IGNOU MCA MCS-022 Solved Assignments 2010

Course Code : MCS-022

Course Title : Operating System Concepts and Networking
Management
Assignment Number : MCA(2)/022/Assign/09
Maximum Marks : 100
Weightage : 25%
Last Date of Submission : 15th October, 2009 (for July, 2009 session)
15th April, 2010 (for January, 2010 session)

This assignment has five questions. Answer all questions. Rest 20 marks are for viva voce.
You may use illustrations and diagrams to enhance the explanations. Please go through the
guidelines regarding assignments given in the Programme Guide for the format of
presentation. Answer each part of the question should be confined to about 300 words.

Question 1: a) Describe the structure of 5 classes of IP address. Also draw the network
configuration of your study centre/organisation showings IP addresses assigned your
organization by ISP. How do these classes differ? How do you identify a particular classes?
(5 Marks)
b) How does DNS improve the name resolution? (5 Marks)
c) What is real time OS? How it is different from the traditional OS. (5 Marks)

Answer 1 : In the original Internet routing scheme developed in the 1970s, sites were assigned
addresses from one of
three classes: Class A, Class B and Class C. The address classes differ in size and number. Class
A
addresses are the largest, but there are few of them. Class Cs are the smallest, but they are
numerous.
Classes D and E are also defined, but not used in normal operation.
To say that class-based IP addressing in still used would be true only in the loosest sense. Many
addressing
designs are still class-based, but an increasing number can only be explained using the more
general
concept of CIDR, which is backwards compatible with address classes.
Suffice it to say that at one point in time, you could request the Internet NIC to assign you a class
A, B or C
address. To get the larger class B addresses, you might have to supply some justification, but
only the class
A was really tough to get. In any case, NIC would set the network bits, or n-bits, to some unique
value and
inform the local network engineer. It would then be up to the engineer to assign each of his hosts
an IP
address starting with the assigned n-bits, followed by host bits, or h-bits, to make the address
unique.
Internet routing used to work like this: A router receiving an IP packet extracted its Destination
Address,
which was classified (literally) by examining its first one to four bits. Once the address's class
had been
determined, it was broken down into network and host bits. Routers ignored the host bits, and
only needed
to match the network bits to find a route to the network. Once a packet reached its target
network, its host
field was examined for final delivery.
Summary of IP Address Classes
Class A - 0nnnnnnn hhhhhhhh hhhhhhhh hhhhhhhh
· First bit 0; 7 network bits; 24 host bits
· Initial byte: 0 - 127
· 126 Class As exist (0 and 127 are reserved)
· 16,777,214 hosts on each Class A
Class B - 10nnnnnn nnnnnnnn hhhhhhhh hhhhhhhh
· First two bits 10; 14 network bits; 16 host bits
· Initial byte: 128 - 191
· 16,384 Class Bs exist
· 65,532 hosts on each Class B
Class C - 110nnnnn nnnnnnnn nnnnnnnn hhhhhhhh
· First three bits 110; 21 network bits; 8 host bits
· Initial byte: 192 - 223
· 2,097,152 Class Cs exist
· 254 hosts on each Class C
Class D - 1110mmmm mmmmmmmm mmmmmmmm mmmmmmmm
· First four bits 1110; 28 multicast address bits
· Initial byte: 224 - 247
· Class Ds are multicast addresses -
Class E - 1111rrrr rrrrrrrr rrrrrrrr rrrrrrrr
· First four bits 1111; 28 reserved address bits
· Initial byte: 248 - 255
· Reserved for experimental use
b) Answer: A DNS server is any computer registered to join the Domain Name System. A DNS
server
runs special-purpose networking software, features a public IP address, and contains a database
of network
names and addresses for other Internet hosts.
DNS Root Servers
DNS servers communicate with each other using private network protocols. All DNS servers are
organized
in a hierarchy. At the top level of the hierarchy, so-called root servers store the complete
database of
Internet domain names and their corresponding IP addresses. The Internet employs 13 root
servers that
have become somewhat famous for their special role. Maintained by various independent
agencies, the
servers are aptly named A, B, C and so on up to M. Ten of these servers reside in the United
States, one in
Japan, one in London, UK and one in Stockholm, Sweden.
DNS resolution
Resolution occurs when a client queries a name server to obtain the IP address with which it
wants to
connect. If a name server in the local domain cannot resolve a client's request, it queries other
servers to
locate a server that can.
There are two types of resolution:
· by iteration
· by recursion
Iterative queries
By default, a name server queries ``iteratively'' (or non-recursively). This means that it queries
several
name servers in turn until it finds an answer. It starts by consulting a known name server within
the domain
hierarchy that contains the destination machine. If it does not already know of a suitable server to
ask, it
first asks a server in the root domain. Each server responds by referring to a name server in the
domain
name hierarchy that is closer to the one containing the destination machine. The local server then
repeats its
