Computer System Management: Hosting Servers, Miscellaneous

Similar documents
Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

CS 348: Computer Networks. - Security; 30 th - 31 st Oct Instructor: Sridhar Iyer IIT Bombay

Savitribai Phule Pune University

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Internet Security. Internet Security Voice over IP. Introduction. ETSF10 Internet Protocols ETSF10 Internet Protocols 2011

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

VIDEOCONFERENCING. Video class

TLS and SRTP for Skype Connect. Technical Datasheet

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

Ciphire Mail. Abstract

VoIP Security. Seminar: Cryptography and Security Michael Muncan

Chapter 10. Network Security

Zeenov Agora High Level Architecture

THE BCS PROFESSIONAL EXAMINATIONS BCS Level 6 Professional Graduate Diploma in IT. April 2009 EXAMINERS' REPORT. Network Information Systems

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Cornerstones of Security

A Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Client Server Registration Protocol

An Introduction to VoIP Protocols

Compter Networks Chapter 9: Network Security

Issue 2EN. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation

Using etoken for SSL Web Authentication. SSL V3.0 Overview

ELECTRONIC COMMERCE OBJECTIVE QUESTIONS

Overview. SSL Cryptography Overview CHAPTER 1

Bridgit Conferencing Software: Security, Firewalls, Bandwidth and Scalability

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

Introduction to Security and PIX Firewall

Encryption and Decryption for Secure Communication

CSE/EE 461 Lecture 23

Sync Security and Privacy Brief

Deploying Secure Enterprise Wide IP Videoconferencing Across Virtual Private Networks

Protocols. Packets. What's in an IP packet

District of Columbia Courts Attachment 1 Video Conference Bridge Infrastructure Equipment Performance Specification

As enterprises conduct more and more

Release Notes. NCP Secure Entry Mac Client. Major Release 2.01 Build 47 May New Features and Enhancements. Tip of the Day

Table of Contents. 1 Overview 1-1 Introduction 1-1 Product Design 1-1 Appearance 1-2

Chapter 5. Data Communication And Internet Technology

Asymetrical keys. Alices computer generates a key pair. A public key: XYZ (Used to encrypt) A secret key: ABC98765 (Used to decrypt)

Lecture 9: Application of Cryptography

Application Note: Onsight Device VPN Configuration V1.1

Voice over IP (VoIP) Overview. Introduction. David Feiner ACN Introduction VoIP & QoS H.323 SIP Comparison of H.323 and SIP Examples

Understanding the Cisco VPN Client

SBClient SSL. Ehab AbuShmais

Release Notes. NCP Secure Entry Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3. Known Issues

SSL SSL VPN

Configuring Security Features of Session Recording

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

Other VPNs TLS/SSL, PPTP, L2TP. Advanced Computer Networks SS2005 Jürgen Häuselhofer

SubmitedBy: Name Reg No Address. Mirza Kashif Abrar T079 kasmir07 (at) student.hh.se

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client

How To Encrypt Data With Encryption

Efficient Framework for Deploying Information in Cloud Virtual Datacenters with Cryptography Algorithms

Basic Vulnerability Issues for SIP Security

Enterprise Security Critical Standards Summary

Version 0.1 June Xerox WorkCentre 7120 Fax over Internet Protocol (FoIP)

Fundamentals of the Internet 2009/ Explain meaning the following networking terminologies:

IOCOM Whitepaper: Connecting to Third Party Organizations

Textbooks: Matt Bishop, Introduction to Computer Security, Addison-Wesley, November 5, 2004, ISBN

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

MINIMUM NETWORK REQUIREMENTS 1. REQUIREMENTS SUMMARY... 1

Online course syllabus. MAB: Voice over IP

Transport Level Security

Review: Lecture 1 - Internet History

MCSE SYLLABUS. Exam : Managing and Maintaining a Microsoft Windows Server 2003:

CRYPTOGRAPHY IN NETWORK SECURITY

Is Your SSL Website and Mobile App Really Secure?

Lukasz Pater CMMS Administrator and Developer

WEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS)

Chapter 8. Network Security

Security: Focus of Control. Authentication

Interwise Connect. Working with Reverse Proxy Version 7.x

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

Secure Sockets Layer

(Refer Slide Time: 6:17)

What is network security?

Overview Windows NT 4.0 Security Cryptography SSL CryptoAPI SSPI, Certificate Server, Authenticode Firewall & Proxy Server IIS Security IE Security

IxLoad - Layer 4-7 Performance Testing of Content Aware Devices and Networks

FortiOS Handbook IPsec VPN for FortiOS 5.0

Network Security Technology Network Management

Advanced Higher Computing. Computer Networks. Homework Sheets

Information Security

Why you need secure

Secured Communications using Linphone & Flexisip

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Distributed Systems. 2. Application Layer

Troubleshooting Voice Over IP with WireShark

Encapsulating Voice in IP Packets

Cape Girardeau Career Center CISCO Networking Academy Bill Link, Instructor. 2.,,,, and are key services that ISPs can provide to all customers.

