revision 2011
TRANSCRIPT
-
8/2/2019 Revision 2011
1/20
CCM2424Host Operating Systems and Security
2010-11, Revision
Orhan Gemikonakli
1
-
8/2/2019 Revision 2011
2/20
An introduction to Operating Systems &Unix/Linux
Operating Systems
Main functions
Unix
Brief History of Unix, Timeline, and Varieties
Benefits of Unix, Linux
Unix Operating Environment
The OS and the Kernel
The OS Shell
-
8/2/2019 Revision 2011
3/20
UNIX
Unix FileSystem
Unix
Commands Syntax
Examples
Graphical User
Interface
-
8/2/2019 Revision 2011
4/20
Accessing Files and Directories
The File System
Shareable, unshareable, variable, static
Creating directories
Directory Paths
Absolute pathname
Relative pathname
Navigating the File System
Listing Directory Contents
Identifying and Using Metacharacters
e.g. *, ?, ;, []
-
8/2/2019 Revision 2011
5/20
Basic Directory and File Management
Directory and File Management Using the CommandLine
Directory and File Management Using Common
Desktop Environment (CDE)
Directory and File Management Using GNU NetworkObject Model Environment (GNOME)
-
8/2/2019 Revision 2011
6/20
OSI Network Layer
Identify the role of the Network Layer, as it describescommunication from one end device to another end device
Examine the most common Network Layer protocol, InternetProtocol (IP), and its features for providing connectionless and
best-effort service
Understand the principles used to guide the division or groupingof devices into networks
Understand the hierarchical addressing of devices and how this
allows communication between networks
Understand the fundamentals of routes, next hop addresses andpacket forwarding to a destination network
-
8/2/2019 Revision 2011
7/20
File System Security
Security Overview
Security Policies and Features for Unix
File System Permissions
How do permissions look like in Unix
Access Control Principles
Changing Permissions with the Command Line
Identifying and Switching Users
-
8/2/2019 Revision 2011
8/20
Managing Large Programs
Recompilation
Short programs; quicker to recompile
Large programs; longer to recompile
Debug a single function, rest of the program isunchanged.
-
8/2/2019 Revision 2011
9/20
System processes & memory management
Terminology: procedure, program, process, task, job, interrupthandlers
Properties of processes: e.g. Each program creates a process which isassigned a uniqueprocess identification number (PID)
Process manipulation functions: e.g. fork() etc.
UNIX manages tasks using processes
Process states running, blocked, ready, suspend etc.
Process can spawn a subprocess, thus creating a processhierarchy with parent / child relationships
Some simple commands, such as cd, are executed by the shellitself and do not create a separate process
Interprocess communication (IPC): pipes, sockets
-
8/2/2019 Revision 2011
10/20
Network Basics: Main client server applications
Introduction
Client server model
Synchronous and asynchronous requests
Implementation of a server process
Main UNIX networking services
FTP, SSH, Mail, etc.
-
8/2/2019 Revision 2011
11/20
Network Basics: API and advanced applications
Introduction
The networking Application Programming Interface(API): sockets
Naming services and hostname resolution
Network resource sharing
Distributed file systems: NFS
Common Internet File System, CIFS, (Server MessageBlock, SMB)
-
8/2/2019 Revision 2011
12/20
Case Study: The Apache HTTP Server Project and PHP
Introduction The HTTP protocol basics
The Apache HTTP server project
A very important usage case of the HTTP server is
to dynamically create web pages Very widespread use of dynamic content pages nowadays in the
Internet (e.g., e-commerce, e-banking, etc.)
Dynamic Web Sites: the PHP Language
-
8/2/2019 Revision 2011
13/20
Security
Security Risk Analysis
Security Mechanisms
Security Policies
Security Examples
Firewalls: Internal, External
Distributed Host Security
Security Breaches and Controls
Practical Security
Firewalls, IDS, VPN
-
8/2/2019 Revision 2011
14/20
Security
Computer and Network Security Requirements
Security Threats
Protection
Intruders
Malicious Software
Trusted Systems
-
8/2/2019 Revision 2011
15/20
Penetration Testing
Describe a Penetration Test
Describe the risks of Penetration Test
Describe the process of network reconnaissance
Describe common network attack techniques
Explain types of malicious code attacks
-
8/2/2019 Revision 2011
16/20
Cryptography
Describe key events in cryptography history
Explain components of cryptographic protocols
Explain common cryptography standards
Describe modern cryptanalysis methods
-
8/2/2019 Revision 2011
17/20
More on Cryptography
Digital signatures
Key Management
Public key management
Private key management
Cryptography Standards
Wireless Network Cryptography
-
8/2/2019 Revision 2011
18/20
Analyzing packet structures
Explain the Common Vulnerabilities and Exposures(CVE) standard
Describe how signature analysis is used in examining
network traffic
Detect normal and suspicious traffic signatures
Describe packet capture and analysis
-
8/2/2019 Revision 2011
19/20
Operating System Models and Virtual Machines
More on operating systemsLayered: Advantages & disadvantages
Monolithic : Advantages & disadvantages
Virtual machines
-
8/2/2019 Revision 2011
20/20
Summary
Revise all topics covered for a good grade
The module focused on
OSs, Unix (file system, directory structure, commands, definitions etc.),
API and advanced applications NFS, processes, virtualisation, networklayer, security, cryptography, unix security, sockets, OSI layers, Apache,HTTP, PHP, client/server systems, packet structures, penetration testing