summer training report.doc
TRANSCRIPT
-
7/29/2019 summer training report.doc
1/22
1
VI RTUAL NET WOR KI NG A ND COM PUTI NG
Report su b m it te d by :--
N a m e of the t r a ine e - Pranay Aluria
N a m e of the c o lleg e - Netaji Subhash Institute Of Technology
-
7/29/2019 summer training report.doc
2/22
2
Ackn owledge me nt
I would like to express my sincere gratitude to my
project guide and head Mr. Parag Mathur for
giving me the opportunity to work on this topic.
I would like to express my sincere gratitude to my
mentors and my colleagues Mr .Mohit Chauhan,
Mr. Sunder Kiroula and Mr. Aadhar Girdhar fortheir unprecedented guidance and support.
-
7/29/2019 summer training report.doc
3/22
3
ABSTRA CT
This project covers few aspects of virtual networkingused and enacted as a part of IT department of LGE
,India. Few softwares and portals are used for sole
purpose of LGE and are subject to copyright.
-
7/29/2019 summer training report.doc
4/22
4
Net work Compu ting
In computing, Virtual Network Computing (VNC) is a graphical desktop sharing system that uses theRFB protocol to remotely control another computer. It transmits the keyboard and mouse events fromone computer to another, relaying the graphical screen updates back in the other direction, over anetwork.VNC is platform-independent a VNC viewer on one operating system may connect to a VNC server on
the same or any other operating system. There are clients and servers for many GUI-based operatingsystems and for Java. Multiple clients may connect to a VNC server at the same time. Popular uses forthis technology include remote technical support and accessing files on one's work computer from one'shome computer, or vice versa.
OPERATION
A VNC system consists of a client, a server, and a communication protocol The VNC ser v er is the program on the machine that shares its screen. The server
passively allows the client to take control of it. The VNC c lie n t (or viewer) is the program that watches, controls, and interacts with the server.
The client controls the server. The VNC pr o t oc o l (R F B) is very simple, based on one graphic primitive from server to client
("Put a rectangle of pixel data at the specified X,Y position") and event messages from client toserver.
In the normal method of operation a viewer connects to a port on the server (default port 5900).22Alternatively a browser can connect to the server (depending on the implementation) (default port5800). And a server can connect to a viewer in "listening mode" on port 5500. One advantage oflistening mode is that the server site does not have to configure its firewall to allow access on port 5900(or 5800); the onus is on the viewer, which is useful if the server site has no computer expertise, whilethe viewer user would be expected to be more knowledgeable.
The server sends small rectangles of the framebuffer to the client. In its simplest form, the VNC protococan use a lot of bandwidth, so various methods have been devised to reduce the communicationoverhead. For example, there are various encodings (methods to determine the most efficient way totransfer these rectangles). The VNC protocol allows the client and server to negotiate which encodingwill be used. The simplest encoding, which is supported by all clients and servers, is the raw encodingwhere pixel data is sent in left-to-right scanline order, and after the original full screen has beentransmitted, only transfers rectangles that change. This encoding works very well if only a small portionof the screen changes from one frame to the next (like a mouse pointer moving across a desktop, or texbeing written at the cursor), but bandwidth demands get very high if a lot of pixels change at the sametime, such as when scrolling a window or viewing full-screen video.VNC by default uses TCP port 5900+N,where N is the display number (usually :0 for a physical display)Several implementations also start a basic HTTP server on port 5800+N to provide a VNC viewer as a
Java applet, allowing easy connection through any Java-enabled web browser. Different portassignments can be used as long as both client and server are configured accordingly.Using VNC over the Internet works well if the user has a broadband connection at both ends. However,it may require advanced NAT, firewall and router configuration such as port forwarding in order for theconnection to go through. Some users may choose to use instant private networking applications suchas Virtual Private Network (VPN) applications such as Hamachi to make usage over the Internet mucheasier. Alternatively, a VNC connection can be established as a LAN connection if VPN is utilized as aproxy.
