Saturday, March 17, 2012

Interview questions on Port numbers

Q:: What Is a Port Number?
 A port number is part of the addressing information used to identify the senders and receivers of messages. Port numbers are most commonly used with TCP/IP connections. Home network routers and computer software work with ports and sometimes allow you to configure port number settings. These port numbers allow different applications on the same computer to share network resources simultaneously.

Q. What is the range of ports or how many ports are there?
Port numbers can vary from 0 to 65535, so total we can get 65536 ports


Q. Why port numbers are just 65536?
This is because limitation in TCP/IP stack where the port field is just 16bit size. So we get only 2^16 port which is equal to 65536 ports


Port numbers have a range of 0..65535 (although often 0 has special meaning). In the original BSD TCP implementation, only root can bind to ports 1..1023, and dynamically assigned ports were assigned from the range 1024..5000; the others were available for unprivileged static assignment. These days 1024..5000 is often not enough dynamic ports, and IANA has now officially designated the range 49152..65535 for dynamic port assignment. However even that is not enough dynamic ports for some busy servers, so the range is usually configurable (by an administrator). On modern Linux and Solaris systems (often used as servers), the default dynamic range now starts at 32768. Mac OS X and Windows Vista default to 49152..65535.
 
[root@desktop12 ~]# cat /proc/sys/net/ipv4/ip_local_port_range 
32768   61000

solaris$ /usr/sbin/ndd /dev/tcp tcp_smallest_anon_port tcp_largest_anon_port
32768

65535

macosx$ sysctl net.inet.ip.portrange.first net.inet.ip.portrange.last
net.inet.ip.portrange.first: 49152
net.inet.ip.portrange.last: 65535

vista> netsh int ipv4 show dynamicport tcp
Protocol tcp Dynamic Port Range

Start Port : 49152
Number of Ports : 16384


Q.What are the well-known ports?
Well known ports are from 0 to 1023(total 2^10=1024 ports)



Q.What are the Registered Ports, and    (Range:  1024 to 49151 )
Used by specific service upon applications such as Oracle database listener (1521), MySql (3306), Microsoft Terminal server (3389) etc.

Q.What are the Dynamic and/or Private Ports. (Range: 49152 to 65535 )
These ports can’t be registered by IANA.  This is used for custom or temporary purposes and for automatic allocation of short-lived (or ephemeral ) ports which is used internally by application/processes. You can see these ports by running ‘netstat’ command under “Local address” column.



Q.What do you mean by default port?

Default port is a designated port for particular well-known server.


Q.Can we change default port for a service(example Apache, squid)?
Yes, we can change


Q.What are the protocol numbers for TCP and UDP?
TCP protocol number:6
UDP protocol number:17


Q.How to find which ports are open?
You can find the ports in your linux server with the nmap command
#netstat -ntlp 
  here n -> display the host by numbers
           t  ->shows tcp protocols
           u ->to check udp protocols
           l ->listening ports
          p -> displays which process controls the port
Q.How to find printer open ports  ?
[root@desktop13 Desktop]# netstat -ntlp |grep cups
tcp        0      0  127.0.0.1:631               0.0.0.0:*                   LISTEN      1525/cupsd          
tcp        0      0   ::1:631                             :::*                        LISTEN      1525/cupsd    

Q. How to detect remote server openports?
[root@desktop13 Desktop]# nmap -sT 192.168.0.250
it will show like this
PORT     STATE SERVICE
21/tcp   open  ftp
22/tcp   open  ssh
25/tcp   open  smtp
80/tcp   open  http
Q. How to change SSH port number?
[root@desktop13 Desktop]# netstat -ntlp | grep ssh
tcp        0      0 0.0.0.0:22                  0.0.0.0:*                   LISTEN      1646/sshd         
tcp        0      0 :::22                               :::*                        LISTEN      1646/sshd    
go to the configuration file
[root@desktop13 Desktop]# vim /etc/ssh/sshd_config
port=2200
save and quit

[root@desktop13 Desktop]# service sshd restart

Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]

[root@desktop13 Desktop]# netstat -ntlp | grep ssh
tcp        0      0 0.0.0.0:2200                0.0.0.0:*                   LISTEN      11904/sshd        
tcp        0      0 :::2200                          :::*                        LISTEN      11904/sshd       

   now port num changed successfully

Q. rempte loggin with port number?

ssh -p 22 root@192.168.0.111

Some important port numbers:
20-FTP Data (For transferring FTP data)

