and Ryan 2018). CA often verifies the
credentials claimed by any peers and need to be approved by the validation associated with
the certificates issues for the third part organizations. According to Wang and Nicol (2014,
September) various components of the digital certificates are as follows:
A digital checksum which is part of the certificates are secured with encryption
through the private key.
NETWORK SYSTEM ADMINISTRATION
attracted major research interest in this context is the application of debian Linux which is
open source software (Diaz et al. 2014).
IPSEC:
IPsec is the protocol suite that helps to secure communication through internet (Lu
2015). It provide encryption for each and every packet that part of the communication and
transmitted through internet protocol (Chen et al. 2017). Various important features offered
by the IPsec are data integrity, anti-replay, confidentiality along with effective authentication.
Anti-replay provides security at the IP-packets level
Data integrity is preferred for reducing chances for data manipulation.
Confidentiality and authentication is ensured through encrypting
Key Exchange and Authentication Mechanism
This is the most important aspect of the authentication of the IPSec-VPNs. Without
this feature it is not possible to ensure authentication of IPsec-VPNs. A digital certificate can
be considered as a form of document provide electronically (Chen and Li 2018). In order to
access the documents it is important to acquire the permission form the owner of the
certificate to access the documents. Hence certification authentication is required to obtain
for the third party. CA or the certification authentication is implemented with RSA signature
which is validated by Certificate Authority which trusts the third parties organizations and
hence it is also an important feature (Genç, Lenzini and Ryan 2018). CA often verifies the
credentials claimed by any peers and need to be approved by the validation associated with
the certificates issues for the third part organizations. According to Wang and Nicol (2014,
September) various components of the digital certificates are as follows:
A digital checksum which is part of the certificates are secured with encryption
through the private key.
5
NETWORK SYSTEM ADMINISTRATION
The public key.
The credentials of a party so that it is possible to certify that the key that is claimed by
the declared holder actually belongs to him or her.
The credentials associated with the public key holder.
The mechanism is very simple and effective, the owner issues a certificate and attach
credentials with the certificate through encrypted key and this key is then issued to the third
party. Now to access the data it is important to provide the key and owner verifies it with the
original key to verify and approve the claim which makes the process efficient and secured.
Experimental work and analysis
For the purposes of this test, the VPN server is allocated with an address of 10.0.5.1
on the VLAN, and connect a second server over the VLAN at 10.0.5.2.
nano /etc/network/interfaces
The terminal return result as
NETWORK SYSTEM ADMINISTRATION
The public key.
The credentials of a party so that it is possible to certify that the key that is claimed by
the declared holder actually belongs to him or her.
The credentials associated with the public key holder.
The mechanism is very simple and effective, the owner issues a certificate and attach
credentials with the certificate through encrypted key and this key is then issued to the third
party. Now to access the data it is important to provide the key and owner verifies it with the
original key to verify and approve the claim which makes the process efficient and secured.
Experimental work and analysis
For the purposes of this test, the VPN server is allocated with an address of 10.0.5.1
on the VLAN, and connect a second server over the VLAN at 10.0.5.2.
nano /etc/network/interfaces
The terminal return result as
6
NETWORK SYSTEM ADMINISTRATION
Adding lining below the lines
NETWORK SYSTEM ADMINISTRATION
Adding lining below the lines
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
NETWORK SYSTEM ADMINISTRATION
Next, the IP forwarding is enabled through a text editor after opening sysctl
configuration file
nano /etc/sysctl.conf
The command is used for changing different parameters and the ip forwarding table is
enabled and the ICMP re-direct is disabled.
NETWORK SYSTEM ADMINISTRATION
Next, the IP forwarding is enabled through a text editor after opening sysctl
configuration file
nano /etc/sysctl.conf
The command is used for changing different parameters and the ip forwarding table is
enabled and the ICMP re-direct is disabled.
8
NETWORK SYSTEM ADMINISTRATION
The “sys ctl” command is used for reading the configuration file while utilizing the new
defined parameters.
NETWORK SYSTEM ADMINISTRATION
The “sys ctl” command is used for reading the configuration file while utilizing the new
defined parameters.
9
NETWORK SYSTEM ADMINISTRATION
sysctl -p /etc/sysctl.conf
after that, the strongSwan needs to be installed along with layer 2 tunnelling protocol.
apt-get update
apt-get install strongswan xl2tpd
While installing the strongswan, the system gives option to whether create x.509 certificate.