http://en.wikipedia.org/wiki/Server_(computing)http://en.wikipedia.org/wiki/Server_(computing)http://en.wikipedia.org/wiki/Client_(computing)http://en.wikipedia.org/wiki/Client_(computing)http://en.wikipedia.org/wiki/Client_(computing)http://en.wikipedia.org/wiki/Communications_protocolhttp://en.wikipedia.org/wiki/Communications_protocolhttp://en.wikipedia.org/wiki/RFB_protocolhttp://en.wikipedia.org/wiki/RFB_protocolhttp://en.wikipedia.org/wiki/Client_(computing)http://en.wikipedia.org/wiki/Communications_protocolhttp://en.wikipedia.org/wiki/RFB_protocolhttp://en.wikipedia.org/wiki/Server_(computing) -
7/29/2019 summer training report.doc
5/22
5
Note that the machine the VNC server is running on does not need to have a physical display. Xvnc isthe Unix VNC server, which is based on a standard X server. To applications Xvnc is an X "server" (i.e.displays client windows), and to remote VNC users it is a VNC server. Applications can displaythemselves on Xvnc as if it were a normal X display, but they will appear on any connected VNC viewerrather than on a physical screen..Alternatively a machine (which may be a workstation or a networkserver) with screen, keyboard, and mouse can be set up to boot and run the VNC server as a service odaemon, then the screen, keyboard, and mouse can be removed and the machine stored in an out-of-the way location.
In addition, the display that is served by VNC is not necessarily the same display seen by a user on theserver. On Unix/Linux computers that support multiple simultaneous X11 sessions, VNC may be set toserve a particular existing X11 session, or to start one of its own. It is also possible to run multiple VNCsessions from the same computer. On Microsoft Windows the VNC session served is always the currenuser session.VNC is commonly used as a cross-platform remote desktop system. For example, Apple RemoteDesktop for Mac OS X (and more recently, "Back to My Mac" in 'Leopard' - Mac OS X 10.5)interoperates with VNC and will connect to a Linux user's current desktop if it is served with x11vnc, orto a separate X11 session if one is served with TightVNC. From Linux, TightVNC will connect to a MacOS X session served by Apple Remote Desktop if the VNC option is enabled, or to a VNC serverrunning on Microsoft Windows.
Security
By default, RFB is not a secure protocol. While passwords are not sent in plain-text (as in telnet),cracking could prove successful if both the encryption key and encoded password are sniffed from anetwork. For this reason it is recommended that a password of at least 8 characters be used. On theother hand, there is also an 8-character limit on some versions of VNC; if a password is sent exceeding8 characters, the excess characters are removed and the truncated string is compared to the password.However, VNC may be tunnelled over an SSH or VPN connection which would add an extra securitylayer with stronger encryption. SSH clients are available for all major platforms (and many smallerplatforms as well); SSH tunnels can be created from UNIX clients, Microsoft Windows clients, Macintoshclients (including Mac OS X and System 7 and up) and many others. There are freeware applications
that create instant VPN tunnels between computers.UltraVNC supports the use of an open-source encryption plugin which encrypts the entire VNC sessionincluding password authentication and data transfer. It also allows authentication to be performed basedon NTLM and Active Directory user accounts. However, use of such encryption plugins make itincompatible with other VNC programs. RealVNC offers high-strength AES encryption as part of itscommercial package, along with integration with Active Directory. Workspot released AES encryptionpatches for VNC.
Remote administration
Remote administration refers to any method of controlling a computer from a remote location.
-
7/29/2019 summer training report.doc
6/22
6
Software that allows remote administration is becoming increasingly common and is often used when itis difficult or impractical to be physically near a system in order to use it, or in order to access webmaterial that is not available in one's location, for example viewing the BBC iPlayer from outside theUnited Kingdom. A remote location may refer to a computer in the next room or one on the other side ofthe world. It may also refer to both legal and illegal (i.e. hacking) remote administration.
Any computer with an Internet connection, TCP/IP or on a Local Area Network can be remotelyadministered.
For non-malicious administration, the user must install or enable server software on the host system inorder to be viewed. Then the user/client can access the host system from another computer using theinstalled software.Usually, both systems should be connected to the internet, and the IP address of the host/server systemmust be known. Remote administration is therefore less practical if the host uses a dial-up modem,which is not constantly online and often has a Dynamic IP.
Connecting
When the client connects to the host computer, a window showing the Desktop of the host usuallyappears. The client may then control the host as if he/she were sitting right in front of it.Certain versions of Windows XP have a built-in remote administration package called Remote DesktopConnection. A free cross-platform alternative is VNC, which offers similar functionality.