21-FTP Control (For starting FTP connection)

22-SSH(For secure remote administration which uses SSL to encrypt the transmission)

23-Telnet (For insecure remote administration

25-SMTP(Mail Transfer Agent for e-mail server such as SEND mail)

53- DNS(Special service which uses both TCP and UDP)

68-DHCP

69-TFTP(Trivial file transfer protocol uses udp protocol for connection less transmission of data)

80 -HTTP/WWW(apache)

88-Kerberos

110-POP3(Mail delivery Agent)

123-NTP(Network time protocol used for time syncing uses UDP protocol)

137-NetBIOS(nmbd)

139,138,445-SMB-Samba(smbd)

143-IMAP

161-SNMP(For network monitoring)

389-LDAP(For centralized administration)

443-HTTPS(HTTP+SSL for secure web access)

514-Syslogd(udp port)

995-POP3s
 
3260-ISCSI

3128-squid proxy
 
631-Printers(cups)
 
2049-NFS(nfsd, rpc.nfsd, rpc, portmap)





*If protocol is not mention then the above port are solely for TCP. Some service use UDP as mention in above list.



Thursday, March 15, 2012

NFS Server Interview Questions

Q. What is NFS?
 NFS is a network file system, which allows remote hosts to mount file system  over a network and interact with those file systems as though they are mounted locally.

Q. NFS uses?
 NFS is used for sharing files and directories throughout the network.

Q. What are the port numbers for nfs?
     2049(nfsd), 111(port map)

Q. what are the demons for nfs?
    Rpc.nfsd, rpc.lockd, rpc.quota.d, rpc.mountd

Q. NFS uses which protocol?
    Nfsv4 uses TCP, nfsv3 and nfsv2 uses UDP

Q: - Explain this entry /shared 192.168.1.0/24(sync,rw)
    Allows all systems with 192.168.1.*  IP addresses read-write access to the  /shared directory


Q: - What will happened if a space is given in between allowed hosts and (options)
If a space is included, the options are applied to any and all IP addresses, which can be quite dangerous if write permission is granted. 


Q: - What is the role of "sync" option for NFS server
sync is used to synchronize the data from server to client. The sync option is recommended because it follows the NFS protocol.


Q: - How to retrieve a list of clients connected to the NFS server?

To retrieve a list of clients connected to the NFS server, use the showmount command
from a shell prompt. To also show the directories the clients are connected to, use the
ex: showmount –e  192.168.0.112

Q: - Name of Configuration file for NFS Server?

/etc/exports


Q: - What is meaning of "no_root_squash" option ?

Treat remote root user as local root. Do not map requests from root to the anonymous user and group ID.


Q: - What is NFS ?

NFS stands for Network File System. NFS was originally developed by Sun Microsystems in the 1980's. NFS allows remote hosts to mount file systems over a network and interact with those file systems as though they are mounted locally. This enables system administrators to consolidate resources onto centralized servers on the network.


Q: - Which NFS versions are available ?

NFS Version 2
NFS Version 3
NFS Version 4


Q: - What is different between NFS Version 2 & 3 ?

nfs 2 default 8kb transfer rate,it did not check the authentication at the time connection.client wants to access unauthorized file it shows error messages like "write error","read error" nfs 3 32kb transfer rate. It check at the time connection- ACL Support

Q: - Can we grant access by Username and password for nfs share?
No, access is granted only for IP address.

Q: - What is the role of "all_squash" option?
Treat all client users as anonymous users. Map all user and group IDs to the anonymous user and group ID.

Q: - What is the role of "root_squash" option?
All requests from the user root are translated or mapped as if they came from the user anonymous (default).

Q: - Explain option "all_squash"?
The UID and GID of exported files are mapped to the user anonymous. It is good for public directories.

Q: - Explain "exportfs" command?
The exportfs command is used to maintain the current table of exported file systems for NFS.

Q: - Explain command "/usr/sbin/exportfs -f"?
It will flush everything out of the kernels export table. Any clients that are active will get new entries added by mountd when they make their next request.

