1
00:00:00,000 --> 00:00:14,620
Hey guys and welcome back.

2
00:00:14,620 --> 00:00:20,519
So to wrap up this skill on network troubleshooting, there are a couple more things I want to

3
00:00:20,519 --> 00:00:21,519
talk to you about.

4
00:00:21,519 --> 00:00:25,519
The first one relates to host name configuration.

5
00:00:25,519 --> 00:00:32,119
Now this could very well have fallen under the topic of network configuration files because

6
00:00:32,119 --> 00:00:38,320
you can actually change the configuration directly via a particular configuration file.

7
00:00:38,320 --> 00:00:43,000
However there are actually different ways to change this particular value.

8
00:00:43,000 --> 00:00:45,840
So let's begin with that first.

9
00:00:45,840 --> 00:00:51,079
So if I just actually issue the command host name, this is going to print out well my host

10
00:00:51,079 --> 00:00:52,079
name.

11
00:00:52,079 --> 00:00:57,600
What we can actually do here is we can indeed change the name of our host name and we can

12
00:00:57,600 --> 00:00:59,839
do it directly with this command.

13
00:00:59,839 --> 00:01:05,679
We can just say host name and let's just call this maybe John's computer and if I hit enter.

14
00:01:05,679 --> 00:01:11,239
Oh of course I have to be the super user so I'll just change this to John's computer

15
00:01:11,239 --> 00:01:14,120
with super user type in my password.

16
00:01:14,120 --> 00:01:19,079
Now it might not be apparent but my host name has actually been changed.

17
00:01:19,079 --> 00:01:22,400
If I happen to say host name we can see here the name has changed.

18
00:01:22,400 --> 00:01:28,599
Now if I would happen to get a new shell i.e. by logging in once again or by going directly

19
00:01:28,599 --> 00:01:29,599
to my machine.

20
00:01:29,599 --> 00:01:34,480
So while those will close this one down I will get a new terminal.

21
00:01:34,480 --> 00:01:37,079
Notice here the name has indeed changed.

22
00:01:37,079 --> 00:01:42,560
Similarly if I happen to close my SSH session and I open a new putty session.

23
00:01:42,560 --> 00:01:49,039
If I log in as IPv0 type in my password you can see indeed just the same way the host

24
00:01:49,040 --> 00:01:51,400
name has changed to John's computer.

25
00:01:51,400 --> 00:01:56,000
Now the big thing here though is that this configuration change.

26
00:01:56,000 --> 00:02:02,719
This configuration change is not persistent meaning that if I happen to reboot my machine

27
00:02:02,719 --> 00:02:10,200
this change would just be undone i.e. we would revert back to the original host name.

28
00:02:10,200 --> 00:02:11,560
So let's just test this out.

29
00:02:11,560 --> 00:02:16,960
I can say sudo reboot type in my password that kills the connection.

30
00:02:16,960 --> 00:02:19,240
Now my machine is rebooting.

31
00:02:19,240 --> 00:02:23,159
Ok so if I log in I just full screen this.

32
00:02:23,159 --> 00:02:29,719
If I go to my terminal notice it has reverted back to IPv0 and I say host name with the

33
00:02:29,719 --> 00:02:33,120
command once again it has reverted.

34
00:02:33,120 --> 00:02:38,560
Now if I want to make this change persistent I can actually modify a particular configuration

35
00:02:38,560 --> 00:02:39,560
file.

36
00:02:39,560 --> 00:02:45,800
Now that file again is in the Etsy directory and it's called host name really easy to

37
00:02:45,800 --> 00:02:46,800
remember.

38
00:02:46,800 --> 00:02:51,360
The difference here is that if I happen to modify the host name directly within this

39
00:02:51,360 --> 00:02:58,280
configuration file that change will be persistent i.e. meaning that if I happen to reboot my

40
00:02:58,280 --> 00:03:02,640
system the new host name will still stay in place.

41
00:03:02,640 --> 00:03:08,480
So what I can do here is if I show you this particular file and I say sudo nano etsy and

42
00:03:08,480 --> 00:03:10,560
go into host name hit enter.

43
00:03:10,560 --> 00:03:14,240
We can see here the host name has been set to IPv0.

44
00:03:14,320 --> 00:03:19,040
If we want to make a modification to this particular configuration file we can actually

45
00:03:19,040 --> 00:03:21,600
do so directly via the command line.

46
00:03:21,600 --> 00:03:26,640
The difference is that we don't use the command host name we actually use the command host

47
00:03:26,640 --> 00:03:32,600
name CTL and by doing this this will actually modify that particular file.

48
00:03:32,600 --> 00:03:38,640
So I'll say sudo host name CTL and I can say set hyphen host name and change this to

49
00:03:38,640 --> 00:03:41,320
maybe say john test.

50
00:03:41,400 --> 00:03:47,039
Now if I hit enter again it appears like nothing has actually changed here but if I say host

51
00:03:47,039 --> 00:03:53,000
name now the name has indeed been changed to john test and if I go back into this configuration

52
00:03:53,000 --> 00:03:58,079
file and I hit enter notice this configuration file has been updated.

53
00:03:58,079 --> 00:04:03,759
Now like I say this here doesn't appear like it's changed within the prompt that is because

54
00:04:03,759 --> 00:04:05,680
we're still using the same shell.

55
00:04:05,680 --> 00:04:11,640
If I happen to close this down and open up a new terminal window indeed we see john test

56
00:04:11,640 --> 00:04:17,680
instead and again if I happen to say sudo reboot and reboot the system hit enter the system

57
00:04:17,680 --> 00:04:24,360
reloads the system has rebooted let's log back in we'll open up a terminal let's go in.

