WINDOWS Operating System OBJECTIVES! What is an OS?! Windows family! Major components " File system " Task manager " Manager " I/O services Networking Printing and other services " GUI! Maintenance and virus protection
Operating System! Manage the computational and I/O resources present in the computer! Implementation: " Single user, command line (CP/M, DOS ) " Time sharing (Multics, VMS, VM/CMS, Unix ) " Real Time (HP RTE, etc) " Others (distributed, )! Windows " Single user " Event-driven structure
Windows! Windows 3.1 " GUI built on top of DOS 3.1 " Ver 1-2 were useless compared to MacOS! Windows 95, 98, 98se, 98me " GUI is more seamlessly wrapped around DOS 6.2 " Serious competition for MacOS! Windows NT (3.51, 4.0, 2k) " NT = new technology " Preemptive multi-tasking " GUI with command line interface " True multi-user (but not time-shared) " Server versions; multi-cpu (SMP)! Windows XP " Fusion into a single kernel " Home, Prof, Server, Advanced Server, Datacenter (Enterprise)
Components: File System! Based largely on characteristics of disk storage Physical Structure Logical Structure Windows Disk with cyl tracks on magnetic surface. Head per surface. Partition Partition N 1 cyls N 2 cyls D: C: Active (boot) Partition N 3 cyls E: Position all heads at once and read from all heads in order. Defines CYLINDER. Cylinders may be divided into SECTORS. Basic quanta. Extended Partition Logical Partition Logical Partition N 4 F: etc
File System Structure! Hierarchical structure " Directories (folders) can contain files or other directories " Shortcuts are aliases or pointers to actual file or folder! Entire disk is allocated by directory and file! Performance is highly dependent on file system design
File Permissions! File system format varies between OS s! FAT = file allocation table (type of format) " File name limits (old 8.3 names) " File size and volume size limits! FAT16, FAT32 introduced improvements! NTFS introduced file ownership & permissions " Files are owned by a user or system " Owner can grant permissions " Groups can be given permissions " Encryption can be activated
File Extensions! Mac introduced files with forks " Resource: contains info about the file " Data: contains the file data " OS can tell from resource how to handle file (e.g., as containing a program to execute or data to read)! Windows does this with file extensions " myfile.txt text file " myfile.dat data file (user specific) " myfile.exe executable file " myfile.xls application specific data (Excel)! Windows associates icons with extensions depending on how they are registered.
Task Manager! Perhaps the most critical element of the OS " Determines what process is allowed to execute " Event-driven: responds to interupts (user, program, I/O, error, etc) " Should not allow one process to dominate " OS appears to operate process concurrently Right-click on Task Bar
Task Manager Functions! You can control how the OS handles processes " Suspend process " Stop (kill) process " Change priority (gets more or less CPU) " BE CAREFUL!
! Examine computer performance Task Manager Functions
! One of several related programs " Access this via Control Panel, or " Right click My Computer! Use Manager to check and reinstall drivers! Use Hardware Wizard to discover new hardware and install drivers " TRICK: use Manager to remove device and software " Then let Hardware Wizard discover and reinstall. Computer Manager
Other Management Services! See Control Panel " Administrative Tools " Select mgt tool! Other mgt tools in Control Panel are available
I/O Services! VERY trick part due to wide variety of hardware the computer may have to work with! Architecture: " Interupt driven (not common in PC s) " Memory mapped (common) " Direct Memory Access-DMA (high speed devices)! Hardware: " ISA: old and slow " PCI: current but showing age! Windows " Old: interupts must be set physically on each card " Plug-n-play: detects card and sets automatically (but requires special hardware designed for this purpose)
I/O Types! User: keyboard, mouse (PS-2 or USB)! Disks: " floppy: IDE or ATAPI " hard disk: IDE, ATA, ATA-100, SCSI, USB-2, Firewire, etc. " CDROM: IDE or ATAPI! Serial: telecom and many printers! Parallel: some printers! USB: high speed serial (USB-2 emerging)! Firewire: high speed serial
Networking! Has become the most important element of computing for many situations! Historical: " Serial or Parallel wiring between System A and System B (awkward, inflexible, limited distance) " Token Ring: all computers connected in a ring and a token which contains a message is passed from system to system; system can send when it receives a free token (harder to wire; has not survived) " Ethernet: CSMA-CD design (big party line); simple to install; low cost (the survivor and now being upgraded to faster speeds)
