- What Linux distributions do you like and why?
- How would you backup a server in real time?
- What would you do if a production server fails?
- How would you secure a server?
- What kind of monitoring would you apply?
- What is the task manager under Linux?
- What would you do before a hacking attack?
- Apache or Nginx?
- What initial rules would you apply to Iptables?
- What are the most common problems for servers?
- Main aspects of server and network structuration
There are many great articles on the Internet about questions for candidates for jobs requiring Linux users, but most of them contain questions for new or workstation users. The following questionnaire is focused on sysadmin tasks emulating real scenarios, questions would be made in a face to face conversational interview in which the employer wants to learn the candidate reactions before specific problems, contrary to written exams aiming to test the candidate’s knowledge on specific commands.
This article may be complementary with Debian Linux Job Interview Questions and Answers.
What Linux distributions do you like and why?
Here do not answer “Ubuntu” even if it your chosen Linux distribution. Try to learn a little about harder Linux distributions showing better knowledge. Gentoo, ArchLinux or even Slackware would be a better option before a potential employer. I myself would have preference for a Gentoo, ArchLinux or Slackware user candidate an Ubuntu user, you can also mention Debian despite it doesn’t require too much knowledge either. Ubuntu is a great Linux distribution but it can be chosen by both advanced and new users and the idea is to portray yourself as an advanced user without allowing the employer to doubt about it.
How would you backup a server in real time?
There are several options, rsync is a good way to keep files and directories updated through incremental backups. There are some CDP (Continuous Data Protection) great options like R1Soft. Database and files must be backuped separately allowing to immediately replace the old installation restoring the updated database.
What would you do if a production server fails?
Depending on the resources it is possible to have 2 synchronized servers online to route the traffic in case one of them fails, normally it requires too much resources since two different geographical locations are needed (otherwise there is not sense).
But normally this scenario must be planned in advance and a “Maintenance” screen must be able to redirect traffic through redirection if something happens, in this case if we have only a production server I would take only minutes to try to solve the problem while a coworker prepares the CDP restoration, my time limit to solve the problem should be determined by CDP restoration process, I would restore one or two versions previous to the last CDP backup while keeping the updated database. The aim is to restore the service to customers immediately, then to research the problem if there was enough time to backup the failing system.
How would you secure a server?
It depends on the resources, FortiGate and CISCO have great options to manage and protect networks. If that’s not a possibility Iptables is the first step, checking the access policies such as ssh as root or even changing important ports. An Intrusion Detection System like Snort and OSSEC would help to analyze malicious traffic over the network, honeypots are also an option. Physical access to servers must be restricted and no one except for sysadmins should own root access. Internal networking must be monitored too. Additionally depending on the type of service additional measures may be applied like security mods for apache or specific protection for mail servers. On the other hand, auditing a server with pentesting tools such as Nmap, Nexpose, Nessus and more is an excellent help to help sysadmins and developers to keep everything updated and safe. Servers and relevant network devices must be backup by a enough UPS to keep it working before an electrical incident.
What kind of monitoring would you apply?
From IDS (Intrusion Detection Systems) to performance with software like Snort, OSSEC, VNstat. The aim is to analyse packets both for inconsistencies revealing offensive attempts and analyse traffic and balancing to optimize services and the network structure. Additionally I would monitor all partitions and disks space.
What is the task manager under Linux?
The Crontab to schedule tasks, a practical example of its application would be to launch any monitoring task, or to run Rsync for backup purposes.
What would you do before a hackers attack?
It depends on the type of attack. A DDOS attack may demand protection implemented from the gateway devices, some iptable rules may help but are not the best options, Apache includes mods to afford this kind of attacks, immediately we may apply external protection such as cloudflare. A more complex attack like a rootkit means the whole server must be redesigned and reinstalled restoring the database only, probably also the hardware should be replaced. This is of course the worst scenario but preventive measures must be taken in advance.
Apache or Nginx?
It depends on the use, while NGINX shows superiority on reverse proxy Apache may be a better option for hosting services, both of them can be combined too.
What initial rules would you apply to Iptables?
Depending on the type of services, if possible I would apply restrictive policies first allowing only necessary traffic, redirecting accesses to non used ports, applying defensive rules to most common attacks.
What are the most common problems for servers?
Security breaches, networking issues, full disks or partitions, permission issues, DNS issues, conflictive updates or software additions, network structure changes, wrong security policies, hardware upgrades, electrical problems.
Main aspects of server and network structuration
A proper structuration begins with a proper partitioning, routing, user groups and permissions, security measures and virtualization dedicating proper hosts to proper guests among other aspects which may impact on the network or server performance and security.
CONCLUSION
I hope you found this article useful, keep following LinuxHint for more tips and updates on Linux and networking.