Question

1. a) Describe some of the different type of system administration tasks that could be automated through scripting.
b) Give an example of when an interpreted programming language is more appropriate to use than a compiled language. Are there any circumstances where a system administrator would want to use a compiled language?

c) People have DHCP in your home network and may not even realize it. How is DHCP implemented in your home?

d)What are the advantages of deploying DHCP through a router versus a Windows or Unix-based DHCP server? What are the disadvantages?

Answer 1

1)
a) Below are the five types of system administration tasks that could be automated through scripting.
Performance Monitoring
Taking an occasional performance snapshot is a good method for a single point-in-time glance at system performance. That singular peek is only a pixel in the entire performance picture. You need something with more depth and breadth that will provide you with performance trends and predictive peaks and valleys. Setting up such a system is easy with Orca. Orca compiles performance data from disparate sources (UNIX, Windows, Linux) and creates easy-to-read performance graphs. Gathering of data, calculations, graph generation and display are all part of the automated system.

Disk Usage Scans
Sys admin has some tools to employ: disk space quotas, disk partitions and disk space scans. Scans are regular audits of disk space usage by user. Offenders usually receive a warning or two before personal contact from a sys admin. Typical remedies for disk space gluttons are temporary account suspension, removal of files, moving the files to a new location or an extension of the user's space quota. These automated scans, when performed regularly (about once per week), prevent harsh actions by the sys admin and keep users apprised of their disk use.

File Transfers
Using command-line scripting power (Windows, UNIX and Linux), you can perform automated file transfers between hosts. There's no need to do them interactively. If you're clever in your timing, you can set up elaborate automated schemes that not only transfer your files but also unzip, change permissions, move, copy and insert information into a database. Use the secure versions of your file transfer utilities (e.g., SSH, SFTP, SCP) to ensure that anyone snooping doesn't grab an important password from your network stream.

Code Promotion
How you promote code from test to staging and into production can have a profound effect on marketing campaigns and other time-specific events. Moving the code from one environment to another manually is cumbersome, error-prone and requires coordination between developers and sys admins. Enable your developers to promote code from one environment to another using an automated code deployment system. Some sys admins use RSYNC for automated code deployment and it's safe to use if coupled with SSH keys to secure the transfers between hosts.

Malware Scans
You can scan for spyware, malware, viruses and other nasties using automated processes. Using scripts, you can map or mount drives, scan your filesystems, disconnect when finished with the scan, scrape the scan log for positive hits, and send the results to a database or in an email. You don't need to manually perform these scans when your system is perfectly happy and suited to do so on its own.

b)

There are many examples of when an interpreted programming language is more appropriate to use than a compiled language. Let us consider one real-world example.

With natively compiled code the developer deploys the executable macine code of the program and data. With interpreted code the source code itself has to be deployed which can then be inspected and reverse-engineered with much less effort than what it is to reverse-engineer native machine code. One exception to this is languages like C# and Java which compile to bytecode(MSIL for C# and Java bytecode for Java) which then gets deployed and compiled "just in time" at runtime, kind of like an interpreter does. However, there exist so-called decompilers for MSIL and Java Bytecode which can reconstruct original source code with relatively good accuracy and as such reverse-engineering such products is far more trivial than reverse-engineering products which are deployed in native machine code.

In general one of the downsides of compilation is that it generates some overhead due to compilation process - the source code has to be compiled to executable machine code so it's not suitable for tasks which require minimal delay when invoking the source code to execute a program. On the other hand compiled source code is almost always faster than equivalent interpreted source code due to the overhead caused by interpreting the code. Interpreters on the other hand can invoke and run the source code with very little invocation overhead, but at the expense of run-time performance.

System administrator would want to use a compiled language when he need to achieve less run time that is code execution is faster which is achieved by compiler as Compiled code run faster. Inorder to optimize the code upfront because compilers perform lots of optimizations that make code run faster. Inorder to know the errors and warnings in the code at once at compilation time. Therefore, you can't run the program without fixing errors

c)

Dynamic Host Configuration Protocol is a network management protocol that is used to dynamically assign the IP address and other information to each host on the network so that they can communicate efficiently. DHCP automates and centrally manages the assignment of IP address easing the work of network administrator. In addition to the IP address, the DHCP also assigns the subnet masks, default gateway and domain name server(DNS) address and other configuration to the host and by doing so, it makes the task of network administrator easier.

Inorder to configure a host in home network we need
Leased IP address – IP address to a host which lasts for a particular duration which goes for a few hours,few days or few weeks.
Subnet Mask – The host can know on which network it is on.
Gateway address – The Gateway is the Internet Service Provider that connects user to the internet.The Gateway address lets the host know where the gateway is to connect to the internet.

So this is done by DHCP in home network as follows.

DHCPDISCOVER: When a new node is connected to the network, it broadcasts the DHCPDISCOVER message which contains the source address as 0.0.0.0 to every node on the network including server. DHCP server on receiving the message, returns the DHCPOFFER message to the requested host which contains the server address and new IP address to the node.

DHCPOFFER: If there are multiple servers on the network, host receives multiple DHCPOFFER messages. It is up to the host to select a particular message.

DHCPREQUEST: The requested host on receiving the offer message, it again broadcasts the DHCPREQUEST message on the network with the address of the server whose offer message is accepted by the host. The server which pertains to that server address sent by the host checks whether the address to be assigned to the node is available in the data storage.

DHCPACK : If the address is assigned , it marks the IP address in the storage as unavailable to ensure consistency. Now, the server sends DHCPACK packet to the requested host which contains network information(IP address, subnet mask, gateway address). In case, if the address is assigned to other machine meanwhile, then the server sends the packet DHCPNAK to the requested host indicating that the IP address is assigned to some other machine.

DHCPRELEASE : And finally, If the host wants to move to other network or if it has finished its work, it sends the DHCPRELEASE packet to the server indicating that it wants to disconnect. Then the server marks the IP address as available in the storage so that it can be assigned to other machine.

This is how is DHCP implemented in your home.

d)

Advantages of deploying a DHCP through a router versus a Windows or Unix-based DHCP server:

The main advantage deploying DHCP through a router is that the router ‘knows’ it is the gateway between the internal network and the Internet and can automatically configure its DHCP server to provide sensible valid addresses to connecting DHCP client devices.

If you have a separate Windows or Unix-based DHCP server, then that server has to be configured explicitly to provide the correct range of addresses to work with the router, which will still be the gateway to the Internet. A separate DHCP server has to be configured to provide a valid gateway address (the address of the router) and normally a DNS server address. Moreover a Windows DHCP server requires a CAL for any device that uses DHCP. Probably if we deploy DHCP through a router then there is no need to set up and maintain a server.

Also, as the router is also an Ethernet switch and Wireless Access Point, the single device can serve as a DHCP server in addition to its gateway and switch and WAP functions. It is also providing firewall and NAT features as well. If you use a separate DHCP server, then this is another device that has to be running on the local network segment. The router will still has to provide the gateway, NAT, switch and WAP features and it is probably desirable to keep the router’s firewall turned on.

Disadvantages of deploying a DHCP through a router versus a Windows or Unix-based DHCP server:

1)Running DHCP on the router will make the router more busy and consume some additional memory. If that impacts performance it makes it a less good idea. If you want to track DHCP utilization more DHCP servers probably have better reporting mechanisms that the router does for DHCP.

2)Running DHCP on a router is that it will take up some memory/cpu utilization that might be needed to route traffic