Current location - Training Enrollment Network - Education and training - What do you need to master as a network administrator?
What do you need to master as a network administrator?
What network administrators should be able to and should learn.

Network management is mainly divided into Internet cafe network management and company network management. Different types of network management have different technical requirements and there are great differences. What skills do you need to learn to become a network manager? Let's have a look!

Dos command [only list what we may need in our work]

1, cd displays the current directory name or changes the current directory.

2.dir displays the list of files and subdirectories in the directory.

3.md Create a directory.

4. Delete one or more files.

5.chkdsk checks the disk and displays the status report.

6.cacls displays or modifies the access control list (ACL) of the file.

7. Copy Copy one or more files to another location.

8. Date modification date

9. Format the disk

10, type displays the contents of the text file.

1 1, move files and rename files and directories.

12. Expand one or more compressed files.

13, rename the file.

14, display or change file properties.

Time displays or sets the system time.

16, at at command arranges to run commands and programs at a specific date and time. To use the AT command, the scheduling service must already be running.

17, net[ user], [time], [use] a lot, check it yourself.

18, netstat displays protocol statistics and current tcp/ip connections.

19, nbtstat is based on NBT (Network bios over TCP/IP) protocol statistics and current TCP/IP connection.

20, routing operations and view the network routing table.

2 1, not to mention ping, everyone is familiar with it.

22, nslookup domain name lookup

23, edit the text editor under the command line

24, netsh powerful command line to modify tcp/ip configuration tools.

25.fdisk thinks that there are fewer people using it now, but it is still useful when there are no other tools.

The above is just a list, the specific usage is limited to space, and everyone knows how to get help documents.

Second, the method of clearing cmos password

1. Remove the cmos power battery directly from the motherboard.

2. Set jumper for short circuit bios. See the description of each motherboard for details.

3. debug. The commands are listed in detail below, and the newline character means enter.

c:/& gt; shakedown test/debug

-o 70 10

-o 7 1 10

ask

4. Download the cmos password viewer.

NT-based method for handling system administrator's forgotten password.

1. If it is installed in fat32 partition, boot directly to dos and delete the SAM file under %systemroot%/system32/config/

2. If it is installed on ntfs partition, you need a software [such as ntfspro] that supports reading and writing ntfs partition under dos, just like the above.

3. If a dual system is installed, enter from the other system and delete the sam file [whether it is ntfs or not, whether the other system supports ntfs].

4. Connect the hard disk to another machine and delete the sam file.

5. Go to Commander ERD. One function of this software is to modify the user password of nt/2000/xp, including the administrator password. If you want to use it, you must burn it to a CD and start it from the CD to modify it.

Fourth, the network.

1, production of network cable, quality appraisal of network cable and crystal head.

In a network, the production of network cables must be unified according to a standard, generally according to EIA/TIA568 A or EIA/TIA568 B. After the network cables made according to a standard are officially put into use, the probability of network problems will be very small.

My opinion on the quality identification of network cable: the network cable feels very soft, and it will not burn immediately when burned, but will slowly melt, and the words on the foreskin are clearly visible. If it is genuine, cat5 or cat5e is lowercase, and the white line inside is not pure white, but patterned; The price of genuine crystal head is generally more expensive. If you press the inclined part with your hand, it should feel soft and easy to press, and the copper sheet is not easy to be corroded.

2. Familiar with the network configuration of 98/nt/2000/xp/2003/linux/unix.

3. Be familiar with the topology and routing of your local area network, and point out the corresponding destination on the network line connected to each interface of the hub/switch/router. When a node has a problem, it is very important to diagnose the network fault. Originally, this should be done during network routing, but many times I still have to do it myself.

4. Understand the network testing, and skillfully use the network tester. Understand the network operation, this can start from the gateway or router. Proficient in using sniffer/iris and other protocol analysis tools.

5, all kinds of network failures should be kept in mind, all kinds of solutions.

6.ip/mac/ port will be blocked, Internet access will be restricted and download speed will be limited.

7. Be familiar with the performance, parameters and manufacturers of each managed network device.

8. Be familiar with dos network commands [ping, route, net, netstat, nbtstat, netsh, netsend, nslookpup, traceroute,]

9. Be familiar with subnet division and subnet mask calculation.

10, skillfully configuring various vlan.

1 1, knowing tcp/ip protocol, without theoretical guidance, you will encounter many nails in practice.