Q: - Which option is used with exportfs command to display the current export list, also displays the list of export options?
exportfs –v

Q: - Which option is used with exportfs command to re-export all directories?
exportfs –r

Q: - Is rpc.mountd daemon supports TCP_WRAPPERS?
Yes, The rpc.mountd daemon is protected by the tcp_wrappers. You have to give the clients access to rpc.mountd if they should be allowed to use NFS Server.

Q: - Explain "nfsstat" command?
The nfsstat command displays the statistics about NFS client and NFS server activity.

Q: - What do you understand by "nfsstat -o all -234" command?
It will Show all information about all versions of NFS.

Q: - What do you understand by "nfsstat --nfs --server -4" command?
It will show statistics for NFS version 4 server.

Q: - Can NFS share mounted on Window XP and Justify your answer?
No, Window XP operating system doesn’t support nfs protocol.

Q: - 192.168.0.117:/data is exported by NFS Server and i want to add this NFS share to client /etc/fstab file. How you will add this entry in /etc/fstab file?
#Device name                      #mount-point    # fs-type     #options      #dump   #fsckorder
192.168.0.117:/data            /mnt                 nfs            defaults              0         0

Q: - Explain "Soft Mounting" option at NFS Client?

if a file request fails, the NFS client will report an error to the process on the client machine requesting the file access. if it cannot be satisfied (for example, the server is down), then it quits. This is called soft mounting.

Q: - Explain "Hard Mounting" option at NFS Client?
If a file request fails, the NFS client will report an error to the process on the client machine requesting the file access. if it cannot be satisfied, then it will not quit until the request is satisfied. This is called Hard mounting.

Q: Explain "intr" option at NFS Client?
Allows nfs requests t be interrupted or killed if the server is unreachable

Q:  Explain "nolock" option at NFS Client?
It disables the file locking and allows the interoperation

Q: - What is "portmap"?
The portmapper keeps a list of what services are running on what ports. This list is used by a connecting machine to see what ports it wants to talk to access certain services.

Q: - How you will check "portmap" service is running or not?
      rpcinfo –p 192.168.0.117

Q: - I am unable to mount a NFS share. How will you trace out the reason?
Firstly, check that you have permissions to mount nfs share or not. Check /etc/exports file.
Secondly you can get RPC error: Program Not Registered (or another "RPC" error)
For this check your NFS server and portmap service running or not by "rpcinfo -p"

Q: Can I modify export permissions without needing to remount clients in order to have them take effect?
Yes. The safest thing to do is edit /etc/exports and run "exportfs -r"

Q. How to restart the services for nfs?
Service nfs restart

Q. How to enable the nfs server after reboot?
Chkconfig  nfs  on



Tuesday, March 13, 2012

Samba server configuration


SAMBA(SMB server) is a file sharing server. Which is used to share files between Windows, Linux and Unix Systems. SMB(Server Message Block) is a proprietary protocol which is developed by Microsoft

This article explains how to install and configure SAMBA in Linux.

Requirement : Share a directory /sample with a share name linux throughout the example.com network to the user suri with the password redhat, and should have only read access
------------------------------------------------------------------------------------

Step 1: Create a directory where you want to keep data and share with other remote systems(either windows/Linux/UNIX).
#mkdir /sample

Step 2 : Installing Samba server
#yum install samba* -y

Step3: Check the context of shared directory  with ls using ls –Z
[root@servername ~]# ls -dZ /sample
Change the context to samba, i.e,
[root@servername ~]# chcon –t samba_share_t /sample

 Step 4 : Now we have to configure the samba server. Edit the main configuration file (/etc/samba/smb.conf)

specify the work group where this server belongs 

#vim /etc/samba/smb.conf

search for workgroup word and specify your work group name

workgroup = SURYA

Why we require this workgroup? 
When windows user tries to access any network resource they first try to access my network places and then search for workgroup then to server. So definitely we have to specify this workgroup entry in smb.conf file.

Now specify the share details, which folder you want to share. To whom you want to share? Goto last line of the smb.conf file specify your shared folder details as follows.


[linux]
comment = "This is the Sample data which is shared with my windows users"
path = /sample
valid users = suri
writable = no (or) read only=yes
browseable =yes
Public=no 
Printable=no
Hostsallow=192.168.0.  (network ip of ur domain)


After giving this seven entries just save and exit the file.


