Search for notes by fellow students, in your own course and all over the country.
Browse our notes for titles which look like what you need, you can preview any of the notes via a sample of the contents. After you're happy these are the notes you're after simply pop them into your shopping cart.
Title: network security
Description: this notes tells u about network security..... it tells about different types of attacks and how u prevent your self from it.... it tells about IP and MAC addresses in details AND MANY MORE ..............
Description: this notes tells u about network security..... it tells about different types of attacks and how u prevent your self from it.... it tells about IP and MAC addresses in details AND MANY MORE ..............
Document Preview
Extracts from the notes are below, to see the PDF you'll receive please use the links above
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
INTRODUCTION TO
OPERATING SYSTEM,
NETWORKING AND SECURITY
FUNDAMENTALS
1
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
PREFACE
This book provides an overview of the Operating system, Computer Network
and Information security that are used in protecting both the information
present in computer storage as well as information traveling over computer
networks
...
So knowledge
of Network Security plays an important role to understand function, various
attacks and security methods on Information Technology
...
After reading the book, you will be prepared to select the best network
design, hardware, and software for your environment
...
The technical content of the course gives a broad overview of essential
concepts and methods for providing and evaluating security in computer,
network & information processing systems
...
In addition, concepts are reinforced by real-world
examples of networking issues
...
The book has been organized in two Sections so that the Section I
Introduction to operating system & computer network and the Section II
Security Fundamentals
...
No previous networking experience is necessary to begin learning from
this book
...
In addition to the information presented in the text,
each chapter includes Lab-Manual that guide you through software and
hardware configuration in a step-by-step fashion
...
40-66
67-104
Networking Devices
Repeaters, Bridges, Hub, Switch, Router
Topology
Types of Networks
Network Architecture
Two tier & Three Tier
Cabling Types
Color Codes
Crimping
Connectors
3
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Unit no
4
Topics & Contents
OSI and TCP/IP Model
5
Servers
6
VNC
RDP
Remote Assistance
File Sharing
Basic Security Fundamental
105-125
126-143
DNS
DHCP
File Server
Mail Server
Email Header
Email Functioning Protocol – POP3
Network Application
7
Architecture
Function
Protocols
Advanced Integrated Models
ISDN
BISDN
Page No
...
Concepts: - CIA, DAD, MOM
...
Goals
of
Security
(Identification
and
Authentication,
Confidentiality,
Privacy
Integrity, Non-Repudiation)
Security Consideration in Operating System
4
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Unit no
8
Topics & Contents
Different Types of Attack
9
10
182-219
Firewall
IDS/IPS
DMZ
Proxy Server
Honey Net
Biometric Devices
Antivirus
Windows Defender
Access Control List
Desktop Security
168-181
Application Level Attack
Operating System Level Attack
Network Level Attack
Hardware Level Attack
Social Engineering Attack
Common Network Security Solution
Page No
...
Introduction to Linux
Page No
...
1
1
...
3
1
...
5
1
...
7
Computer History
Computer Definition
Computer component
Operating system
Function of OS
Classification of OS
Installation of OS
1
...
He designed the
Analytical Engine and it was this design that the basic framework of the
computers of today are based on
...
Each generation lasted
for a certain period of time, and each gave us either a new and improved
computer or an improvement to the existing computer
...
John V
...
It was called the Atanasoff-Berry Computer
(ABC)
...
Other developments continued until in 1946 the first general–
purpose digital computer, the Electronic Numerical Integrator and Computer
(ENIAC) was built
...
When this computer
was turned on for the first time lights dim in sections of Philadelphia
...
8
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Second generation: 1947 – 1962
...
In 1951 the first computer for commercial use was
introduced to the public; the Universal Automatic Computer (UNIVAC 1)
...
During this generation of
computers over 100 computer programming languages were developed,
computers had memory and operating systems
...
Third generation: 1963 - present - The invention of integrated circuit
brought us the third generation of computers
...
In1980 Microsoft Disk Operating
System (MS-Dos) was born and in 1981 IBM introduced the personal
computer (PC) for home and office use
...
As a result of the various improvements to the development of the computer
we have seen the computer being used in all areas of life
...
1
1
...
It is
made up of two parts - hardware and software
...
The computer displays output through output devices like a monitor and
printer
...
The speed also has a very large range
...
Let us take a look at some of their uses
...
bu
...
html
9
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Digital video or audio composition - Audio or video composition and
editing have been made much easier by computers
...
Graphics engineers can use computers to generate short or full-length
films or even to create 3D models
...
You can learn the cures
...
Software is used for performing
surgery
...
Banks - All financial transactions are done by computer software
...
Travel - One can book air tickets or railway tickets and make hotel
reservations online
...
Software is used for controlling the flight and targeting in ballistic
missiles
...
E-Learning - Instead of a book it is easier to learn from an E-learning
software
...
You can check your examination results online
...
Taxes can be calculated and paid online
...
One can predict future trends of business using
artificial intelligence software
...
One can do trading online
...
An ATM machine - The computer software authenticates the user and
dispenses cash
...
Planning and Scheduling - Software can be used to store contact
information, generating plans, scheduling appointments and
deadlines
...
There is
simulation software using which a sportsperson can practice his skills
...
10
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Weather analysis - Supercomputers are used to analyze and predict
weather
...
If the content of a document repeats,
you don't have to type it each time
...
You can print documents and make several copies
...
You can add images to your document
...
You
can browse through much more information than you could do in a
library
...
You also have very fast and convenient access to
information
...
Chat software
enables one to chat with another on a real-time basis
...
1
...
Hardware: Hardware is a comprehensive term for all of the physical
parts of a computer, as distinguished from the data it contains or
operates on, and the software that provides instructions for the
hardware to accomplish tasks
...
Graphics controller that produces the output for the monitor
Hard disk, floppy disk and other drives for mass storage
Interface controllers (parallel, serial, USB) to connect the computer to
external peripheral devices such as printers or scanners
11
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Peripherals: A computer peripheral is any external device that
provides input and output for the computer
...
Computer peripherals, or peripheral devices, are
sometimes called "I/O devices" because they provide input and output
for the computer
...
Software: Software is a generic term for organized collections of
computer data and instructions, often broken into two major
categories: system software that provides the basic non-task-specific
functions of the computer, and application software which is used by
users to accomplish specific tasks
...
b) Application software: It is used to accomplish specific tasks
other than just running the computer system
...
Monitor
2
...
CPU
4
...
Expansion card
6
...
CD-ROM Drive
8
...
Keyboard
10
...
The bigger your processor, the faster your computer
performs your tasks
...
1000 megahertz equals 1 gigahertz
...
Also, a processor has a front side bus which connects it with
the system's random access memory (RAM
...
Cache is a type of fast memory which
serves as a buffer between RAM and the processor
...
Since a CPU generates enormous quantities of heat, it is necessary to
dissipate this heat to the surroundings to prevent damage
...
The major CPU manufacturers are Intel and Advanced Micro Devices
(AMD) and Cyrix
...
AMD's desktop processors include Sempron, Athlon and
Phenom
...
Processor
b)
Motherboard, System board, or Main board: This is the central
circuit board that provides electrical connections so the other
components of a computer can communicate with each other
...
Without a motherboard or main board there
is no computer
...
Motherboards can be simple with the bare minimum
add on or they can include onboard graphics, onboard sound,
network connections, USB ports, etc
...
Memory
identifies the data storage
...
Types of Memory
1
...
3
...
The requirement of RAM in
computer is to provide quick access to data
...
It holds data as long as the computer is switched on
...
Therefore, the data needs to be saved to a permanent storage like Hard
Disk
...
Types of RAM
2
DRAM
SRAM
DRDRAM
http://wolweb
...
in/2012/04/introduction-motherboard
...
Mostly used in
Personal Computers
...
Its access time is 60 - 70 nan0sec0nds
...
Its access time is
less than 60 nan0seconds
...
It is the new type of RAM
...
RAM
ROM stands for Read Only Memory
...
It
read data from memory
...
It acts like a ROM
...
EPROM (Erasable) EPROM Stands for Erasable Programmable Read
Only Memory
...
EEPROM (Non Erasable): EEPROM stands for Electrically Erasable
Programmable Read Only Memory
...
Cache Memory:
Cache Memory is used in-between the CPU and the RAM and holds the
most frequently used data or instructions to be processed
...
Some systems will only have level 1
and level 2
...
d) SMPS
The role of a power supply is converting the mains voltage into a lower
DC voltage which the components can run on
...
The SMPS
convert the input AC voltage to a Set of fixed DC Voltage and supplies
the necessary power to motherboard, disk drives and all expansion
cards
...
17
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
ii) PERIPHERALS COMPONENTS
a) Keyboard allows you to type information into your computer
...
When a character is pressed, it sends a coded input to the
computer, which then displays the character on the Monitor
...
Keyboard
b) Mouse This is used as a pointing device that can help you control your
computer tasks
...
It performs a lot of the keyboards functions
...
Monitors are
available in two basic types
...
o CRT
CRT (Cathode Ray Tube) computer monitors were the most
common computer monitors until flat panel screens became
affordable
...
18
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
o LCD
LCD (Liquid Crystal Display) computer monitors save a lot of
space and can even be mounted on walls
...
o Plasma
Plasma computer monitors are less commonly used with
computers due to their high operating temperatures, high power
consumption, and fixed resolution
...
This allows users to interact directly with the application on
screen without need for a mouse or keyboard
...
LED monitors can
also be placed on transparent surfaces, such as glass, allowing
the user to see through them when not active
...
Printers can
be of several types depending on the technology they use, e
...
dot matrix,
laser, inkjet, etc
...
Most new printers come with a
scanner incorporated and sometimes they can also print great quality
photos
...
Case
Those components not housed in the computer case are usually referred
to as "peripherals"
...
It is
important to have a large enough power supply to handle your current
and future needs
...
Miniature cases are to be
avoided
...
Heat is the enemy of all computers
...
It is a permanent storage component unlike the RAM
...
They are in pristine
condition with a mirror like finish to them
...
This is
why you should never remove the casing from the hard disk; it is very
unlikely you will be able to put it back together as a working component
...
Data
on the platters are read and write by read-write heads positioned above
and below the platters as they are made to spin at very high speed by a
small motor placed inside the hard disk drive
...
The smallest unit of storage in hard disk is known as Sector
...
Sectors
are contained inside these tracks
...
Hard Disk
A floppy disk is a magnetic storage device which can store up to 1
...
Since data storage capacity of a floppy disk is much lesser than most
storage devices available today, it is slowly being phased out
...
Data is stored and read from these devices using laser
technology
...
77GB
...
The older type CD ROMs only read CD's and CD burners read and
write or burn CD's
...
The drive doesn’t require separate power source and draws its
power from the USB hub of the computer to which it is connected
...
OTHER ELECTRONIC DEVICES
Sr
...
Some models may
maintain
user
access
details,
history
...
22
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
4
Smart Card
5
Dongle
6
Biometric Scanner
3
A smart card is a plastic card, with
an embedded microchip that can be
loaded with data, used for telephone
calling, electronic cash payments,
and other applications, and then
periodically refreshed for additional
use
...
Today,
dongles continue to be widely used
in wired network setups, particular
for connections to USB ports on
computers
...
Biometrics
is used in computer science as a
form of identification and access
control
...
4 OPERATING SYSTEM:
o An Operating System or OS is a
software program that enables the
computer
hardware
to
communicate and operate with the
computer software
...
It is a software package
which allows the computer to
function
...
techtarget
...
5 Function of OS
Program creation
Program execution
Access to Input/output devices
Controlled access to files
System access
Managing peripherals
Memory management
Processor management
Information management
Types of Operating System
DOS (Disk Operating System)
UNIX
LINUX
Windows
Windows NT
1
...
Some operating systems permit hundreds or even thousands of
concurrent users
...
Multiprocessing: Multiprocessor systems with more than on CPU in
close communication
...
Advantages of parallel system:
a
...
Economical
c
...
It allows many users to share the computer
simultaneously
...
Real time: A very important part of an RTOS is managing the
resources of the computer so that a particular operation executes in
precisely the same amount of time, every time it occurs Often used as
a control device in a dedicated application such as controlling
scientific experiments, medical imaging systems, industrial control
systems, and some display systems
...
Real-Time systems may be either
hard or soft real-time
...
Loosely coupled system – each processor has its own local memory;
Processors communicate with one another through various
communications lines, such as high speed buses or telephone lines
...
Resources Sharing
b
...
Reliability
d
...
It has two types,
o Asymmetric clustering: one server runs the application while
other servers’ standby
...
25
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
1
...
Network virtualization involves platform virtualization, often combined
with resource virtualization
...
In server virtualization the resources of the server itself are hidden, or
masked, from users, and software is used to divide the physical server
into multiple virtual environments, called virtual or private servers
...
TOOLS OF VIRTUALIZATION
1
...
This
software suite allows users to run multiple instances of x86 or x86-64
compatible operating systems on a single physical PC
...
4
http://en
...
org/wiki/VMware_Fusion
26
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
VMware Player is freeware for non-commercial use, without requiring a
licence for VMware Workstation or VMware Fusion; or for commercial
use with permission
...
0
...
5
2
...
Previously, Hyper-V was a server-only product included
with operating systems like Windows Server® 2008 R2, and was used
primarily as the Microsoft solution for virtualizing servers in a data
center
...
Hardware Requirements for Hyper-V
In order to use Hyper-V, your system will need to meet the following
requirements
...
vmware
...
It must be enabled through the Turn
Windows Features On or off interface in the Programs Control Panel
...
1
...
2
...
3
...
The computer
will then restart
...
After restarting, you will see two new tiles at the end of your Start
Screen
...
6
Benefits of Server Virtualization
Server virtualization also reduces costs because less hardware is
required so that single server can save business money
...
It also utilizes resources to the fullest so it can also save on
operational costs (e
...
using a lower number of physical servers
reduces hardware maintenance)
...
There are several ways to create a virtual server, including virtual
machine, operating
system-level
virtualization,
and Para
virtual machine
...
veeam
...
S
...
S
...
The company was looking at virtual infrastructure to combat
server sprawl and meet its CTO’s objective of consolidating servers in
order to save money and make better use of current resources
...
If
the IT infrastructure to support new services could be implemented more
quickly, the company could be more competitive
...
The department experienced significant reductions in
hardware, software and operations costs
...
The business
units experienced dramatic reductions in the time to procure a new
server
...
In addition to cost savings, the virtualization project
improved the company’s test and development environment and disaster
recovery ability, while minimizing planned downtime
...
The company plans to move legacy systems onto a
virtual infrastructure, migrating these applications from local storage to
fully networked SAN storage
...
Bottom-line Results:
•
•
•
•
•
•
7
ROI over first six months: 189%
Reduction in hardware and software costs: 63%
Reduction in IT operations costs: 70%
Reduction in procurement costs: 50%
Average CPU utilization: 5–10% before virtualization, 60-70% after
Server consolidation ratio achieved: 12:1 7
vmware
...
29
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
1
...
There are various operating systems present in the market and they
are having the different procedure to installation
...
Planning the Installation
Here are some of the most important things you should take into
consideration when planning for your Windows 7 installation:
Check System Requirements
Check Hardware and Software Compatibility
Determine Disk Partitioning Options
Complete a Pre-Installation Checklist
DVD-R/W Drive
B
...
Custom ("fresh" installation) - This option replaces your current
version of Windows with Windows 7, but doesn't preserve your
files, settings, and programs
...
30
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
C
...
If you're asked
to press a key to boot from DVD or CD, press any key
...
31
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Next, a Starting Windows screen will appear
...
After a few moments you will see the first prompt:
Click "Next" unless you want to change some regional settings for the
installation process
...
Next, accept the license terms and click On “Next"
...
Note that in this case, the
Upgrade button is disabled because this specific installation is performed on
a new computer without any previous operating system on it
...
Since this computer has
a new hard disk that hasn't been formatted before, you will only have the
option to create a new partition on it
...
The
installation process will then create a partition on all the available disk
space, and format it
34
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
The setup process will now begin to copy files from the installation DVD
media to the hard disk
...
D
...
Click on "Next"
...
Remember this password, as it will be the ONLY
user on the system, and unless you create an additional user or enable the
built-in administrator account, if you forget this password you'll need to
crack it to gain access to the system
...
Next, type in product key
...
You will be asked to
enter the product key after Windows is installed
...
The recommended
settings are best for someone that doesn't plan to hide their computer behind
firewall
...
37
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Select your network location type
...
Click on "Next"
...
This concludes the Windows 7 installation
...
38
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Summary
Software can be roughly divided into two groups: application software
and system software
...
Resources are any objects that can be allocated within a system, and
the operating system is responsible for managing them
...
o A process is an executing program
...
Three
examples of process scheduling algorithms are First Come First
Serve, Round Robin, and Shortest Process Next
...
Together, computer hardware and software accomplish four major
operations: Input, Processing, Output and Storage
...
All computers have internal storage, probably referred to more often as
memory, main memory, or primary memory
...
Computers also have external storage, which is permanent storage
outside the main memory of the machine on a device such as a floppy
disk, hard disk, or magnetic tape
...
1
2
...
3
2
...
5
2
...
1 BASIC TERMINOLOGIES
A network consists of two or more computers that are linked in order to
share resources (such as printers and CDs), exchange files, or allow
electronic communications
...
Given below are some basic terminologies of network:
Network Interface: A network interface can refer to any kind of software
interface to networking hardware
...
Packet: A packet is, generally speaking, the most basic unit that is
transferred over a network
...
Connection: In networking, a connection refers to pieces of related
information that are transferred through a network
...
Protocol: A protocol is a set of rules and standards that basically define a
language that devices can use to communicate
...
40
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Port: A port is an address on a single machine that can be tied to a
specific piece of software
...
8
Data communication
We all are familiar with some sorts of communication in our day to day life
...
Similarly data and information from one
computer system can be transmitted to other systems across geographical
areas
...
These methods include electrical signals carried along a
conductor, optical signals along an optical fibers and electromagnetic areas
...
1
...
2
...
The receiver (sink) who receives the message
4
...
Protocol
2
...
Based on the requirements, the
communications can be of different types:
a) Simplex: In simplex mode the communication can take place in one
direction
...
In this mode the flow of information is Uni-directional
...
b) Half-duplex: In half-duplex mode the communication channel is used
in both directions, but only in one direction at a time
...
8
www
...
com/community/tutorials
41
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
c) Full-duplex: In full duplex the communication channel is used in both
directions at the same time
...
Example of this mode of transmission is the telephone line
...
3 COMPUTER NETWORK
A computer network is interconnection of various computer systems located
at different places
...
Suppose a manager has to write several letters to various clients
...
Thus irrespective of geographical
areas, if PCs are connected through communication channel, the data and
information, computer files and any other programs can be transmitted to
other computer systems within seconds
...
42
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
LAN, MAN and WAN are the most common types of the computer
network
...
A network can be implemented by
the following two methods
...
Wireless
Wireless networks are ideal for the locations where cluttered wires are not
possible and the data and resources are shared without the use of
cables
...
Wireless communication mediums are radio waves and
microwaves
...
Sharing of hardware
Computer hardware resources
Disks
Printers
Sharing of software
Multiple single user licenses are more expensive than multi-user
license
...
Distributed systems
In a networked environment computers can distribute the work
Load among them keeping transparency to the end
...
Security Issues: If a computer is a standalone, physical access
becomes necessary for any kind of data theft
...
Rapid Spread of Computer Viruses: If any computer system in a
network gets affected by virus there is a possible threat of other
systems getting affected too
...
Such spread can be
dangerous if the computers have important database which can get
corrupted by the virus
...
Costly devices like routers, switches, hubs etc
...
44
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Dependency on the Main File Server: In case the main File Server of
a computer network breaks down, the system becomes useless
...
2
...
When set up correctly, computers can determine the addresses
of other computers on the network and use these addresses to send
messages to each other
...
PHYSICAL ADDRESSING (MAC)
The MAC address can also be called the Ethernet Hardware Address (EHA),
hardware address, adapter address or physical address
...
In computer networking, a Media Access Control
address (MAC address), Ethernet Hardware Address (EHA), hardware
address, adapter address or physical address is a unique identifier assigned
to most network adapters or network interface cards (NICs) by the
manufacturer for identification
...
In a local area network (LAN) or other network, the MAC (Media Access
Control) address is your computer's unique hardware number
...
The
MAC address is a unique value associated with a network adapter
...
They uniquely identify an adapter on a LAN
...
This
means that there are 281,474,976,710,656 possible MAC addresses
...
These IDs are regulated by an Internet standards body (side
bar)
...
In the example,
00:A0:C9:14:C8:29
The prefix 00A0C9
Indicates the manufacturer is Intel Corporation
...
The last three bytes of this address were assigned
by Intel when the device was manufactured
...
MAC addresses function at the data
link layer
...
LOGICAL ADDRESSING (IP)
Every machine on the Internet has a unique identifying number, called an
IP Address
...
The IP address is similar to the address of a person
...
The IP address, or network address, is assigned to each host by a
network administrator based on the local network
...
IP V
...
IP V
...
4)
An IPv4 address is a 32-bit address that uniquely and universally defines
the connection of a device (for example, a computer or a router) to the
Internet
...
This means that,
theoretically, if there were no restrictions, more than 4 billion devices
could be connected to the Internet
...
It is in decimal digit and each
number can be 0 to 255 for example is 192
...
1
...
IP Address divides
into two parts NetID and HostID
...
Hostid: The part of an IP address that identifies a host in a network
...
All systems on the same physical network must have
the same network ID, and the network ID must be unique to the local
segment
...
The host ID identifies a workstation, server, router, or other TCP/IP
device within a network
...
A computer connected to a TCP/IP network uses the
network ID and host ID to determine which packets it should receive or
ignore and to determine which devices are to have the opportunity of
receiving its transmissions
...
0
...
0 is used for the default
network
...
IP addresses with a first octet from
1 to 126 are part of this class
...
This means that there are 126 Class A networks
each with 16,777,214 (224 -2) possible hosts for a total of
2,147,483,648 (231) unique IP addresses
...
In Class A networks, the high
order bit value (the very first binary number) in the first octet is always
0
...
24
...
107
47
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Loopback - The IP address 127
...
0
...
This means that it is used by the host computer to send a message
back to itself
...