query to the name server whose name and IP address it has just been given. In this way, the local
server
traverses the domain name space until it reaches a name server for the domain that contains the
destination
machine. This name server
should be able to provide the IP address of the destination machine. ``Obtaining an IP address by
iterative
query'' illustrates how a client in the domain reseau.co.fr might obtain the IP address of the
remote host
missouri.rivers.mynet.com.
Obtaining an IP address by iterative query
The steps taken to resolve missouri.rivers.mynet.com to its IP address are:
1. The local client asks the local name server for the IP address of
missouri.rivers.mynet.com.
2. The local name server does not know the IP address of Missouri .rivers
.mynet.com . It also does not know the IP address of the name servers for
rivers.mynet.com or mynet.com so it asks a root name server for the IP address of
missouri.rivers.mynet.com.
3. The root name server does not know the IP address of Missouri .rivers .mynet.com, but it
does know the IP address of the name server for mynet .com so it tells this to the local name
server.
4. The local name server asks mynet.com's name server for the IP address of
issouri.rivers.mynet.com.
5. mynet.com's name server does not know the IP address of Missouri .rivers.mynet.com, but
it does know the IP address of the name server for rivers.mynet.com so it tells this to the local
me server.
6. The local name server asks rivers.mynet.com's name server for the IP address of
missouri.rivers.mynet.com.
7. rivers.mynet.com's name server is authoritative for its zone so it can supply the IP
address of missouri.rivers.mynet.com
c) A real-time operating system (RTOS) is an operating system that guarantees a certain
capability within
a specified time constraint. For example, an operating system might be designed to ensure that a
certain
object was available for a robot on an assembly line. In what is usually called a "hard" real-time
operating
system, if the calculation could not be performed for making the object available at the
designated time, the
operating system would terminate with a failure. In a "soft" real-time operating system, the
assembly line
would continue to function but the production output might be lower as objects failed to appear
at their
designated time, causing the robot to be temporarily unproductive. Some real-time operating
systems are
created for a special application and others are more general purpose. Some existing general
purpose
operating systems claim to be a real-time operating systems. To some extent, almost any general
purpose
operating system such as Microsoft's Windows 2000 or IBM's OS/390 can be evaluated for its
real-time
operating system qualities. That is, even if an operating system doesn't qualify, it may have
characteristics
that enable it to be considered as a solution to a particular real-time application problem. In
general, realtime
operating systems are said to require:
· multitasking
· Process threads that can be prioritized
· A sufficient number of interrupt levels
Real-time operating systems are often required in small embedded operating systems that are
packaged as
part of microdevices. Some kernels can be considered to meet the requirements of a real-time
operating
system. However, since other components, such as device drivers, are also usually needed for a
particular
solution, a real-time operating system is usually larger than just the kernel.
The key difference between general-computing operating systems and real-time operating
systems is the need for " deterministic " timing behavior in the real-time operating systems.
Formally,
"deterministic" timing means that operating system services consume only known and expected
amounts of
time. In theory, these service times could be expressed as mathematical formulas. These
formulas must be
strictly algebraic and not include any random timing components. Random elements in service
times could
cause random delays in application software and could then make the application randomly miss
real-time
deadlines – a scenario clearly unacceptable for a real-time embedded system. Many non-real-
time operating
systems also provide similar kernel services.
General-computing non-real-time operating systems are often quite non-deterministic.
Their services can inject random delays into application software and thus cause slow
responsiveness of an
application at unexpected times. If you ask the developer of a nonreal- time operating system for
the
algebraic formula describing the timing behavior of one of its services (such as sending a
message from
task to task), you will invariably not get an algebraic formula. Instead the developer of the non-
real-time
operating system (such as Windows, Unix or Linux) will just give you a puzzled look.
Deterministic
timing behavior was simply not a design goal for these general-computing operating systems.
On the other hand, real-time operating systems often go a step beyond basic determinism. For
most kernel
services, these operating systems offer constant load-independent timing:
In other words, the algebraic formula is as simple as: T(message_send) = constant , irrespective
of the
length of the message to be sent, or other factors such as the numbers of tasks and queues and
messages
being managed by the RTOS.