Let me explain each and every thing what we used here.
a. [linux] -- This is the share name, so whenever any user accessed the samba server through network this will be visible as folder shared.
b. comment -- This is just a comment, which will help to know what is this share for.
c. path -- This is used to specify which folder on my samba machine to share.
d. valid users -- This will specifies which user is having access on this folder.
e. writable -- This will specify whether users are able to write or not, In this example the can just read the folder and copy..
f. browseable -- This is used to specify whether the folder content is browseable or not.
g. Public -- This will indicate whether this folder is public or not
h. printable-- This will indicate whether this folder is printable or not
i. hostsallow – give ip address of ur network, so that it will allow that domain



You can specify the Read-Only and Write Access to specified using keywords "read only" and "write list"


example: write list = user1, user3
              read only = user2, user4


Step 5 : Now create passwords for the users who are going to access this samba share remotely.
#smbpasswd -a suri

generate the passwords for this user and this passwords will be stored in /etc/samba/smbpasswd

Step 6 : check for the syntax for your smb.conf file if in case you did any mistake
#testparm

Step 7 : Restart the samba service
#service smb restart

Step 8 : Permanently on the smb service, So that after rebooting the system too our server will start running.
#chkconfig smb on

Step 9: To list all Samba users in local machine, use the following command
pdbedit –L

Step 10: To check it on server machine
Smbclient  //192.168.0.117/linux –U suri

It will ask password
Enter password
Then we can see the smb shell

Smb:/>

Thats all. You have done configuring the samba server.


SAMBA Server Interview Questions

Q. what is samba?
“Samba is an Open Source/Free Software suite that provides seamless file and print services to SMB/CIFS clients." Samba is freely available, unlike other SMB/CIFS implementations, and allows for interoperability between Linux/Unix servers and Windows-based clients. 

Q. What is CIFS?
The Common Internet File System (CIFS), also known as Server Message Block (SMB), is a network protocol whose most common use is sharing files on a Local Area Network (LAN).  The protocol allows a client to manipulate files just as if they were on the local computer.  Operations such as read, write, create, delete, and rename are all supported – the only difference being that the files are not on the local computer and are actually on a remote server.

Q. configuration file for samba?
/etc/samba/smb.conf

Q: Which SELinux security context used for SAMBA ?
Chcon –t samba_share_t  <shared directory name>


Q:  On which ports SAMBA server works ?

 UDP port 137 for netbiosns, the NETBIOS Name Service
 UDP port 138 for netbiosdgm, the NETBIOS Datagram Service
 TCP port 139 for netbiosssn, the NETBIOS session service
 TCP port 445 for microsoftds, the Microsoft Domain Service


Q:  What are the Security or Authentication Mode for SAMBA server?
ADS
DOMAIN
SERVER
USER
SHARE


Q:  How to Manually Create Machine Trust Accounts ?
/usr/sbin/useradd g machines d /var/lib/nobody c "machine nickname" s /bin/false machine_name$
passwd l machine_name$


Q:  What are the SAMBA server Types ?
 Primary Domain Controller (PDC)
 Backup Domain Controller (BDC)
 ADS Domain Controller


Q:  Which protocol SAMBA server uses ?
SMB, which stands for Server Message Block, is a protocol for sharing files, printers, serial ports, and communications abstractions such as named pipes and mail slots between computers.


Q:  How Does a Workstation find its Domain Controller?
There are two different mechanisms to locate a domain controller: one method is used when NetBIOS over TCP/IP is enabled and the other when it has been disabled in the TCP/IP network configuration. Where NetBIOS over TCP/IP is disabled, all name resolution involves the use of DNS, broadcast messaging over UDP, as well as Active Directory communication technologies.


Q:  Can Samba Be a Backup Domain Controller to an NT4 PDC?
No. The native NT4 SAM replication protocols have not yet been fully implemented.

Q:  How Do I Replicate the smbpasswd File?