Class B - Class B is used for medium-sized networks
...
IP addresses with a first octet from 128 to
191 are part of this class
...
The other two octets are used to
identify each host
...
Class B networks make up a
quarter of the total available IP addresses
...
Net
145
...
Host or Node
53
...
IP addresses with a first octet from 192 to 223 are part of
this class
...
The last octet is used to identify each host
...
Class C networks make up an eighth of the total available
IP addresses
...
Net
195
...
53
...
It has a first bit value of 1, second bit value of 1,
third bit value of 1 and fourth bit value of 0
...
Class D accounts for 1/16th (268,435,456 or 228) of the available IP
addresses
...
Host or Node
24
...
107
48
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Class E - Class E is used for experimental purposes only
...
It has a first bit value of 1,
second bit value of 1, third bit value of 1 and fourth bit value of 1
...
Class E accounts for 1/16 th (268,435,456 or
228) of the available IP addresses
...
9
Host or Node
24
...
107
Broadcast - Messages that are intended for all computers on a
network are sent as broadcasts
...
255
...
255
...
blogspot
...
html
http://basicnetworkingconcepts
...
in/2010_10_01_archive
...
Assigned to a single network interface located on a specific
subnet on the network and used for one-to-one communications
...
Assigned to one or more network interfaces located on
various subnets on the network and used for one-to-many
communications
...
Assigned to all network interfaces located on a subnet on
the network and used for one-to-everyone-on-a-subnet
communications
...
6)
An IPv6 address consists of 128 bits, therefore allowing an astronomical
number of machines
...
IPv6 features include:
Supports source and destination addresses that are 128 bits (16
bytes) long
...
Uses Flow Label field to identify packet flow for QoS handling by
router
...
Doesn't include a checksum in the header
...
Does not require manual configuration or DHCP
...
ARPA DNS domain
to map IPv6 addresses to host names
...
Uses Multicast Neighbor Solicitation messages to resolve IP
addresses to link-layer addresses
...
IPv6 Address Format
IPv6 uses 16-byte hexadecimal number fields separated by colons (:)
to represent the 128-bit addressing format that makes the address
50
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
representation less cumbersome and error-prone
...
Additionally, to shorten the IPv6 address and make the address easier
to represent, IPv6 uses the following conventions:
•
Leading zeros in the address field are optional and can be
compressed
...
However, the
pair of colons is allowed just once in a valid IPv6 address
...
However, if two ::s is placed in
the same address, then there is no way to identify the size of each block of
zeros
...
Network Prefix
In IPv6 there are references to prefixes which, loosely equate to subnets
...
The IPv6 prefix is represented using the IPv6-prefix or prefixlength format just like an IPv4 address is represented in the classless
inter domain routing (CIDR) notation
...
51
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
11
For example: 2001:db8:8086:6502::/64 is an acceptable IPv6 prefix
...
So the same address can be written as 2001:db8:8086:6502/64
...
This addressing scheme allows for
such a large number
...
The classes are based off a prefix, once again similar to
IPv4, but they are mostly unassigned at the moment since demand isn't
there
...
The example below shows how current
IPv4 class C addresses maps into an IPv6 address
...
12
11
https://www
...
edu/~geimerma/ipv6vsipv4
...
msu
...
htm
52
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
IPv6 Address Types
There is a major difference in the IP address requirements between an
IPv4 host and an IPv6 host
...
There are three
major types of IPv6 addresses:
•
Unicast: An address for a single interface
...
•
Anycast: An address for a set of interfaces that typically belong to
different nodes
...
•
Multicast: An address for a set of interfaces (in a given scope) that
typically belong to different nodes
...
Address Management and Assignment: There are four ways to
configure a host address in IPv6:
•
Static configuration: Similar to IPv4, the host address, mask, and
gateway address are manually defined
...
Router solicitation
messages are sent by booting nodes to request Router Advertisements
(RAs) for configuring the interfaces (RFC2462)
...
This
addressing management is similar to IPv4 behavior (RFC3315)
...
The
configuration choice
relies on RA flags sent by the router on the
LAN
...
In this case, the IPv6 address, mask, and gateway address are all
manually defined on the host
...
The auto configuration feature enables plug-and-play Internet deployment
of new consumer devices, such as cell phones, wireless devices, home
appliances, and so on
...
13
MAC vs
...
IP address also known as logical
address
...
IP address has two versions
IPv
...
6
(128Bits)
...
IP address can be changed
...
It is in decimal and hexadecimal
format
...
It is layer 3 (Network) address
...
It is divided into two parts
(i) Network Id and (ii) Host ID
...
MAC addresses also known as
physical address
...
It has 6 octets and total 48 bits
address
...
It is unique worldwide
...
4
...
5
...
6
...
13
http://www
...
com/c/dam/en/us/solutions/collateral/enterprise/design-zone
government/sbaBN_IPv6addrG
...
PORT ADDRESSING
Port addressing is giving different applications a unique port number so
data can be forwarded to the correct application
...
It allows a single IP
address to be used for many internal hosts
...
These ports
are merely reference numbers used to define a service
...
There is a group called the IANA (Internet Assigned
Numbers Authority) that controls the assigning of ports for specific
services
...
Port numbers
are straight unsigned integer values which range up to a value of 65535
...
5 PROTOCOLS: - TYPES AND USAGE
In information technology, a protocol is the special set of rules that end
points in a telecommunication connection use when they communicate
...
Protocols exist at several levels in a telecommunication connection
...
In
the standard model known as Open Systems Interconnection (OSI), there are
one or more protocols at each layer in the telecommunication exchange that
both ends of the exchange must recognize and observe
...
Ports are what an application uses when communicating between a client
and server computer
...
The linking of several
protocols is common since the functions of different protocols can be
complementary so that together they carry out some complete task
...
In fact, the term "TCP/IP" is
normally used to refer to a whole suite of protocols, each with different
functions
...
TCP/IP is also used on many local area networks
...
More
details can be found in the references in the last section
...
The use of packets facilitates speedy
transmission since different parts of a message can be sent by different
routes and then reassembled at the destination
...
TCP
is the means for creating the packets, putting them back together in the
56
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
correct order at the end, and checking to make sure that no packets got lost
in transmission
...
Internet Protocol (IP) is the method used to route information to the proper
address
...
Every packet sent will contain an IP address
showing where it is supposed to go
...
Note that IP does
not make physical connections between computers but relies on TCP for this
function
...
UDP and ICMP: - Another member of the TCP/IP suite is User Datagram
Protocol (UDP)
...
) This protocol is
used together with IP when small amounts of information are involved
...
Thus, it uses fewer system resources
...
It
defines a small number of messages used for diagnostic and management
purposes
...
Mail Protocols POP3 and SMTP: - Email requires its own set of protocols
and there are varieties, both for sending and for receiving mail
...
When configuring email clients, an Internet address for an SMTP server must
be entered
...
It is now in version 3 so it is called POP3
...
The SMTP
and POP3 servers may or may not be the same address
...
A more powerful protocol for reading mail is Interactive Mail Access Protocol
(IMAP)
...
IMAP also
uses TCP to manage the actual transmission of mail
...
An HTML page
is transmitted over the Web in a standard way and format known as
Hypertext Transfer Protocol (HTTP)
...
A related protocol is "Hypertext Transfer Protocol over Secure Socket Layer"
(HTTPS), first introduced by Netscape
...
A Web page using this
protocol will have https: at the front of its URL
...
More generally, it provides for some simple file management on the
contents of a remote computer
...
Today, its primary use is
uploading files to a Web site
...
Sites that have
a lot of downloading (software sites, for example) will often have an FTP
server to handle the traffic
...
ESTABLISHMENT OF LAN
There is two way to assign the IP address
a) Static IP address: Here you have to provide the IP address manually
...
Static IP is a kind that is fixed, it never
changes so can also be setup on a network so that each computer is
assigned a specific IP address to connect to the network
...
In order to use a dynamic
IP address, a service such as Dynamic Host Configuration Protocol
(DHCP) is used to assign addresses dynamically to devices
...
Dynamic IP address is only good for a limited
time, and which is changed according to the policy set by your ISP's DHCP
server
...
58
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
2
...
However, consider the class A network ID, which has
the possibility of over 16 million hosts on the same network
...
It is not practical
to have 16 million nodes in the same broadcast domain
...
Even a class B network with 65 thousand hosts is impractical
...
This creates subnets, subdivisions of an IP network each with their own
unique subnetted network ID
...
Subnetting allows you to create multiple logical networks that exist within
a single Class A, B, or C network
...
Subnet Masks
With the advent of subnetting, one can no longer rely on the definition of
the IP address classes to determine the network ID in the IP address
...
RFC 950 defines the use of a subnet mask (also referred to as an
address mask) as a 32-bit value that is used to distinguish the network
ID from the host ID in an arbitrary IP address
...
All bits that correspond to the host ID are set to 0
...
Either a default subnet mask, which is used in class
based network IDs, or a custom subnet mask, which is used in
subnetting or supernetting, is configured on each TCP/IP node
...
Subnetting requires a three step procedure:
o
o
o
Determine the number of host bits to be used for the subnetting
...
Enumerate the IP addresses for each new subnetted network ID
...
Before you choose the
number of host bits, you should have a good idea of the number of
subnets and hosts you will have in the future
...
The more host bits that are used, the more subnets (subnetted network
IDs) you can have — but with fewer hosts
...
Using too few hosts allows for growth in the number of
hosts but limits the growth in the number of subnets
...
Determine how many subnets you need now and will need in the
future
...
WAN connections can also
count as subnets depending on whether your routers support
unnumbered connections
...
Use additional bits for the subnet mask if:
You will never require as many hosts per subnet as allowed by
the remaining bits
...
60
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
To determine the desired subnetting scheme, start with an existing
network ID to be subnetted
...
The
existing network ID contains a series of network ID bits that are fixed
and a series of host ID bits that are variable
...
Step 2: Enumerating Subnetted Network IDs: Based on the number of
host bits you use for your subnetting, you must list the new subnetted
network IDs
...
Decimal— Add a calculated increment value to each successive
subnetted network ID and convert to dotted decimal notation
...
Note
There are a variety of documented shortcut techniques for subnetting
...
The following methods
described are designed to work for any subnetting situation (class-based,
more than 8 bits, supernetting, variable length subnetting)
...
The first column is the subnet
number (starting with 1), the second column is the binary
representation of the subnetted network ID, and the third column is
the dotted decimal representation of the subnetted network ID
...
The host bits chosen for subnetting vary
...
The original network ID is subnetted with its
new subnet mask
...
Convert the binary result to dotted decimal notation
...
For example, create a 3-bit subnet of the private network ID 192
...
0
...
The subnet mask for the new subnetted network IDs is 255
...
224
...
Based on n = 3, construct a table with 8 (= 2 3) entries
...
Additional entries in the table
are successive increments of the subnet bits, as shown in Table 1
...
The
host bits used for subnetting are underlined
...
10101000
...
00000000 192
...
0
...
10101000
...
00000000 192
...
32
...
10101000
...
00000000 192
...
64
...
10101000
...
00000000 192
...
96
...
10101000
...
00000000 192
...
128
...
10101000
...
00000000 192
...
160
...
10101000
...
00000000 192
...
192
...
10101000
...
00000000 192
...
224
...
To list each IP
address individually would be too tedious
...
There are two main approaches:
Binary—Write down the first and last IP address for each subnetted
network ID and convert to dotted decimal notation
...
Either method produces the same result: the range of IP addresses for
each subnetted network ID
...
microsoft
...
aspx
62
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Range Of IP Address
Subnet
Subnetted Network ID
Range of IP Addresses
1
2
3
4
5
6
7
8
192
...
0
...
168
...
0/19
192
...
64
...
168
...
0/19
192
...
128
...
168
...
0/19
192
...
192
...
168
...
0/19
192
...
0
...
168
...
254
192
...
32
...
168
...
254
192
...
64
...
168
...
254
192
...
96
...
168
...
254
192
...
128
...
168
...
254
192
...
160
...
168
...
254
192
...
192
...
168
...
254
192
...
224
...
168
...
254
Examples
Sample Exercise 1
Now that you have an understanding of subnetting, put this knowledge to
use
...
Your task is to determine if these devices are on the same subnet or
different subnets
...
DeviceA: 172
...
17
...
16
...
15/20
Determining the Subnet for DeviceA:
172
...
17
...
00010000
...
00011110
255
...
240
...
11111111
...
00000000
-----------------| sub|-----------subnet =
10101100
...
00010000
...
16
...
0
Looking at the address bits that have a corresponding mask bit set to one,
and setting all the other address bits to zero (this is equivalent to performing
a logical "AND" between the mask and address), shows you to which subnet
this address belongs
...
16
...
0
...
16
...
15 - 10101100
...
00011100
...
255
...
0 - 11111111
...
11110000
...
00010000
...
00000000 = 172
...
16
...
63
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Sample Exercise 2
Given the Class C network of 204
...
5
...
Looking at the network shown in Figure, you can see that you are required to
create five subnets
...
Is
this possible with a Class C network? And if so, then how?
You can start by looking at the subnet requirement
...
Two bits would only allow you four subnets (2 2)
...
How many hosts do this support? 25 = 32 (30 usable)
...
Therefore you have determined that it is possible to create this network with
a Class C network
...
15
...
0/27
204
...
5
...
15
...
64/27
204
...
5
...
15
...
128/27
204
...
5
...
15
...
30
204
...
5
...
15
...
62
204
...
5
...
15
...
94
204
...
5
...
15
...
126
204
...
5
...
15
...
158
http://www
...
com/c/en/us/support/docs/ip/routing-information-protocol-rip/13788-3
...
IP Address Spoofing Attacks
IP address spoofing is one of the most frequently used spoofing attack
methods
...
Denial-ofservice attacks often use IP spoofing to overload networks and devices with
packets that appear to be from legitimate source IP addresses
...
Request time out error
The employees of Universal bank have been constantly complaining that
they are not able to get connected to a particular device
...
While performing the ping test he gets Request timed out error
...
65
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Summary
Network Interface Cards are devices that are used to get connected to
different computers on a network
...
Ethernet cards support transfer rate of 10 or 100 or 1000 Mbps
...
Lower layers of OSI model identify nodes on the network by their MAC
address
...
The
IP address is assigned to each host by a network administrator based
on the local network
...
Port address allows a single IP address to be used for many internal
hosts
...
An IP network can be subdivided into smaller networks, known as
Subnetting
...
1
3
...
3
3
...
5
3
...
7
Networking Devices
Topology
Types of Networks
Network Architecture
Cabling Types
Color Coding Of Cable
Crimping
3
...
Typically, this includes
Network Interface Cards, routers, bridges, switches, hubs, and repeaters
...
It provides physical access to a networking
medium and often provides a low-level addressing system through the use
of MAC addresses
...
Each network adapter driver is
configured to run with a certain type of network adapter
...
It obtains a weak signal from the network,
amplifies it and passes it on to the next network segment, so that the
signal can cover longer distances without degradation
...
Repeaters work on the Physical Layer of the OSI model
...
This can cause
a propagation delay which can affect network communication when
there are several repeaters in a row
...
Hubs are usually sold with 4, 8,
16 or 24 ports
...
Hubs can be used to create tree structure
like topology
...
The added benefit of using Hub is it removes the length restriction 100
Meters in 10BaseT
...
The destination address in the frame is
not changed to a broadcast address
...
g
...
Whenever a data is received at the Hub, it broadcasts the
same to all the connected devices; hence the bandwidth gets divided
depending on number of connections
...
Bridges do not promiscuously copy traffic
to all ports, as hubs do, but learn which MAC addresses are reachable
through specific ports
...
Bridges do send
broadcasts to all ports except the one on which the broadcast was
received
...
o They are usually used to connect networks with similar architecture
...
o Network security and reliability is also improved due to smaller LAN
segments
...
o Keeps the traffic on each segment separate thereby controls
congestion, isolates LAN segments
...
http://networkschool
...
com/
http://rosilaabdullah
...
in/2009/10/basic-hardware-components
...
Once a frame
arrives through a port, its source address is stored and the bridge
assumes that MAC address is associated with that port
...
v)
Bridge provides traffic management
...
All devices connected to a bridge are part of the same broadcast
domain
...
Switch works at Data link layer
of OSI model
...
stackable, and managed vs
...
While a hub broadcasts data frames to all ports, the switch
reads the destination address of the data frame and only sends it to the
corresponding port
...
This is distinct from a hub in that it only forwards the packets to
the ports involved in the communications rather than all ports
connected
...
Switches support different
switching methods
...
Switching
methods
determine how switch receives, processes and
forwards layer2 frame
...
It checks the destination address and forwards the packets /
frames to outgoing link if the segment is free
...
Broadcasts are forwarded to all segments
...
vi) Routers
A router is specialized device connected to more than one network
running that allows the router to move data from one network to
another
...
The primary function of a router is to connect networks together and
keep certain kinds of broadcast traffic under control
...
72
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
A router is extremely useful in dealing with two
separate computer networks
...
It also protects the networks from one
another, preventing the traffic on one from
unnecessarily spilling over to the other
...
Regardless of how many networks are attached,
though, the basic operation and function of the router remains the same
...
18
Routers used in networks perform the following functions:
1
...
2
...
3
...
vii) Networking Cables:19
Cable is the medium through which information usually moves from one
network device to another
...
In some cases, a network will utilize only one
type of cable, other networks will use a variety of cable types
...
Understanding the characteristics of different types of cable and
how they relate to other aspects of a network is necessary for the
development of a successful network
...
18
19
Unshielded Twisted Pair (UTP) Cable
Coaxial Cable
Fiber Optic Cable
http://computer
...
com/router2
...
usf
...
Unshielded twisted
pair (UTP) is the most popular
...
The cable has four pairs of wires inside the jacket
...
The tighter the twisting, the higher the supported transmission rate and the
greater
the
cost
per
foot
...
Categories of Unshielded Twisted Pair
Category
1
2
Speed
1 Mbps
4 Mbps
Use
Voice Only (Telephone Wire)
Local Talk & Telephone
3
4
5
5e
6
7
16 Mbps
20 Mbps
100 Mbps (2 pair)
1000 Mbps (4 pair)
1,000 Mbps
10,000 Mbps
10BaseT Ethernet
Token Ring (Rarely used)
100BaseT Ethernet
Gigabit Ethernet
Gigabit Ethernet
Gigabit Ethernet
Unshielded Twisted Pair Connector
The standard connector for unshielded twisted pair cabling is an RJ-45
connector
...
2)
...
RJ
stands for Registered Jack, implying that the connector follows a standard
74
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
borrowed from the telephone industry
...
RJ-45 connector
Coaxial Cable
Coaxial cabling has a single copper conductor at its center
...
The metal shield helps to block any outside interference from
fluorescent lights, motors, and other computers
...
Thin coaxial cable is also referred to as thinnet
...
The 2 refers to
the approximate maximum segment length being 200 meters
...
Thin coaxial cable has been
popular in school networks, especially linear bus networks
...
10Base5 refers to the
specifications for thick coaxial cable carrying Ethernet signals
...
Thick coaxial cable has
an extra protective plastic cover that helps keep moisture away from the
75
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
center conductor
...
One disadvantage of thick coaxial is
that it does not bend easily and is difficult to install
...
Different types
of adapters are available for BNC connectors,
including a T-connector, barrel connector,
and terminator
...
Fiber Optic Cable
Fiber optic cabling consists of a center glass core surrounded by several
layers of protective materials
...
This makes it ideal for
certain environments that contain a large amount of electrical interference
...
Fiber optic cable has the ability to transmit signals over much longer
distances than coaxial and twisted pair
...
This capacity broadens communication
possibilities to include services such as video conferencing and interactive
services
...
10BaseF refers to the
specifications for fiber optic cable carrying Ethernet signals
...
A plastic
coating then cushions the fiber center, and Kevlar fibers help to strengthen
the cables and prevent breakage
...
20
http://webpage
...
edu/ms16182p/networking/cables
...
Multimode cable has a larger diameter; however, both cables provide high
bandwidth at high speeds
...
Specification Cable Type
10BaseT
Unshielded Twisted Pair
10Base2
Thin Coaxial
10Base5
Thick Coaxial
100BaseT
Unshielded Twisted Pair
100BaseFX
Fiber Optic
100BaseBX
Single mode Fiber
100BaseSX
Multimode Fiber
1000BaseT
Unshielded Twisted Pair
1000BaseFX
Fiber Optic
1000BaseBX
Single mode Fiber
1000BaseSX
Multimode Fiber
77
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
3
...
A network layout or structure is known as Network Topology
...
Each topology consists of different set of hardware; sometime software
also
...
Star topology is the most commonly used topology in the
Ethernet based LAN
...
All
of the endpoints of the common transmission medium are normally
terminated with a device called a 'terminator'
...
Advantages:
Installation of devices is easy
...
Less expensive and works better for smaller networks
...
Difficult to isolate problems
...
ii)
Star topology
In star topology, each of the nodes is connected to a central device with a
point-to-point link in a 'hub' and 'spoke' fashion
...
All data that is transmitted between nodes in the network is
transmitted through central device
...
Polling means that the central
computer or communications controller "polls" or asks each device in the
network if it has a message to send and then allows each in turn to
transmit data
...
Advantages:
Easy to install, configure, manage and expand
...
Addition or removal of device does not affect the whole network
...
Failure of hub affects entire network
...
79
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
iii)
Ring topology
In ring topology, each of the nodes is connected to two other nodes,
forming a ring – all data that is transmitted between nodes in the
network travels from one node to the next node in a circular manner
and the data generally flows in a single direction only
...
In this topology, all devices have equal
access to media
...
Dual-ring
The type of network topology in which each of the nodes of the network
is connected to two other nodes in the network, with two connections
to each of these nodes, and with the first and last nodes being
connected to each other with two connections, forming a double ring
the data flows in opposite directions around the two rings, although,
Generally, only one of the rings carries data during normal operation,
and the two rings are independent unless there is a failure or break in
one of the rings, at which time the two rings are joined to enable the
flow of data to continue using a segment of the second ring to bypass
the fault in the primary ring
...
wikipedia
...
No collisions
...
Disadvantages:
More cabling is required compared to bus
...
Addition of devices affect network
...
In a mesh topology if any cable
or node fails, there are many other ways for two nodes to communicate
...