Question 2: a) Write the Linux command for the followings :

i) to display the information about LS command

ii) to sort all the files in ascending order in IGNOU directory

iii) to kill a particular process

iv) to run any process in a background

v) to list the users currently logged on to the system (5 Marks)

b) What are the different kinds of file systems available to Linux operating system ? Discuss.
(5 Marks)
c) How would you set the IP address of a LAN card in Linux ?
(5 Marks)
====================================================================
Question 3:(i) How do you share files, folders and drive in Window XP? Why is sharing an
entire drive is not recommended ?
(5 Marks)
(ii) Describe the role of the primary and backup domain controller in enhancing security in
windows 2000. (5 Marks)
(iii) What are the shared folders in windows and why are they used?
(5 Marks)

(iv) Write the purpose of VPN and name some VPN protocols supported in windows 2000.
(5 Marks)
Answer 3 : To share files on your computer with other computers on a network, you need to:
• Share a folder on your computer. This will make all of the files in the folder available to all
the computers on your network (you can’t share individual files).
• Set up user accounts on your computer for everyone who needs to connect to your shared
folder. If any
of the accounts are Limited User accounts (unless an account is a Computer Administrator
account, it is a
Limited User account), follow the steps in Set permissions for files and folders to enable them to
open
your files.
To access shared files that are on another computer on your network, you need to:
• Connect to the shared folder from other computers on the network. This procedure is described
in Map a network drive.
Note: By default, file permissions only allow your user account and administrators on your local
computer
to open your files, regardless of whether a person is sitting at your keyboard or at another
computer. It may
help to keep these three things in mind when setting up file sharing:
• Files have user permission settings.
• Every computer has its own user database.
• Some accounts are administrator accounts and some aren’t.
Configure your computer to share files
To share a folder on your computer so that files stored in the folder can be accessed
from other computers on your home network
1. Log on to your computer as an administrator. For more information, see Access the
administrator account from the Welcome screen.
2. Click Start, and then click My Documents.
Tip: If you want to share your entire My Documents folder, open My Documents, and then click
the Up
button on the toolbar. You can then select the My Documents folder.
4. If you see a message that reads, As a security measure, Windows has disabled remote access
to this
computer, click the Network Setup Wizard link. Then follow the instructions in How to set up
your
computer for home networking. On the File and printer sharing page of the Network Setup
Wizard, be
sure to select Turn on
5. If you want to be able to edit your files from any computer on your network (instead of just
being able to
open them without saving any changes), select the Allow network users to change my files check
box.
7. Click OK.
Windows Explorer will show a hand holding the folder icon, indicating that the folder is now
shared.
(ii) Describe the role of the primary and backup domain controller in enhancing security in
windows 2000.
Answer.
A Primary Domain Controller (PDC) is a server computer in a pre- Windows 2000 NT server
Domain. A
domain is a concept used in NT server operating systems whereby a user may be granted access
to a
number of computer resources with the use of a single username and password combination.Such
domains
have at least a Primary Domain Controller, and will often have one or more Backup Domain
Controllers
(BDCs). The PDC has the master copy of the user
accounts database which it can access and modify. The BDC computers have a copy of this
database, but
these copies are read-only. The PDC will replicate its account database to the BDCs on a regular
basis. The
BDCs exist in order to provide a backup to the PDC, and can also be used to authenticate users
logging on
to the network. If a PDC should fail, one of the BDCs can then be promoted to take its place. The
PDC will
usually be the first domain controller that was created unless it was replaced by a promoted
BDC.
Backup Domain Controller (BDC) is a computer that has a copy of the user accounts database.