Chapter 7: Network security

SSL Protect your users, start with yourself

EXPLORER. TFT Filter CONFIGURATION

Sophos UTM. Remote Access via SSL. Configuring UTM and Client

Standard Information Communications Technology. Videoconferencing. January2013 Version 1.4. Department of Corporate and Information Services

Communication Security for Applications

Cisco CME Features and Functionality

Transcription:

Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh

Logistics Any doubts on project/hypo explanation etc.? Final deadline for Learn it yourself and Bonus deadline for Mini project today From next class onwards, we will take up topics that were assigned as part of Learn it yourself but are useful for everyone to learn more on it at the end of the class

Revision How does the telephone and DHL work simultaneously on the same cable? What is typical bandwidth arrangement from ISP symmetric/asymmetric and why?

Revision What are the two protocols at Transport layer? What is the difference between the two? For what applications are they typically used? What is DNS load balancing? What typical port number does a web server listens to?

Proxy server A proxy is a host which relays web access requests from clients Used when clients do not access the web directly Used for security, logging, accounting and performance browser proxy web

What is Web Caching? Storing copies of recently accessed web pages Pages are delivered from the cache when requested again Browser caches Proxy caches Why cache? Shorter response time Reduced bandwidth requirement Reduced load on servers Access control and logging

Popular Proxy Caches Apache proxy MS proxy server WinProxy Squid Squid is popular because it is powerful, configurable and free Many others

Squid setup Daemon is squid (service squid start/stop/restart) Files used Configuration file: /etc/squid/squid.conf Log files: /var/log/squid Configuration options: Disk Cache size and location Authentication Allowed Hosts Any other access restrictions (sites, content, size, time of access etc.) using ACL More in the lab session this week

Mail architecture Internet Mail Server Mail Server Mail Client Mail Client

Protocols at work Simple Mail Transfer Protocol (SMTP) - Standard for sending emails across IP networks Post Office Protocol (POP), Internet Message Access Protocol (IMAP) - Application layer protocol used to retrieve email from a remote server over a TCP/IP connection

POP3 vs IMAP Post Office Protocol Version 3 (POP3): Clients using POP generally connect, retrieve all messages, store them as new messages on user PC, delete them from server and disconnect

POP3 vs IMAP Internet Message Access Protocol (IMAP): Clients often stay connected as long as user interface is active and download message content on demand Allows simultaneous access by multiple clients

Mail Architecture Popular Mail Servers Sendmail/Postfix Microsoft Exchange Server IBM Lotus

What is Voice over IP (VoIP) The packetization and transport of classic public switched telephone system audio over an IP network. The analog audio stream is encoded in a digital format, with possible compression, and encapsulated in IP for transport over your LAN/WAN or the public Internet Modes of Operation: - PC to PC - PC to Telephone - Telephone to PC - Telephone to Telephone Protocols H.323 SIP

H.323 Architecture H.323 Terminal: Simple IP phone or complex videoconferencing system Gateway: Enable communication between H.323 and other network (ISDN/PSTN) Gatekeeper: Optional component managing miscellaneous services such as endpoint registration, address resolution etc. Multipoint Control Units (MCU): Manage multipoint conferences (both video and audio)

Session Initiation Protocol (SIP) SIP is a text-based protocol similar to HTTP and SMTP, for initiating interactive communication sessions between users SIP is an application-layer control (signaling) protocol for creating, modifying and terminating sessions with one or more participants SIP can be used with different transport protocols, it doesn't even require reliable transport protocols A simple SIP client can be implemented using only UDP

Session Initiation Protocol (SIP)

H.323 vs SIP H.323 SIP Designed with good understanding of multimedia requirements over IP network Well defined standards result in high level of robustness and interoperability Strict guidelines make the system more constrained and less complex Most H.323 entities use reliable transport for signaling Designed to setup a session between two points: modular and flexible with no multimedia conferencing support Integration of disparate standards left to vendors Lack of guidelines make the system more complex Most SIP entities use unreliable transport for signaling

Cryptography Encrypt before sending, decrypt on receiving (plain text and cipher text)

Cryptography All cryptosystems are based only on three Cryptographic Algorithms: Message Digest (MD2-4-5, SHA, SHA-1, ) Maps variable length plaintext into fixed length ciphertext No key usage, computationally infeasible to recover the plaintext Private KEY (Blowfish, DES, IDEA, RC2-4-5, Triple-DES, ) Encrypt and decrypt messages by using the same Secret Key Public KEY (DSA, RSA, ) Encrypt and decrypt messages by using two different Keys: Public Key, Private Key (coupled together)

Cryptography Two components: key, and the algorithm Algorithms are publicly known and Secrecy is in the Key Key distribution must be secure Plaintext Encryption Ciphertext Decryption Plaintext Hello World Key &$* (!273 Key Hello World

Cryptography Symmetric Key Cryptography (DES, Triple DES, RC4): K E = K D Asymmetric Key Cryptography (RSA): K E K D

Private/Public key cryptography Private Key: The Sender and Receiver share the same Key which is private Plaintext Encryption Ciphertext Decryption Plaintext Public Key: Sender/Receiver s Private Key Sender/Receiver s Private Key Both the Sender and Receiver have their Private Key and Public Key Messages are encrypted using receiver s Public Key and the receiver decrypts it using his/her Private Key Plaintext Encryption Ciphertext Decryption Plaintext Receiver s Public Key Receiver s Private Key

Digital Signature Message Message Digest Algorithm Hash Function Digest Algorithm Hash Function Digest Public Key Private Key Encryption Decryption Signature Expected Digest Actual Digest

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information