58
00:04:24,360 --> 00:04:29,560
Notice this time the changes though have actually survived the reboot that is because when we

59
00:04:29,560 --> 00:04:35,639
use the host name command itself we do not actually modify the etsy host name configuration

60
00:04:35,639 --> 00:04:42,279
file however when we use the host name CTL command we do indeed modify that configuration

61
00:04:42,279 --> 00:04:47,560
file and that makes all the difference with respect to the persistence of this particular

62
00:04:47,560 --> 00:04:48,639
configuration.

63
00:04:48,639 --> 00:04:52,279
So that is something we have to know for the lpik 2 examination.

64
00:04:52,279 --> 00:04:57,319
Now before we close I just want to make note of two very important files both within the

65
00:04:57,319 --> 00:05:05,279
etsy directory one is called hosts.allow and the other is hosts.deny.

66
00:05:05,279 --> 00:05:09,599
Now we actually have this concept of what is called a TCP wrapper okay.

67
00:05:09,599 --> 00:05:16,639
Now all TCP wrappers refer to are particular programs that happen to be compiled with something

68
00:05:16,639 --> 00:05:18,479
called libwrap.

69
00:05:18,479 --> 00:05:22,959
Try to remember that and all libwrap is is a very particular library.

70
00:05:22,959 --> 00:05:30,839
Now this library happens to be used by things such as say SSH because the SSH server daemon

71
00:05:30,839 --> 00:05:35,359
i.e. SSHD will use this particular library.

72
00:05:35,359 --> 00:05:42,679
Now when something like say SSHD happens to want to use libwrap in order to be able to

73
00:05:42,679 --> 00:05:50,599
authorize a particular connection it's first going to look in etsy host.allow and if from

74
00:05:50,599 --> 00:05:56,479
within this file it sees that this particular service is allowed to be made to this particular

75
00:05:56,480 --> 00:06:01,759
network or destination then that connection will indeed be allowed to happen.

76
00:06:01,759 --> 00:06:08,160
Now if no rule within this particular file happens to be found and matched the libwrap

77
00:06:08,160 --> 00:06:16,480
library is going to look at particular rules within the other file etsy host.deny and if

78
00:06:16,480 --> 00:06:23,120
we happen to get a match within this particular file then the libwrap library is going to say

79
00:06:23,120 --> 00:06:30,399
to that service this connection is not allowed and quite simply if we happen to have no match

80
00:06:30,399 --> 00:06:38,240
in either file then the libwrap library is going to tell that particular service be SSHD

81
00:06:38,240 --> 00:06:40,639
to indeed allow this access.

82
00:06:40,639 --> 00:06:44,840
But again we do want to understand the order of operations here.

83
00:06:44,840 --> 00:06:51,439
The first place it will look like I say will be in etsyhost.allow and right now this particular

84
00:06:51,439 --> 00:06:57,360
configuration is blank but you might actually see something like say the service SSHD followed

85
00:06:57,360 --> 00:07:04,399
by a colon and then you could specify a particular destination or you could give a network range

86
00:07:04,399 --> 00:07:12,720
or indeed you could say the keyword all which would mean that for the SSHD daemon all connections

87
00:07:12,720 --> 00:07:18,560
are going to be allowed or we could specify particular keywords such as accept and we

88
00:07:18,560 --> 00:07:26,399
can add in a particular host to not allow say for example 0.50 this would mean that for this

89
00:07:26,399 --> 00:07:35,279
particular daemon we would allow absolutely everyone to use SSHD except for this particular host in

90
00:07:35,279 --> 00:07:41,920
which case they would be disallowed. Now again if we do not happen to find a match within this

91
00:07:42,000 --> 00:07:49,759
particular file the next file we would go to would be an etsyhost.deny. The difference here being

92
00:07:49,759 --> 00:07:57,600
is if we go in let me just escape out and I go into hosts.deny if I happen to say SSHD and then

93
00:07:57,600 --> 00:08:07,360
specify all as opposed to allowing everyone access to SSHD instead we are denying them access because

94
00:08:07,360 --> 00:08:14,879
we are now in the deny file. Now one thing to say is that if we happen to have a conflict i.e.

95
00:08:14,879 --> 00:08:21,360
we happen to allow a particular service within hosts.allow but we have actually got a similar rule

96
00:08:21,360 --> 00:08:28,960
within hosts.deny disallowing a particular service for a particular connection the one that is going

97
00:08:28,960 --> 00:08:36,399
to take precedence and when is going to be the hosts.allow file that will override anything within

98
00:08:36,480 --> 00:08:44,159
hosts.deny the reason being here is that hosts.allow that particular file is going to be evaluated

99
00:08:44,159 --> 00:08:50,720
first so if that happens to find a match within that file the hosts.deny file will not even be

100
00:08:50,720 --> 00:08:56,240
checked. Ok doc so that can be a little bit confusing but it certainly is worthwhile to remember

101
00:08:56,240 --> 00:09:02,319
for the purposes of the examination these tcp wrappers are going to use that libwrap library

102
00:09:02,320 --> 00:09:06,720
in that particular library is going to check these particular configuration files

103
00:09:06,720 --> 00:09:12,240
when these particular services are going to be called to be used say for example our network

104
00:09:12,240 --> 00:09:20,000
connection over ssh libwrap will consult these particular files and being able to control access

105
00:09:20,000 --> 00:09:25,920
to these particular files can have a great impact on these network connections and understanding this

106
00:09:25,919 --> 00:09:31,919
is going to have a profound effect with your ability to diagnose these types of problems and

107
00:09:31,919 --> 00:09:37,360
fix these types of network connection issues so that is us for our network troubleshooting

108
00:09:37,360 --> 00:09:40,799
i hope this has been informative for you and i'd like to thank you for viewing