Therefore the Internet allows sites to communicate even during a war
...
Full mesh is very expensive to
implement but yields the greatest amount of redundancy, so in the
event that one of those nodes fails, network traffic can be directed to
any of the other nodes
...
Partial mesh topology some nodes are
organized in a full mesh scheme but
others are only connected to one or two
in the network
...
It
is less expensive to implement and
yields less redundancy than full mesh
...
Failure of one link does not affect entire network
...
81
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Disadvantages:
Difficult to install and manage
...
Very much expensive
...
The tree
like structure allows you to have many servers on the network and you can
branch out the network in many ways
...
Like any other topologies, the Tree Topology has
its advantages and disadvantages
...
Tree
Topology has some limitations and the configuration should suit those
limitations
...
Point-to-point wiring for each device
...
Supported by many network vendors and even hardware
vendors
...
slideshare
...
If backbone breaks, entire network goes down
...
vi)
Hybrid topology
In a hybrid topology, different topologies are combined so that the
advantages offered by each topology can be exploited
...
23
Advantages:
Used for creating larger networks
...
Fault detection is easy
...
More expensive than other topologies
...
23
https://www
...
com
83
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
3
...
Personal area networks typically involve a mobile
computer, a cell phone and/or a handheld computing device such as a PDA
...
Personal area networks generally cover a range of less than 10 meters (about
30 feet)
...
24
II) Local area network
A local area network (LAN) is a group of computers and associated
devices that share a common communications line or wireless link
...
Usually, the server has applications and data storage that are
shared in common by multiple computer users
...
about
...
techtarget
...
It can be considered one form of a metropolitan area
network, specific to an academic setting
...
A CAN may be considered a type of MAN
85
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
(metropolitan area network), but is generally limited to a smaller area
than a typical MAN
...
Routers,
switches and hubs are connected to create a metropolitan area network
...
e
...
Less formally, a WAN is a network that
uses routers and public communications links
...
g
...
The largest and most well-known example of a WAN is the
Internet
...
VI) WLAN (Wireless Local Area Network)
Wireless Local Area Networks are much like LAN networks, except they do
not require network cables to connect each other
...
Wireless Local Area Networks allow for small
amounts of mobility whilst being connected to the internet
...
11
standards
...
Wireless LAN connections offer a surprising amount of
87
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
mobility for users with laptops and smart phones while being able to stay
connected to the internet by different networking topology
...
The
term is loosely synonymous with Internet, which is considered a global
area network
...
VIII) Virtual private network
A VPN utilizes public telecommunications networks to conduct private data
communications
...
VPN follows a client and server approach
...
VPN clients and VPN servers are typically used in these three scenarios:
1
...
To support connections between multiple intranets within the same
organization, and
3
...
26
networkwire
...
html
88
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
The main benefit of a VPN is the lower cost needed to support this
technology compared to alternatives like traditional leased lines or remote
access servers
...
These
applications support creating tunnels, setting configuration parameters, and
connecting to and disconnecting from the VPN server
...
VPN servers can also connect directly to other VPN servers
...
27
Many vendors have developed VPN hardware and software products
...
27
compnetworking
...
com
89
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
IX) Internetworking involves connecting two or more distinct computer
networks or network segments via a common routing technology
...
Any interconnection among or between public,
private, commercial, industrial, or governmental networks may also be
defined as an internetwork
...
There are at least three variants of internetwork:
Intranet
Extranet
Internet
a) Intranet
An "intranet" is the generic term for a collection of private computer
networks within an organization
...
That administrative entity closes the intranet to all but specific,
authorized users
...
A large intranet will typically have at least one web server
to provide users with organizational information
...
Intranets and
extranets are communication tools designed to enable easy information
sharing within workgroups
...
c) Internet
The Internet is a global network of interconnected computers, enabling
users to share information along multiple channels
...
It consists of a worldwide interconnection of
governmental, academic, public, and private networks based upon the
networking technologies of the Internet Protocol Suite
...
90
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
X) Private Network
In Internet Protocol terminology, a private network is typically a network that
uses private IP address space
...
These addresses are private because they are not globally delegated, meaning
they aren't allocated to a specific organization
...
The most common use of these addresses is in home networks, since most
Internet service providers (ISPs) only allocate a single IP address to each
residential customer, but many homes have more than one networked device
(for example, several computers and a printer)
...
They are also commonly used in corporate networks, which for security
reasons, are not connected directly to the Internet
...
The IP addressing
scheme makes it possible for computers to “find each other” online and
exchange information
...
g
...
com, google
...
Within a private network, computers use addresses excluded by convention
from use on the Internet
...
IANA is responsible for overseeing global allocation of IP numbers, among
other related protocols
...
These private
IP ranges are as follows:
10
...
0
...
255
...
255
172
...
0
...
31
...
255
192
...
0
...
168
...
255
91
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Computers within a private network are each assigned a unique address in
order to exchange files and share resources with one another
...
3
...
The computer that serves the request using network is
known as ‘Server’
...
In the Client/server model, there is a centralized server
or domain controller that controls and all the computers are
dependent on it
...
Additionally, the server computer runs as
operating system, Known as a network operating system
...
Specific types of clients include web browsers, email clients, and
online chat clients
...
Client-server architecture
92
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
ii) Peer to Peer (P2P)
The basic concept of P2P networks is to provide direct connectivity
between end users
...
All the computers are the part of the same workgroup
...
In contrast to client-server networks there is no dedicated server in peerto-peer architecture
...
This means that each computer on the network is free to share its own
resources
...
Peer-Peer Architecture
Therefore, peer-to-peer networks are only useful for a small number of
computers generally about 10, and only suitable for applications that do not
require a high level of security
...
Peer-to-peer architecture advantages:
Reduced cost such a network is hardware, cabling and maintenance
...
Peer-to-peer networks disadvantages:
This system is not centralized, making administration difficult
...
No link in the network is reliable
...
The direct
communication takes place between client and server
...
The above figure shows the architecture of two-tier
...
Let us see the concept of two tiers with real time application
...
The two tiers of two-tier architecture is
1
...
Client Application (Client tier)
On client application side the code is written for saving the data in the SQL
server database
...
The main problem of two tier architecture is the
server cannot respond multiple request same time, as a result it cause a
data integrity issue
...
Understanding and maintenances is easier
...
Communication is faster
Disadvantages:
1
...
2
...
94
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
iv)
THREE-TIER ARCHITECTURE
Three-tier architecture typically
comprises
a presentation tier,
a business or data access tier, and a data tier
...
This layer is used for the design purpose where data is
presented to the user or input is taken from the user
...
2) Business layer:
In this layer all business logic written like validation of data,
calculations, data insertion etc
...
This layer is also called the
intermediary layer helps to make communication faster between client
and data layer
...
Data Access
Layer contains methods to connect with database and to perform
insert, update, delete, get data from database based on our input
data
...
softwaretestingclass
...
High performance, lightweight persistent objects
...
Scalability – Each tier can scale horizontally
...
Performance – Because the Presentation tier can cache requests,
network utilization is minimized, and the load is reduced on the
Application and Data tiers
...
High degree of flexibility in deployment platform and configuration
...
Better Re-use
...
Improve Data Integrity
...
Improved Security – Client is not direct access to database
...
Easy to maintain and modification is bit easy, won’t affect other
modules
...
Increase Complexity/Effort
...
5 TYPES OF CABLING
1) Straight-Through Wired Cables
Straight-Through refers to cables that have the pin assignments on each
end of the cable
...
Straight-Through wired cables are most
commonly used to connect a host to client
...
Connector A
Connector B
96
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
2) Crossover Wired Cables
Crossover wired cables (commonly called crossover cables) are very
much like Straight-Through cables with the exception that TX and RX
lines are crossed (they are at opposite positions on either end of the
cable
...
Pin 2 on connector A
goes to Pin 6 on connector B
...
Examples would be connecting a
computer directly to another computer, connecting a switch directly to
another switch, or connecting a router to a router
...
Now days most devices have auto sensing technology that
detects the cable and device and crosses pairs when needed
...
Pin 1 of connector A would be connected to Pin 8 of
connector B
...
Rollover cables, sometimes referred to as Yost
cables are most commonly used to connect to a devices console port to
make programming changes to the device
...
29
29
http://www
...
com/straight-through_crossover_rollover
...
6 COLOR CODDING OF CABLING
The TIA/EIA 568 standard has two wiring sequences, T568A and T568B
...
Either
sequence may be used to set up a network
...
Data networks
usually use the TIA/EIA 568B standard
...
30
30
http://ciscorouting
...
7 CRIMPING
In this activity, you will cut, strip, and crimp a piece of category 5 unshielded twisted
pair cable and attach it to a RJ 45 connector
...
2
...
4
...
6
...
8
...
This section takes a look at the most common cabling
connectors
...
This type of
connector resembles the older RJ11 connectors that most people
are familiar with from wired telephones
...
Figure 6 below shows an example of a ST connector:
Subscriber Connector (SC)
The Subscriber Connector (SC) can be seen commonly
on MMF or SMF; as with SC connectors, the ST
connector is slowly being replaced by multi-fiber
connectors
...
Unlike the SC and ST connectors,
the LC connector is always duplex connecting a pair of
fibers at a time
...
As the name suggests, it was designed to be
able to be connected multiple times without the creation
of any potential connector issues
...
Figure 9 below
shows an example of an MPO connector:
CASE STUDY I:
Universal Bank has its registered office at Delhi
...
The operating departments
in the bank are Finance, Insurance, Loan, IT, Marketing, Customer
Service and HR
...
All the branches of the bank from different cities are
connected through WAN
...
Determine which type of network to be used within a city
Use LAN computer network for each department in the new branch
...
At Hyderabad branch, the Customer Service
department network is not functioning properly
...
Selecting the network criteria
Decide network type and configuration, number of users, speed of the
network, hardware to be used, operating system to be installed and antivirus software
CASE STUDYIII:
Pune branch of the Universal bank has built an insurance department in
such a way that each device is connected to one another
...
It is required that agents should handle only
102
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
their specific clients since the information is confidential
...
So, the network administrator
wants to switch over to other topology
...
To obtain security of data
star network seems to be the best choice
...
CASE STUDY IV:
Universal Bank at Mumbai has implemented a star topology in their IT
department
...
In the
Loan department, all computers are connected in closed loop format
...
The administrator can join these two star and ring
networks to form a hybrid network with the help of Multi station Access
Unit (MAU)
...
Ensure that there is no break in the
link between two computers in a ring network and switch in star network
is working properly
...
Computer networks are divided into LAN, CAN, MAN and WAN
depending on the coverage area
...
Performance, reliability and security are the network selection criterion
which enables to choose efficient network
...
Topology describes the way in which networking devices are connected
to each other
...
In a single node topology, just a single device called dumb terminal is
connected to the server
...
In star topology, multiple devices are connected to a central connection
point known as hub or switch
...
In a mesh topology, every device is connected to each and every node
in the network with many redundant interconnections at least two
paths to and from every node
...
Hybrid topology is a combination of different topologies such as StarBus or Star-Ring
...
Signals lying on the cable are absorbed by the terminators at the end
of the cable to avoid collision
...
104
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
CHAPTER 4
OSI AND TCP/IP MODEL
Objective
4
...
2
4
...
4
4
...
6
4
...
8
4
...
1 HISTORY
The OSI Reference Model was intended to serve as the foundation for the
establishment of a widely adopted suite of protocols that would be used by
international internetworks basically, what the Internet became
...
Models are useful because they help us understand difficult concepts and
complicated systems
...
Of
these, the most popular and commonly used is the Open Systems
Interconnection (OSI) Reference Model
...
As you read
about networking, you will frequently find references to the various levels,
or layers, of the OSI Reference Model
...
2 ISO STANDARDS
ISO (International Organization for Standardization) is the world's largest
developer and publisher of International Standards
...
ISO is a voluntary organization whose members are recognized authorities
on standards, each one representing one country
...
On the one hand, many of its member institutes
are part of the governmental structure of their countries, or are mandated by
their government
...
3 OSI Model
The Open System Interconnection Reference Model is an abstract
description for layered communications and computer network protocol
design
...
In its most basic form, it divides network architecture into seven
layers, which from top to bottom, are the Application, Presentation, Session,
Transport, Network, Data-Link, and Physical Layers
...
The Open Systems Interconnection (OSI) reference model has been an
essential element of computer network design since its ratification in 1984
...
The OSI model is a technology standard maintained by the International
Standards Organization (ISO)
...
i
106
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
4
...
Layers in the OSI model are ordered from lowest
level to highest
...
The stack
contains seven layers in two groups:
Upper layers:7
...
Presentation
5
...
Transport
3
...
Data link
1
...
This article
describes and explains them, beginning with the 'lowest' in the hierarchy (the
physical) and proceeding to the 'highest' (the application)
...
It describes the electrical/optical, mechanical, and
functional interfaces to the physical medium, and carries the signals for all
of the higher layers
...
It
https://support
...
com/kb/103884
107
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
determines:
o
o
o
What signal state represents a binary 1
How the receiving station knows when a "bit-time" starts
How the receiving station delimits a frame
Transmission technique: determines whether the encoded bits will be
transmitted by baseband (digital) or broadband (analog) signalling
...
CASE STUDY I:
Consider a Wireless Ethernet Hub located next to a wall in an office block
...
The only thing separating you and your competitor is a layer of brick
and plaster
...
He/she simply buys a Microwave Omission Analyser and searches around
garage sales, trash and treasure stores, until a suitably leaky device is
found
...
A possible solution is prevention by design
...
ii
108
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
DATA LINK LAYER
The data link layer provides error-free transfer of data frames from one node
to another over the physical layer, allowing layers above it to assume
virtually error-free transmission over the link
...
Frame sequencing: transmits/receives frames sequentially
...
Detects and recovers from errors that occur in the physical layer by
retransmitting non-acknowledged frames and handling duplicate
frame receipt
...
Media access management: determines when the node "has the right"
to use the physical medium
...
It needs t o be mentioned, in case of terminology confusion, that the physical
network address is understood as the MAC Address
...
MAC addressing
information resides on OSI model Layer 2
...
This is known as ARP
Cache Poisoning
...
It provides:
32
Routing: routes frames among networks
...
http://www
...
org/reading-room/whitepapers/protocols/understanding-security-osi-model-377
109
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Logical-physical address mapping: translates logical addresses, or
names, into physical addresses
...
If an attacker wants to cause problems
when they are physically located within the network then they can ARP
cache poison, but what if they are outside of the network? They can use
routers
...
33
TRANSPORT LAYER
The transport layer ensures that messages are delivered error-free, in
sequence, and with no losses or duplications
...
The size and complexity of a transport protocol depends on the type of
service it can get from the network layer
...
If the
network layer is unreliable and/or only supports datagram's, the transport
protocol should include extensive error detection and recovery
...
The transport
layer at the destination station reassembles the message
...
Message traffic control: tells the transmitting station to "back-off"
when no message buffers are available
...
Port scanning is often an attacker’s first probe of your network
...
It provides:
Session establishment, maintenance and termination: allows two
application processes on different machines to establish, use and
terminate a connection, called a session
...
A hacker can also be "inline" between B and C using a sniffing program to
watch the conversation
...
A
common component of such an attack is to execute a denial-of-service (DoS)
attack against one end-point to stop it from responding
...
PRESENTATION LAYER
The presentation layer formats the data to be presented to the application
layer
...
This layer may
translate data from a format used by the application layer into a common
format at the sending station, and then translate the common format to a
format known to the application layer at the receiving station
...
Data conversion: bit order, CR-CR/LF, integer-floating point, and so
on
...
Data encryption: encrypt data for security purposes
...
com/computernetworkingnotes/
...
This layer contains a variety of
commonly needed functions:
Resource sharing and device redirection
Remote file access
Remote printer access
Inter-process communication
Network management
Directory services
Electronic messaging (such as mail)
Communication between sender and receiver
Protocols used in Each Layer
Protocols are the communication standards, agreed upon ways and the
language, which two computers understand in order to send and receive
the data
...
The topic is varied and growing each day
...
There is no doubt that computer resources are under attack and those
resources are not free
...
We may have purchased an
excellent virus protection software kit, but our encryption methods are
dated
...
4
...
It has 4
layer architecture
...
By implementing the required
protocols in TCP/IP RFCs, a computer can be relatively confident that it
can communicate with other computers that also implement TCP/IP
...
35
http://www
...
org/paper/gsec/2868/osi-defense-in-depth-increase-application-security/104841
114
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
iii
1
...
Application layer provides an interface between software
running on a computer and the network itself
...
Example protocols are HTTP, POP3, and
SMTP etc
...
Transport Layer: Consists of mainly two protocol options
...
Each layer provides a service to the layer above it
...
The protocol
defined by each layer uses a header that is transmitted between the
computers, to communicate what each computer wants to do
...
The software or hardware that implements the
higher layer requests that the next lower layer perform the needed
function
...
Internetwork Layer: Internet protocol (IP), works much like the postal
service
...
Similarly, IP defines the process of routing
so that routers can choose where to send data correctly
...
Network Interface Layer: Defines the protocols and hardware required
to deliver data across some physical network
...
It is
the interface between the computer and network
...
Ethernet
115
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
defines the required cabling, addressing and protocols used to create
an Ethernet
...
IP understands the overall
network topology, things such as which routers are connected to which
networks, and what the IP addressing schemes looks like
...
6 Comparison of OSI and TCP/IP Models
iv
Similarities:1
...
2
...
3
...
4
...
5
...
6
...
The core level functional details of each layer are not revealed
to other layers
...
Transport layer defines end-end data communication process and
error-correction techniques in both the models
...
OSI and TCP/IP reference models process data in the form of packets
to perform routing
...
Not practically implemented yet
...
Presented by this model
...
Model was devised first and
protocols were latter fitted to
appropriate layers
...
Connectionless and connection
oriented services are there in
Network layer but only connection
oriented services in Transport
layer
...
TCP/IP
Only 4 layers are present
...
Division of responsibilities on each
layer is not so specific
...
Not considered as a design standard
due to the failure in distinguishing
services, interfaces and protocols
...
This is a protocol specific model
...
7 Different ports & services
PORT: The term port can refer to either physical or virtual connection
points
...
Several different
types of physical ports available on computer network hardware
include:
o
o
o
Ethernet ports
USB ports
serial ports
117
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Virtual ports are part of TCP/IP networking
...
Computers and routers automatically
manage network traffic travelling via their virtual ports
...
In computer networking, a port number is part of the addressing
information used to identify the senders and receivers of messages
...
Home
network routers and computer software work with ports and sometimes
allow you to configure port number settings
...
4
...
Port
numbers are most commonly used with TCP/IP connections
...
These port numbers allow
different applications on the same computer to share network resources
simultaneously
...
On most computers, these port numbers are used
only by server processes run by system administrators or privileged
users
...
For this
reason, these are sometimes called system port numbers
...
For example, SMTP is assigned 25 and HTTP is assigned
80
...
Ports are used in the TCP [RFC793] to name the ends of logical
connections, which carry long-term conversations
...
This list
specifies the port used by the server process as its contact port
...
The Well Known Ports are those from 0 to 1023
...
Each kind of
application has a designated port number
...
When one application
communicates with another application at another host computer on
the Internet, it specifies that application in each data transmission by
using its port number
...
Many applications
need to use TCP/IP but are not specified in RFCs, or are not so
universally used that they warrant a worldwide well-known port
number
...
Anyone who creates a viable TCP/IP server
application can request to reserve one of these port numbers, and if
approved, the IANA will register that port number and assign it to the
application
...
This is
temporary ports, usually used by clients, and will vary each time a
service is used
...
The port is then abandoned and can be used by other
services
...
Besides the well-known port numbers
and the registered port numbers, the remaining ports in the port
number spectrum are referred to as dynamic ports or private ports and
are numbered from 49152 through 65535
...
For example, when client sends the http request from a registered TCP
port, such as port 3666
...
Once session established the
server continues to use port 80, and client uses various registered port
such as TCP port 3666, 3667 to transfer the http data
...
They can be
used for any purpose without registration, so they are appropriate for a
private protocol used only by a particular organization
The dynamic port numbers (also known as the private port numbers)
are the port numbers that are available for use by any application to
use in communicating with any other application, using the Internet's
Transmission Control Protocol (TCP) or the User Datagram Protocol
(UDP)
...
The port numbers
range from 0 through 65535
...
The
dynamic port numbers are in the highest range, from 49152 through
65535
...
The port numbers are endpoint for the communication
path, so that two applications communicating across the network can
identify each other
...
This is how protocols work
...
Each
application that communicates on the network using TCP/IP also
specified a port number on the target computer
...
For example, in
TCP/IP networking, both TCP and UDP utilize their own set of ports that
work together with IP addresses
...
Just as a business
telephone switchboard can use a main phone number and assign each
employee and extension number like x100, x101, etc
...
Many TCP/IP programs can be executed simultaneously over the Internet
(you can for example open several browsers simultaneously or browse
HTML pages while downloading a file via FTP)
...
So, to facilitate this process, each
of these applications can allocate a unique address to the machine, coded
in 16 bits: a port (the combination of IP address + port is therefore a
unique address in the world and is called a socket)
...
In this way, when the computer receives information intended
for a port, the data is sent to the related application
...
If it is a
response, we then talk about a client application
...
You can check online
whether the specific port is open or close
...
canyouseeme
...
yougetsignal
...
speedguide
...
php
https://www
...
com/x/ne
...
whatsmyip
...
advantig
...
Opening a port is like poking a hole through the firewall
...
Unknown intruders often use software that scans the Internet looking
for computers with unprotected connections
...
To help decrease your security risk if you open ports:
Only open a port when you really need it
...
Close a port when you no longer need it
...
9 ADVANCED INTEGRATED MODELS
A WAN is a data communications network that covers a relatively broad
geographic area and that often uses transmission facilities provided by
common carriers, such as telephone companies
...
The key
difference between WAN and a LAN technology is scalability
...
A set of switches and routers are interconnected to form a Wide Area
Network
...
A wide area network may be privately owned or
rented from a service provider, but the term usually connotes the
inclusion of public (shared user) networks
...
Packet switching allows users to share common carrier
resources so that the carrier can make more efficient use of its
122
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
infrastructure
...
The carrier can then create virtual circuits between customers'
sites by which packets of data are delivered from one to the other through
the network
...
