《Lecture9-NetworkingandSecurityManagement》由会员分享,可在线阅读,更多相关《Lecture9-NetworkingandSecurityManagement(53页珍藏版)》请在金锄头文库上搜索。
1、1,Networking and Security Management,BTT205 Operating System,Lecture 9,Network Topologies,StarRingBusTreeHybrid,Addressing Convention,Names, addresses, and routes are required because sites arent directly connected to each other.Internet address follows a hierarchical organization,Addressing Convent
2、ion,Names, addresses, and routes are required because sites arent directly connected to each other.Internet address follows a hierarchical organizationExample: userfit.ukm.edu.my, or useritdepartment.asdion.myUser is the logical user nameFit is the host for the userUkm is the cluster for fitEdu is t
3、he network for the university,Routing Strategies,RouterRoutingTwo of the most widely used routing protocols:Routing Information Protocol (RIP)Open Shortest Path First (OSPF),Connection Model,Data entering the network at one point is routed to its destination by being switched from node to node, whet
4、her by:Circuit SwitchingPacket Switching,Conflict Resolution,Three common MAC protocol used to implement access to resources:Carrier Sense Multiple Access (CSMA)Token Passing Distributed-queue, Dual Bus (DQDB),Transport Protocol Standards,International Organization for Standardization (ISO) Makes te
5、chnical recommendations about data communication interfacesTransport Control Protocol/Internet Protocol (TCP/IP)The oldest transport protocol standard. TCP/IP model organizes a communication system with three main components: processes, hosts, and networks,Major NOS Function,Allow users to access ha
6、rdware or software at a remote site (telnet).telnet unixs.cis.fitt.eduLet users transfer files from one computer to another (FTP).ftp unixs.cis.pitt.edu,Need for a Protocol Architecture,Computer communicationsExchange of information between computers for the purpose of cooperative actionComputer net
7、workWhen two or more computers are interconnected via a communication network,Protocol Architecture,ProtocolUsed for communication between entities in different systemsProtocol architectureBroken into subtasks, each of which is implemented separately,Key Elements of a Protocol,Syntax :Includes such
8、things as data format and signal level.Semantics:Includes control information for coordination and error handling.Timing:Includes speed matching and sequencing,TCP/IP Protocol Architecture,Five relatively independent layersApplicationHost-to-host, or transportInternetNetwork accessPhysical,Physical
9、Layer,Specifying the characteristics of the transmission mediumNature of the signalsData rate,Network Access Layer,Concerned with the exchange of data between an end system and the networkDifferent standardsCircuit switchingPacket switching (frame relay)LANs (Ethernet),TCP Header,UDP Header,IPv6,Pro
10、vides enhancements over existing IPDesigned to accommodate higher speeds of a mix of data streams, graphic and videoProvides more addressesIncludes 128-bits for addresses,IPv4 Header,TCP/IP Applications,Simple mail transfer protocol (SMTP)File transfer protocol (FTP)TELNET,Sockets,Enable communicati
11、on between a client and serverEndpoint in communicationUsed to define an APIGeneric communication interface for writing programs that use TCP or UDP,Types of Sockets,Stream socketsUse TCPReliable data transferDatagram socketsUse UDPDelivery is not guaranteed,Socket Connection,One side is clientReque
12、sts connectionOther side is server,Security Management,Computer SecurityAssetsThreatsScope of system securityIntrudersSecurity and ProtectionComputer Security Techniques,Computer System Assets,HardwareSoftwareDataCommunication Lines and Networks,Security Threats,Types of ThreatsInterruptionIntercept
13、ionModificationFabrication,Security Threats,HardwareSoftwareData,Security Threats,Communication Lines and NetworksPassive attacksActive attacks,Intruders,Three classes of intrudersMasqueraderMisfeasorClandestine user,Intrusion Techniques,Two ways to protect password fileOne way encryptionAccess cont
14、rol,Malicious Program or Malware,Logic Bomb,Explodes when certain conditions are metPresence or absence of certain filesParticular day of the weekParticular user running application,Types of Viruses,Boot sector virusStealth virusPolymorphic virusParasitic virus,Virus Stages,Dormant phasePropagation
15、phaseTriggering phaseExecution phase,37,Worms,Use network connections to spread from system to systemElectronic mail facilityRemote execution capabilityRemote log-in capability,Zombie,Program secretly takes of another Internet-attached computer.Uses that computer to launch attacks that are difficult
16、 to trace to zombies creator.Used in denial-of-service attacks, typically against targeted web sites.Planted on hundreds of computers belonging to unsuspecting third parties.,Security and Protection,OS use two sets of techniques to counter threats to use of information:SecurityProtection:,Goals of Security and Protection,SecrecyPrivacyAuthenticityIntegrityAvailabilityAccounting,Computer Security Techniques,