Unlike the
accounts database on the Primary Domain Controller (PDC), the BDC database is a read only
copy. When
changes are made to the master accounts database on the PDC, the PDC pushes the updates
down to the
BDCs. Most domains will have at least one BDC, often there are several BDCs in a domain.
These domains
exist to provide fault tolerance. If the PDC fails, then it can be replaced by a BDC. In such
circumstances,
an administrator promotes a BDC to be the new PDC. BDCs can also authenticate user logon
requests - and
take some of the authentication load from the PDC.
Use of the Legacy Client is not recommended in secure environments. Installing the Legacy
Client on the
domain controller is not recommended because many Legacy Client accounts require local
Administrator
rights, which become domain admins on a domain controller.
Account and password creation
When installing Legacy Clients with Client Push Installation, Client Configuration Manager
(CCM) creates
this domain account to run the CCM boot loader service on client computers that are domain
controllers.
This account is made unique by including the domain controller name in the account name. For
enhanced
security, SMS randomly generates and encrypts the passwords for these accounts. This account
is
automatically deleted after the client is set up.
Account location
Because the client is a domain controller, the account is created in the domain that the client
belongs to.
You will have one account for each domain controller in the domain running the Legacy Client.
The
accounts include the server name in the account name to keep them unique.
Account maintenance
Do not change the passwords, account names, or permissions for this account. If you change the
account
manually, the related processes do not run successfully, and you run the risk of causing account
lockouts by
forcing the accounts out of synchronization.
Security best practices
Resolve problems that prevent temporary accounts from being deleted because it would prevent
the
SMS#_dc from being deleted after installation is completed.
Shared folders is a term used for IMAP folders that can be accessed simultaneously by many
users. Kolab
allows to specify a variety of access rights for such folders so that you can easily specify which
users can
read, write or modify the messages held in the IMAP folder.
Since a shared folder can also hold groupware resources (like events, tasks, addresses, notes,
etc.) instead
of plain mail they are an ideal tool for team organization and communication.
(iii) What are the shared folders in windows and why are they used?
Answer.
1. Open "My Network Places" from the Start Menu or from the left pane of Windows Explorer
(under
Desktop, below My Documents and My Computer).
2. Open the "Entire Network" item listed in the left pane of My Network Places.
3. Open the "Microsoft Windows Network" item.
4. Next, open the new item that appears showing the computer's workgroup (or domain) name.
5. Finally, click on the new item that appears showing the computer's name.
6. In the right pane, any non-administrative Windows shares set on this computer will appear. If
no items appear, no folders have been set for sharing.
Folders shown in this window link to the actual shared folders. Opening any of these shares will
reveal
the contents of the actual folder. Note that renaming or deleting files from this linked location is
not
permitted. Note also that this method reveals the contents but does not reveal the actual location
of the
shared folders on the hard drive.
7. To find the actual location of file shares on Windows XP or Windows 2000, and also to view
administrative shares, open a command prompt. To open a command prompt, click the Start
Menu, choose the Accessories option, then choose Command Prompt. Alternatively, click the
Start Menu, choose the Run option, then type 'cmd' in the Run window that opens.
8. Type the command 'net share' and press Enter in the command prompt window. The 'net share'
command
shows the name and location of each shared folder on that computer. Share names that end with a
dollar
sign ($) are administrative shares. Several administrative shares are created automatically by
Windows;
these should not be modified.
(iv) Write the purpose of VPN and name some VPN protocols supported in windows
2000.
Answer.
VPN Protocols
The term "VPN" has taken on many different meanings in recent years. VPNC has a white paper
about