Verb (abbreviation of verb) virus knowledge and hacker knowledge [for these two aspects of knowledge, many people may just wander at the door]

1, a virus is actually a collection of program codes, and there is nothing to be afraid of. As long as I know his principle, working mode, infection mode and consequences, I will naturally know how to prevent him and how to break him. For file viruses-generally infected with exe files, he inserts himself into exe files, so he needs to master some knowledge of pe file formats. If inserted into the gap, the file size will not increase after insertion, but will increase if inserted at the end of the file. Precautions against file viruses: (1) Upgrade antivirus software frequently and use the latest antivirus software to kill; (2) Pay special attention to attachments in unknown emails; (3) Use antivirus software to kill files brought by foreign media; (4) If you find some unknown symptoms, such as the change of executable file size. Send an email to the anti-virus software company immediately and send the samples. E-mail virus-a virus whose main infection channel is e-mail, is actually the product of combining with file virus. The code is directly inserted into the email body and attachments, and most of the code is written in scripting languages such as vbs and js. Usually, there is a step of asking when you open an attachment, but the virus author takes advantage of the vulnerability of e-mail sending and receiving programs (such as outlook express), so that you can execute the virus program by clicking the attachment or simply moving the mouse over it, as is the case with viruses such as iloveyou and Melissa. This is how ie usually handles email attachments. According to the file type specified by MIME, ie will read the attachment if it is a text file. If it is a video clip, ie will check it; If the attachment is a graphic file, ie displays it; However, if the attachment is an executable file of exe, ie will prompt you whether to execute it or not, and then execute it after obtaining your permission. If it is rejected and abandoned, the intruder will fall into the hands of "tips".

In fact, ie hints are judged by the type specified by the MIME header. When an intruder encodes the attachment of an exe with base64, when constructing the MIME header, he specifies it as another type of file in the content-type item, such as writing audio/x-wav, and then he can order ie to try to open the file as an audio file, so that ie will think it is a legal file and run it without asking you whether to execute it. Prevention method of email virus: (1) The system sets the prevention method-change the opening mode of script file; (2) Delete the WScript component and completely prohibit the script from running, but some web page special effects written by vb, VB and java scripts can no longer be seen; (3) lock the registry; (4) display the extension of all files; (5) Prevent the virus from replicating itself. Many viruses must create a FileSystemObject before replicating themselves. Therefore, banning file system objects can prevent this type of virus from spreading. Prohibition method-run regsvr32scroun.dll/u. (6) Prevention awareness-install real-time virus firewall/upgrade the latest version of ie/ do not use outlook/ properly handle attachments.

2. You know a lot about hacking, such as Trojan horse, vulnerability attack, encryption and decryption, buffer overflow, DoS/DDoS and sniffer. Perhaps a person's energy is limited, but you should at least know something about general hacking knowledge.

Intransitive verb operating system and server

As a network administrator, you should be familiar with various operating systems. The only solution is to install multiple systems on your machine to learn. Generally speaking, familiar with installing windows series; If you want to know more about other operating systems, according to my personal experience, you can choose red hat/mandrake/free bsd[unix], or even have access to commercial unix systems, such as ibm aix /sco unix/hp ux. But this process is very long.

2. For servers, this refers to server hardware and server software. Servers and server software are the objects we manage, and we have to face them every day. You should be familiar with the hardware, at least the server, motherboard, chipset, cpu, memory and disk you play every day. From a technical point of view, you should be familiar with it. Generally speaking, server software needs to master iis, apache, tomcat, websphere,. Net, various databases, various ftp server software and mail server software. Well, basically everything can be written in the book.

Seven, data management, safety management

1. What is the most important thing after the informationization of the company? Data, so even if the IT manager doesn't ask you to write a data management system, you should take the initiative to write it. Including daily data access, real-time data backup, regular backup, backup methods are clearly written. And check whether it is executed correctly every day. Maybe this is a bad habit of China people. The system is good, but it is so difficult to implement.

2. Speaking of safety, many people may know that safety is very important, but they have not really achieved safe production. I think it has something to do with a person's safety awareness and computer level. A person wants to be safe, but he can't achieve it from a technical meeting. Then we should appear, and an enterprise should have relevant training.

Ps: Both data management and security management involve management. This management is not only the work of our network management, but also the work of a group. Leaders should pay enough attention to these aspects.

Finally, I hope that our work can be recognized by our superiors and that we will be valued as a group, because we are really important.

-

What you must learn to be a senior network administrator.

One or more professionals who are responsible for the installation, maintenance and troubleshooting of the network and make the network run normally are called network administrators.

The Measures for the Implementation of the Interim Provisions on the Administration of International Networking of Computer Information Networks in People's Republic of China (PRC) stipulates the management principles, management means, management responsibilities and relevant laws and regulations that network administrators should abide by. Network administrators should be familiar with the types, functions, topological structure, geographical environment, performance and ability of communication equipment, types and versions of software systems, data structure, data flow and data processing flow of database management systems, etc. After the completion of the network system project, the network administrator should be responsible for the daily management of network expansion, service, maintenance, optimization and troubleshooting.

The International Organization for Standardization (ISO) only defines five functions of network management. However, for the management mode of each actual network, it is difficult to determine the standard management mode that each network should adopt because of the different actual situation of each network. However, with the gradual accumulation of practical network management experience, people have gradually summed up a set of ineffective network management models from a large number of practices.