VNC, or Virtual Network Computing, is software that makes it possible to view and interact with acomputer from any other computer or device connected to the internet. VNC is even cross-platform, so person using a Windows-based computer can connect to and interact with a Unix system without anyproblems whatsoever.VNC essentially "converts" your computer into whichever computer you are connecting to. For exampleif I am at home with my desktop computer running Windows XP and I need to use ArcGIS (or any otherLinux program), all I have to do is run my VNC software and connect to one of CAE's Unix machines.Once that is done my personal computer will look and act like a Linux lab machine, and whenever I wan
to I can exit and use windows
-
7/29/2019 summer training report.doc
7/22
7
program.
-
7/29/2019 summer training report.doc
8/22
8
S YMA NTEC END POINT P ROTECTI ON
-
7/29/2019 summer training report.doc
9/22
9
Symantec Endpoint Protection for Macintosh and Windows, available via IUware, combinestechnologies from previous Symantec products:
Antivirus and antispyware: Antivirus and antispyware scans detect viruses and other securityrisks, including spyware, adware, and other files, that can put a computer or a network at risk.
Personal firewall: The Symantec Endpoint Protection firewall provides a barrier between thecomputer and the Internet, preventing unauthorized users from accessing the computers andnetworks. It detects possible hacker attacks, protects personal information, and eliminates
unwanted sources of network traffic.
Intrusion prevention: The intrusion prevention system (IPS) is the Symantec Endpoint Protectionclient's second layer of defense after the firewall. The intrusion prevention system is a network-based system. If a known attack is detected, one or more intrusion prevention technologies canautomatically block it.
Proactive threat scanning: Proactive threat scanning uses heuristics to detect unknown threats.Heuristic process scanning analyzes the behavior of an application or process to determine if itexhibits characteristics of threats, such as Trojan horses, worms, or keyloggers. This type ofprotection is sometimes referred to as zero-day protection.
Device and application control: Device-level control is implemented using rule sets that block orallow access from devices, such as USB, infrared, FireWire, SCSI, serial ports, and parallelports. Application-level control is implemented using rule sets that block or allow applications thatry to access system resources.
Kernel-level rootkit protection: Symantec Endpoint Protections expands rootkit protection todetect and repair kernel-level rootkits. Rootkits are programs that hide from a computer'soperating system and can be used for malicious purposes.
Role-based administration: Different administrators can access different levels of themanagement system based on their roles and responsibilities.
Group update provider: Symantec Endpoint Protection clients can be configured to providesignature and content updates to clients in a group. When clients are configured this way, theyare called group update providers. Group update providers do not have to be in the group orgroups that they update.
Location awareness: Symantec Endpoint Protection expands location awareness support to thegroup level. Each group can be divided into multiple locations, and when a client is in thatlocation, policies can be applied to that location.
Policy-based settings: Policies control most client settings, and can be applied down to thelocation level.
Domains: Domains let you create additional global groups. This feature is advanced and should
be used only if necessary.
Failover and load balancing: If you have a large network and need the ability to conservebandwidth consumption, you can configure additional management servers in a load-balancedconfiguration. If you have a large network and need the ability to configure redundancy, you canconfigure additional management servers in a failover configuration.
-
7/29/2019 summer training report.doc
10/22
1
SQL database support: Symantec Endpoint Protection stores client information in a database onthe management server. Where legacy products stored information in the registry, SymantecEndpoint Protection Manager now stores all information about client computers in a SQLdatabase (either the embedded database or a Microsoft SQL database).
Enhanced LiveUpdate: LiveUpdate now supports the downloading and installation of a widevariety of content, including definitions, signatures, whitelists to prevent false positives, engines,and product updates.
SE R V IC E M A N A GEM E NT TOOLSMT is a part of the inter and intra branch connected network designed to tacklethe technical and IT related issues faced by the LG employees and staff on theirdesktops and laptops..
W O R K I N G :-
Whenever a person gets a technical problem which is not solved out by personhimself, he puts up a mail in SMT. The mail is read by the network engineers
-
7/29/2019 summer training report.doc
11/22
1
handling and operating the SMT. With the help of VNC , they log into the accounof the user (way of ethical hacking) and solve the technical issueNetworking engineer can have all the control over the system whichever has beendiagnosed with an issue or a technical glitch.