VPN technologies that describes many of the terms used in the VPN market today. In specific, it
differentiates between secure VPNs and trusted VPNs, which are two very different
technologies.
For secure VPNs, the technologies that VPNC supports are
· IPsec with encryption
· L2TP inside of IPsec
· SSL with encryption
For trusted VPNs, the technologies that VPNC supports are:
· MPLS with constrained distribution of routing information through BGP ("layer 3 VPNs")
· Transport of layer 2 frames over MPLS ("layer 2 VPNs")
IPsec is the most dominant protocol for secure VPNs. SSL gateways for remote-access users are
also
popular for secure VPNs. L2TP running under IPsec has a much smaller but significant
deployment. For
trusted VPNs, the market is split on the two MPLS-based protocols. Companies want to do their
own
routing thend to use layer 2 VPNs; companies that want to outsource their routing tend to use
layer 3
VPNs.
The various VPN protocols are defined by a large number of standards and recommendations
that are
codified by the Internet Engineering Task Force (IETF). There are many flavors of IETF
standards,
recommendations, statements of common practice, and so on. Some of the protocols used in
IPsec are full
IETF standards; however, the others are often useful and stable enough to be treated as standard
by people
writing IPsec software. Neither of the trusted VPN technologes are IETF standards yet, although
there is a
great deal of work being done on them to get them to become standards.
RFCs
The IETF codifies the decisions it comes to in documents called "Requests For Comments".
These are
almost universally called by their acronym "RFCs". Many RFCs are the standards on which the
Internet is
formed.
The level of standardization that an RFC reaches is determined not only by "how good" the RFC
is, but by
how widely it is implemented and tested. Some RFCs are not solid standards, but they
nonetheless
document technologies that are of great value to the Internet and thus should be used as
guidelines for
implementing VPNs.
For the purpose of defining VPNs, any protocol that has become an IETF Request For
Comments (RFC)
document can be treated as somewhat of a standard. Certainly, any IPsec-related RFC that has
been deemed
to be on the IETF "standards track" should
certainly be considered a standard.
Internet Drafts
Before a document becomes an RFC, it starts out as an Internet Draft (often called "IDs" or "I-
Ds"). IDs are
rough drafts, and are sometimes created for no other benefit than to tell the Internet world what
the author
is thinking. On the other hand, there is often very good information in some IDs, particularly
those that
cover revisions to current standards.
Some Internet Drafts go along for years, but are then dropped or abandoned; others get on a fast
track to
becoming RFCs, although this is rare. Internet Drafts are given names when they first appear; if
they
become RFCs, the I-D name disappears and an RFC number is assigned.
It should be emphasized here that it is unwise to make any programming decisions based
on information in Internet Drafts. Most IDs go through many rounds of revisions, and some
rounds make
wholesale changes in the protocols described in a draft. Further, many IDs are simply abandoned
after
discussion reveals major flaws in the reasoning that lead to the draft.
That being said, it is worthwhile to know which IDs pertain to areas of interest. The following is
a list of
the IDs that are related to Internet mail. Some of these drafts will likely become RFCs in the
months or
years to come, possibly with heavy revision; some will be merged with other drafts; others will
be
abandoned.
++Protocol listings
The relevant IETF Working Groups for the protocols used by secure VPNs and trusted VPNs
are:
· Profiling Use of PKI in IPsec Working Group
· Transport Layer Security Working Group
· Layer 2 Virtual Private Networks (l2vpn) Working Group
· Layer 3 Virtual Private Networks (l2vpn) Working Group
· Pseudo Wire Emulation Edge to Edge (pwe3) Working Group
Note that the IPsec Working Group was disbanded in April, 2005.
The documents are arranged by the general categories they apply to. These categories are:
For secure VPNs:
· General IPsec
· ESP and AH (encryption and authentication headers)
· Key exchange (ISAKMP, IKE, and others)
· Cryptographic algorithms
· IPsec policy handling
· Remote access
· SSL and TLS
For trusted VPNs:
· General MPLS
· MPLS constrained by BGP routing
· Transport of layer 2 frames over MPLS