Replication of the smbpasswd file is sensitive. It has to be done whenever changes to the SAM are made. Every user's password change is done in the smbpasswd file and has to be replicated to the BDC. So replicating the smbpasswd file very often is necessary.As the smbpasswd file contains plaintext password equivalents, it must not be sent unencrypted over the wire. The best way to set up smbpasswd replication from the PDC to the BDC is to use the utility rsync. rsync can use ssh as a transport. ssh itself can be set up to accept only rsync transfer without requiring the user to type a password.As said a few times before, use of this method is broken and awed. Machine trust accounts will go out of sync, resulting in a broken domain. This method is not recommended. Try using LDAP instead.

Q:  Can Samba fully replace my Windows NT server that is not a Primary Domain Controller (PDC)?
Samba can completely serve files and printers to Windows, just as a Windows NT server would.

Q:  Can Samba replaces my Windows NT PDC?

 Not completely. Samba domain control capabilities for a Windows 9x client are solid and complete, and so these clients would probably never know the difference. The domain control support for Windows NT/2000 clients is still being developed. Currently, enough has been implemented to allow a Windows NT client to join a Sambacontrolled domain, but there is more to domain control than that. The most conspicuous absence is the lack of support for Windows NT trust relationships and the SAM replication protocol used between NT PDCs and Backup Domain Controllers (BDCs).

Q: What TCP and UDP ports required for NetBIOS over TCP/IP use?

The NBT name service uses port 137/udp, the NBT session service uses port 139/tcp, and the NBT datagram service uses port 138/udp.

Q:   How SMB protocol works?

There will be three stages in creating an SMB connection between a client and a specific share on a server. The first stage in connecting to an SMB share is to negotiate the SMB protocol dialect to use. In the request packet, the client sends a text listing of all the SMB dialects that it understands. The server selects the most advanced protocol that it knows and responds to the client, specifying the protocol number from the list. At this point, the client and server have agreed that SMB commands can be used for the remainder of the conversation.

The second stage is to create a session connection between the client and server. To do this, the client issues a session setup request, which includes a sername and some proof of validity, such as a password. The server attempts to validate requesting user. If successful, the server then returns a session UID to client. This UID is unique for each session and has no relation to the server internal representation of users.


The third stage before access to files on a remote share is allowed is for the client to make a successful tree connection to the shared resource. The client sends to the server a tree connect request, which includes the UID previously issued by the server. At this stage the server verifies that the authenticated user is authorized to access the requested resource. If the user has sufficient privileges to access the share, the client is issued a tree connection ID (TID). The TID is used in all requests to access files contained in the resource to which the TID refers.

In this way SMB protocol works.

Q:  How man sections samba configuration file (smb.conf) contains?
smb.conf file contains three sections.


1.   [global] Contains settings that determine Samba overall behavior.
2. [homes] A default share for providing a home directory for all users.
3. [printers] A default share for exporting all printers on the host via CIFS.

Q:  If a netbios name is not defined in smb.conf, than what will be netbios name?
If a netbios name is not defined, Samba will use the IP hostname of the server by default.

Q:   I want to use User level security for my samba server than what i have to add in smb.conf file?
security = user

Q:   How you will verify that your smb.conf file doesn’t have any mistakes and misspellings?
"testparm " tool that verifies the syntax of a configuration file(smb.conf).
testparm s smb.conf

Q:   What is the use of "smbclient" command?

"smbclient" is used to display the list of shares on your server. This verifies that smbd is running and functioning correctly. The L option instructs smbclient to enumerate the shares on the server rather than actually connecting to one. The   N switch instructs smbclient to use an anonymous login rather than the login name of the current user.
 
smbclient L localhost N

Antother use of "smbclient" command to connect the samba share.
smbclient //<server>/<share> -U <username>

Q:   Explain "smbstatus" command?
The smbstatus utility displays information about connected users and currently locked files.

Q:  Is it possible for Samba to share file systems that have been mounted using NFS?
Yes. However, this can be problematic if the NFS server that provides the file system fails, causing the Samba server to hang. It is always safer to use Samba to share a local file system.

Q:  How many simultaneous connections can a Samba server support?
In theory, there is no limit. In practice, the limit is determined by the server’s hardware, specifically the total amount of available RAM and the CPU power. It might also depend on the amount of activity from the smbd processes.

Q:  Can Samba be a member of more than one workgroup at the same time?
No, Samba can be a member of only one workgroup.