Which is selected as no as it needs for PSK (preshared key) authentication.
NETWORK SYSTEM ADMINISTRATION
sysctl -p /etc/sysctl.conf
after that, the strongSwan needs to be installed along with layer 2 tunnelling protocol.
apt-get update
apt-get install strongswan xl2tpd
While installing the strongswan, the system gives option to whether create x.509 certificate.
Which is selected as no as it needs for PSK (preshared key) authentication.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
10
NETWORK SYSTEM ADMINISTRATION
Configure IPSec
Firstly, the Ipsec needs to be configured in the network which will be used to crate a secure
channel for layer 2 tunnelled data.
nano /etc/ipsec.conf
config setup
NETWORK SYSTEM ADMINISTRATION
Configure IPSec
Firstly, the Ipsec needs to be configured in the network which will be used to crate a secure
channel for layer 2 tunnelled data.
nano /etc/ipsec.conf
config setup
11
NETWORK SYSTEM ADMINISTRATION
The IP is given for the VLAN interfaces. The local ip value is given as 10.0.5.1
IP range: the Ip range is given as 10.0.5.50 to 10.0.5.255. it will provide access for 200
remote user.
The codes also specifies refuse pap and refuse chap.
The ppp options needs to be configured as well as
NETWORK SYSTEM ADMINISTRATION
The IP is given for the VLAN interfaces. The local ip value is given as 10.0.5.1
IP range: the Ip range is given as 10.0.5.50 to 10.0.5.255. it will provide access for 200
remote user.
The codes also specifies refuse pap and refuse chap.
The ppp options needs to be configured as well as
12
NETWORK SYSTEM ADMINISTRATION
nano /etc/ppp/options.xl2tpd
NETWORK SYSTEM ADMINISTRATION
nano /etc/ppp/options.xl2tpd
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
13
NETWORK SYSTEM ADMINISTRATION
proxyarp: this is used to rewrite the hardware address and prevent traffic coming from invalid
laoction.
Ms-dns: this is used to provide DNS connection as some of the clients may use it when
connected over the Virtual proxy network.
And lastly, the CHAP secret for PP authentication is achieved by
nano /etc/ppp/chap-secrets
NETWORK SYSTEM ADMINISTRATION
proxyarp: this is used to rewrite the hardware address and prevent traffic coming from invalid
laoction.
Ms-dns: this is used to provide DNS connection as some of the clients may use it when
connected over the Virtual proxy network.
And lastly, the CHAP secret for PP authentication is achieved by
nano /etc/ppp/chap-secrets
14
NETWORK SYSTEM ADMINISTRATION
In order to remotely access client through proxy the NAT is enabled.
iptables -t nat -A POSTROUTING -o eth0 -s 10.0.5.0/24 -j MASQUERADE
iptables-save > /etc/iptables/rules.v4
Remote users can now set a default route through this server in order to securely access the
internet through the VPN.
Finally, the strongswan is started
Conclusion
VPN provide data encryption which is often considered to be best and most effective
technique for data protection. Hence VPN is often employed for data security and encrypting
the data while accessing them online through internet. VPN is more secured than the
traditional internet connection in the sense that it provided better data management. Services
like third party data manipulation and provision of integrity security policies are important
features of the VPN services. The report is prepared by identifying the scope and limitation of
the configuration of the VPN network and services and experiment is performed on virtual
environment for management of the security issues and investigation of the security protocol.
NETWORK SYSTEM ADMINISTRATION
In order to remotely access client through proxy the NAT is enabled.
iptables -t nat -A POSTROUTING -o eth0 -s 10.0.5.0/24 -j MASQUERADE
iptables-save > /etc/iptables/rules.v4
Remote users can now set a default route through this server in order to securely access the
internet through the VPN.
Finally, the strongswan is started
Conclusion
VPN provide data encryption which is often considered to be best and most effective
technique for data protection. Hence VPN is often employed for data security and encrypting
the data while accessing them online through internet. VPN is more secured than the
traditional internet connection in the sense that it provided better data management. Services
like third party data manipulation and provision of integrity security policies are important
features of the VPN services. The report is prepared by identifying the scope and limitation of
the configuration of the VPN network and services and experiment is performed on virtual
environment for management of the security issues and investigation of the security protocol.
15
NETWORK SYSTEM ADMINISTRATION
References:
Dongxu, Y., Wei, H., Yun, Z., Peijie, L. and Jiancheng, T., 2018. Virtual Private Cloud
Based Power Dispatching Automation System-Architecture and Application. IEEE
Transactions on Industrial Informatics.