=====================================================================

Question 4: (i) What is a Instruction Detection system (IDS)? (5 Marks)

(ii) What are the two general methods of implementing network security by firewalls?
(5 Marks)
(iii) Distinguish between Symmetric and Asymmetric Cryptography? (5 Marks)
(iv) List different types of malicious codes and describe their features. (5 Marks)

Answer 4 : Security risks have grown dramatically for Internet service providers because entire
infrastructures are based on open standards systems. As a result, ISPs need to be able to quickly
and accurately detect unauthorized changes and respond accordingly, in order to maximize
security and minimize downtime. Intrusion Detection Systems (IDS) remain relatively youthful,
but in terms of development they are growing at an extraordinary rate.
Generally speaking, there are four different categories of intrusion detection systems— network
instruction detection, system integrity verifiers, log file monitors, and deception systems.
Network intrusion detection systems (NIDS) monitor packets traversing the system in an attempt
to discover anomalies, indicating that an intruder trying to break into a system, or worse—launch
a distributed denial of service (DDoS) attack. NIDSs look for frequent connection requests to
different ports to reveal port scans.
System integrity verifiers (SIV) monitor system files in an attempt to discover when an intruder
changes the files—leaving behind a backdoor. A SIV may be capable of detecting changes in
critical files, but these systems usually don't generate real-time alerts to network intruders. Log
file monitors (LFM) simply monitor log files generated across network services. LFMs also look
for patterns and anomalies in log files that suggest an intruder is attacking the network.
The sole purpose of a deception system—known in the industry as decoys, fly traps and
honeypots—is to lure an unsuspecting intruder into a network through well-known security holes
and trap the intruder.
Whether you need a simple intrusion alert system and network anomaly reports, or need to
defend your network against DDoS attacks, smurfing, ping floods and the like, it's a imperative
that you prepare a line of defense today or risk having your business be exploited by some script
kiddie tomorrow. With the rapid increase in the number of LAN connections to the world's
largest computer network (the Internet), new security techniques should be used to protect local
networks against intrusion from the Internet. Basically, we need to prevent destruction of data by
intruders, maintain the privacy of local information, and prevent unauthorized use of computing
resources. To improve network security, network connections to the Internet, in general, do not
take place transparently. Instead, firewall servers are used to
protect the systems connected to the local network against assaults from the Internet. But, there
is a price to pay, usually, because the firewall server results in a bottleneck for assaults from the
Internet into the LAN as well as for allowed communication between the LAN and the Internet.
Security protection methods are basically concerned with ensuring network's efficiency and
effectiveness. With successful security implementations, risks can be reduced but not eliminated.
There are several protection methods to ensure confidentiality, integrity and continuity. The
dominating security protection method in the mainframe computing environment is the Access
Control. It consists primarily of functions related to:
1. Access Mediation via connection control establishment,
2. Identification by means of Logon-Ids,
3. Authentication by means of Passwords,
4. Deferent levels of authorization controlled by Access Privileges,
5. Monitoring and enforcement,
6. Disaster recovery programs to respond to incidents,
7. Logging to record traffic and usage of services.
Protection With Firewalls
The best line of defense is an up-to-date and constantly maintained firewall. A firewall/proxy
server is a mechanism that is used to protect a trusted network, such as an organization's internal
network, from an untrusted network, typically the Internet, or any other untrusted network
[second]. Firewall/Proxy servers provide the most reliable method to control outbound access
and to protect networks against unauthorized intrusions. It checks addresses and characteristics
of messages to make sure that they follow authorization rules. All messages that are verified to
be legitimate are allowed to flow through the firewall, while others are blocked. The majority of
firewalls are used between internal networks and the Internet, but they can be
used in any internet, such as a company's wide area network [second]. The design decision sets
the general attitude of the firewall whether to provide a higher degree of service or a higher
degree of security. To protect the firewall server itself, no users should be allowed to login on the
firewall server [sixth].
(ii) What are the two general methods of implementing network security by firewalls?
Answer Firewall Concepts
A firewall is a trusted system that is placed between a trusted internal network and another un
trusted external network. The firewall system implements a policy that defines what information
should be allowed to pass through. In general firewalls have the following features and
limitations [fourth]:
Features:
1. It can control the access to the protected network.
2. It can provide one central point of security.
3. It provides more privacy by hiding addresses.
4. It provides logging for security and other purposes.
5. It can notify the network administrator of security related events, so that he can take the
appropriate actions.
6. It can be integrated with authentication keys.
7. It enforces the security policy.
Limitations:
1. Restricted access to desirable services.
2. Back door access problem.
3. Inside attacks.
4. Email viruses.
5. Potential bottleneck
6.Single point of failure.

(iii) Distinguish between Symmetric and Asymmetric Cryptography?

