CURRICULUM VITAE

Education
KRISHNA KAUSHIK.Y
Bachelor of Engineering in Electronics and
Email Communication (B.E) from S.S.N.C.E, Chennai, TamilNadu.
ykrishnakaushik@rediffmailmail.com (2002-2005)
ykrishnakaushik@gmail.com
Certification
Passport No: G2611457
Sun Micro Systems Certified Engineer
Contact Number : HP Certified Engineer

Mobile: 09908214064 Experience

Contact Address: Total IT Experience : around 2 .3 years

Working as a System Administrator in

Y.Krishnakaushik,D.No-B30, Meotex Solutions from Apr 2005 till now
1st floor Siddhartha deluxe mess,
Opposite Viswabharathi High
School,Vengalraonagar, Strength
Hyderabad-500038.
Experience in Linux and Solaris System Administration.
Permanent Address :
Good Communication skill and leadership qualities.
39-5-36/4,muralinagar, Work dedicated team player.
Visakhapatnam,
Andhrapradesh-530007. Ability to provide creative solutions and problem solving skill.

Personal Data :

Date of Birth : 10 Dec 1984. Technical Skills

Sex : Male
Languages : C and Perl
Nationality : Indian
Technology :Firewall, Network Security Tools , Linux
Marital Status : Single
security, VPN, Firewall, LTSP with Windows , LARTC, IDS,
Fathers Name : MRTG, Proxy Server, HTTP, SMTP, POP3 , LDAP with
Y.V.Satyanarayana
Windows PDC, etc.

Reference:
OS : Redhat Linux 9, Sun Solaris 9 and
HR: Sudha Bindhu Meka
PH: 040 - 64568555
Windows XP
ID: sudha.m@meotexsolutions.com
RDBMS : Oracle.
Meotex Solutions
8-2-269/N/1B, Vivekananda
Areas of Interest
Enclave, Arora Colony, Road No. 2,
Banjara Hills. Linux & Solaris System Administration
Hyderabad-500038
Network Security
Linux security
Linux Firewall(iptables)
 PROJECT EXPERIENCE

Systems Administrator (18-04-2005 - till date)

Meotex SolutionsHyderabad, India.

Maintaining and Installation of RedHat Linux and Solaris Servers.

Recognized problems with search paths, permissions and ownership and
resolved them.
Checking on remote system status, transferring files using SCP, rcp, ftp
between systems.
Implementing Kick start, Jumpstart, Installation OS, Volume manager, SSH2,
NIS, Sendmail, NFS Auto mount.
Configuring the DNS for Intranet connectivity.
Build LDAP Server and automated the administration task using Perl-LDAP.
Written Shell and Perl Script for automating the process.
Setup LVS Server for High Availability.
Manage Samba for pc and UNIX connectivity.
Set up CVS environment.
Set up Linux firewall router to increase network protection.
Redesigned network, including building firewalls and proxy servers.
Provided technical support and technology training for teachers and students.

Project #1

Virtual Private Network

Description:
VPN solutions offer the comprehensive security your extended network needs, combined
with the flexibility and manageability that long-term growth demands. Its used to secure tunnel between
Network-to-Network and also used to route packets between to different network.
Os: Solaris 9.0
Script language: Shell scripting.
Team Size: 2

Project #2

Light Weight Directory Access Protocol

Description:
Centralized User Authentication and Address book maintenance Using Light Weight Directory Access
Protocol. Hands on experience in cross platform authentication.

Information on the LDAP server can be easily used for several purposes. As outlined in this
HOWTO, the same users entries on the LDAP database can be used for other applications like
 phone directories, mail routing, staff databases etc., thus avoiding data replication and
inconsistency.
LDAP allows complex access control lists to be applied on the database. This allows for a fine grain
tuning of permissions on the database entries.

A secure transmission channel between the LDAP server and the clients can be implemented
through the Secure Socket Layer (SSL).

A fault tolerant service can be implemented using slapd replication and DNS round robin queries.

Having a single instance of users on the network helps to maintain users on many hosts from a
single management point (i.e. you can create and delete accounts in the LDAP server and this
changes are available immediately to LDAP clients).

Os: Redhat Enterprise Linux 3, Windows NT

Script language: Perl Scripting
Team Size: 2

Project #3
Linux Firewall
Description:
Firewall Software is a basic requirement for anyone using broadband to prevent hacking, virus, and
other security risks. Firewall software is software designed to prevent unauthorized access to a computer
or network that is connected to the Internet. Firewall software comes in a variety of forms, offering a wide
variety of features, protection capabilities, scalability and cost.
Linux Network Address Translation
Network Address Translation (NAT) is a vitally important Internet technology for a variety of
reasons. It can provide load balancing for parallel processing, it can provide several types of strong
access security, and it can provide fault-tolerance and high-availability. Finally, it can simplify some basic
network administration functions. Below, we sketch the possible uses, and then follow up with Linux-
specific applications
Firewall Security through Masquerading
One important security concept is that it is much easier to guard a single point of entry than it is to
guard many points. This is the principle behind the Internet firewall:
By protecting the single network firewall, the entire internal network can be protected.
Masquerading allows insiders to get out, without allowing outsiders in. Masquerading re-writes the
IP headers of internal packets going out, making it appear that they all came from the firewall.
Reply packets coming back are translated back, and forwarded to the appropriate internal machine.
Thus, inside machines are allowed to connect to the outside world. However, outside
machines cannot: in fact, they cannot even *find* the internal machines, since they are aware of only
*one* IP address, that of the firewall. Thus, they cannot attack the internal machines directly.
 The admin of the internal network can choose reserved IP addresses, e.g. in the
10.x.x.x range, or the 192.168.x.x range. These addresses do not have to be registered with the
InterNIC, and can be used however the sysadmin wants, as long as they are not used on the
external network. Note that this also alleviates the shortage of IP addresses that ISP's are facing: A
site with hundreds of computers can get by with a mere 8 or 16 Internet IP addresses, without
denying any of it's users Internet access.
Os: Redhat Enterprise Linux 3
Script language: Shell scripting.
Team Size: 2

Project #4

Squid+Active Directory + Samba

Functionally, the user's Internet Explorer requests a browsing session with the Squid proxy, for which
it offers its AD authentication token. Squid hands off the authentication request to the Samba-3
authentication helper application called ntlm_auth. This helper is a hook into winbind, the Samba-3 NTLM
authentication daemon. Winbind enables UNIX services to authenticate against Microsoft Windows
Domains, including Active Directory domains. As Active Directory authentication is a modified Kerberos
authentication, winbind is assisted in this by local Kerberos 5 libraries configured to check passwords with
the Active Directory server. Once the token has been checked, a browsing session is established. This
process is entirely transparent and seamless to the user.

Enabling this consists of:

Preparing the necessary environment using preconfigured packages

Setting up raw Kerberos authentication against the Active Directory domain
Configuring, compiling, and then installing the supporting Samba-3 components
Tying it all together

I here by declare that the information and particulars mentioned above are correct to the best of
knowledge.

Date:

Place: (Krishna Kaushik.Y)