You can use any resource you want EXCEPT other people, animals, aliens etc. However, you MUST document that source (if it is the course book just put (CB) after it ;) So if it is a web page, give me the URL someplace, etc.

Some of this may be in the book, some of it you may have to search for a bit, but if you want to become a sys admin you had best learn how to search the web (start with my Search Page for a list of search engines/indexes at the bottom.

NOTE: EXAMS MUST BE TYPED, I will not grade hand written exams and please copy the questions in as well, makes it much easier to grade.
And put YOUR NAME inside the file!

Additionally, when I ask for "How would I make it so I can view a huge directory with ls without it scrolling off the screen" a simple
ls -l | more
is all I need for an answer. Keep these short. Even some of the first questions should be a couple of sentences at most. I know this test will be some work (I figure it will take you about 2 hours to finish, not counting boot up times etc) but I don't want it becoming a nightmare. Good hunting.

1. Explain the process of sending an email. In your own words, give a rough summary, explaining what MDA, MTA etc are.
2. What is a "TRUSTED_USERS" in sendmail allowed to do? How do you do that in Postfix?
3. What configuration changes can you make to reduce spam on your system?
4. Find an email that has been sent to you, and make sure you go to "view" "full headers". Copy the headers into the exam, and explain, as best you can, what each line means.
5. Explain what the alias file and the access file are for in sendmail, and how to edit/create them.
6. What is ntp? Why is it important to have it on your server? What is ntp.drift used for? Any drawbacks to it?
7. You installed MySQL. Why are SQL servers such a big deal for internet servers? Give the URL and a short explanation (in your own words) for a company that uses a internet database/web page interface for their business.
8. The normal MySQL lacks "transactions" (you must use the InnoDB database format to get them). Find a web site that explains what transactions are, and give a short (in your own words) explanation of what a transaction is, and why you might need one.
9. Name three ways you can secure your MySQL or other type of SQL server.
10. Your customers want to have their web pages interface with a database. List two languages/software sets that you can do that with on Linux.
11. Snort is an IDS. Explain what an IDS is, and what it can do? How can you have snort alert you or add an intruder to your firewall?
12. What does portsentry do? Why is it considered to be rather limited? What can Snort detect that portsentry can't?
13. What is nmap used for (be specific in what it can do)? Why do some groups want it banned?
14. Go to www.nessus.org and find out what features nessus is supposed to have that make it "better" than things like nmap/saint.
15. (5pts)What is a proxy? Why would you use one, why is it considered an improvement on safety? Give an example of a Linux proxy server.
16. What does a packet filter do? Why is it important to your security? Why do some experts prefer a hardware based firewall instead of software? Are hardware firewalls perfect?
17. If you go to netfilter.org you can find out more about iptables. What is the difference between stateless and stateful firewall monitoring? What does this mean for protecting services like anonymous ftp?
18. (10pts)In Iptables you have the following lines
    /sbin/iptables -P INPUT DROP
    /sbin/iptables -P OUTPUT DROP
    /sbin/iptables -P FORWARD DROP
    /sbin/iptables -A INPUT -p tcp -i eth0 --dport 443 -j ACCEPT
    /sbin/iptables -A INPUT -p tcp -i eth0 --dport 22 -j ACCEPT
    /sbin/iptables -A INPUT -p tcp -i eth0 --dport 80 -j ACCEPT
    /sbin/iptables -A INPUT -p tcp -i eth0 --dport 143 -j ACCEPT
    Explain what each line does. And, with just these rules, can you access the outside internet from this machine? And what services are available FROM this machine?
19. List four websites that talk about internet/network security.