Answer. Symmetric cryptography uses the same secret (private) key to encrypt and decrypt its
data whereas asymmetric uses both a public and private key. Symmetric requires that the secret
key be known by the party encrypting the data and the party decrypting the data. Asymmetric
allows for distribution of your public key to anyone with which they can encrypt the data they
want to send securely and then it can only be decoded by the person having the private key. This
eliminates the need of having to give someone the secret key (as with symmetric encryption) and
risk having it compromised. The issue with asymmetric is that it is about 1000 times slower than
symmetric encryption which makes it impractical when trying to encrypt large amounts of data.
Also to get the same security strength as symmetric, asymmetric must use strong a stronger key
than symmetric.In a symmetric key cryptosystem, a single key is used to encrypt and decrypt
data between two communicating hosts. In order to break the system, an attacker must either: A)
discover the key through trial-and-error, or discover the key during the initial “key agreement.”
(From Navy)
Symmetric Key Encryption Schema
Symmetric key protocols are known to be faster and stronger than their asymmetric counterparts
but do
possess unique disadvantages that we will discuss later. We will now look at some common
symmetric
algorithms.
Asymmetric cryptography ... provides the foundation for password-authenticated key agreement
and
zero-knowledge password proof techniques. This is important in light of empirical and
theoretical proof
that secure password-only authentication over a network cannot be achieved with just symmetric
cryptography and hash functions.
(iv) List different types of malicious codes and describe their features.
Answer.
viruses and other malicious code that can threaten your data and system security. We will discuss
the
different types of viruses and malicious code, what they are, how they infect your computer and
what
damage they can cause.
What is a Virus?
Simply put, viruses are small programs designed with (usually) malicious intent that attach
themselves to
other programs or files. They are capable of copying themselves throughout a computer or
computers. They
are called viruses because of the way they emulate their biological namesakes. A virus will infect
healthy
programs in a host computer and then spread to other healthy hosts, infecting them as well. Just
as
biological viruses range from being quite harmless to lethal, computer viruses may simply cause
a harmless
message to appear on your screen occasionally, or may render your system inoperable.
Worms
A worm is a piece of code that can make fully functional copies of itself and travel through a
computer
network and/or across the Internet through a number of means. A worm does not attach
themselves to other
programs like traditional viruses, but creates copies of itself, which in turn create even more
copies. The
computer 'worm' is so-called because of the way in which 'rogue' computer code was originally
detected.
Printouts of computer memory locations would show random 'wormhole' patterns, much like that
of the
patterns on worm-eaten wood. The term eventually became shortened and used to describe
viruses that
could 'worm' or propagate across networks and the Internet, leaving copies of themselves as they
travelled.
Worms are prolific due to the fact that most are created using simple scripting languages that can
be created
with a text editor and become fully functional 'programs' under the right conditions. For
example, if you
were to obtain a copy of the 'I Love You' worm and changed the files extension from vbs to txt,
you could
safely open the file in Notepad and ssview the structure of the worm. This makes the vbs script
worm
extremely popular among the 'script kiddy' fraternity, as it takes no (or very little) programming
knowledge
to modify an existing worm and release it into the wild (when a virus is circulating in the
computing
community or throughout the Internet, it is said to be 'in the wild'.)
Trojan Horses
Trojan horses are named after the wooden horse from Greek mythology in which Greek soldiers
snuck into
the city of Troy. Accordingly Trojans are malicious programs that sneak into a victim computer
disguised
as harmless software. Trojans may also be 'wrapped' inside another program so that when the
original
innocent program is installed, the Trojan program is installed as well.
The most commonly described Trojan has a payload that will allow a user on another computer
somewhere
else in the world to gain full control and access to the files on your computer. In this way, they
can be used
to launch denial of service attacks such as those that brought down Yahoo! and E-bay early in
2000.
How Can a Virus, Worm or Trojan Infect Your System?
Malicious code can be spread through just about any computer medium. They can arrive on an
infected
floppy disk and infect your system when a file on the disk is opened. Worse still, a floppy disk
could be
inadvertently left in the computer when it is shut down. Upon reboot, if the floppy is infected
with a boot
sector virus, the infection will be transmitted to your system.
The most common methods employed to spread viruses and worms are either through email
as attachments or through IRC (Internet Relay Chat). Typically, in the case of email, a message
will arrive
with an attachment, the user clicks on the message and the code is executed immediately.
Viruses are
capable of bringing down entire networks by clogging e-mail servers with copies of themselves.
Some
viruses will repeatedly extract addresses from e-mail 'address' books and send themselves to the
recipients.
Some contact lists can generate potentially thousands of messages, causing massive network
bandwidth
problems. Don't think that just because your new software program is in a shrink-wrapped box it
is virusfree
either. Viruses have been found on software disks distributed by major software companies, as
well as
on computer systems that have come fresh from the factory. In 1995, Microsoft inadvertently
released a
Compact Disc containing the 'Concept' macro virus and as late as last year, IBM shipped an
undisclosed
number of Aptiva computers infected with the CIH (Chernobyl) virus.
Potential Damage
Virus infection can have a variety of effects on an infected system. Some viruses may simply
take up space
on the computer hard drive until you receive 'low disk space' messages from the system. Others
may popup
messages on a particular date or change system icons. For example, the 4K virus will pop up a
message
on the screen, 'FRODO LIVES!' on the 22nd of September. The Tentacle2 virus will change your
icons to
that of a purple 'monster'. Other viruses are potentially much more damaging. The CIH, or
Chernobyl virus
will, if not detected and removed, overwrite files on your hard disk and destroy the BIOS
information on
your computer. Chernobyl spreads easily and hides in an infected system until the 26th of a
particular
month depending on which variety it is. The BIOS chip is the 'heart' of your computer. If the
information
contained in this chip is overwritten by CIH, the system will become unusable, meaning the chip
will have to be replaced. However, on some systems, the chip cannot be removed, which means
the entire mainboard of the computer will have to be replaced, an expensive, time consuming
process.

Question 5: i) Write a Linux Shall Script to shift all characters in a file forwarding five
characters i.e. ‘a’ become ‘f’. (5 Marks)
ii) How does information flow from the top layer to the bottom layer in the OSI model.