Q:  What is SWAT?
SWAT is GUI Based administration tool for samba server.

Q:  I am trying to use SWAT, but I keep getting the message There was no response. The server could be down or not responding. What is the problem?
The most likely cause is that SWAT is not listening to connections, or you have used the wrong URL in trying to connect to SWAT. SWAT usually lives behind port 901, so the URL you should use is http://ID_ADDRESS_OF_SERVER:901/

:Q. Can i set empty password for samba user?
yes, If you want to set the value to an empty password, you must change
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
to

NOPASSWORDXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

in your smbpasswd file.

Note:  if you have edited the smbpasswd file by hand, make sure that the LAN Manager and NT password fields contain exactly 32 characters, no more and no fewer. If these fields do not have exactly 32 characters, Samba will not be able to correctly read the entry.
or You can modify by "smbpasswd" command.

smbpasswd n USER_NAME

Also you have to set the null passwords parameter to yes in the [global] section of smb.conf:
null passwords = yes

Q:  Does Samba support PAM?
Yes

Q:  What is role of "NTLM"?
The challenge/response authentication protocol available to Windows clients and servers for validating connection requests.

Q:  Explain "force group" parameter used in smb.conf?
It will define the group id to be used for all file access in the place of the user’s primary group.

Q:  Explain "force user" parameter used in smb.conf?
It will define the user id to be used for all file access.

Q:  Explain "write list" parameter used in smb.conf?
A list of users and/or groups that should be given write access even if the read only parameter has been enabled.

Q:  My clients are getting the error message that the Disk is Full when trying to print to my Samba server, but there is plenty of space. What is the problem?
If smbd is unable to write the spooled file to the directory defined by the path parameter for a printer if the write permission were denied, for example it would respond to the client with the message, Disk is Full. Samba will also return this error message if the amount of free disk space in the spool directory has fallen below the value specified by the min print space parameter.

Q:  When I click on my Samba server in the network neighborhood, I am continually prompted for a password to the IPC$ share no matter what I enter.
The Windows client is attempting to use encrypted passwords. However, the Samba server is configured to support only cleartext passwords. You should either enable encrypted passwords on the server or enable cleartext passwords on the Windows client.

Q:  Why is security = domain better than security = server?
There are three reasons why security = domain is better. The first is because this method enables the Samba server to participate in domain trust relationships. This is impossible with serverlevel security. The second reason is that, under serverlevel security, each smbd process must keep an open connection with the authentication server. This can drain a Windows NT PDC quickly. Under domainlevel security, this connection is maintained only long enough to perform the validation, thus conserving valuable resources. The final reason is that, as a domain member, the Samba server has access to much more information about user accounts, which can be used to automate the creation and deletion of user accounts upon demand.

Q:  what is nmbd daemon?
This daemon handles all name registration and resolution requests. It is the primary vehicle involved in network browsing. It handles all UDPbased protocols. The nmbd daemon should be the first command started as part of the Samba startup process.

Q:  What is smdb daemon?
This daemon handles all TCP/IPbased connection services for file and printbased operations. It also manages local authentication. It should be started immediately following the startup of nmbd.

Q:  What is winbindd daemon?
This daemon should be started when Samba is a member of a Windows NT4 or ADS domain. It is also needed when Samba has trust relationships with another domain. The winbindd daemon will check the smb.conf file for the presence of the idmap uid and idmap gid  parameters. If they are found, winbindd will use the values specified for UID and GID allocation. If these parameters are not specified, winbindd  will start but it will not be able to allocate UIDs or GIDs.

Q:  Explain the parameter "wins support = Yes" used in smb.conf?
If the Samba server was configured to provide WINS support ("wins support = Yes"), then the WINS server is able to provide name resolution for all of the hosts that are not listed in the /etc/hosts file or within the DNS. Making this adjustment in the Name Service Switch configuration file (/etc/nsswitch.conf) allows the Linux system to query the WINS server for local name resolution. This saves manual adjustments to host files.

Q:  How to automate SMB share mounting during system startup?
Add smb share entry in /etc/fstab file.
//IP_ADDRESS_OF_SERVER/Shared   /shared    smbfs    noauto,defaults  0  0

Q:  how to start and stop samba server?
/etc/init.d/smb  restart
Or service smb restart