Principles of Network and System Administration focuses on the general principles involved in setting up, configuring and maintaining computer communities, and provides a conceptual overview of the subject. A robust discipline of System Administration is now coming of age and both academics and industry recognize the need to formalize the problems which system administrators tackle. Amongst these challenges are the need to design a network which is logical, efficient, easy to upgrade and secure. The system administrator also needs to keep track of the ever increasing amount of information, to ensure that problems are fixed quickly, and provide a comfortable environment for users. The breadth and complexity involved in adopting and integrating ever more sophisticated technology is covered in this greatly expanded new edition.
Whilst providing practical illustrations of technical specifics through examples, Burgess steers away from the overwhelming details of specific operating systems. Trainee administrators and students alike need to understand a wealth of issues relating to heterogeneous environments before understanding the quirks of any one particular system. Moreover this book teaches good practice for working in a global community of networked machines and organizations ? which extends beyond being technically savvy to being professionally and ethically responsible.
Features:
- Broad coverage of Linux and other Unix versions, Windows, Macs and mainframes.
- Practical - supplemented with reference section containing practical recipes and advice.
- Vendor/Platform independent view of the technical, theoretical, practical and social/ethical aspects to Systems Administration.
- Strong pedagogy - end of chapter exercises plus teaching guide available from Website.
New to this edition:
- More exercises
- Security expanded; now covers ISO 17799; fault analysis and diagnostics
- Covers Java services and Ipv6
From the Publisher
A well-written and important book, "one of the best in the genre", says Stephanie Black, Reviewer for the Linux Journal.
Textbooks are not always just for the classroom. Sometimes, they're for holding up bookcases, large pots with plants in them and for keeping doors/windows open. Occasionally, they are the treasure chests of information a soul requires to do something for the betterment of self, system and/or network.
This little book will improve all three. Principles of Network and System Administration is neither big nor flashy, but it is probably one of the best works in the genre. It builds on an extensive body of work by others in the field and pulls the information together in such a way that the material is easily comprehended and absorbed. Burgess' writing is clear and engaging, something few textbooks achieve.
Burgess approaches both network and system administration from the perspective of "those principles and ideas of system administration which do not change on a day-to-day basis..." (from the Preface). The first principle Burgess sets out has to do with permissions:
Restriction of unnecessary privilege protects a system from accidental and malicious damage, and infection by viruses, and prevents users from concealing their actions with false identities. It is desirable to restrict users' privileges for the greater good of everyone on the network.
Burgess pays particular attention to the effects of given actions on the networked community, whether that network is a LAN or the Internet. We live in an age of networks, where what one user does most certainly and directly affects others on-line. This theme runs throughout the book, particularly in discussions of security, access to resources, data separation and permissions. The balance between individual users' rights and the needs of the community must be carefully weighed and balanced by the system/network administrator.
HIGHLIGHTS
Security is thoroughly discussed in two consecutive chapters. "Chapter 9: Principles of Security" covers a gamut of topics ranging from the physical security of a system to an overview of some common network attacks. Burgess nicely sums up the four basic elements of security (privacy, authentication, trust and integrity) and binds them to the underlying principle of security: "The fundamental requirement for security is the ability to restrict access and privilege to data."
By access, the author means those events that can corrupt/remove data, i.e., electrical storms, accidents and the like. If these events don't have access to data (because the data and/or backups are stored separately from where the effects of these events are likely to be felt) the data is partially secure; if users' privileges are guarded and enforced, the data is more secure still.
Burgess pays perhaps more attention than many of his author colleagues to the human factor in system and network administration, the sociology of computer users. He raises the question of security vs. user convenience, pointing out that inconvenient security measures will be more likely to be circumvented by users than be effective.
The same principle applies to overly conspicuous security measures in the face of an accomplished cracker. Security measures must be taken, but to make them obvious frequently serves as a temptation for the malicious user to get around a barrier to what (being so well-protected) may just be very valuable information. Then again, the pay-off for such a user may merely be bragging rights. The system's administrator is advised to verify such claims first, deal with the situation methodically and avoid panic altogether.
Chapter 10 deals thoroughly with security implementation, from analysis of network security, to WWW security, to intrusion detection and forensics. Again, the specifics of methodology are not the issue, but the reasoning used in setting up protected systems appropriately is.
A WORD OF CAUTION
If you don't come to systems administration from a scientific/mathematical background, you'll want to have a good math reference or two while going through "Chapter 11: Analytical System Administration". There are several references to statistical and calculus formulae that are better understood, and even implemented, if the reader has a faint idea of what Burgess is doing with the numbers. This is not to disparage the chapter at all. Evidence collection is a requirement of systems administrators if policies are to have any relationship to (or bearing on) user behavior or that of hardware and software performance over a period of time.
LITTLE EXTRAS
In addition to his focus on Linux/FreeBSD, Burgess also shows a strong appreciation for, and understanding of, the value of cfengine as the system administrator's "best friend". While its entries in the index are inaccurate, cfengine is well-delineated on pages 144-145, and again on pages 158-159. Especially nice is his description of how cfengine can be used simply by setting up its time classes to work as a user interface for cron, as a sort of front end with a variety of scripts as required. Pages 385-392 cover the use of cfengine in programming/automating tasks.
As an educator at Oslo College, Norway, Burgess demonstrates an alternate application of Principle 50, which states: "Every change or effect happens in response to a cause, which provokes it." Exercises at the end of each chapter are geared to grounding the reader in both theory and practice of network/system administration.
Appendix C contains introductions to, and brief code snippets of, several common scripting languages (PHP, HTML, Perl and CGI), as well as make. Useful if you're system administrator for a server!
CONCLUSION
Burgess has presented a work that pays great attention to the heuristics of system and network administration; technical and sociological issues are taken into account equally and are presented thoughtfully with an eye to teaching not what to do as a system or network administrator, but how to think about problems that arise in the practice. As a result, the author keeps the reader looking forward to what comes next and to actually implementing what he or she has learned.
INFORMATION AND RESOURCES
STEPHANIE BLACK is a writer--of words and code. When not writing, she runs a Linux consultancy, Coastal Den Computing, in Vancouver, BC, Canada. --This text refers to an out of print or unavailable edition of this title.