P ROBLEM
There was one issue with a user who couldnt login into his GTM login. He contacted usand with the help of service management tool and VNC , we took the control of the systemand rectified the issue.
-
7/29/2019 summer training report.doc
12/22
1
-
7/29/2019 summer training report.doc
13/22
1
-
7/29/2019 summer training report.doc
14/22
1
ASSIGNMENT (JUNE 18th to July 7th)OTP- One Time Process
It is software or a hardware option to enter the password
while logging into sso id through which lg officials
connect with other lg officials. To keep this id and
password protected, OTP is used which helps in creating
passwords which are temporary in nature. This helps in
securing the data from malicious activities of hackers
who try to decrypt a password.
This software runs on 2 operating systems- android and
ios . If a person dint have these 2 operating systems in
their cellphones, another option was hardware token.
Hardware token or the software in the cellphone used to
produce a 6 digit number which changes after 3 secondsThis means , for 3 seconds , that particular number used
to be the password for the user . He can only use the
number once. If he again had to enter into sso, he will be
requiring again the 6 digit code produces by OTP in that
time frame of 3 seconds.
I ,along with the guidance of my network engineers, had
to ensure that designated and authorized people from al
the branches in india, install this software or the
-
7/29/2019 summer training report.doc
15/22
1
hardware tokens. We catered lot of phone calls and
queries regarding this and helped achieving this feat in 3
weeks.
FTP SERVERS-
Overview
FTP is an acronym for File Transfer Protocol. As the name suggests, FTP is usedto transfer files between computers on a network. You can use FTP to exchangefiles between computer accounts, transfer files between an account and a
desktop computer, or access online software archives. Many FTP sites areheavily used and require several attempts before connecting.
What is an FTP Client?An FTP Client is software that is designed to transfer files back-and-forth betweentwo computers over the Internet. It needs to be installed on your computer andcan only be used with a live connection to the Internet.
The classic FTP Client look is a two-pane design. The pane on the left displays
the files on your computer and the pane on the right displays the files on theremote computer.
File transfers are as easy as dragging-and-dropping files from one pane to theother or by highlighting a file and clicking one of the direction arrows locatedbetween the panes.
Additional features of the FTP Client include: multiple file transfer; the auto re-geor resuming feature; a queuing utility; the scheduling feature; an FTP find utility; asynchronize utility; and for the advanced user, a scripting utility.
How to use FTP
Graphical FTP clients
-
7/29/2019 summer training report.doc
16/22
1
Graphical FTP clients simplify file transfers by allowing you to drag and drop fileicons between windows. When you open the program, enter the name of the FTPhost (e.g., ftp.empire.gov) and your username and password. If you are
logging into an anonymous FTP server, you may not have to enter anything. Twocommon FTP programs are Cyberduck (for Mac) and WinSCP (for Windows).
Web browser
You can use a web browser to connect to FTP addresses exactly as you would toconnect to HTTP addresses. Using a web browser for FTP transfers makes iteasy for you to browse large directories and read and retrieve files. Your webbrowser will also take care of some of the details of connecting to a site andtransferring files. While this method is convenient, web browsers are often slowerand less reliable and have fewer features than dedicated FTP clients.
To use your web browser to connect to an FTP site such as ftp.empire.gov,
where you normally enter a URL, enter:
ftp://[email protected]/
Command line FTP
Windows, Mac OS X, and Linux have built-in command line clients; see W h a t a r es o m e c o mm on FT P c o mm an d s ? For example, to start FTP, at the command lineprompt, enter:
ftp ftp.empire.gov
If you are connecting to your own account, enter your username and password. Ifyou are connecting to an anonymous FTP site, for your username, enteranonymous . For your password, enter your email address.
mailto:[email protected]://kb.iu.edu/data/aenq.htmlhttp://kb.iu.edu/data/aenq.htmlhttp://kb.iu.edu/data/aenq.htmlhttp://kb.iu.edu/data/aenq.htmlmailto:[email protected]://kb.iu.edu/data/aenq.htmlhttp://kb.iu.edu/data/aenq.html -
7/29/2019 summer training report.doc
17/22
1
DOS C o mm a nds In N etw o r k in g
assocDisplays or modifies file name extension associations. Used alone, displays a listof all the current file name associations
atSchedules commands and programs to run on a computer at a specified time and
date. Requires the Schedule service. Superseded by schtasks
attrib Configures file attributes read only, hidden, system
bootcfg Used to repair or edit theboot.ini file
cd or chdir Displays the name of the current directory or changes the current folder
chkdsk Checks hard drives for errors. With switches,does repairs.