This works like a
normal telephone line works for voice communication
...
When a
router has data for a remote site, the switched circuit is initiated with the
circuit number of the remote network
...
With ISDN (Integrated Services Digital Network), you can have
multiple digital channels over phone jack
...
There are two levels of service: the Basic Rate
Interface (BRI), intended for the home and small enterprise, and the
Primary Rate Interface (PRI), for larger users
...
Each B-channel carries data,
voice, and other services
...
The Basic Rate Interface consists of two 64 Kbps B-channels and one
16 Kbps D- channel
...
The Primary Rate consists of 23 B-channels and one 64
Kpbs D-channel in the United States or 30 B-channels and 1 Dchannel in Europe
...
End-to-end digital connections: ISDN gives digital speed from start to
finish
...
Message-oriented signalling: ISDN will not distort or lose the
information like analog data transmission
...
v
123
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Broadband ISDN (BISDN) is intended to extend the integration of both
services throughout the rest of the end-to-end path using fiber optic
and radio media
...
BISDN is intended to support transmission from 2
Mbps up to much higher, but as yet unspecified, rates
...
The OSI stack contains seven layers, beginning with the 'lowest' in the
hierarchy is physical layer, Datalink, network, Transport, Session,
Presentation and proceeding to the 'highest' is application layer
...
Knowing that a particular layer is weak
allows us to understand that our system is vulnerable and we can
distribute resources
...
It
has 4 layer architecture, Application, Transport, Internetwork and
Network Interface layer
...
In computer networking, a port number is part of the addressing
information used to identify the senders and receivers of messages
...
Each time that you allow an exception or open a port for a program to
communicate through Firewall, your computer is made more
vulnerable
...
The key difference between WAN and a LAN technology is scalability
...
Both packet switching and circuit switching technologies are used in
the WAN
...
1
5
...
3
5
...
5
5
...
1 Domain Name Server (DNS)
If we had to remember the IP addresses of all of the Web sites then
visiting site every day is not as much possible, Human beings just are
not that good at remembering strings of numbers
...
You probably have hundreds of domain names stored in your head
...
www
...
com is a human-readable name
...
networksecurity
...
116
...
66
...
A domain
name is a meaningful and easy-to-remember "handle" for an Internet
address
...
DNS uses port number 53
...
networksecurity
...
The host name ("www")
2
...
The top-level domain name ("com")
126
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
36
Every name in the COM top-level domain must be unique, but there can
be duplication across domains
...
com and
networksecurity
...
Domain names within the "
...
VeriSign also manages "
...
Other
registrars (like RegistryPro, NeuLevel and Public Interest Registry) manage
the other domains (like
...
biz and
...
VeriSign creates the top-level
domain names and guarantees that all names within a top-level domain
are unique
...
These servers are simple
databases that map names to IP addresses, and they are distributed
all over the Internet
...
Because domain names are alphabetic, they are
easier to remember
...
Every time client use a domain name, a DNS service must translate
the name into the corresponding IP address
...
example
...
105
...
4
...
ntchosting
...
jpg
127
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
individual companies, ISPs and universities maintain small name
servers to map host names to IP addresses
...
DNS is a distributed database used by applications to map between
Hostname and IP addresses
...
DNS servers are the
computers designated to store DNS database records (names and
addresses), while clients of the DNS include PCs, phones and other
devices of end users
...
For the Internet, socalled root name servers reside at the top of the DNS hierarchy
...
com" and "
...
Servers at the
next lower level of the DNS hierarchy track second-level domain
names and addresses (like "about
...
about
...
37
38
http://whatsmydns
...
gif
http://en
...
org/wiki/Domain_Name_System
128
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
DNS servers are installed and maintained by private businesses and
Internet governing bodies around the world
...
When your computer is connected to the Internet, the ISP (Internet
Service Provider) automatically allocates primary and secondary DNS
server addresses to your desktop
...
DNS servers of ISP cannot handle traffic during
major times, which results in the slow speed of the Internet or
sometimes server down trouble
...
There are multiple servers, if one breaks down; other is ready to
operate for you
...
2
...
4
...
Google Public DNS Server
Open DNS
Norton DNS Server
Comodo Secure DNS
DNS Advantagevii
CASE STUDY I: Hackers Exploiting SNMP Clients Using Google’s Public DNS Server
Spoofed IP (8
...
8
...
8
...
8) to launch SNMP amplification DDoS
attack against vulnerable devices available on the Internet
...
8
...
8 is a widely used Public DNS server and
even network experts will mistakenly consider it as genuine traffic
...
January 25, 2001 - Microsoft's Web site was brought down by a powerful
Denial of Service (DoS) attack
...
Due to the magnitude and security
issues, the FBI was brought in to take care of the case
...
129
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
During some periods of the DoS attack, Microsoft's Web page could be loaded
only 2 percent of the time
...
For about two hours, the Web site was completely blocked
...
Because of this DNS flood, legitimate users could no longer load the
company's Web pages causing significant losses
...
Apparently, the attackers used a flaw in Microsoft's defenses
...
The attackers targeted this exact DNS switch and managed to deliver a
deadly strike
...
2 DHCP
It is known as Dynamic Host Configuration Protocol
...
DHCP is a protocol that assigns unique IP addresses to
devices, then releases and renews these addresses as devices leave and
re-join the network
...
DHCP provides safe, reliable, simple TCP/IP
network configuration prevents address conflicts, and helps conserve
the use of client IP addresses on the network
...
DHCP uses a client/server model where the DHCP server maintains
centralized management of IP addresses that are used on the network
...
Dynamic Host Configuration Protocol (DHCP) is a network protocol
that enables a server to automatically assign an IP address to a
computer from a defined range of numbers (i
...
, a scope) configured for
a given network
...
secure64
...
o The client computer sends a broadcast request called a DISCOVER
or DHCPDISCOVER, looking for a DHCP server to answer
...
o The server receives the DISCOVER packet
...
The server then
temporarily reserves that address for the client and sends back to
the client an OFFER or DHCPOFFER packet, with that address
information
...
o The client sends a REQUEST or DHCPREQUEST packet, letting the
server know that it intends to use the address
...
One problem with static assignment, which can result from user error
or inattention to detail, occurs when two computers are configured
with the same IP address
...
Using DHCP to dynamically assign IP addresses minimizes
these conflicts
...
link-elearning
...
jpg
131
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Security Tip
Basic VoIP architecture elements such as phones, servers, and PBXs
rely heavily on your supporting network infrastructure (DHCP, DNS,
TFTP, and so on)
...
Many VoIP phones are configured, by default, to request an IP address
dynamically every time they are turned on or rebooted
...
41
There are two types of DHCP attack; they are DHCP starvation Attack
and DHCP rogue attack
...
This causes
a Denial of Service at DHCP server, thus not allowing an authentic user
from using the network
...
In DHCP rouge attack, a malicious user acts as if he is a DHCP server
and provides a reliable user with Wrong gateway, Wrong DNS and
Wrong IP
...
This
can be avoided by using a multilayer switch which got a capability to
drop the packets
...
3 FILE SERVER
File server is a computer attached to a network that has the primary
purpose of providing a location for the shared storage of computer files
such as documents, sound files, photographs, movies, images,
databases, etc
...
In the client/server model, a file server is a computer responsible for
the central storage and management of data files so that other
computers on the same network can access the files
...
com/books/en/2
...
1
...
infosecinstitute
...
Any computer can be configured to be a host and act as a file server
...
43
In a more sophisticated network, a file server might be a dedicated
network-attached storage (NAS) device that also serves as a remote
hard disk drive for other computers, allowing anyone on the network to
store files on it as if to their own hard drive
...
On the Internet, such programs often use the File Transfer
Protocol (FTP)
...
Also, a non-dedicated fileserver; which would allow the
fileserver to be used simultaneously as a workstation
...
Quotas can be set so that each user will have a certain
amount of space on which he/she can save data
...
gstatic
...
4 MAIL SERVER
Email is one of the best known and most widely used services across
the Internet
...
Email is usually
a bundled feature with many Internet service providers or web-hosting
domains
...
A
computer dedicated to running such applications is also called a mail
server
...
EMAIL FUNCTIONING PROTOCOL
Mail servers can be broken down into main categories: Web Based
Email, POP3 Email Servers, SMTP Mail servers, IMAP4 Email servers
...
Incoming mail servers come in two main varieties
...
The SMTP server listens
on well-known port number 25, POP3 listens on port 110 and IMAP
uses port 143
...
Many
free email providers host their servers as web-based email
...
It is useful for people on the
go since they can check their email anywhere they have access to the
Internet
...
All that you need is an e-mail server for
the client to connect
...
134
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
44
On the Internet software applications that act as servers, these are
Web servers, FTP servers, telnet servers and e-mail servers running
on millions of machines on the Internet right now
...
SMTP Server
SMTP stands for Simple Mail Transfer Protocol
...
Most email software is designed to use SMTP for
communication purposes when sending email and it only works for
outgoing messages
...
SMTP provides a set of codes that simplify the communication of
email messages between servers
...
44
https://encryptedtbn0
...
com/images?q=tbn:ANd9GcRRuo0v4aTh6_r1uZqNTuCQD_mOvw5AS3ulmjxkwz
7MyS2ubf10
135
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
If, for some reason, the SMTP server at yahoo cannot connect with the
SMTP server at Gmail, then the message goes into a queue
...
Sendmail
will periodically try to resend the messages in its queue
...
After four hours, it will usually send
you a piece of mail that tells you there is some sort of problem
...
The SMTP server understands very simple text commands like HELO,
MAIL, RCPT and DATA
...
)
RSET - reset
QUIT - quit the session
HELP - get help on commands
VRFY - verify an address
EXPN - expand an address
VERB - verbose
(Note: Sendmail is a mail transfer agent (MTA) that supports many
kinds of mail transfer and delivery including the popular SMTP
...
When
a send mail server receives e-mail, it attempts to deliver the mail to the
intended recipient immediately and, if the recipient is not present, it
queues messages for later delivery
...
Most Internet service providers (ISPs) provide both an SMTP server
(such as send mail) and a POP or IMAP server
...
When a message arrives, the POP3 server simply appends it to the
bottom of the recipient's file
...
The POP3 server
requires an account name and a password
...
Like
the SMTP server, the POP3 server understands a very simple set of text
commands
...
Generally, it will then delete the messages from the server
...
As you can see, the POP3 protocol is very simple
...
Your e-mail
client (e
...
Outlook Express) can connect to your POP3 e-mail server
and download the messages from the POP3 text file onto your PC
...
Many users want to do far more than that with their e-mail, and they
want their e-mail to remain on the server
...
With POP3, once you download your e-mail it is stuck on
the machine to which you downloaded it
...
IMAP (Internet Mail Access Protocol) is a more advanced protocol
that solves these problems
...
You can organize your mail into folders, and all the folders live
on the server as well
...
This approach
makes it extremely easy for you to access your e-mail from any
machine, and regardless of which machine you use; you have access to
all of your mail in all of your folders
...
It is called a client
because e-mail systems are based on client-server architecture
...
Email clients generally
provide a simple interface through which you can access your email
account
...
Many people use wellknown, stand-alone clients like Microsoft Outlook, Outlook Express,
Eudora or Pegasus
...
EMAIL HEADER
The email header is the information that travels with every email,
containing details about the sender, route and receiver
...
As when you would book a flight ticket with a
false identity, the same goes for emails: the sender can partially fake
these details, pretending that the email was sent from a different
account (common practice for spammers or viruses)
...
edu" (one
line per recipient)
...
Bcc: (stands for "Blind Carbon Copy") If you see this header on
incoming mail, something is wrong
...
The idea is to be able to send copies of
email to persons who might not want to receive replies or to appear in
the headers
...
It specifies
138
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
additional recipients
...
Comments: This is a nonstandard, free-form header field
...
edu>"
...
Treat with caution
...
It has no direct relevance
to the delivery of mail, but it affects how MIME-compliant mail
programs interpret the content of the message
...
Date: This header does exactly what you would expect: It specifies a
date, normally the date the message was composed and sent
...
It should
not be treated as gospel truth; forgeries aside, there are an awful lot of
computers in the world with their clocks set wrong
...
This is not a particularly common header, as the sender usually wants
to receive any errors at the sending address, which is what most
(essentially all) mail server software does by default
...
From: (with colon) this is the "message from:" discussed above
...
Conventionally, it is of the form
"gibberish@bieberdorf
...
139
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
In-Reply-To: A Usenet header that occasionally appears in mail, the
In-Reply-To: header gives the message ID of some previous message,
which is being replied to
...
Mime-Version: (also MIME-Version :) Yet the sender used another
MIME header, this one just specifying the version of the MIME protocol
that
...
Newsgroups: This header only appears in email that is connected with
Usenet either email copies of Usenet postings, or email replies to
postings
...
Organization: A completely free-form header that normally contains
the name of the organization through which the sender of the message
has net access
...
Priority: An essentially free-form header that assigns a priority to the
...
It is often used by spammers, usually in
the form "Priority: urgent" (or something similar), in an attempt to get
their messages read
...
References: The References: header is rare in email except for copies
of Usenet postings
...
It may also appear in email
responses to Usenet postings, giving the message ID of the post being
responded to as well as the references from that post
...
Though this header
has many legitimate uses (perhaps your software mangles your
“From:” address and you want replies to go to a correct address), it is
also widely used by spammers to deflect criticism
...
It should identify the sender
...
140
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Subject: A completely free-form field specified by the sender intended
of course to describe the subject of the message
...
Note that the To: header need
not contain the recipient's address!
X-headers are the generic term for headers starting with a capital X
and a hyphen
...
This
convention is frequently violated
...
It is
typically ignored; presumably some software acts on it
...
Any message
sent with Pegasus to a sufficiently large number of recipients has a
header added that says "X-Distribution: bulk"
...
X-Errors-To: Like Errors-To:, this header specifies an address for
errors to be sent to
...
X-Mailer: A freeform header field intended for the mail software used
by the sender to identify itself (as advertising or whatever)
...
X-Priority: Another priority field, used notably by Eudora to assign a
priority (which appears as a graphical notation on the message)
...
In fact, it is nearly as easy to forge,
and should therefore be viewed with the same sort of suspicion as the
from: header
...
It is normally added between the
recipient's mail server and the recipient's actual mail software; if mail
arrives at the mail server with an X-UIDL: header, it is probably junk
141
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
(there is no conceivable use for such a header, but for some unknown
reason many spammers add one)
...
The
accused
in
this
case
demanded
to
meet
the
complainant
...
On receiving the complaint, the investigating team extracted the e-mail
header to trace the IP address
...
Using
system
logs,
the
exact
computer
used
and
its
user
were
identified
...
The investigating team also seized the
computer and some photographs of a look-alike of the victim from the
accused
...
45
45
http://indiacyberlab
...
htm
142
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Summary
The domain name system (DNS) is the way that Internet domain
names are located and translated into Internet Protocol addresses
...
When your computer is connected to the Internet, the ISP
automatically allocates primary and secondary DNS server addresses
to your desktop
...
DHCP is a protocol that assigns unique IP
addresses to devices, then releases and renews these addresses as
devices leave and re-join the network
...
A mail server is an application that receives incoming e-mail from local
users and remote senders and forwards outgoing e-mail for delivery
...
It's a set of
communication guidelines that allow software to transmit email over
the Internet
...
When a message arrives, the POP3 server simply
appends it to the bottom of the recipient's file
...
143
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
CHAPTER 6
NETWORK APPLICATION
Objective
6
...
2
6
...
4
VNC
RDP
Remote Assistance
File sharing
In computer networking, remote access technology allows logging into a
system as an authorized user without being physically present at its
keyboard
...
Remote access is the ability to get access to a computer or a network from a
remote distance
...
Home users get access to the Internet through remote access to an Internet
service provider (ISP)
...
1 VNC
Virtual Network Computing is a technology for remote desktop sharing
...
This technology is useful on home computers, allowing someone to access
their desktops from another part of the house or while travelling
...
VNC works similarly to the Remote Desktop application built into Microsoft
Windows
...
VNC
144
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
applications, however, are generally regarded as slower and offering fewer
features and security options than Windows Remote Desktop
...
A VNC viewer (or client) is installed on
the local computer and connects to the server component, which must be
installed on the remote computer
...
It also interprets commands
coming from the viewer and carries them out on the remote computer
...
The protocol simply allows a server to update the frame buffer displayed on a
viewer
...
This includes
X/Unix, Windows 3
...
The protocol
will operate over any reliable transport such as TCP/IP
...
Computers must be networked with TCP/IP and have open ports allowing
traffic from the IP addresses of devices that may need to connect
...
In this way, clients can run on the widest range
of hardware, and the task of implementing a client is made as simple as
possible
...
Since
that time, several mainstream remote desktop solutions have been created
based on VNC
...
Other popular derivatives are explained as follows:
46
http://compnetworking
...
com/od/softwareapplicationstools/g/bldef_vnc
...
techtarget
...
phys
...
edu/~bryan/vnc/clientserver
...
hep
...
cam
...
uk/vnc_docs/howitworks
...
This company offers many different
versions of programs
...
Ultra VNC This Company offers a free and highly advanced program that
is mostly used for mainstream companies
...
This program is available for
Windows and UNIX
...
The features for this program include the following:
File transfer functions
Compression enhancement
Chat capabilities
Ability to handle video
Email access from remote locations
Windows support
The ability to control a single program remotely
File transfer capabilities that is only available for Windows operating
systems
Scale remote desktops
Web browser access that is enhanced
JPEG compression with efficient encoding capabilities
Password support
...
This program can run on different modes
...
The features of this program include the following:
Client and server side scaling
Support for pocket computers
Support for Smart Phones
Session history50
50
http://www
...
org/what-is-a-vnc/
146
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
CASE STUDY I: Transport
Go-Ahead London, Port of San Diego and many more transport companies
are using VNC
...
Tech teams use VNC to ensure the smooth running of IT
systems, contributing to reduced passenger waiting times and increased
department efficiency
...
2 RDP
Remote Desktop Protocol (RDP) is a protocol designed for secure
communications in networks using Microsoft Terminal Services
...
In 2006, RDP 6
...
52
RDP allows network administrators to remotely diagnose and resolve
problems encountered by individual subscribers
...
An
open source version is also available
...
RDP also allows redirection of functions such as audio and
printing
...
Data can be encrypted using 128-bit keys and the
bandwidth reduction feature optimizes the data transfer rate in lowspeed connections
...
For instance,
if an administrator opens a thin-client connection between computers,
an attacker who is able to break into the RDP connection would have
51
https://www
...
com/products/vnc/case-studies/research/
http://www
...
co
...
speedupmypcfree
...
73231344,d
...
It is generally recommended
that RDP only be used when it is necessary and that both the
administrator and end user run with the lowest level of privileges
possible
...
Audio, printer, port and file redirection
...
Remote desktop applications run on client machines using a remote
desktop connection
...
54
To perform this lab you require two computers running either windows
7 and/or Windows XP
...
This is the
computer whose Remote Desktop is to be taken
...
This can be tested using IPCONFIG and
Ping commands appropriately
...
The host is accessed
remotely from this computer
...
techtarget
...
techopedia
...
has clocked up 40 years providing tailormade holidays for its customers, but the company is about to embark on a
new journey of its own: moving from a client-server IT architecture to a
centrally managed virtual desktop model
...
Trailfinders currently operates a local server at each of its offices around the
country, said the company's IT Director, Matthew Raymond, each with a
local network of fully featured Dell Inc
...
The plan now is to move to thin-client terminals linked into a central server
at its offices in Kensington, West London
...
Each terminal will access a virtual desktop image, which means an employee
can log in at any desk, using a username and password, to ensure remote
desktop connection security and immediately be presented with his or her
own desktop image
...
computerweekly
...
3 REMOTE ASSISTANCE
Sometimes the best way to fix a problem is to have someone show you
how
...
To help ensure that only people you invite can connect to your
computer using Windows Remote Assistance, all sessions are
encrypted and password protected
...
The helper can use Remote Assistance to
connect to your computer and walk you through a solution
...
57
When you use Remote Assistance, the helper can view your computer
screen and chat with you about what you both see
...
To help ensure that only people you invite can connect to your
computer by using Windows Remote Assistance, all sessions are
encrypted and password protected
...
...
in/url?sa=i&rct=j&q=&esrc=s&source=images&cd=&cad=rja&uact=8&docid=O0kvfAutBBAyM&tbnid=tPPjlyb1FH5k7M:&ved=0CAUQjRw&url=http%3A%2F%2Fwww
...
com%2F&e
i=VSDvU46nItG48gXBqYCgCw&bvm=bv
...
dGc&psig=AFQjCNFjYQnBauR57B1076Xs52oEPxKzw&ust=1408266652422594
57
http://windows
...
com/en-in/windows/what-is-windows-remote-assistance#1TC=windows-7
150
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Remote Assistance is designed to have an expert user provide
assistance to a novice user
...
When assisting a novice
user, the expert can used text- based chat built into Remote Assistance
...
There are two ways to get help by using Windows Remote Assistance
...
Otherwise, use an invitation file
...
Lido decided to implement an intelligent system from
Breton and Microsoft that connects manufacturing equipment with central
servers
...
As a result, Lido has increased revenue by 70 percent and
productivity by 30 percent, while Breton has cut travel costs by
approximately €400,000 (US$524,000) by assisting customers remotely
...
59
58
59
http://blogs
...
com/b/securitytipstalk/archive/2013/09/26/remote-assistance-101
...
microsoft
...
aspx?CaseStudyID=710000002834
151
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
6
...
Nowadays, some people still use CD-ROM /
DVD-ROM disks and USB keys for transferring their photos and videos,
but networks give you more flexible options
...
While files can easily
be shared outside a network (for example, simply by handing or mailing
someone your file on a diskette), the term file sharing almost always
means sharing files in a network, even if in a small local area network
...
60
Any multi-user operating system will provide some form of file sharing
...
Originally developed by Sun Microsystems for its UNIX
based systems, it lets you read and, assuming you have permission,
write to sharable files as though they were on your own personal
computer
...
File sharing is involved in groupware and a
number of other types of applications
...
This article
describes the different methods and networking technologies available to
help you share files
...
com/templates/sme/nd/images/business_file_sharing_illustrated
...
techtarget
...