Answer : 5 Printer sharing between Windows and Linux

The less you need to rely on any proprietary protocol to get work done, the better off you are
overall. Some of those protocols have been real stumbling blocks — such as SMB, Microsoft’s
proprietary protocol for file and printer sharing. Linux implementations of SMB exist, but you’re
probably better off without it in the long run whenever you can manage it.
I recently set up a Linux workstation that shared out a Hewlett-Packard printer to the rest of my
network a network that otherwise consisted entirely of Windows machines. I didn’t like the idea
of setting up SMB support on the Linux box, and instead, explored the possibility of having the
Windows machines connect
directly to the shared printer as a network printing device.
To my surprise, this turned out to be pretty easy. Here are the steps to connect your Windows
machines to
the shared printer:
Set up the printer on your Linux machine and share it using CUPS via port 631. The exact
method for
doing this varies between distributions, so check with your distro’s documentation. The end
result should
be a working printer, and a running CUPS service which you can access through your Web
browser at
http://localhost:631 from the Linux system.
Using the CUPS Web interface, go to the Printers tab and make a note of the printer name,
which is typically the Description: line). You can do this from the Windows machine where you
plan to set
up printer support.
In Windows, go to Control Panel | Printers and click onAdd a printer.
When prompted for a printer location, select Network printer, in the Add Printer Wizard.
When prompted for the network location, select URL and use the following URL format:
http://<hostname>:631/printers/<printername>.
For instance, if the Linux host has a DNS name of linuxbox and the printer is named LaserJet-5,
you’d use
http://linuxbox:631/printers/LaserJet-5 as the URL.
When asked for a printer driver, select Generic as the manufacturer and MS Publisher
Imagesetter as the
driver. In truth, any generic PostScript driver will do, but this works as well as any.
When finished with the wizard, print a test page to make sure everything is set up correctly.
In Windows Vista, the steps are almost exactly the same, but the nomenclature for some of the
steps is a
little different. In the first step of the wizard, Vista will attempt to search for a printer (via SMB,
which it
won’t find). Click Stop to halt the search and then click The printer that I want wasn’t listed to
add a printer
manually.
In the next step of the wizard, use Select a shared printer by name when you want to supply the
printer’s
URL. The rest should unfold exactly as before. Adding a printer by TCP/IP address or hostname
will not
work. Finally, if you’re using a firewall product, make sure that port 631 is not being blocked.
The
Microsoft firewall on the Windows machine will usually know automatically what to do, but
some thirdparty
products may not.
If you’re managing a workgroup and using system images to deploy your desktops, you can use
the
Windows con2prt utility, or a freeware substitute like AdPrintX, as a way to automate adding
references to
a CUPS-managed printer. If you’re dealing with multiple CUPS-driven printing systems on the
Linux side,
you may want to drop the cash for the CUPS Companion CD and its accompanying book. The
CUPS
Companion CD is now offered in lieu of the commercial UNIX printing product ESP Print Pro,
which is
being discontinued by the manufacturer.
(b) How does a domain differ from workgroup?
Answer . Workgroup vs. Domain:
Windows has two modes of operation - Workgroup and Domain. Depending on the environment
that
your computer is in, you will be running in one of these two modes. Most home and small
business
environments will be Workgroup, and most mid- to large businesses will run in domain mode.
There are
different features and capabilities depending on each, and each serve a purpose
Workgroups can be best understood as a loosely connected group of computers. They rely on
each other for
nothing, but they are there to share resources should the need arise. There is no centralized
management
and so there is a low barrier to use. By default, Windows XP is in this mode.
Domains, on the other hand, provide centralized management and security. User access is
controlled from a
separate server called a domain controller and there is a “trust” built between systems in a
domain. There
are much more robust differences as well.
Workgroup
A workgroup is best understood as a peer-to-peer network. That is, each computer is sustainable
on its own.
It has its own user list, it’s own access control and its own resources. In order for a user to access
resources
on another workgroup computer, that exact user must be setup on the other computer.
In addition, workgroups offer little security outside of basic access control. Windows “share
permissions” are very basic and do not offer any kind of granularity for “who” can access
“what”, etc. Workgroups are more than adequate, though, for most small business and home use.
Domain A domain is a trusted group of computers that share security, access control and have
data passed down from a centralized domain controller server or servers. Domain Controllers
handle all aspects of granting users permission to login. They are the gatekeeper. In addition,
most modern domains use Active Directory which allows and even more centralized point for
software distribution, user management and computer controls.

=====================================================================
=====================================================================
=====================================================================