Вы находитесь на странице: 1из 20

CCM2424 Host Operating Systems and Security 2010-11, Revision

Orhan Gemikonakli

An introduction to Operating Systems & Unix/Linux


Operating Systems
Main functions

Unix
Brief History of Unix, Timeline, and Varieties Benefits of Unix, Linux Unix Operating Environment

The OS and the Kernel The OS Shell

UNIX
Unix File System Unix Commands
Syntax Examples

Graphical User Interface

Accessing Files and Directories


The File System
Shareable, unshareable, variable, static

Creating directories Directory Paths


Absolute pathname Relative pathname

Navigating the File System

Listing Directory Contents


Identifying and Using Metacharacters
e.g. *, ?, ;, []

Basic Directory and File Management


Directory and File Management Using the Command Line Directory and File Management Using Common Desktop Environment (CDE)

Directory and File Management Using GNU Network Object Model Environment (GNOME)

OSI Network Layer


Identify the role of the Network Layer, as it describes communication from one end device to another end device Examine the most common Network Layer protocol, Internet Protocol (IP), and its features for providing connectionless and best-effort service Understand the principles used to guide the division or grouping of devices into networks

Understand the hierarchical addressing of devices and how this allows communication between networks
Understand the fundamentals of routes, next hop addresses and packet forwarding to a destination network

File System Security Security Overview


Security Policies and Features for Unix

File System Permissions


How do permissions look like in Unix

Access Control Principles


Changing Permissions with the Command Line

Identifying and Switching Users

Managing Large Programs


Recompilation
Short programs; quicker to recompile Large programs; longer to recompile

Debug a single function, rest of the program is unchanged.

System processes & memory management


Terminology: procedure, program, process, task, job, interrupt handlers Properties of processes: e.g. Each program creates a process which is
assigned a unique process identification number (PID)

Process manipulation functions: e.g. fork() etc. UNIX manages tasks using processes
Process states running, blocked, ready, suspend etc.

Process can spawn a subprocess, thus creating a process hierarchy with parent / child relationships Some simple commands, such as cd, are executed by the shell itself and do not create a separate process Interprocess communication (IPC): pipes, sockets

Network Basics: Main client server applications


Introduction

Client server model


Synchronous and asynchronous requests Implementation of a server process Main UNIX networking services
FTP, SSH, Mail, etc.

Network Basics: API and advanced applications


Introduction

The networking Application Programming Interface (API): sockets


Naming services and hostname resolution Network resource sharing
Distributed file systems: NFS

Common Internet File System, CIFS, (Server Message Block, SMB)

Case Study: The Apache HTTP Server Project and PHP


Introduction The HTTP protocol basics The Apache HTTP server project A very important usage case of the HTTP server is to dynamically create web pages
Very widespread use of dynamic content pages nowadays in the Internet (e.g., e-commerce, e-banking, etc.)

Dynamic Web Sites: the PHP Language

Security
Security Risk Analysis

Security Mechanisms
Security Policies Security Examples
Firewalls: Internal, External Distributed Host Security Security Breaches and Controls

Practical Security
Firewalls, IDS, VPN

Security
Computer and Network Security Requirements

Security Threats
Protection Intruders Malicious Software Trusted Systems

Penetration Testing
Describe a Penetration Test

Describe the risks of Penetration Test


Describe the process of network reconnaissance Describe common network attack techniques Explain types of malicious code attacks

Cryptography
Describe key events in cryptography history

Explain components of cryptographic protocols


Explain common cryptography standards Describe modern cryptanalysis methods

More on Cryptography
Digital signatures

Key Management
Public key management Private key management

Cryptography Standards
Wireless Network Cryptography

Analyzing packet structures


Explain the Common Vulnerabilities and Exposures (CVE) standard Describe how signature analysis is used in examining network traffic

Detect normal and suspicious traffic signatures


Describe packet capture and analysis

Operating System Models and Virtual Machines

More on operating systems


Layered: Advantages & disadvantages Monolithic : Advantages & disadvantages

Virtual machines

Summary
Revise all topics covered for a good grade

The module focused on


OSs, Unix (file system, directory structure, commands, definitions etc.), API and advanced applications NFS, processes, virtualisation, network layer, security, cryptography, unix security, sockets, OSI layers, Apache, HTTP, PHP, client/server systems, packet structures, penetration testing

Вам также может понравиться