Jyothi, K.K. and Reddy, B.I., 2018. Study on Virtual Private Network (VPN), VPN’s
Protocols And Security.
Lu, P., 2015. Construction of Computer Encrypted Secure Communication Environment
Based on Private Virtual Network Technology. International Journal of Simulation--Systems,
Science & Technology, 16.
Chen, S., Qian, Y., Zang, X. and Peng, R., 2017, May. A Proxy Based Connection
Mechanism for Hybrid Cloud Virtual Network. In Big Data Security on Cloud
(BigDataSecurity), IEEE International Conference on High Performance and Smart
Computing (HPSC), and IEEE International Conference on Intelligent Data and Security
(IDS), 2017 IEEE 3rd International Conference on (pp. 80-85). IEEE.
Chen, J. and Li, C., 2018. Research on meteorological information network security system
based on VPN Technology. In MATEC Web of Conferences (Vol. 232, p. 01001). EDP
Sciences.
Diaz, V.H.H., Luo, X., Huang, R. and Cando, E., 2014, August. Numerical simulation of
cavitating flow over 2d hydrofoil using openFOAM adapted for debian operating system with
LXDE based in kernel GNU/Linux. In ASME 2014 4th Joint US-European Fluids
Engineering Division Summer Meeting collocated with the ASME 2014 12th International
Conference on Nanochannels, Microchannels, and Minichannels (pp. V002T06A010-
V002T06A010). American Society of Mechanical Engineers.
NETWORK SYSTEM ADMINISTRATION
References:
Dongxu, Y., Wei, H., Yun, Z., Peijie, L. and Jiancheng, T., 2018. Virtual Private Cloud
Based Power Dispatching Automation System-Architecture and Application. IEEE
Transactions on Industrial Informatics.
Jyothi, K.K. and Reddy, B.I., 2018. Study on Virtual Private Network (VPN), VPN’s
Protocols And Security.
Lu, P., 2015. Construction of Computer Encrypted Secure Communication Environment
Based on Private Virtual Network Technology. International Journal of Simulation--Systems,
Science & Technology, 16.
Chen, S., Qian, Y., Zang, X. and Peng, R., 2017, May. A Proxy Based Connection
Mechanism for Hybrid Cloud Virtual Network. In Big Data Security on Cloud
(BigDataSecurity), IEEE International Conference on High Performance and Smart
Computing (HPSC), and IEEE International Conference on Intelligent Data and Security
(IDS), 2017 IEEE 3rd International Conference on (pp. 80-85). IEEE.
Chen, J. and Li, C., 2018. Research on meteorological information network security system
based on VPN Technology. In MATEC Web of Conferences (Vol. 232, p. 01001). EDP
Sciences.
Diaz, V.H.H., Luo, X., Huang, R. and Cando, E., 2014, August. Numerical simulation of
cavitating flow over 2d hydrofoil using openFOAM adapted for debian operating system with
LXDE based in kernel GNU/Linux. In ASME 2014 4th Joint US-European Fluids
Engineering Division Summer Meeting collocated with the ASME 2014 12th International
Conference on Nanochannels, Microchannels, and Minichannels (pp. V002T06A010-
V002T06A010). American Society of Mechanical Engineers.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
16
NETWORK SYSTEM ADMINISTRATION
Genç, Z.A., Lenzini, G. and Ryan, P.Y., 2018, June. No Random, No Ransom: A Key to Stop
Cryptographic Ransomware. In International Conference on Detection of Intrusions and
Malware, and Vulnerability Assessment (pp. 234-255). Springer, Cham.
Wang, Y. and Nicol, T., 2014, September. Statistical properties of pseudo random sequences
and experiments with PHP and Debian OpenSSL. In European Symposium on Research in
Computer Security (pp. 454-471). Springer, Cham.
NETWORK SYSTEM ADMINISTRATION
Genç, Z.A., Lenzini, G. and Ryan, P.Y., 2018, June. No Random, No Ransom: A Key to Stop
Cryptographic Ransomware. In International Conference on Detection of Intrusions and
Malware, and Vulnerability Assessment (pp. 234-255). Springer, Cham.
Wang, Y. and Nicol, T., 2014, September. Statistical properties of pseudo random sequences
and experiments with PHP and Debian OpenSSL. In European Symposium on Research in
Computer Security (pp. 454-471). Springer, Cham.
1 out of 17
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.