A central computer called the FTP
server holds all the files to be shared, while remote computers
running FTP client software can log in to the server to obtain copies
...
Alternative FTP client programs
are also available for free download on the Internet
...
These are some common FTP file-sharing programs are as below:
Filezilla
SmartFtp
IpSwitch File Transfer
Core Ftp
P2P - Peer to Peer File Sharing
Peer to peer (P2P) file sharing is a popular method for swapping
large files on the Internet, particularly music and videos
...
Numerous free P2P software programs exist
each with their own technical advantages and loyal community
Instant Messaging (IM) systems are a type of P2P application
most commonly used for chatting, but all popular IM software also
supports sharing files
...
Emails can travel across the
Internet or within a company's intranet
...
The sender and receiver may
use different email software programs, but the sender must know
the recipient's email address, and that address must be configured
to allow the incoming mail
...
These are some common Email file-sharing programs are as
below:
sendgrid
Wetransfer
Dropsend
Binfer
Online Sharing Services
Finally, numerous Web sites built for personal and/or community
file sharing exist on the Internet
...
Some community file
sharing sites charge member fees, while others are free (advertising
supported)
...
62
62
Streamfile
Wikisend
PipeBytes
http://compnetworking
...
com/od/basicnetworkingconcepts/a/file_sharing
...
VNC enables the desktop display of one computer to be remotely
viewed and controlled over a network connection, Keystrokes and
mouse clicks are transmitted from one computer to another
...
Remote desktop uses Remote Desktop Protocol (RDP) to provide the
data between a host or server (a computer whose remote desktop is to
be taken) and a client machine
...
File sharing is the public or private sharing of computer data or space
in a network with various levels of access privilege
...
1
7
...
3
7
...
5
Background
Need & Importance
Basic Security Terminologies
Goals of Security
Security Consideration in Operating System
7
...
Anybody can access Internet by cell
phones, PC’s, Laptops, iPod’s & by any communication device
...
Evil hackers are compromising these devices for fun or money or
whatever
...
People must know the security
fundamentals; nobody takes responsibility of security in virtual world
...
Network security has become more important to personal computer
users, organizations, and the military
...
The
internet structure itself allowed for many security threats to occur
...
Knowing the attack
methods, allows the appropriate security to emerge
...
Kevin Mitnick committed the largest computer‐related crime in
U
...
history
...
S
...
Since then,
information/network/computer security came into the spotlight
...
2 NEED & IMPORTANCE:
It may seem absurd to ask the question
...
It is also a useful tool to employ when seeking senior
management's authorization for security-related expenditures
...
By "assets,"
I do not mean the hardware and software that constitute the
company's computers and networks
...
Information is a vital
organizational asset
...
Information can be defined as data that is organized and
accessible in a coherent and meaningful manner
...
ijpttjournal
...
http://www
...
com/wp-content/uploads/2013/03/Network-Security
...
Network security is
particularly important in the arena of Internet financial services and ecommerce
...
For example, how many people do you know who would use a bank's
Internet banking system if they knew that the system had been
successfully hacked in the past? Not many
...
To comply with regulatory requirements and fiduciary
responsibilities: Corporate officers of every company have a
responsibility to ensure the safety and soundness of the organization
...
Accordingly, organizations that rely on computers
for their continuing operation must develop policies and procedures
that address organizational security requirements
...
For-profit organizations must also protect shareholders' investments
and maximize return
...
For example, most financial
institutions are subject to federal regulation
...
In some cases, corporate officers who have not
properly performed their regulatory and fiduciary responsibilities are
personally liable for any losses incurred by the financial institution
that employs them
...
As a result, network security is not cheap
...
159
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Case Study I: Community Health Systems
On 18/8/2014, Hospital giant Community Health Systems (CHS) said on
Monday that the personal information of nearly 4
...
In a filing with the U
...
Securities and Exchange Commission, the company,
which operates 206 hospitals in 29 states, reported that the hackers used
“sophisticated malware” to attack the company’s security systems and copy
and transfer hospital data
...
This confirmation of the initial attack vector was obtained from a trusted and
anonymous source close to the CHS investigation
...
From here, the attackers were able to further their access into CHS by
working their way through the network until the estimated 4
...
This is no surprise as when
given internal access to any computer network; it is virtually a 100% success
rate at breaking into systems and furthering access
...
There are sure to be others out there, however
this is the first known of its kind
...
Having the ability to detect and respond to an attack when it
happens is key to enacting incident response and mitigating the threat
quickly
...
Fixing it as soon as possible or
having compensating controls in place days before could have saved this
entire breach from occurring in the first place
...
trustedsec
...
3 BASIC SECURITY CONCEPT
The approach you take toward security influences all subsequent
security decisions and set the tone for the entire organization’s network
security infrastructure
...
The “CIA” Triad is a venerable, well-known model for security policy
development, used to identify problem areas and necessary solutions for
Network/Information/Computer security
...
The CIA Triad is a security model developed to help people think about
important aspects of Network/Information/Computer security
...
" Confidentiality is necessary but not
sufficient for maintaining the privacy of the people whose personal
information a system holds
...
Doing so often involves
separating information into discrete collections organized by who
should have access to it and how sensitive it is (i
...
, how much and
what type of damage you would suffer if confidentiality was
breached)
...
Integrity: The “I” in CIA stand for Integrity, specifically data
integrity
...
Some data should not be inappropriately modifiable at all, such as
user accounts controls, because even a momentary change can lead
to significant service interruptions and confidentiality breaches
...
Availability: The last component in the CIA Triad refers to the
Availability of your data
...
Many approaches to availability improvements exist, such as HA
clusters, failover redundancy systems, and rapid disaster recovery
capabilities as in the case of image-based network boot systems
...
66
DAD Triad –Goals for defeating security
...
Alteration: Data is modified through some unauthorized mechanism
...
**Note: DAD activities may be malicious or accidental
...
techrepublic
...
When Integrity is built by protecting your
data, DAD would come again with Alteration modifying your data
...
7
...
Vulnerability: - It is the existence of a Flaw or Error in the Design of
the System which can cause undesired results ranging from
Compromise of System Security to Service or System Unavailability
...
Vulnerability is the
intersection of three elements: a system susceptibility or flaw, attacker
access to the flaw, and attacker capability to exploit the flaw
...
In this frame,
vulnerability is also known as the attack surface
...
Threats: An action or event which is a potential challenge to Security
...
They can put individuals’ computer
systems and business computers at risk, so vulnerabilities have to be
fixed so that attackers cannot infiltrate the system and cause damage
...
Often, the term blended threat is more
accurate, as the majority of threats involve multiple exploits
...
(iii)
...
An exploit is a piece of software, a
chunk of data, or a sequence of commands that takes advantage of a
bug, glitch or vulnerability in order to cause unintended or
163
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
unanticipated behavior to occur on computer software, hardware, or
something electronic (usually computerized)
...
(iv)
...
An attack can be perpetrated by an insider or from outside the
organization, an "inside attack" is an attack initiated by an entity inside
the security perimeter (an "insider"), i
...
, an entity that is authorized to
access system resources but uses them in a way not approved by those
who granted the authorization
...
In the
Internet, potential outside attackers range from amateur pranksters to
organized criminals, international terrorists, and hostile governments
...
Risk: Information technology (IT) plays a critical role in many
businesses
...
Business owners have legal obligations in relation to privacy,
electronic transactions, and staff training that influence IT risk
management strategies
...
You can manage IT risks by completing a business risk assessment
...
(vi)
...
164
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
7
...
This requires that an attacker not be able to observe to
source and destination, frequency, length or any other characteristics
of the traffic on a communication facility
...
One must have the ability to detect data
manipulation by unauthorized parties
...
This function
applies to both entities and information
...
4) Non-repudiation:
Non-repudiation prevents either sender or receiver from denying a
message
...
Similarly, when a
message is received, the sender can prove the alleged receiver in fact
received that message
...
7
...
Confidentiality prevents or minimizes unauthorized access
and disclosure of data and information
...
Availability (as
defined in RFC 2828) is the property of a system or system resource
being accessible and usable upon demand by an authorized system
entity, according to performance specification for the system
...
Protection Mechanisms:
The concept of multiprogramming introduces the sharing resources
among users
...
The ability to share these resources introduces the need for
protection
...
No Protection: This is appropriate when sensitive procedures are
being run at separate times
...
Each process has
its own address space, files, and other objects Share all or Share
nothing: In this method, the owner of an object declares it to be
public or private, in the other words, only the owner‘s processes may
access the object
...
Share via dynamic capabilities: This extends the concept of access
control to allow dynamic creation of sharing rights for objects
...
A given OS may
provide different degree of protection for different objects, users and
applications
The OS needs to balance the need to allow sharing, with the need to
protect the resources of individual users
...
Hackers are compromising interconnected devices for fun or money or
whatever
...
One of the primary goals of computer and network security is the
protection of company assets
...
Corporate officers of every company have a responsibility to ensure the
safety and soundness of the organization
...
The aspect of confidentially is the protection of traffic flow from
analysis
...
Many approaches to availability improvements exist, such as HA
clusters, failover redundancy systems
DAD activities may be malicious or accidental
...
167
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
CHAPTER 8
DIFFERENT TYPES OF ATTACK
Objective
8
...
2
8
...
4
8
...
1 APPLICATION LEVEL ATTACK
Software applications come with tons of functionalities & features
...
67
The aim of the application layer attack is to cause fault in the server's
operating system
...
This in turn leads
to the hacker modifying the data in various ways
...
ix
67
http://blog
...
com/wp-content/uploads/2012/02/Attack_Count_and_Type
...
SYN-Flooding:
A SYN flood is a type of denial of service (DoS) attack that sends a
series of "SYN" messages to a computer, such as a web server
...
SYN flooding is an attack vector for conducting a denial-of-service
(DoS) attack on a computer server
...
However, in a SYN flood, the ACK packet is never sent
back by the hostile client
...
A hostile client always knows a
port is open when the server responds with a SYN/ACK packet
...
When an attack begins,
the server sees the equivalent of multiple attempts to establish
communications
...
68
The hostile client makes the SYN requests all appear valid, but because
the IP addresses are fake ones, it is impossible for the server to close
down the connection by sending RST packets back to the client
...
Before time-out can occur, another
SYN packet arrives from the hostile client
...
Under these conditions, the server
becomes completely or almost completely busy with the hostile client
and communications with legitimate clients is difficult or impossible
...
x
68
http://www
...
com/content/images/art_gibson_exploringcommonattacks/elementLinks/gi
bson-exploring-fig2
...
Session Hijacking:
Session Hijacking is an attack by which a hacker exploits a valid
computer session and gains access to a client’s session identifier
...
The server uses a unique
identifier (Session Identifier) to authenticate this user to this session;
this session identifier is passed between the web server and the user's
computer at every request
...
After gaining access to a client’s session identifier for a website, the
hacker then injects the client’s session identifier into his/her browser
...
The Session Hijacking attack consists of the exploitation of the web
session control mechanism, which is normally managed for a session
token
...
The session token could be compromised in different ways; the most
common are:
Predictable session token;
Session Sniffing;
Client-side attacks (XSS, malicious JavaScript Codes, Trojans, etc);
Man-in-the-middle attack
Man-in-the-browser attack xi
170
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
3
...
A successful
SQL injection exploit can read sensitive data from the database, modify
database
data
(Insert/Update/Delete),
execute
administration
operations on the database (such as shutdown the DBMS), recover the
content of a given file present on the DBMS file system and in some
cases issue commands to the operating system
...
The
vulnerability is present when user input is either incorrectly filtered for
string literal escape characters embedded in SQL statements or user
input is not strongly typed and thereby unexpectedly executed
...
Even parameterized data can
be manipulated by a skilled and determined attacker
...
4
...
The attacker will
send incorrect DNS information which can cause traffic to be
diverted
...
When a DNS request is sent, an
attacker can send a false DNS reply with additional bogus information
which the requesting DNS server may cache
...
hostonnet
...
jpg
171
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
divert users from a correct web server such as a bank and capture
information from customers when they attempt to logon
...
Email Attack:
Email hacking is illegal access to an email account or email
correspondence
...
This does not encrypt the text
of emails and so intercepted mail can be read easily unless the user
adds their own encryption
...
Email Spoofing: Email spoofing is a technique used by hackers to
fraudulently send email messages in which the sender address and
other parts of the email header are altered to appear as though the
email originated from a source other than its actual source
...
Software is usually used to collect or generate the email addresses that
are spoofed
...
That information is collected and
sent to the hacker who then uses another piece of software a mass
email program to send out bogus emails using the addresses collected
...
Types of email hacking
1
...
RATS (remote administration tools)
3
...
Social Engineering (technique used by attacker by answering
security question)
5
...
from the mail server
172
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
6
...
The attacker may be aware that the
target system has a weakness that can be exploited or the attacker may
simply try the attack in case it might work
...
Sending oversized Internet Control Message Protocol (ICMP) packets
(this is also known as the Packet Internet or Inter-Network Groper
(PING of death)
...
8
...
OPERATING SYSTEM LEVEL ATTACK
Attackers always try to search for operating system vulnerabilities and
exploits to can attack against operating system some vulnerabilities of
operating system are buffer overflow vulnerabilities, bugs in operating
system, unpatched operating system
...
If a user program made
these process do malicious tasks then it is known as Program Threats
...
Following is the list of some well known program threats
...
There are
three major types of password attacks: a dictionary attack, a bruteforce attack, and a hybrid attack
...
A brute-force attack is
when the attacker tries every possible combination of characters
...
This might allow an
eavesdropper to gain access to the network by posing as a valid user
...
Therefore, if the user has administratorlevel rights, the attacker also can create accounts for subsequent
access at a later time
...
Trap Door - If a program which is designed to work as required,
have a security hole in its code and perform illegal action
without knowledge of user then it is called to have a trap door
...
It is harder to detect
...
They are highly dangerous and can modify/delete user
files, crash systems
...
As user accesses the program, the virus starts
getting embedded in other files/ programs and can make system
unusable for user
...
3
...
Some attacks are passive, meaning information
is monitored; others are active, meaning the information is altered with
intent to corrupt or destroy the data or the network itself
...
70
Spoofing:
Spoofing is the act of faking the true identity of packets
...
There are different Types of
spoofing is there like IP Spoofing, MAC Spoofing, and DNS Spoofing
...
The users gain an unauthorized access to a
computer or a network by making it appear that the message comes
from a trusted machine by “spoofing” the IP address of that machine
...
ARP poisoning utilizes ARP spoofing
where the purpose is to send fake, or spoofed, ARP messages to an
Ethernet LAN
...
As a result, frames intended
for one machine can be mistakenly sent to another (allowing the
packets to be sniffed) or to an unreachable host (a Denial of Service
70
71
http://technet
...
com/en-us/library/cc959354
...
me/wp-content/uploads/2013/09/email-spoofing
...
ARP spoofing can also be used in a man-in-the-middle
attack in which all traffic is forwarded through a host by means of ARP
spoofing and analyzed for passwords and other information
...
It intercepts traffic on the network and displays it in either a commandline or GUI format for a hacker to view
...
Sniffers are used to
capture traffic sent between two systems
...
Several hacking attacks and various
hacking tools require the use of a sniffer to obtain important
information sent from the target system
...
72
The most common and obvious type of DoS attack occurs when an
attacker "floods" a network with information
...
The server can only
process a certain number of requests at once, so if an attacker
overloads the server with requests, it can't process your request
...
An attacker can
use spam email messages to launch a similar attack on your email
account
...
ientrymail
...
gif
176
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
MITM:
73
In eavesdropping, an attacker simply listens to a set of transmissions
to and from different hosts even though the attacker's computer isn't
party to the transaction
...
Manipulation attacks build on the capability of
eavesdropping by taking this unauthorized receipt of a data stream and
changing its contents to suit a certain purpose of the attacker perhaps
spoofing an IP address, changing a MAC address to emulate another
host, or some other type of modification
...
Otherwise, large amounts of traffic containing private information are
passed through thin air, just waiting for an attacker to listen in and
collect the frames for further illegitimate analysis
...
valencynetworks
...
png
177
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
8
...
HARDWARE LEVEL ATTACK
Hardware hacking and reverse engineering techniques commonly
used against electronic products and embedded systems
...
Asian governments aren’t exclusively accused of stealthily
designing backdoors
...
Malicious hardware modifications from insiders represent a serious
threat
...
A malicious individual could alter a small component in the overall
system for espionage or sabotage
...
The introduction of hardware Trojans could happen in each phase of
the supply chain, depending on the methods adopted by attackers and
on the technology used for hacking
...
Eavesdropping by gaining access to protected memory without
opening other hardware inducing faults, causing the interruption of
normal behavior
...
Backdoor creation; the presence of hidden methods for bypassing
normal computer authentication systems
...
178
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
8
...
SOCIAL ENGINEERING ATTACK
Social engineering is a term that describes a non-technical kind of
intrusion that relies heavily on human interaction and often involves
tricking other people to break normal security procedures
...
" For
example, a person using social engineering to break into a computer
network might try to gain the confidence of an authorized user and get
them to reveal information that compromises the network's security
...
Virus writers use social engineering tactics to persuade people to run
malware-wrapped email attachments, phishers use social engineering
to convince people to divulge sensitive information, and scare ware
vendors use social engineering to frighten people into running software
that is useless at best and dangerous at worst
...
Frequently, social engineers will search dumpsters for valuable
information, memorize access codes by looking over someone's
shoulder (shoulder surfing), or take advantage of people's natural
inclination to choose passwords that are meaningful to them but can
be easily guessed
...
Prevention includes educating people about the value
of information, training them to protect it, and increasing people's
awareness of how social engineers operate
...
The e-mail
requests that the recipient confirms banking information or reset
passwords or PIN numbers
...
The hacker is then able to
capture this information and use it for financial gain or to
perpetrate other attacks
...
179
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Dumpster diving
Dumpster diving involves looking in the trash for information written
on pieces of paper or computer printouts
...
A more advanced method of gaining illicit information is known as
reverse social engineering
...
For example, a hacker can impersonate a help-desk
employee and get the user to give them information such as a
password
...
Having
your identity stolen can be both financially and emotionally
devastating
...
180
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Summary
The aim of the application layer attack is to cause fault in the server's
operating system
...
Session Hijacking is an attack by which the hacker steals this user's
session identifier and then sends this session identifier as their own to
the server
...
Email spoofing is a technique used by hackers to fraudulently send
email messages in which the sender address and other parts of the
email header are altered to appear
...
On the Network, Some attacks are passive, meaning information is
monitored; others are active, meaning the information is altered with
intent to corrupt or destroy the data or the network itself
...
Several hacking attacks and various hacking tools require the use of a
sniffer to obtain important information sent from the target system
...
Social engineering relies on the fact that people are not aware of the
value of the information they possess and are careless about
protecting it
...
1
9
...
3
9
...
5
9
...
7
9
...
1 FIREWALL
Introduction to firewall
Basically, a firewall is a barrier to keep destructive forces away from
your property
...
It is also a device or set of devices configured to permit, deny, encrypt,
decrypt, or proxy all computer traffic between different security
domains based upon a set of rules and other criteria
...
A firewall is a term used to describe a device or application that will
control and restrict data transfers between a computer system and
internet connection
...
wikibooks
...
/Devices/Common_Devices
182
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
The purpose of having a firewall in place is to not only prevent
unauthorized or malicious data entering your system via your internet
connection, but to also prevent sensitive information from leaving you
system
...
While both
have their advantages and disadvantages, the decision to use a firewall
is far more important than deciding which type you use
...
Many vendors and some Internet Service Providers (ISPs) offer
devices called "routers" that also include firewall features
...
Advantages of hardware Firewalls
Uses very little system resources
...
Enhanced security control
...
Easy to disable or remove
...
Hardware Firewall
Disadvantages of hardware Firewalls
Install process is more demanding both physically and mentally
...
More expensive
...
183
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
B) Software - A software firewall is a commercial product that is sold as a
standalone software package or comes as part of a security suite where
anti-virus and anti-spam or spyware are part of the package
...
A software firewall needs to be installed on every computer that needs
firewall protection
...
Simple to install and upgrade
...
Ideal for home/family use
...
Disadvantages of software Firewalls
Software may crash or be incompatible with system
...
Software bugs may compromise security
...
Incompatibilities with operating system
...
A packet filtering
firewall will examine the information contained in the header of a
packet of information which, is attempting to pass through the
network
...
It is important to be aware that this type of firewall only examines
the header information
...
If data with malicious intent is sent from a trusted source, this type
of firewall is no protection
...
If the packet
does not pass, it is simply dropped
...
Packet filtering policies may be based upon any of the following:
Allowing or disallowing packets on the basis of the source IP
address
...
Allowing or disallowing packets according to protocol
...
ii) Stateful Packet Inspection
It is called "Stateful" because it examines the contents of the packet
to determine what the state of the communication
...
It ensures that the stated destination computer has previously
acknowledged the communication from the source computer
...
In addition Stateful Packet Inspection firewalls are also more
rigorous in their packet inspections
...
This allows for an added layer of protection
from the threat of "port scanning" a method used by hackers to
determine what PC services or applications are available to be
utilized to gain access to the host computer
...
When a client program establishes a connection to a destination
service, it connects to an application gateway, or proxy
...
In effect, the proxy
establishes the connection with the destination behind the firewall
and acts on behalf of the client, hiding and protecting individual
computers on the network behind the firewall
...
Once connected, the
proxy makes all packet-forwarding decisions
...
75
This type of firewall works on the application level of the protocol
stack, which enables it to perform with more intelligence than a
packet filtering or circuit gateway firewall
...
Generally it is a host using various forms
of proxy servers to proxy traffic instead of routing it
...
webopedia
...
An application layer firewall does not route traffic on the
network layer
...
iv)
Circuit Gateways
Also called a "Circuit Level Gateway," this is a firewall approach
that validates connections before allowing data to be exchanged
...
Whether a connection is valid may for
examples be based upon:
destination IP address and/or port
source IP address and/or port
time of day
protocol
user
password
188
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Every session of data exchange is validated and monitored and all
traffic is disallowed unless a session is open
...
Among the advantages of a circuit relay is that it can make
up for the shortcomings of the ultra-simple and exploitable UDP
protocol, wherein the source address is never validated as a
function of the protocol
...
