Computer System Management: Hosting Servers, Miscellaneous

Transcription

1 Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh

2 Logistics Any doubts on project/hypo explanation etc.? Final deadline for Learn it yourself and Bonus deadline for Mini project today From next class onwards, we will take up topics that were assigned as part of Learn it yourself but are useful for everyone to learn more on it at the end of the class

3 Revision How does the telephone and DHL work simultaneously on the same cable? What is typical bandwidth arrangement from ISP symmetric/asymmetric and why?

4 Revision What are the two protocols at Transport layer? What is the difference between the two? For what applications are they typically used? What is DNS load balancing? What typical port number does a web server listens to?

5 Proxy server A proxy is a host which relays web access requests from clients Used when clients do not access the web directly Used for security, logging, accounting and performance browser proxy web

6 What is Web Caching? Storing copies of recently accessed web pages Pages are delivered from the cache when requested again Browser caches Proxy caches Why cache? Shorter response time Reduced bandwidth requirement Reduced load on servers Access control and logging

7 Popular Proxy Caches Apache proxy MS proxy server WinProxy Squid Squid is popular because it is powerful, configurable and free Many others

8 Squid setup Daemon is squid (service squid start/stop/restart) Files used Configuration file: /etc/squid/squid.conf Log files: /var/log/squid Configuration options: Disk Cache size and location Authentication Allowed Hosts Any other access restrictions (sites, content, size, time of access etc.) using ACL More in the lab session this week

9 Mail architecture Internet Mail Server Mail Server Mail Client Mail Client

10 Protocols at work Simple Mail Transfer Protocol (SMTP) - Standard for sending s across IP networks Post Office Protocol (POP), Internet Message Access Protocol (IMAP) - Application layer protocol used to retrieve from a remote server over a TCP/IP connection

11 POP3 vs IMAP Post Office Protocol Version 3 (POP3): Clients using POP generally connect, retrieve all messages, store them as new messages on user PC, delete them from server and disconnect

12 POP3 vs IMAP Internet Message Access Protocol (IMAP): Clients often stay connected as long as user interface is active and download message content on demand Allows simultaneous access by multiple clients

13 Mail Architecture Popular Mail Servers Sendmail/Postfix Microsoft Exchange Server IBM Lotus

14 What is Voice over IP (VoIP) The packetization and transport of classic public switched telephone system audio over an IP network. The analog audio stream is encoded in a digital format, with possible compression, and encapsulated in IP for transport over your LAN/WAN or the public Internet Modes of Operation: - PC to PC - PC to Telephone - Telephone to PC - Telephone to Telephone Protocols H.323 SIP

15 H.323 Architecture H.323 Terminal: Simple IP phone or complex videoconferencing system Gateway: Enable communication between H.323 and other network (ISDN/PSTN) Gatekeeper: Optional component managing miscellaneous services such as endpoint registration, address resolution etc. Multipoint Control Units (MCU): Manage multipoint conferences (both video and audio)

16 Session Initiation Protocol (SIP) SIP is a text-based protocol similar to HTTP and SMTP, for initiating interactive communication sessions between users SIP is an application-layer control (signaling) protocol for creating, modifying and terminating sessions with one or more participants SIP can be used with different transport protocols, it doesn't even require reliable transport protocols A simple SIP client can be implemented using only UDP

17 Session Initiation Protocol (SIP)

18 H.323 vs SIP H.323 SIP Designed with good understanding of multimedia requirements over IP network Well defined standards result in high level of robustness and interoperability Strict guidelines make the system more constrained and less complex Most H.323 entities use reliable transport for signaling Designed to setup a session between two points: modular and flexible with no multimedia conferencing support Integration of disparate standards left to vendors Lack of guidelines make the system more complex Most SIP entities use unreliable transport for signaling

19 Cryptography Encrypt before sending, decrypt on receiving (plain text and cipher text)

20 Cryptography All cryptosystems are based only on three Cryptographic Algorithms: Message Digest (MD2-4-5, SHA, SHA-1, ) Maps variable length plaintext into fixed length ciphertext No key usage, computationally infeasible to recover the plaintext Private KEY (Blowfish, DES, IDEA, RC2-4-5, Triple-DES, ) Encrypt and decrypt messages by using the same Secret Key Public KEY (DSA, RSA, ) Encrypt and decrypt messages by using two different Keys: Public Key, Private Key (coupled together)

21 Cryptography Two components: key, and the algorithm Algorithms are publicly known and Secrecy is in the Key Key distribution must be secure Plaintext Encryption Ciphertext Decryption Plaintext Hello World Key &$* (!273 Key Hello World

22 Cryptography Symmetric Key Cryptography (DES, Triple DES, RC4): K E = K D Asymmetric Key Cryptography (RSA): K E K D

23 Private/Public key cryptography Private Key: The Sender and Receiver share the same Key which is private Plaintext Encryption Ciphertext Decryption Plaintext Public Key: Sender/Receiver s Private Key Sender/Receiver s Private Key Both the Sender and Receiver have their Private Key and Public Key Messages are encrypted using receiver s Public Key and the receiver decrypts it using his/her Private Key Plaintext Encryption Ciphertext Decryption Plaintext Receiver s Public Key Receiver s Private Key

24 Digital Signature Message Message Digest Algorithm Hash Function Digest Algorithm Hash Function Digest Public Key Private Key Encryption Decryption Signature Expected Digest Actual Digest