cls Clears the screen
copy Copies a file from one location to another
del Deletes one or more files
dir Displays a list of a folder's files and subfolders
diskpart Disk management shell. A suite of various commands
driverqueryDisplays a list of all installed device drivers and their properties. Requires
administrator privileges. (Not available in Windows XP Home)
echo Used to display a message or to turn off/on messages in batch scripts
exit Exits batch script or current command control
fc Compares two files and displays the differences between them
find Searches for a text string in a file or files. Can also be used with output fromanother command.
findstr Searches for text string patterns in a file using regular expressions
for Runs a specified command for each item in a set
fsutilDisplays and configures certain file system properties. A suite of variouscommands
ftype Displays or modifies file types used in file name extension associations
getmac Returns the media access control (MAC) address for your network card
goto Directs the Windows command interpreter to a labeled line in a batch program
if Performs conditional processing in batch programs
ipconfigDisplays all current TCP/IP network configuration values and refreshes Dynamic
Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings
md or
mkdirCreates a directory (folder) or subdirectory (subfolder)
-
7/29/2019 summer training report.doc
18/22
1
moreDisplays one screen of output at a time. Used with another command that has
extensive output
move Moves a file from one folder to another
net A suite of various networking and service commands
netsh Network services shell . Complex suite of commands.
netstatDisplays active TCP connections, ports on which the computer is listening,Ethernet statistics, the IP routing table, statistics for the IP, ICMP, TCP, and UDP
protocols
pathSets the command path in the PATH environment variable, which is the set ofdirectories used to search for executable files
pathpingProvides information about network performance and conditions at intermediatehops between a source and destination
pause Used in batch scripts
ping Checks connectivity to other networked computers, routers, or Internet sites
popd, pushd
Changes the directory being referenced in a command prompt. Pushd changes the
directory and stores the previous directory. Popd changes the current directory to
the directory stored by the pushd command
powercfg Manages the power settings such as hibernation. Has numerous switches
reg Adds, changes, and displays registry entries. A suite of various commands
rd or rmdir Deletes a directory (folder)
ren or
renameChanges the name of a file or a set of files
scUsed to obtain information about services and to configure them. A suite of
various commands
schtasks Schedules commands and programs to run periodically or at a specific time
set Displays, sets, or removes environment variables
sfc System file checker scans and verifies the versions of all protected system files
shutdown Shuts down or restarts a computer
sort Alphabetizes strings from a text file or the output of a command.
start Starts an application or opens a new command window
subst Associates a folder with a drive letter
systeminfoDisplays detailed configuration information about a computer and its operating
system
taskkill Ends one or more tasks or processes
-
7/29/2019 summer training report.doc
19/22
1
tasklistDisplays a list of applications and services with their Process ID (PID) for all
tasks running
tree Graphically displays the directory structure of a folder or drive
type Displays the contents of a text file
vssadmin For administering and configuring volume shadow copies
xcopy Powerful command with many switches for copying and backing up files andfolders
-
7/29/2019 summer training report.doc
20/22
r
2
-
7/29/2019 summer training report.doc
21/22
2
B I BL I OGRA P HY
http :// w w w.go o g le.c o.in/
http s : //e n . w ik ipe d ia .or g /wik i
http :// w w w.c is c o.c om
http://www.google.co.in/http://www.google.co.in/http://www.google.co.in/http://www.google.co.in/http://www.google.co.in/http://www.google.co.in/http://www.google.co.in/http://www.google.co.in/https://en.wikipedia.org/wikihttps://en.wikipedia.org/wikihttps://en.wikipedia.org/wikihttps://en.wikipedia.org/wikihttps://en.wikipedia.org/wikihttps://en.wikipedia.org/wikihttps://en.wikipedia.org/wikihttp://www.cisco.com/http://www.cisco.com/http://www.cisco.com/http://www.cisco.com/http://www.cisco.com/http://www.google.co.in/https://en.wikipedia.org/wikihttp://www.cisco.com/ -
7/29/2019 summer training report.doc
22/22