76
A disadvantage is that Circuit Level Filtering operates at the
Transport Layer and may require substantial modification of the
programming which normally provides transport functions (e
...
Winsock)
...
The first commercial firewall, the DEC Seal, was a hybrid
developed using an application gateway and a filtering packet
firewall
...
A simple firewalling mechanism called packet filtering
...
The decision most often relies on the packet's port
number, which generally indicates what type of application traffic
the packet carries
...
Often, the best choice is a firewall that offers a hybrid architecture
combining packet filtering and application layer proxies
...
Hybrid firewalls use simple packet filtering to
provide high throughput for lowest-risk traffic, statefull inspection
for slightly riskier traffic, and the application layer gateway where
the risk of data-driven attacks is highest
...
pc-help
...
nwinternet
...
htm
189
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Firewall Benefits
A)
A firewall is a focus for security decisions
Think of a firewall as a choke point
...
A firewall gives you an
enormous amount of leverage for network security because it lets
you concentrate your security measures on this checkpoint: the
point where your network connects to the Internet
...
77
i
...
As a single point of access, the firewall can record
what occurs between the protected network and the external
network
...
A firewall limits your exposure
Sometimes, a firewall will be used to keep one section of your
site's network separate from another section
...
In some cases, you'll do this because one
section of your network may be more trusted than another; in
other cases, because one section is more sensitive than another
...
iii
...
A
VPN uses sophisticated encryption and encapsulation technology
to allow data to be securely transmitted and received
...
diablotin
...
htm
190
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
method in which companies can save significant sums over
traditional ways of connecting remote offices and workers
...
Allow content filtering
Content Filtering can help organizations increase productivity and
reduce legal and privacy risks by automatically enforcing
acceptable Internet use policies at the Internet gateway
...
vi) Network protection
Connecting any computer to the Internet can be extremely
dangerous
...
Given the rapid increase in the number of
'always on' and broadband Internet connections, the need for
enhanced network security has increased dramatically
...
For enhanced
protection, particularly where NAT cannot be used implementing a
firewall is vital
...
There are many different ways of attacking a
network such as: Hacker/Cracker attacks whereby a remote
Internet user attempts to gain access to a network, usually with
the intention to destroy or copy data
...
A correctly configured firewall will
prevent most attacks and may use a combination of the following
processes to offer protection:
Stealth the network
...
Stateful Packet Inspection
...
191
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
B
...
NAT removes the IP
addresses of computers behind the firewall and replaces them
with a single public IP address
...
Depending on the configuration of the
firewall unused ports, often the subject of hacking attacks can
be closed
...
Certain threats are outside the
control of the firewall
...
Some of
the weaknesses of firewalls are discussed below
...
But that
same user could copy the data onto disk, tape, or paper and carry it
out of the building in his or her briefcase
...
Inside
users can steal data, damage hardware and software, and subtly
modify programs without ever coming near the firewall
...
78
ii) A firewall can't protect you against connections that don't go
Through it
A firewall can effectively control the traffic that passes through it;
however, there is nothing a firewall can do about traffic that doesn't pass
through it
...
Sometimes, technically expert users or system administrators set up
their own "back doors" into the network (such as a dial-up modem
connection), either temporarily or permanently, because they chafe at the
restrictions that the firewall places upon them and their systems
...
diablotin
...
htm
192
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
firewall can do nothing about this
...
iii)
A firewall can't protect against completely new threats
A firewall is designed to protect against known threats
...
(For example, by denying any
but a few trusted services, a firewall will prevent people from setting up
new and insecure services
...
Periodically people discover new
ways to attack, using previously trustworthy services, or using attacks
that simply hadn't occurred to anyone before
...
iv)
A firewall can't protect against viruses
Firewalls can't keep PC and Macintosh viruses out of a network
...
Even with sophisticated packet filtering or proxying software, virus
protection in a firewall is not very practical
...
Detecting a virus in a random packet of data passing through a firewall is
very difficult; it requires:
Recognizing that the packet is part of a program
Determining what the program should look like
Determining that the change is because of a virus
The most practical way to address the virus problem is through host
based virus protection software, and user education concerning the
dangers of viruses and precautions to take against them
...
2 IDS (INTRUSION DETECTION SYSTEM)
1
...
The firewall limits the access between networks in
order to prevent intrusion and does not signal an attack from inside
the network
...
An IDS also watches for attacks that
originate from within a system
...
Best
practices recommend that your firewall be explicitly configured to deny
all incoming traffic and then you open up holes where necessary
...
Each of these holes may be necessary from one
standpoint, but they also represent possible vectors for malicious
traffic to enter your network rather than being blocked by the firewall
...
An ID system gathers and analyzes
information from various areas within a computer or a network to
identify possible security breaches, which include both intrusions
(attacks from outside the organization) and misuse (attacks from
within the organization)
...
Introduction to IDS
An intrusion detection system (IDS) inspects all inbound and
outbound network activity and identifies suspicious patterns that may
indicate a network or system attack from someone attempting to break
into or compromise a system
...
In some cases the IDS may
also respond to anomalous or malicious traffic by taking action such
as blocking the user or source IP address from accessing the
network
...
...
in/books?isbn=383114298X
194
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Intrusion detection functions
Monitoring and analyzing both user and system activities
...
Assessing system and file integrity
...
Analysis of abnormal activity patterns
...
ID systems are being developed in response to the increasing number
of attacks on major sites and networks, including those of the
Pentagon, the White House, NATO, and the U
...
Defence Department
...
Strength and Limits of IDS
Strength
A strong IDS Security Policy is the HEART of commercial IDS
Provides worthwhile information about malicious network traffic
can be programmed to minimize damage
...
Help identify the source of the incoming probes or attacks
...
Similar to a security "camera" or a "burglar alarm"
...
Alerts security personnel that a Network Invasion maybe in
progress
...
Limits
Produces false positive (false alarms)
...
Produces false negative (failed to alarm)
...
NIDS cannot properly protect high-speed networks
...
This is similar to the way most antivirus
software detects malware
...
During that lag
time your IDS would be unable to detect the new threat
...
The baseline will
identify what is “normal” for that network- what sort of bandwidth
is generally used, what protocols are used, what ports and devices
generally connect to each other- and alert the administrator or user
when traffic is detected which is anomalous, or significantly
different, than the baseline
...
Ideally you would scan all inbound and
outbound traffic; however doing so might create a bottleneck that
would impair the overall speed of the network
...
A network IDS, using either a network tap, span
port, or hub collects packets that traverse a given network
...
Unlike an intrusion prevention system, an
intrusion detection system does not actively block network traffic
...
Examples of Network IDS:
iv)
SNORT
Host Based (HIDS)
Host Intrusion Detection Systems are run on individual hosts or
devices on the network
...
Often referred to as HIDS, host based intrusion detection attempts
to identify unauthorized, illicit, and anomalous behavior on a
specific device
...
The installed agent uses a combination of signatures,
rules, and heuristics to identify unauthorized activity
...
Examples of HIDS:
OSSEC - Open Source Host-based Intrusion Detection System
Tripwire
AIDE - Advanced Intrusion Detection Environment
Prelude Hybrid IDS
197
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
9
...
The purpose of a
DMZ is to add an additional layer of security to an organization's local
area network (LAN); an external attacker only has direct access to
equipment in the DMZ, rather than any other part of the network
...
80
In the military sense, a DMZ is not seen as belonging to either party
bordering it
...
In this case, the hosts most vulnerable to attack are those that provide
services to users outside of the local area network, such as email, web and Domain Name System (DNS) servers
...
Hosts in the DMZ are permitted to have only limited connectivity to
specific hosts in the internal network, as the content of DMZ is not as
secure as the internal network
...
This allows hosts in the DMZ to communicate
with both the internal and external network, while an intervening
firewall controls the traffic between the DMZ servers and the internal
network clients, and another firewall would perform some level of
control to protect the DMZ from the external network
...
80
81
http://en
...
org/wiki/DMZ_(computing)
http://wblingo
...
The most common of these services are:
Web servers
Mail servers
FTP servers
VoIP servers
Web servers that communicate with an internal database require access
to a database server, which may not be publicly accessible and may
contain sensitive information
...
E-mail messages and particularly the user database are confidential, so
they are typically stored on servers that cannot be accessed from the
Internet (at least not in an insecure manner), but can be accessed from
email servers that are exposed to the Internet
...
It also handles outgoing mail
...
Two of
the most basic methods are with a single firewall, also known as the
three legged model, and with dual firewalls
...
Single firewall
199
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
A single firewall with at least 3 network interfaces can be used to create
a network architecture containing a DMZ
...
The firewall becomes a
single point of failure for the network and must be able to handle all of
the traffic going to the DMZ as well as the internal network
...
Dual firewall
A more secure approach is to use two firewalls to create a DMZ
...
The second firewall
(also called "back-end" or "internal" firewall) only allows traffic from the
DMZ to the internal network
...
There is even more protection if the two firewalls are
provided by two different vendors, because it makes it less likely that
both devices suffer from the same security vulnerabilities
...
The drawback of this architecture is that it's more costly
...
200
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
DMZ host
Some home routers refer to a DMZ host
...
By definition this is not a true DMZ
(Demilitarized Zone), since it alone does not separate the host from the
internal network
...
A firewall may allow
this if a host on the internal network first requests a connection to the
host within the DMZ
...
9
...
A client connects to
the proxy server, requesting some service, such as a file, connection,
web page, or other resource available from a different server and the
proxy server evaluates the request as a way to simplify and control its
complexity
...
Today, most proxies are web proxies, facilitating
access to content on the World Wide Web and providing anonymity
...
wikipedia
...
Bob does not
know whom the information is going to, which is why proxies can be
used to protect privacy
...
A proxy server that passes requests and responses unmodified is
usually called a gateway or sometimes a tunneling proxy
...
A reverse proxy is usually an Internet-facing proxy used as a frontend to control and protect access to a server on a private network
...
Open proxies
An open proxy is a forwarding proxy server that is accessible by any
Internet user
...
An anonymous open proxy allows users
to conceal their IP address while browsing the Web or using other
Internet services
...
202
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Reverse proxies
A reverse proxy is that which take requests from the Internet and
forwarding them to servers in an internal network
...
A reverse proxy (or surrogate) is a proxy server that appears to clients
to be an ordinary server
...
The response from the proxy server is
returned as if it came directly from the origin server, leaving the client
no knowledge of the origin servers
...
All traffic coming from the
Internet and with a destination of one of the neighborhood's web servers
goes through the proxy server
...
There are several reasons for installing reverse proxy servers:83
83
Encryption / SSL acceleration: when secure web sites are
created, the SSL encryption is often not done by the web server
itself, but by a reverse proxy that is equipped with SSL acceleration
hardware
...
Furthermore, a host can
provide a single "SSL proxy" to provide SSL encryption for an
arbitrary number of hosts; removing the need for a separate SSL
Server Certificate for each host, with the downside that all hosts
behind the SSL proxy have to share a common DNS name or IP
address for SSL connections
...
In such a case, the reverse proxy may need to rewrite the
http://en
...
org/wiki/Proxy_server
203
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Use of
URLs in each web page (translation from externally known URLs to
the internal locations)
...
Compression: the proxy server can optimize and compress the
content to speed up the load time
...
This especially benefits
dynamically generated pages
...
However,
it does not provide any protection from attacks against the web
application or service itself, which is generally considered the
larger threat
...
If used in this way,
security measures should be considered to protect the rest of your
infrastructure in case this server is compromised, as its web
application is exposed to attack from the Internet
...
wikipedia
...
5 HONEY NET
A honeynet is a network set up with intentional vulnerabilities; its
purpose is to invite attack, so that an attacker's activities and methods
can be studied and that information used to increase network security
...
Although the
primary purpose of a honeynet is to gather information about attackers'
methods and motives, the decoy network can benefit its operator in
other ways, for example by diverting attackers from a real network and
its resources
...
However, because the honeynet doesn't actually serve any
authorized users, any attempt to contact the network from without is
likely an illicit attempt to breach its security and any outbound activity
is likely evidence that a system has been compromised
...
A virtual honeynet is one that, while appearing to be an entire network,
resides on a single server
...
techtarget
...
Honeynets
extend the concept of a single honeypot to a highly controlled network of
honeypot
...
This
architecture creates a highly controlled network, in which one can
control and monitor all kind of system and network activity
...
A basic honeynet comprises of
honeypot placed behind a transparent gateway – the honeywall
...
86
Virtual Honeynet:
Virtualization is a technology that allows running multiple virtual
machines on a single physical machine
...
This is achieved by sharing
the physical machines resources such as CPU, Memory, Storage and
peripherals through specialized software across multiple environments
...
A virtual machine is specialized software that can run its own operating
systems and applications as if it were a physical computer
...
A virtual Honeynet is a solution that facilitates one to run a honeynet on
a single computer
...
86
http://www
...
edu/4150694/IMPLEMENTATION_OF_ATTACK_DATA_COLLECTION_INCORPORATING_M
ULTI_LEVEL_DETECTION_CAPABILITIES_USING_LOW_INTERACTION_HONEYPOT
206
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
9
...
Antivirus software was originally developed to detect and
remove computer viruses, hence the name
...
In particular, modern
antivirus software can protect from: malicious Browser Helper
Objects (BHOs), browser
hijackers, ransomware,
and
keyloggers, backdoors, rootkits, Trojan horses, worms, malicious LSPs,
dialers, fraudtools, adware and spyware
...
Identification Method
There are several methods which antivirus engine can use to identify
malware:
Heuristic-based detection: is generally used together with signaturebased detection
...
87
Signature-based detection: is the most common method
...
Behavioural-based detection: is similar to heuristic-based detection
and used also in Intrusion Detection System
...
en
...
org/wiki/Antivirus_software
207
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Clearly, this technique is able to detect (known or unknown) malware
only after they have starting doing their malicious actions
...
Depending on the actions logged, the
antivirus engine can determine if the program is malicious or not
...
Data mining techniques: are one of the latest approach applied in
malware detection
...
9
...
Windows Defender was
initially an antispyware program; it is included with Windows
Vista and Windows 7 and is available as a free download for Windows
XP and Windows Server 2003
...
Windows Defender featured antispyware capabilities
...
It also
included the ability to easily remove installed ActiveX software
...
In Windows 8,
functionality has increased to offer antivirus protection as well
...
88
88
en
...
org/wiki/Windows_Defender
208
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Advanced features
Real-time protection
In the Windows Defender options, the user can configure real-time
protection options
...
Although it does not integrate
with Firefox or other web browsers, Windows Defender still scans
downloaded files for malicious code, as part of the real-time
protection
...
Security agents
Security agents monitor the computer for malicious activities
...
This
automatic blocking is related to the UAC (User Account Control)
functionality in Windows Vista, and requires users to manually
run each of these startup items each time they log in
...
However,
in Windows 7, this functionality was removed and the window
must remain open while a scan is running
...
209
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
9
...
Biometrics is technologies used for measuring and analyzing
a person's unique characteristics
...
Examples include, but
are not limited to fingerprint, face recognition, DNA, hand and palm
geometry, iris recognition, which has largely replaced retina, and
odour/scent
...
Examples include,
but are not limited to typing rhythm, gait, and voice
...
Use of Biometric security
Biometrics is used for identification and verification:
Identification
Identification is determining who a person is
...
This method requires time
and a large amount of processing power, especially if the database is
very large
...
It
involves comparing a user's biometric data to the previously recorded
data for that person to ensure that this is the same person
...
210
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Need of Biometric Security
Reliable user authentication is essential
...
Many applications in everyday life also
require user authentication, including physical access control to
offices or buildings, e-commerce, healthcare, immigration and border
control, etc
...
These techniques suffer from several
limitations like Passwords and PINs can be guessed, stolen or illicitly
acquired by covert observation
...
A password can be shared, and there is
no way for the system to know who the actual user is
...
Features of Biometrics
Unique: The various biometrics systems have been developed around
unique characteristics of individuals
...
Cannot be shared: Because a biometric property is an intrinsic
property of an individual, it is extremely difficult to duplicate or share
(you cannot give a copy of your face or your hand to someone!)
...
biometricnewsportal
...
asp
211
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Cannot be copied: Biometric characteristics are nearly impossible to
forge or spoof, especially with new technologies ensuring that the
biometric being identified is from a live person
...
Types of Biometric Security
The main physical biometric technologies include –
(1)
(2)
(3)
(4)
(5)
(6)
fingerprint
iris
retina
hand
palm vein
face
There are also a number of behavioural biometric technologies such as
voice recognition (analyzing a speaker's vocal behaviour), keystroke
(measuring the time spacing of typed words), gait recognition (manner
of walking), or signature (analyzing the way you sign)
...
Because no two
fingerprints are exactly alike, the process of identifying a fingerprint
involves comparing the ridges and impressions on one fingerprint to
those of another
...
Ridges are the upper skin layer segments of the finger and
212
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
valleys are the lower segments
...
Many types of minutiae exist, including dots (very small ridges), islands
(ridges slightly longer than dots, occupying a middle space between two
temporarily divergent ridges), ponds or lakes (empty spaces between
two temporarily divergent ridges), spurs (a notch protruding from a
ridge), bridges (small ridges joining two longer adjacent ridges), and
crossovers (two ridges which cross
each other)
...
There are five basic
fingerprint patterns: arch, tented
arch, left loop, right loop and whorl
...
Fingerprints are usually considered
to be unique, with no two fingers having the exact same dermal ridge
characteristics
...
There are two main algorithm families to recognize fingerprints:
Minutia matching
It compares specific details within the fingerprint ridges
...
At the matching stage, the fingerprint image is processed to extract its
minutia points, which are then compared with the registered template
...
Fingerprint characteristics can include sub-areas of
certain interest including ridge thickness, curvature, or density
...
Areas of interest are the
area around a minutia point, areas with low curvature radius, and
areas with unusual combinations of ridges
...
Fingerprint biometric
systems are also used for law enforcement, background searches to
screen job applicants, healthcare and welfare
...
Acquiring high-quality images of distinctive fingerprint ridges and
minutiae is complicated task
...
The number of
minutia points can be a limiting factor for security of the algorithm
...
Iris biometrics
Function:
Iris recognition is a method of biometric authentication that uses
pattern-recognition techniques based on high-resolution images of the
irises of an individual's eyes
...
This technique usually uses a low-intensity light
source through an optical coupler and scans the unique patterns of the
layer of blood vessels known as the retina
...
This is not particularly convenient for people who wear
glasses or are concerned about close contact with the reading device
...
Principles of retina biometrics
The blood vessels at the back of the eye have a unique pattern, from eye to eye and
person to person
...
A retinal
scan involves the use of a lowintensity coherent light source,
which is projected onto the retina to
illuminate the blood vessels which
are then photographed and analyzed
...
A retina scan cannot
be faked as it is currently impossible to forge a human retina
...
A retinal scan has an error rate of 1 in
10,000,000, compared to fingerprint identification error being
sometimes as high as 1 in 500
...
Retina biometric
systems have been in use for military applications since the early seventies
Benefits of retina biometric systems
Highly accurate
Issues with retina systems
Enrolment and scanning are intrusive and slow
...
Its advantage is that it does
not require physical contact with an image capture device (camera)
...
Like fingerprint biometrics, facial recognition technology is widely used
various systems, including physical access control and computer user
accounts security
...
A face does not have
as many uniquely measurable features as fingerprints and eye irises,
so facial recognition reliability is slightly lower than these other
biometric recognition methods
...
Facial recognition can also be used together with fingerprint
recognition or another biometric method for developing more securitycritical applications
...
The card may
embed a hologram to prevent counterfeiting
...
Smart cards can be used for
identification, authentication, data storage and
application processing
...
In this application,
the cards authenticate identity
...
The
card stores an encrypted digital certificate issued from the PKI provider along
with other relevant information
...
In 1999 Gujarat was the first
Indian state to introduce a smart card license system
...
In computer the Mozilla Firefox web browser can use smart cards to store
certificates for use in secure web browsing
...
Smart cards are also used
for single sign-on to log on to computers
...
An intrusion detection system (IDS) monitors network traffic and
monitors for suspicious activity and alerts the system or network
administrator
...
A client connects to the proxy server, requesting some service, such as
a file, connection, web page, or other resource available from a
different server
...
Biometric come from the Greek words "bio" (life) and "metric" (to
measure)
...
A smart card, chip card, or integrated circuit, is any pocket-sized card
with embedded integrated circuits
...
219
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
CHAPTER 10
DESKTOP SECURITY
Objective
10
...
2
10
...
4
10
...
But when people talk about
computer security, they usually mean what in this chapter we call computer
system security
...
1
...
In other word you can say a
password is a secret series of characters that enables a user to access
a file, computer, or program
...
The password helps ensure that unauthorized users do
not access the computer
...
Computers BIOS
is the first program that is run when computer starts
...
A computer's Basic Input-Output System (BIOS) is embedded
software on a motherboard that will control attached hardware
...
The BIOS
itself is typically an EEPROM, or Electronically Erasable
Programmable Read-Only Memory, that is programmed with
"firmware" and has the ability to save small amounts of information
specific to user configurations
...
For most systems, this is done by pressing DEL key on
the keyboard within the first 2 - 10 seconds of turning the computer
on
...
If you don't know the keystroke sequence for entering
the BIOS utility, watch the monitor to see if the computer displays it
...
This may be on the main page of the BIOS
utility or on the last page of a tabbed menu
...
When complete, save
the settings and exit the BIOS utility
...
Note that not all BIOS's have this password feature;
your bios may not have it in which case you won't be able to restrict
access to your computer in this way
...
Recommend you use the full eight but take care that
you choose something you'll not forget
...
Now navigate back to the main menu and select SAVE & EXIT
SETUP
...
Each and every time you boot you'll be asked for
password you chose
...
It's not always the DEL key some BIOS's use F2 or F10
or another key combination, check your motherboard manual
...
User Password
2
...
User Password
They are the passwords assigned to the users on a single machine or
a domain
...
Permissions may be granted to a single user or to users
group
...
2
...
APPLICATION PASSWORD
Application Password allows you to protect any file from
unauthorized access by applying a password to it
...
Examples of application
passwords are MS Word, MS Excel, MS Access, SQL, email and other
application runs on your system
...
Every website
has a different policy for password assignment and its constraints
...