Management of network server

Configure and manage server properties, install and set TCP/IP protocols and remote access service protocols, install and manage DNS servers, and install and configure Internet naming server WINS. Install a license server, issue licenses to terminal service customers, and manage local and remote terminals.

Constantly enrich and update the information on the server, update the WWW page information, inject new data into the database server, and manage the user mailbox of the mail server.

Network user management

On the premise of ensuring the safe and reliable operation of the network, the network administrator sets an account and password for each user, assigns different network access rights, and sets access rights to webpage content according to the work rights and personnel changes of the unit.

The leaders in charge of the unit have the "supreme" authority, can perform any operation on any network service, enjoy the access authority of all kinds of business data, and ensure the security of confidential data. All departments in this unit have the same rights, can establish user groups, enjoy the rights corresponding to their work, and can perform tasks related to their work. All employees can browse, query and download from WWW, FTP, E-mail and some database resources, and have the basic right to print files with printers.

Limit the number of accounts that the Web server can log in, cancel expired users and dial-up users in time, and close unused network services.

Management of network files and directories

First, we should choose the corresponding file system according to the network operating system. Windows NT platform includes FAT (File Allocation Table) and NTFS file system, which is a high-performance, high-reliability and high-security network file system provided by Windows NT.

Set * * * access rights and security rights of directories and files, export directories that need * * *, and establish connections between logical drives and * * * access directories.

Check the security of the file system, regularly search the system information and compare it with the master checklist, and find all files modified by unauthorized users at will to ensure that the file system can be restored after being modified.

Prevention of data loss and data repair, network data backup and establishment of data mirror site (completely copying data to another computer), data file redirection recovery and encryption management of sensitive data, etc.

Configuration and management of network printer

Create a network printer server, and set the policies, enjoyment attributes and safety rules of the network printer.

ip address management

IP address management is the key to keep the computer network running efficiently. If the IP address is not properly managed, IP address conflicts will easily occur in the network, which will cause users with legal IP addresses to be unable to enjoy the network resources normally and affect the normal business development of the network.

At present, most small and medium-sized computer networks use class C addresses, and each IP subnet can have 200 computers or network devices, which will be expanded in the future. There are usually three ways to assign IP addresses:

One is to assign specific IP addresses to network devices. Fixed IP addresses are generally given to servers, computers and network devices that often surf the Internet.

The second is to dynamically allocate the IP addresses of some computers. For those computers that seldom surf the Internet or have strong mobility, dynamic host configuration protocol (DHCP) can be used to dynamically configure IP addresses, thus saving IP address resources and facilitating network administrators to manage these network devices.

The third is to assign public IP addresses to some workstations. When a workstation needs to access the network, the centralized IP management software assigns it an IP address: when the workstation finishes accessing the network, it takes back the IP address assigned to the workstation and this IP address becomes a public IP address.

Network security management

The network administrator exports the monitoring configuration and sets chart view options, system management alert options and event log types. Establish audit strategies to monitor network activities, network traffic and network services. Carry out the help-seeking test, analyze the network help-seeking probability, strictly manage the firewall account and password, and block the intruder's power attack path, so that the intruder will be hit hard.

Daily maintenance of network wiring

According to the needs of employee transfer and work, the network wiring system is maintained by adding new servers, workstations and networking equipment, replacing damaged cables or removing network cable connectors.

Create a network cabling reference file. After installing the cable system, the network administrator uses the cable tester to check the cable regularly to ensure the quality of the wiring system. After evaluation and certification, the test results stored in the cable tester are copied to the computer and printed as the network wiring reference document.

(2) Test and locate network wiring faults. The network cabling system is divided into several logic units, and each logic unit contains a section of rock fixed link, junction box and jumper. Use the cable tester to test the logic elements one by one. If the cable tester shows the distance of the open circuit, the location of the open circuit or short circuit can be determined. If the wiring mapping fault is found, it is mostly the wiring error at both ends of the fixed link; If the attenuation is excessive, it is mostly inferior cable. Use alternative methods to verify suspicious components.

Management of key equipment

Some key devices of computer networks generally include backbone switches, central routers and key servers. For the management of these network devices, besides monitoring their working status through the air duct software, they should also be well backed up. Now many manufacturers have put forward backup solutions for key servers, which can keep the operation and operation synchronized with the main server, thus ensuring the data consistency and reliability of key databases and preparing for the backup server to replace the main server in time when the main server fails in the future.

General routers connect with wide-area wind by configuring V.25bis interface on other wide-area wind ports to make dial-up backup of high-reliability wide-area wind connection. When the main link is disconnected due to a fault, a backup link can be established in time to continue data transmission on the main link.

At present, it seems that few manufacturers can provide systematic solutions for the backup of backbone switches, so only by strengthening the monitoring of the performance and working status of backbone switches in daily management can the normal work of network backbone switches be maintained.