Protocols! Many designs proposed; one survived! TCP/IP " developed by ARPA as ARPAnet between universities and government, " message broken into packets and sent out in order, " packets are passed from node to node as conditions dictate, " packets may arrive in any order and must be reassembled into correct order, " retransmissions may be needed.! UDP " point-to-point connection " sequential transmission of packets " not used over long distances
TCP/IP Protocol! IP (Internet Protocol): defines how subnets are addressed and accessed, " Addresses: 000.000.000.000 to 999.999.999.999 where each XXX is an octet (0:255); NOT all are valid addresses) " GT: 130.207.xx.yy (Class B subnet: 65k addresses) 128.61.xx.yy and others " GT-AE: 130.207.48.yy (Knight 3 rd -4 th floors) " Unrouted: 192:168.xx.yy (others too)! Routers are used to pass packets to destination! Routing tables define how routers work
! Address assignment: IP Protocol cont d " Fixed: must get address from OIT who registers it with Domain Name Servers (DNS) " Dynamic: request temporary address (use Dynamic Host Control Protocol DHCP) " DHCP server can restrict to known hardware addresses (Media Access Control or MAC address which is unique to each ethernet network card)! DNS maps addresses into NAMES to make it easier to remember identification! DO NOT make up your own addresses!
TCP! Simple and effective but vulnerable " starts with certain handshakes " these can be spoofed by hackers (denial of service attacks start at this level)! Defines Ports (0-65k in number) " lowest 4k or so are standardized " remainder are user defined! Communications is carried out between ports depending on service specified " some software listens on a port for any communication and then responds " firewalls block access to certain ports " Hackers probe know vulnerable ports " Many Linux systems by default listen and respond on many std ports - VULNERABLE Port 21 22 23 80 136-137 Service http (web) SMB
! Historic: Windows Networking " NetBios: primitive network communications " NetBEUI: Ethernet-based, non-routable protocol basic to all Windows until XP dynamnically creates addresses use when TCP is too complex! NBT: NetBios encapsulated into TCP/IP
Higher Level Networking! Session and Application levels! Server Message Block (SMB) protocol " supports file sharing between systems " similar to NFS for Unix/Linux and AppleShare " Uses ports 137-139 (445 for Win2k/XP) " Passes data without encryption on 139 " Credentials but not data are encrypted on 445
Using SMB! Right-click My Network Places and use Map Network Drive Can use current username and password Can click different user name and use different credentials
! When completed, the external share appears as if it were a local disk (e.g., with a drive letter)! Access it just like a disk! To disconnect: " Right-click on drive icon and select Disconnect " Right-click on My Network Places and select Disconnect Network Drive ; then select which drive. Map Network Drive
Maintenance & Viruses! Assumption: all large & complex operating systems contain software flaws! Strategy Windows 2k & XP: " always assume a machine connected to the network is vulnerable to attack and compromise " Make sure that the latest Windows Service Packs (SP s) are applied (right click My Computer to verify) " Subscribe to Auto Updates and download and install as soon as they are available (patches can be uninstalled if they prove problemmatic). Auto Updates is built into WinXP and is in Win2k at SP4.
Maintenance & Viruses (2)! Viruses & worms " make sure that GT-provided anti-virus software is installed and with latest signatures (go to OIT web site to obtain software) " configure anti-virus software to check any external media, file transfers and email attachments NOTE: exclude Eudora mail spool file to prevent file lockup when attempting to scan incoming email. use auto-update service if available! Spam " no solutions are foolproof " Recommendation: SpamAssassin (get SAProxy from www.bloomba.com)
Current Security Issues! our networks are continually scanned by outsiders for old and new vulnerabilities (detected at firewalls)! Direct attacks: " attack vulnerable ports and services on ports " Example: msblaster worm attacks Windows File Sharing RPC port 135 (used for normal file sharing)! Indirect attacks: " Email or deliver a file containing viral program Infection begins when user executes file Social engineering: misrepresent the file to trick the user into opening what they think is an important file or program. " Email spoofing: make it appear email comes from trusted friend (harvest address books on compromised systems)