Email password is case-sensitive
...
To
password-protect your document or spreadsheet; follow simple steps
of Lab Manual
...
Perhaps because of
this a lot of people choose their passwords very badly
...
Basics
Use at least eight characters, the more characters the better really,
but most people will find anything more than about 15 characters
difficult to remember
...
Don't use a word found in a dictionary, English or foreign
...
Use good password generator software
...
Alternate between one consonant and one or two vowels to produce
nonsense words
...
g
...
Choose two short words and concatenate them together with a
punctuation or symbol character between the words
...
g
...
Choose a password that you can type quickly, this reduces the
chance of somebody discovering your password by looking over your
shoulder
...
Don't use passwords based on things located near you
...
are useless
...
e
...
"password", "letmein"
...
Bad password Examples
"amit8" - Based on the user’s name, also too short
...
"Gandalf" - Listed in word lists
"zeolite" - Listed in a geological dictionary
"qwertyuiop" - Listed in word lists
"merde!" - Listed in a foreign language dictionary
Good Examples
None of these good examples are actually good passwords, that's
because they've been published here and everybody knows them
now, always choose your own password don't just use somebody else
...
*Ar#Un*86 - insert special characters, numbers before, between and
last of the words
Changing your password
You should change your password regularly, I suggest once a month
is reasonable for most purposes
...
Remember, don't re-use a password
...
Note that the password cache that comes with windows (
...
Don't tell anyone your password, not even your system administrator
225
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Never send your password via email or other unsecured channel
Yes, write your password down but don't leave the paper lying
around, lock the paper away somewhere, preferably off-site and
definitely under lock and key
...
PASSWORD POLICY
The best practices approach for the password you have to set the
account policy
...
The value for this policy setting must be
between 0 and 24 passwords
...
To
maintain the effectiveness of this policy setting, use the Minimum
password age setting to prevent users from repeatedly changing their
password
...
(You may also
set the value to 0 to specify that passwords never expire
...
The default value for this policy setting is 42 days
...
However, the lower this value is set, the higher
the potential for an increase in calls to help desk support
...
The range of values for
this policy setting is between 1 and 998 days
...
) The default value
for this policy setting is 0 days
...
If the value for the
Maximum password age setting is configured to 0, the value for this
policy setting can be configured to any value between 0 and 999
...
If the Minimum password
age setting is 0, users can cycle through passwords repeatedly until
they can re-use an old favourite
...
There are many different
theories about how to determine the best password length for an
organization, but perhaps "pass phrase" is a better term than
"password
...
Therefore, a
phrase such as "I want to drink a $5 milkshake" is a valid pass
phrase; it is a considerably stronger password than an 8 or 10
character string of random numbers and letters, and yet is easier to
remember
...
Password must meet complexity requirements
This policy setting checks all new passwords to ensure that they
meet basic requirements for strong passwords
...
Each additional character in a password increases its complexity
exponentially
...
At 1,000,000 attempts per second (a capability of
many password-cracking utilities), it would only take 133 minutes to
crack
...
A
seven-character
case-sensitive
7 combinations
...
Although this might seem to be a mind-boggling
number, at 1,000,000 attempts per second it would take only 59
hours to try all possible passwords
...
Proper use of the password settings can make it very difficult, if not
impossible, to mount a brute force attack
...
Passwords that are stored
with reversible encryption are essentially the same as plaintext
versions of the passwords
...
The default value for this policy
setting is Disabled
...
It is also required when using
Digest Authentication in Microsoft Internet Information Services (IIS)
...
This
policy setting is also Disabled in the two environments that are
defined in this guide
...
This section describes how to prevent users from
changing their passwords except when they are required to do so
...
You can use Group Policy to
set minimum and maximum password ages as discussed previously
...
Requirements for passwords that are too long may also
lead to more help desk calls from users who forget their passwords
...
However, the
Specialized Security Limited Functionality environment security
design requires that users change their passwords only when
prompted by the operating system after their passwords have
reached the maximum age of 42 days
...
10
...
The number of allowed
attempts and the time period are based on the values that are
configured for the account lockout settings
...
These policy settings help prevent attackers from guessing user
passwords, and they decrease the likelihood of successful attacks on
your network environment
...
Before you enable the following settings, ensure that your
organization wants to accept this additional management overhead
...
229
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Account Lockout Policy Setting Recommendations:
Setting
Default
Account lockout duration
Not defined
Settings
15 minutes
Account lockout threshold 0 invalid logon
attempts
10 invalid logon
attempts
Reset account lockout
counter after
15 minutes
Not defined
You can configure the account lockout policy settings in the following
location in the Group Policy Object Editor
...
3 ACCESS CONTROL
Access control is a way of limiting access to a system or to physical or
virtual resources
...
Normally, a user must first Login to a system, using
Authentication system
...
Access Control / Authorization is the process where requests to
access a particular resource should be granted or denied
...
Access Control systems include File permissions, such as create, read,
edit or delete on a file server
...
Data rights, such as
the right to retrieve or update information in a database
...
Because this credential can be transferred
or even stolen, it is not a secure way of handling access control
...
The person who desires access must show credentials
90
http://hitachi-id
...
html
230
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
and a second factor to corroborate identity
...
In computer systems, an access control list contains a list of
permissions and the users to whom these permissions apply
...
This allows an administrator to secure
information and set privileges as to what information can be accessed,
who can access it and at what time it can be accessed
...
You own all of your files, and you
can read and write them as you wish
...
With
shared computers, it isn't as easy
...
You may not want every
user in the system to be able to read your files
...
There are two basic types of access controls that provide different
levels of protection to the files in your system: discretionary access
control and mandatory access control
...
With the more complex mandatory
access control (MAC) the system protects your files
...
In
contrast to mandatory access control, in which the system controls
access, DAC is applied at your own discretion
...
91
http://www
...
com/definition/5831/access-control
231
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Ownership
There are many types of discretionary access control
...
If you
create a file, you're the owner of the file
...
A system might base all of its
access decisions on file ownership
...
If you're not the owner, you
have no rights to the file
...
For one thing, it doesn't let you share the file with
anyone
...
Some systems call these
self/group/public controls
...
Group: A set of users
...
232
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Public: Everyone else–users other than you and the other members of
your group
...
File permissions often have the meanings shown in Figure
Mandatory access control (MAC) is an access policy supported for
systems that process especially sensitive data (e
...
, government
classified information or sensitive corporate data)
...
g
...
g
...
A user's sensitivity label
specifies the sensitivity level, or level of trust, associated with that
user; it's often called a clearance
...
Mandatory access controls use sensitivity labels to determine who can
access what information in your system
...
They offer a more flexible way of providing
discretionary access control
...
For example, in a UNIX-based trusted system that
uses the UNIX security kernel developed by Atlanta-based SecureWare,
you'd protect PAYROLL with ACLs in the form
...
For example, an ACL may
233
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
specify if a user or the users group have access to a file or folder on
that computer or network
...
Each ACL has one or more access control entries (ACEs)
consisting of the name of a user or group of users
...
" For each of these
users, groups, or roles, the access privileges are stated in a string of
bits called an access mask
...
93
Standard NTFS Folder Permissions
You assign folder permissions to control the access that users have to
folders and to the files and subfolders that are contained within the
folders
...
SR
...
Write Overwrite the file, change file
attributes, and view file ownership and
permissions
...
Modify and delete the file, plus perform
the actions permitted by the Write
permission and the Read & Execute
permission
...
http://www
...
com/jargon/a/acl
...
techtarget
...
If a user is granted
permission for a folder and is a member of a group with
permission for the same folder, the user has both Read and
permissions for that folder
...
Next, determine any deny
permissions the user has
...
The result is the user’s effective permissions for the
resource
...
If you have
access to a file, you can access the file if you have the Bypass Traverse
Checking security permission—even if you do not have access to the
folder containing the file
...
In other
words, if you do not have permission to access the folder containing
the file you want to access, you must have the Bypass Traverse
Checking security permission and you have to know the full path to
the file to access it
...
How Deny Permissions Override Allow Permissions?
In addition to granting permission, you can also specifically deny
permission denying permission overrides all instances in which that
permission is allowed
...
235
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
SYSKEY
The Microsoft Windows 2000, Microsoft Windows XP, and Microsoft
Windows 2003, Win7 Security Accounts Management Database (SAM)
stores hashed copies of user passwords
...
To keep the SAM database secure,
Windows requires that the password hashes are encrypted
...
You can use the SysKey utility to additionally secure the SAM
database by moving the SAM database encryption key off the
Windows-based computer
...
This article
describes how to use the SysKey utility to secure the Windows SAM
database
...
10
...
Device Manager
provides you with a graphical view of the hardware installed on your
computer and helps you manage and troubleshoot hardware devices
...
Device Manager also helps
you determine whether the hardware on your computer is working
properly
...
You must be logged on as a member of the Administrators group to
change resource settings
...
94
http://support
...
com/kb/310105
236
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
The Device Manager is a Control Panel applet in Microsoft Windows
operating systems
...
For each device, users can:
Supply device drivers
Enable or disable devices
Tell Windows to ignore malfunctioning devices
View other technical properties
Types of icons
Disabled device
When a piece of hardware is not working, the offending hardware is
highlighted for the user to deal with
...
A disabled device has either been manually disabled by a user or by
some way of error
...
In Windows Vista and Windows 7, this was replaced by a grey
downward pointing arrow in the lower right-hand corner of the device's
icon
...
If Windows recognizes a problem
with a device, it is denoted by a black exclamation point (!) on a yellow
triangle in the lower right-hand corner of the device's icon
...
This is denoted
by a yellow question mark in place of the device's icon
...
Note that this does not indicate a problem or
disabled state
...
Code Meaning
1
This device has not been configured correctly
...
10
This device cannot start
...
14
You must restart your computer for the device to work properly
...
18
Drivers for this device must be reinstalled
...
21
Windows is removing this device
...
24
This device is not present, does not have all its drivers installed, or is not
working properly
...
29
The firmware of the device did not give it the required resources
...
32
A driver for this device has been disabled
...
34
Windows cannot determine the settings for this device
...
36
This device is requesting a PCI interrupt but is configured for an ISA
interrupt (or vice versa)
...
38
Windows cannot run the driver for this device because a previous
instance of the driver exists
...
The driver may be
corrupted or missing
...
41
Windows successfully loaded the device driver for this hardware but
cannot find the hardware device
...
43
Windows has stopped this device because it has reported problems
...
45
This hardware device is not connected to the computer
...
47
Windows cannot use this device because it has been prepared for safe
removal, but it has not been removed from the computer
...
49
Windows cannot start new hardware devices because the system hive
is too large and exceeds the Registry Size Limit
...
A recent hardware or software change might have installed
a file that is signed incorrectly or damaged
...
cab File?
Drivers that ship with Windows are stored on the installation CD in a
single cabinet file called Driver
...
Windows Setup copies this file to
the %systemroot%\Driver Cache\i386 folder on the local hard disk
during installation
...
This process helps by
ensuring that users do not have to provide the installation CD
whenever drivers are installed
...
cab file are
digitally signed
...
Using up-to-date drivers ensures optimum functionality and
reduces the chance of an outdated device driver causing problems
...
You can also perform the following actions on the Driver tab:
■ View the names of the actual driver files by clicking the Driver Details
button
...
Windows prompts you for the location of the newer
version of the driver
...
240
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
You can also use the Update Driver option to reinstall drivers for a
device that has ceased to function correctly because of a driver
problem
...
If the device supports Plug and
Play, Windows will recognize the device when the computer restarts
...
■ Revert to a previous version of a driver by clicking the Roll Back
Driver button
...
Windows supports
driver rollback for all devices except printers
...
When a driver is updated, the previous version is stored in
the %systemroot%\system32\reinstall backup’s folder
...
241
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
How to Configure and Monitor Driver Signing?
Hardware drivers can often cause a computer running Windows to
become unstable or to fail entirely
...
Driver signing
allows Windows XP to identify drivers that have passed all Windows
Hardware Quality Labs (WHQL) tests, and have not been altered or
overwritten by any program’s installation process
...
In the
System Properties dialog box, on the Hardware tab, click Driver
Signing to open the Driver Signing Options dialog
You can configure the following three driver signing settings:
■ Ignore This option allows any files to be installed regardless of their
digital signature or the lack thereof
...
■ Block this option prevents the installation of unsigned files
...
5 Local Security Policy
In this section, you learn how Group Policy and Local Security Policy
are applied to a computer running Windows
...
Overview of Security Policy
Security Policy refers to two types of policies: Local Security Policy and
Group Policy
...
The specific local policy that you create
is referred to as a Local Group Policy Object (LGPO)
...
For computers in a workgroup environment, Local
Security Policy offers a way to apply consistent restrictions across
those computers
...
Local policies: Local policies include three categories of policies, as
follows:
Auditing policies allow you to track the activities of users and the
access of resources on a computer
...
243
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
User rights assignments allow you to control the basic system
functions that a user can perform
...
Public key policies: Public key policies are used to configure
encrypted data recovery agents and trusted certificate authorities
...
IP security policy: IP security policy is used to configure network
Internet Protocol (IP) security
...
Registry:
Registry settings are used to manage the security
descriptors on Registry sub keys and entries
...
244
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Summary
It's necessary for all user of the network to be proactive in protecting
the data and personal information stored on computers
...
A Proper use of the password policy settings can make it very difficult,
if not impossible, to mount a brute force attack
...
Access control is a way of limiting access to a system or to physical or
virtual resources
...
mandatory access control, in which the system controls access
...
To keep the SAM database secure, Windows requires that the
password hashes are encrypted
...
Device Manager is an OS feature that lets you view and change the
properties of all devices attached to your computer
...
245
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
CHAPTER 11
ONLINE SECURITY
Objective
11
...
2
11
...
4
11
...
1 Browser Security
Web browser is a software program that interprets the coding language
of the World Wide Web in graphic form, displaying the translation
rather than the coding
...
The World Wide Web is written
in Hypertext Markup Language (HTML)
...
95
Introduction of Different Browsers
When a massive spam attack posted violent and pornographic images
across the news feeds of many Facebook users last year, many
wondered how hackers had launched the attack
...
The event shed light on an often-overlooked issue of online security,
your web browser
...
But the real
question is: which browser offers the most protection from malware,
adware, viruses, and hackers?
95
http://www
...
org/what-is-a-web-browser
...
A recent study revealed that Chrome ranks as the most
secure web browser when compared to Internet Explorer and Firefox
...
Regardless of the browser, manufacturers are always working to
ensure users can enjoy surfing the web safely and securely and that’s
the good news
...
This means that it’s important for users to educate themselves about
this threat and take the steps necessary to lessen their chances of
falling victim to a browser security breach
...
If you plan to download a new or different browser, make sure you
are downloading a legitimate version
...
Set your online preferences to allow for software updates
...
But others,
including Firefox, automatically update themselves to deploy
security patches and provide enhanced security features
...
Disable popup in your browsers or install security software that
prevents popup windows
...
No matter which browser you use, always follow safe practices and
be alert to any unusual or suspicious functioning when you log
onto the web
...
INTERNET EXPLORER
Microsoft has worked hard to enhance security for Internet
Explorer users
...
Here are some of the newest security updates and features in
IE 9, most of which are conveniently located on the Safety menu
...
Some of the content, images, ads, and
analytics that you see on the websites you visit are provided by
third-party websites
...
Tracking Protection provides you an added level of control and
choice about the information that third-party websites can
potentially use to track your browsing activity
...
To use this functionality, you simply have to
add a Tracking Protection List from one of the Tracking Protection
List providers
...
As you browse to different sites, Internet
Explorer helps ensure that personal information about you, such
as your IP address or the site you are currently viewing, is not sent
to the domains that are blocked based on the heuristics of the list
...
Smart Screen Filter
In Internet Explorer 9, we‘ve continued to heavily invest in the
industry-leading Microsoft Smart Screen Filter and the back-end
reputation systems that support it
...
Smart Screen Application Reputation
Smart Screen Application Reputation is a groundbreaking browser
feature that uses reputation data to remove unnecessary warnings
for well-known files and to show more severe warnings when the
download is at higher risk of being malicious
...
Are you sure you want to run this file? This same warning is
presented whether the file is a common program or a piece of
malware
...
Internet Explorer 9
is the only browser that uses Application Reputation to help you
make safety decisions
...
Since the launch of Internet Explorer 8, Smart
Screen has blocked over 1
...
The new Download Manager blocks download from known
malicious websites
...
At this point, you can continue the download otherwise
the download is cancelled and removed automatically
...
Whether it‘s shopping for a gift on a
shared computer or checking email at an Internet café, there are
times when you don‘t want to leave any evidence of your browsing
or search history for others to see
...
You can start
InPrivate Browsing from the New Tab page, from the Internet
Explorer Jump List, or by selecting InPrivate Browsing from the
Safety menu
...
Closing the browser window
ends the InPrivate Browsing session
...
MOZILLA FIREFOX
Mozilla Firefox is one of the best browsers out there on the market,
and it's free
...
Mozilla Firefox has a number of
unique features, and it is overall a good product
...
Fortunately, Firefox is packed with advanced security features to
help you stay safe
...
Using the Site Identity
Button, you can find out if the website you are viewing is
encrypted, if it is verified, who owns the website, and who verified
it
...
The Site Identity Button
is in the Location bar to the left of the web address
...
Clicking on the Site
Identity Button will display security information about the
website, with a matching gray, blue, or green "Passport Officer"
icon
...
If you accidentally access an
attack site, it will warn you away from the site and tell you why it
isn’t safe to use
...
Content Security Policy
The Content Security Policy in Firefox is designed to shut down
cross-site scripting attacks by providing a mechanism for sites to
explicitly tell the browser which content is legitimate
...
Anti-virus integration
Firefox integrates elegantly with your Windows anti-virus
software
...
Private browsing
Private Browsing allows you to browse the Internet without saving
any information about which sites and pages you’ve visited
...
Securing website connections
Firefox keeps attackers from intercepting your sensitive data by
automatically establishing secure connections to websites that
offer secure https servers
...
GOOGLE CHROME
Google Chrome has been steadily gaining in the browser market
share since its launch 3 years ago
...
Chrome has a lot of obscure features which could immensely
enhance one’s browsing productivity if he were to know about
them
...
SOME OF THE IMPORTANT SECURITY FEATURES OF CHROME
Incognito mode
For times when you want to browse in stealth mode, Google
Chrome offers the incognito browsing mode
...
All new cookies are deleted after you close all incognito
windows that you've opened
...
253
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Tip –If you're using Chrome OS, you can use the guest browsing
feature as an alternative to incognito mode
...
Once you exit your guest session, all of your browsing information
from the session is completely erased
...
Select New incognito window
...
You can
continue browsing as normal in the other window
...
Privacy Preferences
You can control all your privacy preferences for Chrome from the
Options dialog, under the Privacy section located at the top of the
Under the Hood tab
...
This data includes
your browsing and download history, cache, cookies, passwords,
and saved form data
...
Delete all your data
i) Click the wrench icon
on the browser toolbar
...
254
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
iii)Select Clear browsing data
...
v) Use the menu at the top to select the amount of data that you
want to delete
...
vi) Click Clear browsing data
...
Follow the steps below to adjust these settings:
i) Click the wrench icon
on the browser toolbar
...
iii) Click Show advanced settings
...
Cookies are files created by websites you've visited to store
browsing information, such as your site preferences or profile
information
...
It's important to be aware
of your cookie settings because cookies can allow sites to track
your navigation during your visit to those sites
...
To prevent images from displaying,
select "Do not show any images
...
If you choose to disable JavaScript, you
may find that some sites don't work properly
...
They're allowed by default
255
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Pop-ups are blocked by default from appearing automatically and
cluttering your screen
...
Google Chrome alerts you
by default whenever a site wants permission to automatically
show notifications
...
Want to add a
site to the exceptions list? You can enter hostnames and IP
addresses, as well as specific domain masks (e
...
enter
[*
...
com to match everything from google
...
...
com)
...
You can disable
features that require this kind of communication in Chrome's
options so you are in control of what is sent to Google when you
use Chrome
...
Advanced security settings
Google Chrome has security measures in place to help protect you as
you browse the web
...
on the browser toolbar
...
iv) Here are the various settings you can adjust:
Phishing and malware protection –
This option is enabled by default in the "Privacy" section
...
Auto-Updates
To make sure that you are protected by the latest security
updates, Chrome checks for updates regularly to make sure that
it's always kept up-to-date
...
BROWSERS ADD-ONS
An add-on is a software extension that adds extra features to a
program
...
For example, Mozilla Firefox, a popular Web browser,
supports add-ons such as the Google toolbar, ad blockers, and Web
developer tools
...
This means the
user can simply double-click the add-on package to install the files for
the corresponding program
...
While not all programs
support add-ons, many programs are now developed with add-on
support, since it provides a simple way for other developers to extend
the functions of the program
...
WOT
WOT, Web of Trust, warns you about risky websites that try to scam
visitors, deliver malware or send spam
...
WOT's colour-coded icons
show you ratings for 21 million websites - green to go, yellow for
caution and red to stop – helping you avoid the dangerous sites
...
Keep yourself safe from online threats as
Spyware, adware and viruses
Browser exploits
Unreliable online shops
Phishing, spam and other Internet scams
Annoying or malicious spam
If you are about to enter a risky website, WOT will warn you and save
your computer before you interact with a harmful site
...
The system uses sophisticated
algorithms to produce reliable and up-to-date ratings
...
To protect your family, you can even set
WOT to block inappropriate content for children
...
2 SANDBOXING
Sandbox is a testing environment that isolates untested code changes
and outright experimentation from the production environment or
repository, in the context of software development including Web
development and revision control
...
Sandboxes replicate at least the minimal functionality needed
to accurately test the programs or other code under development (e
...
usage of the same environment variables as, or access to an identical
database to that used by, the stable prior implementation intended to
be modified; there are many other possibilities, as the specific
functionality needs vary widely with the nature of the code and the
application[s] for which it is intended
...
Only after the developer has
(hopefully) fully tested the code changes in their own sandbox should
the changes be checked back into and merged with the repository and
thereby made available to other developers or end users of the software
...
96
96
http://en
...
org/wiki/Sandbox_%28software_development%29
260
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
11
...
There are many aspects to security and many
applications, ranging from secure commerce and payments to private
communications and protecting passwords
...
The science of
cryptology is the science of secure communications, formed from the
Greek words crypto’s, "hidden", and logos, "word"
...
Cryptology is as old as
writing itself, and has been used for thousands of years to safeguard
military and diplomatic communications
...
The main goals of modern cryptography can be seen as: user
authentication, data authentication data integrity, non-repudiation of
origin, and data confidentiality
...
Cryptography is the art of
“secret writing"; it’s intend is to provide secure communication
over insecure channels
...
More precisely, a cryptanalyst tries to obtain the plaintext or the
decryption function in a cryptosystem by eavesdropping into the
insecure channel
...
The encrypted form of the PLAINTEXT
...
DECRYPTION
The process
PLAINTEXT
...
CRYPTOGRAPHY METHOD
Rotation: In rotation ciphers letters are rotate by other letters
...
Substitution: The name substitution cipher comes from the fact that
each letter that you want to encipher is substituted by another letter
or symbol, but the order in which these appear is kept the same
...
TYPES OF CRYPTOGRAPHY
There are two main types of cryptography:
1
...
Public key cryptography
In cryptographic systems, the term key refers to a numerical value
used by an algorithm to alter information, making that information
secure and visible only to individuals who have the corresponding key
to recover the information
...
This is also called symmetric encryption
...
Public key cryptography, also called asymmetric encryption, uses a
pair of keys for encryption and decryption
...
The public key can be freely distributed without compromising the
private key, which must be kept secret by its owner
...
Symmetric key Cryptography
It is also called conventional or private-key or single-key or secret key
...
With secret key
cryptography, a single key is used for both encryption and decryption
...
The receiver applies the same
key (or rule set) to decrypt the message and recover the plaintext
...
With this form of
cryptography, it is obvious that the key must be known to both the
sender and the receiver; that, in fact, is the secret
...
With this type of cryptography, both the sender and the
receiver know the same secret code, called the key
...
This method works well if you are communicating with only a limited
number of people, but it becomes impractical to exchange secret keys
with large numbers of people
...
Secret-key cryptography is often used to encrypt data on hard drives
...
Secret-key cryptography is also used for
communication devices like bridges that encrypt all data that cross the
http://www
...
net/library/crypto
...
A network administrator programs two devices with the same key,
and then personally transports them to their physical locations
...
However, the key may be compromised during transit
...
However, if you need to send an encrypted
message to someone you have never met; you'll need to figure out a
way to exchange keys in a secure way
...
DES
...
increments
...
Blowfish is a 64 bit block
cipher
264
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
PRIVATE KEY DISADVANTAGES
The Key Exchange Problem: The key exchange problem arises from
the fact that communicating parties must somehow share a secret key
before any secure communication can be initiated, and both parties
must then ensure that the key remains secret
...
The Trust Problem: Ensuring the integrity of received data and
verifying the identity of the source of that data can be very important
...
To varying degrees, these issues
can even be legally important for ordinary email correspondence, since
criminal investigations often center around who knew what and when
they knew it
...
Key management: One disadvantage of symmetric-key algorithms is
the requirement of a shared secret key, with one copy at each end
...
ASYMMETRIC CRYPTOGRAPHY (PUBLIC-KEY CRYPTOGRAPHY)
Asymmetric cryptography or public-key cryptography is cryptography
in which a pair of keys is used to encrypt and decrypt a message so
that it arrives securely
...
Any other user who wants
to send an encrypted message can get the intended recipient's public
key from a public directory
...
When the recipient gets the message,
they decrypt it with their private key, which no one else should have
access to
...
techtarget
...
Alice encrypts her
message using Tom’s public key (which Tom made available to
everyone) and Alice sends the scrambled message to Tom
...
When Tom sends a reply to Alice, he scrambles the message using
Alice’s public key
...
266
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
ASYMMETRIC V/S ASYMMETRIC CRYPTOGRAPHY
Sr
No
...
Same key One key is private,
is used for encryption and one key is public
...
4 DIGITAL SIGNATURE
Signatures are commonly used to authenticate documents
...
Similarly, digital signatures are used to authenticate the contents of
electronic documents
...
Digital
signatures are easily transportable, cannot be imitated by someone
else, and can be automatically time-stamped
...
A digital signature can be used with any kind of message, whether it is
encrypted or not, simply so that the receiver can be sure of the
sender's identity and that the message arrived intact
...
99
99
http://searchsecurity
...
com/definition/digital-signature
268
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
The digital signature is simply a small block of data that is attached to
documents you sign
...
The private key is used to
apply the signature to the document, while the public key is sent with
the file
...
Digital signatures can be used to certify or approve documents
...
Therefore, only the
original creator of a document can add a certifying signature
...
Example of Digital Signature
Assume you were going to send the draft of a contract to your lawyer
in another town
...
1
...
2
...
3
...
4
...
(Note that it will be different each time you send a message
...
1
...
2
...
3
...
269
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Feature of Digital Signature
Sender
Calculates Message Digest
...
Appends it to message
...
Decrypts encrypted digest with Senders Public Key
...
Authenticity and Confidentiality
A signs message with his own private key
...
B decodes the message with his own Private Key
...
Authenticity and Integrity
B needs to know that A and only A sent the message
...
Only A’s public key can decode the message
...
Digital signature cannot be reproduced from the message
...
270
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
11
...
Hash functions with just this property have a
variety of general computational uses, but when employed in
cryptography the hash functions are usually chosen to have some
additional properties
...
A hash function H is said to be one-way if it is hard to invert, where
"hard to invert" means that given a hash value h, it is computationally
infeasible to find some input x such that H(x) = h
...
A strongly collision-free hash function H is one for which it is
computationally infeasible to find any two messages x and y such that
H(x) = H(y)
...
Perhaps the main role of a cryptographic hash function is in the
provision of digital signatures
...
fmi
...
bg/courses/business/flash/crypto/functions/HashFunct
...
Additionally, a digest can be made public without revealing the
contents of the document from which it is derived
...
These include the message-digest hash functions MD2, MD4, and
MD5, used for hashing digital signatures into a shorter value called a
message-digest, and the Secure Hash Algorithm (SHA), a standard
algorithm, that makes a larger (60-bit) message digest and is similar to
MD4
...
The message is first padded so
that its length in bytes is divisible by 16
...
MD4 was developed by Rivest in 1990
...
A 64-bit binary
representation of the original length of the message is then
concatenated to the message
...
It is basically MD4 with "safetybelts" and while it is slightly slower than MD4, it is more secure
...
SHA (Secure Hash Algorithm) the algorithm specified in the Secure
Hash Standard (SHS), was developed by NIST
...
The revision corrected an
unpublished flaw in SHA
...
The algorithm takes a message of less than 2 64 bits in length and
produces a 160-bit message digest
...
272
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Summary
An add-on is a software extension that adds extra features to a
program
...
Sandboxing protects "live" servers and their data, vetted source code
distributions, and other collections of code, data and/or content,
proprietary or public, from changes that could be damaging to a
critical system
...
A digital signature is an electronic signature that can be used to
authenticate the identity of the sender of a message or the signer of a
document, and possibly to ensure that the original content of the
message or document that has been sent is unchanged
...
These include the message-digest hash functions MD2, MD4, and
MD5, used for hashing digital signatures into a shorter value called a
message-digest
...
1
12
...
3
12
...
5
12
...
1 INTRODUCTION
In 1969, a team of developers in the Bell Labs laboratories started
working on a solution for the software problem, to address these
compatibility issues, and they developed a new operating system;
1
...
2
...
3
...
The Bell Labs developers named their project "UNIX
...
Until then, all
commercially available computer systems were written in a code
specifically developed for one system
...
This kernel is the
only piece of code that needs to be adapted for every specific system
and forms the base of the UNIX system
...
This language was especially developed for
creating the UNIX system
...
274
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
The software vendors were quick to adapt, since they could sell ten
times more software almost effortlessly
...
UNIX did a great deal to
help users become compatible with different systems
...
Linus Torvalds, a young man studying
computer science at the University of Helsinki, thought it would be a
good idea to have some sort of freely available academic version of
UNIX, and promptly started to code
...
Especially Internet providers and Internet service providers
have grown fond of Linux as firewall, proxy- and web server
It is also worth to note that modern Linux not only runs on
workstations, mid- and high-end servers, but also on "gadgets" like
PDA's, mobiles, a shipload of embedded applications and even on
experimental wristwatches
...
What is Linux?
A freely available version of the UNIX operating system
Started by Linus Torvalds in 1991
Programmers from around the world contribute code
Main portion of Linux: The Linux Kernel
Can be downloaded from a number of sites (www
...
org) well
as purchased in packages (called distributions) from companies
such as:
o
101
RedHat (www
...
com)
http://www
...
org/LDP/intro-linux/html/sect_01_01
...
centos
...
suse
...
o
Debian (www
...
org)
o
Ubuntu (www
...
com)
Runs on Intel 486, Pentium (and better) processors as well as
Sun Sparc, DEC Alpha and dozens of other processors
...
No registration fees, no costs per user, free updates, and
freely available source code in case you want to change the behavior
of your system
...
The
license says that anybody who may want to do so has the right to
change Linux and eventually to redistribute a changed version, on
the one condition that the code is still available after redistribution
...
That is why a lot of tasks are being executed at night or
scheduled automatically for other calm moments, resulting in higher
availability during busier periods and a more balanced use of the
hardware
...
102
http://www
...
org/LDP/intro-linux/html/sect_01_04
...
But
Linux is not only fit for use as a fort against enemy attacks from the
Internet: it will adapt equally to other situations, utilizing the same
high standards for security
...
Linux is scalable:
From a Palmtop with 2 MB of memory to a petabyte storage cluster
with hundreds of nodes: add or remove the appropriate packages and
Linux fits all
...
The Linux OS and most Linux applications have very short debugtimes:
Because Linux has been developed and tested by thousands of
people, both errors and people to fix them are usually found rather
quickly
...
Linux Cons
There are far too many different distributions:
"Quot capites, tot rationes", as the Romans already said: the more
people, the more opinions
...
But it also means that everyone will find what he or she
needs
...
When asked, generally every Linux user will say that the best
distribution is the specific version he is using
...
On top of the basics,
special third party software is added making, for example,
TurboLinux more suitable for the small and medium enterprise,
277
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
RedHat for servers and SuSE for workstations
...
The best strategy is to test
a couple of distributions; unfortunately not everybody has the time
for this
...
In light of its popularity, considerable effort has been
made to make Linux even easier to use, especially for new users
...
Is an Open Source product trustworthy?
How can something that is free also be reliable? Linux users have the
choice whether to use Linux or not, which gives them an enormous
advantage compared to users of proprietary software, who don't have
that kind of freedom
...
If Linux were
not trustworthy, it would have been long gone, never knowing the
popularity it has now, with millions of users
...
It is a project that is
never finished, that is true, but in an ever changing environment,
Linux is also a project that continues to strive for perfection
...
2
RED HAT INSTALLATION STEPS
Steps 1 – Insert the Red Hat Linux DVD into the DVD-drive of your computer
...
Choose
‘Skip’, press enter and the installation would begin
...
Step 4- In this step, the RHEL installer would ask you about the appropriate type
of keyboard for the system
...
Then press ‘Next’
...
If you install this in SAN environment select
Specialized Storage Devices and hit Enter:
Step 6: A warning message will appear that denotes the existing data’s in the hard
disk will be deleted
...
281
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Step 7: Enter the hostname
Step 8: Enter the IP address for your server by clicking the “configure
Network”, Select your Network interface and enter the IP, Subnet details and
Apply the changes
...
Here let us install the Minimal Server
...
It will take a while depends upon your
hardware configuration:
285
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Step 15: At the end of installation, hit Reboot and you will get the login screen as
shown below:
Linux is one of popular version of UNIX operating System
...
It is free to use
...
Its functionality list is
quite similar to that of UNIX
...
3 COMPONENTS OF LINUX SYSTEM
Linux Operating System has primarily three components
Kernel - Kernel is the core part of Linux
...
It is consists of various
modules and it interacts directly with the underlying hardware
...
System Library - System libraries are special functions or programs
using which application programs or system utilities accesses
Kernel's features
...
System Utility - System Utility programs are responsible to do
specialized, individual level tasks
...
This code represents a single process, executes in single address
space and do not require any context switch and hence is very
efficient and fast
...
Support code which is not required to run in kernel mode is in
System Library
...
User programs/ utilities use System libraries to access Kernel
functions to get system's low level tasks
...
Portable - Portability means software’s can works on different types
of hardware’s in same way
...
Open Source - Linux source code is freely available and it
is community based development project
...
287
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
Multi-User - Linux is a multiuser system means multiple users can
access system resources like memory/ ram/ application programs at
same time
...
Hierarchical File System - Linux provides a standard file structure
in which system files/ user files are arranged
...
It can be used to
do various types of operations, call application programs etc
...
Architecture
Linux System Architecture is consists of following layers
Hardware layer - Hardware consists of all peripheral devices (RAM/
HDD/ CPU etc)
...
Shell - An interface to kernel, hiding complexity of kernel's
functions from users
...
Utilities - Utility programs giving user most of the functionalities of
an operating systems
...
4
FILE SYSTEM
A file system (or filesystem) is a means to organize data expected to
be retained after a program terminates by providing procedures to
store, retrieve and update data, as well as manage the available
space on the device(s) which contain it
...
The following is a small list of popular file systems around, each with
a brief explanation
...
103
The ext2 file system is Linux' old, yet still used file system
...
It has been in use
almost since the birth of Linux and is quite resilient against file
system fragmentation - although this is true for almost all Linux file
systems
...
The ext4 file system is backwards
compatible with ext3 as long as you do not use extents
...
http://swift
...
be/linux_sea/linuxfs
...
It addresses concerns regarding huge storage backend
volumes, multi-device spanning, snapshotting and more
...
The xfs file system is an enterprise-ready, high performance
journaling file system
...
The zfs file system (ZFSonLinux) is a multi-featured file system
offering block-level checksumming, compression, snapshotting, copyon-write, deduplication, extremely large volumes, remote replication
and more
...
The vfat file system (Virtual File Allocation Table) is technically
simple and supported by virtually all existing operating systems
...
VFAT
supports long file names
...
and
291
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
1
...
Only root user has write privilege under this directory
...
2
...
Common linux commands you need to use in single-user modes are
located under this directory
...
For example: ps, ls, ping, grep, cp
...
/sbin – System Binaries
Just like /bin, /sbin also contain binary executables
...
For example: iptables, reboot, fdisk, ifconfig, swapon
4
...
104
Contains configuration files required by all programs
...
conf, /etc/logrotate
...
thegeekstuff
...
/dev – Device Files
Contains device files
...
For example: /dev/tty1, /dev/usbmon0
6
...
This is a pseudo filesystem contains information about running
process
...
This is a virtual filesystem with text information about system
resources
...
/var – Variable Files
var stands for variable files
...
This includes — system log files (/var/log); packages and database
files (/var/lib); emails (/var/mail); print queues (/var/spool); lock
files (/var/lock); temp files needed across reboots (/var/tmp);
8
...
Files under this directory are deleted when system is rebooted
...
/usr – User Programs
Contains binaries, libraries, documentation, and source-code for
second level programs
...
If you can’t find a
user binary under /bin, look under /usr/bin
...
If you
can’t find a system binary under /sbin, look under /usr/sbin
...
For
example, when youinstall apache from source, it goes under
/usr/local/apache2
10
...
For example: /home/john, /home/nikita
11
...
Kernel initrd, vmlinux, grub files are located under /boot
For example: initrd
...
6
...
6
...
/lib – System Libraries
Contains library files that supports the binaries located under /bin
and /sbin
Library filenames are either ld* or lib*
...
*
For example: ld-2
...
1
...
so
...
7
294
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
13
...
Contains add-on applications from individual vendors
...
14
...
15
...
For examples, /media/cdrom for CD-ROM; /media/floppy for floppy
drives; /media/cdrecorder for CD writer
16
...
105
srv stands for service
...
105
http://www
...
com/
295
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
12
...
tty - reveals the current terminal
2
...
which - reveals where in the search path a program is located
4
...
echo $PATH - dumps the current path to STDOUT
b
...
echo $OLDPWD - dumps the most recently visited directory
5
...
clear - clears the screen or terminal
7
...
history - reveals your command history
a
...
command history is maintained on a per-user basis via:
~/
...
pwd - prints the working directory
10
...
'cd ' with no options changes to the $HOME directory
b
...
'cd /' changes to the root of the file system
d
...
'cd
...
'cd
...
Arrow keys (up and down) navigates through your command history
12
...
type unique characters in the command and press 'Tab' key
13
...
left button to block
b
...
ls - lists files and directories
a
...
ls -l - lists the contents of a directory in long format:
Includes: permissions, links, ownership, size, date, name
c
...
ls -ltr - sorts chronologically from older to newer (bottom)
e
...
ls -a - reveals hidden files
...
g
...
' are hidden
...
g
...
cat - catenates files
a
...
txt - dumps the contents of '123
...
cat 123
...
txt dumps both files to STDOUT
c
...
txt 456
...
txt - creates new catenated file
16
...
mkdir testRH5 - creates a 'testRH5' directory
17
...
cp 123
...
cp -v 456
...
mv - moves files
a
...
txt testRH5/ - moves the file, preserving timestamp
19
...
rm 123
...
rm -rf 456
...
touch - creates blank file/updates timestamp
a
...
txt - will create a zero-byte file, if it doesn't exist
b
...
txt - will update the timestamp
c
...
txt - changes timestamp
21
...
stat 123456
...
find - finds files using search patterns
a
...
alias - returns/sets aliases for commands
a
...
alias copy='cp -v'
12
...
Low cost: You don’t need to spend time and money to obtain licenses
since Linux and much of its software come with the GNU General
Public License
...
Additionally, there are large repositories from which
you can freely download high quality software for almost any task you
can think of
...
Stability: Linux doesn’t need to be rebooted periodically to maintain
performance levels
...
Continuous up-times of hundreds of days (up
to a year or more) are not uncommon
...
Performance: Linux
provides
persistent
high
performance
on
workstations and on networks
...
4
...
It can perform tasks such as network
backups faster and more reliably than alternative systems
...
Flexibility: Linux
can
be
used
for
high
performance
server
applications, desktop applications, and embedded systems
...
about
...
htm
298
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
save disk space by only installing the components needed for a
particular use
...
6
...
7
...
Each
distribution
organization
...
8
...
Popular
Linux
distributions come with tools that make installation of additional
software very user friendly as well
...
Full use of hard disk: Linux continues work well even when the
hard disk is almost full
...
Multitasking: Linux is designed to do many things at the same
time; e
...
, a large printing job in the background won’t slow down
your other work
...
Security: Linux is one of the most secure operating systems
...
Linux users have to option to select
and
safely
download
software,
free
of
charge,
from
online
repositories containing thousands of high quality packages
...
299
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
12
...
Most Linux applications are Open Source as well
...
Windows107
Users who are considering making a change from Windows to Linux or
Linux to Windows commonly want to know the advantages and
disadvantages of each of the operating systems
...
Topic
Linux
Windows
Price
The majority of Linux variants are
available for free or at a much lower
price than Microsoft Windows
...
00 - $150
...
Ease
Although the majority Linux
variants have improved
dramatically in ease of use,
Windows is still much easier to use
for most computer users because of
the familiarity of Windows and
because it's more likely they are
using a Windows computer at
home, in school, or at the office
...
Reliability
The majority of Linux variants and
versions are notoriously reliable
and can often run for months and
years without needing to be
Although Microsoft Windows
has made great improvements
in reliability over the last few
versions of Windows, it still
107
http://www
...
com/issues/ch000575
...
cannot match the reliability of
Linux
...
However,
Windows has a much larger
selection of available software
...
Software
Cost
Many of the available software
programs, utilities, and games
available on Linux are freeware or
open source
...
Although Windows does have
software programs, utilities,
and games for free, the
majority of the programs will
cost anywhere between $20
...
00+ US dollars per copy
...
However, for the hardware devices
that have driver support they
usually work in all versions of
Linux
...
Security
Linux is and has always been a very
secure operating system
...
Although Microsoft has made
great improvements over the
years with security on their
operating system, their
operating system continues to
301
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
be the most vulnerable to
viruses and other attacks
...
Microsoft Windows is not open
source and the majority of
Windows programs are not
open source
...
Microsoft Windows includes its
own help section, has vast
amount of available online
documentation and help, as
well as books on each of the
versions of Windows
...
But Linux
is not only fit for use as a fort against enemy attacks from the Internet:
it will adapt equally to other situations, utilizing the same high
standards for security
...
A file system organizes data in an efficient manner
and is tuned to the specific characteristics of the device
...
It
can
handle
unusually
large
numbers
of
users
simultaneously, and can make old computers sufficiently responsive to
be useful again
...
It can be used to do
various types of operations, call application programs etc
...
/proc – Process Information
...
For example: /proc/ {pid} directory
contains information about the process with that particular pid
...
blogspot
...
html
http://www
...
org/reading-room/whitepapers/protocols/understanding-security-osi-model-377
303
(c)Copyright 2014 BVUCOEP & IQSPL
INTRODUCTION TO OPERATING SYSTEM, NETWORKING AND SECURITY FUNDAMENTALS
iii
https://encryptedtbn2
...
com/images?q=tbn:ANd9GcQPBiT6KMSHedAkc7zr44CWkKtT9lk1TCT6wXxREig2
4GN-QG_SIg
iv
http://www
...
net/images/17-ISO-OSI-TCP-IP
...
att
...
techtarget
...
thegeekyglobe
...
html
viii
http://www
...
com/blog/hackers-exploiting-snmp-clients-using-googles-public-dns-server-spoofed-ip8-8-8-8/#sthash
...
dpuf
ix
http://www
...
com/articles/types-of-computer-attacks
...
techtarget
...
owasp
...
php/Session_hijacking_attack
xii
http://www
...
org/independent/security/recommendations/secattacks
Title: network security
Description: this notes tells u about network security..... it tells about different types of attacks and how u prevent your self from it.... it tells about IP and MAC addresses in details AND MANY MORE ..............
Description: this notes tells u about network security..... it tells about different types of attacks and how u prevent your self from it.... it tells about IP and MAC addresses in details AND MANY MORE ..............