Topic 5a Operating System Fundamentals



Similar documents
Networking Operating Systems (CO32010)

Operating Systems Overview As we have learned in working model of a computer we require a software system to control all the equipment that are

Virtual Machines.

ELEC 377. Operating Systems. Week 1 Class 3

4.1 Introduction 4.2 Explain the purpose of an operating system Describe characteristics of modern operating systems Control Hardware Access

Networking for Caribbean Development

Multi-core Programming System Overview

Hypervisor Software and Virtual Machines. Professor Howard Burpee SMCC Computer Technology Dept.

Chapter 7A. Functions of Operating Systems. Types of Operating Systems. Operating System Basics

CHAPTER 15: Operating Systems: An Overview

Chapter 5: System Software: Operating Systems and Utility Programs

Virtualization System Security

Securing your Virtual Datacenter. Part 1: Preventing, Mitigating Privilege Escalation

Chapter 8 Objectives. Chapter 8 Operating Systems and Utility Programs. Operating Systems. Operating Systems. Operating Systems.

Republic Polytechnic School of Information and Communications Technology C226 Operating System Concepts. Module Curriculum

Star System Deitel & Associates, Inc. All rights reserved.

Basics in Energy Information (& Communication) Systems Virtualization / Virtual Machines

Operating System Software

CSE 501 Monday, September 09, 2013 Kevin Cleary

Full and Para Virtualization

IOS110. Virtualization 5/27/2014 1

CPS221 Lecture: Operating System Structure; Virtual Machines

Virtualization and Cloud Computing

Parallels Server 4 Bare Metal

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Microkernels, virtualization, exokernels. Tutorial 1 CSC469

Virtualization. Jukka K. Nurminen

STUDY GUIDE CHAPTER 4

Discovering Computers

NETWORK OPERATING SYSTEMS. By: Waqas Ahmed (C.E.O at Treesol)

VMware and CPU Virtualization Technology. Jack Lo Sr. Director, R&D

A Survey on Virtual Machine Security

Kernel. What is an Operating System? Systems Software and Application Software. The core of an OS is called kernel, which. Module 9: Operating Systems

COS 318: Operating Systems. Virtual Machine Monitors

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

Virtualization. Types of Interfaces

Course: Information Security Management in e-governance. Day 1. Session 5: Securing Data and Operating systems

Hypervisors. Introduction. Introduction. Introduction. Introduction. Introduction. Credits:

Click to view Web Link, click Chapter 8, Click Web Link from left navigation, then click BIOS below Chapter 8 p. 395 Fig. 8-4.

Before we can talk about virtualization security, we need to delineate the differences between the

Cloud Computing. Chapter 8 Virtualization

EUCIP IT Administrator - Module 2 Operating Systems Syllabus Version 3.0

Virtualization. Dr. Yingwu Zhu

Virtualization. Pradipta De

Operating System Today s Operating Systems File Basics File Management Application Software

Chapter Contents. Operating System Activities. Operating System Basics. Operating System Activities. Operating System Activities 25/03/2014

Basics of Virtualisation

Comparing Virtualization Technologies

Chapter 4. Operating Systems and File Management

Introduction to Virtual Machines

HyperV_Mon 3.0. Hyper-V Overhead. Introduction. A Free tool from TMurgent Technologies. Version 3.0

Cloud Security with Stackato

Confinement Problem. The confinement problem Isolating entities. Example Problem. Server balances bank accounts for clients Server security issues:

Using Virtual PC 7.0 for Mac with GalleryPro

Virtualization Technology

Lecture 6: Operating Systems and Utility Programs

Computers: Tools for an Information Age

CSE 120 Principles of Operating Systems. Modules, Interfaces, Structure

VMware Security Briefing. Rob Randell, CISSP Senior Security Specialist SE

Origins of Operating Systems OS/360. Martin Grund HPI

Mitigating Information Security Risks of Virtualization Technologies

Programming for GCSE Topic H: Operating Systems

9/26/2011. What is Virtualization? What are the different types of virtualization.

Operating Systems Overview

Cloud Computing CS

Reminders. Lab opens from today. Many students want to use the extra I/O pins on

Virtual Machine Monitors. Dr. Marc E. Fiuczynski Research Scholar Princeton University

Virtualization Technologies and Blackboard: The Future of Blackboard Software on Multi-Core Technologies

PARALLELS SERVER 4 BARE METAL README

Operating Systems 4 th Class

Multiprogramming. IT 3123 Hardware and Software Concepts. Program Dispatching. Multiprogramming. Program Dispatching. Program Dispatching

Windows Server Virtualization & The Windows Hypervisor

3 - Introduction to Operating Systems

The Microsoft Windows Hypervisor High Level Architecture

How do Users and Processes interact with the Operating System? Services for Processes. OS Structure with Services. Services for the OS Itself

Host Hardening. OS Vulnerability test. CERT Report on systems vulnerabilities. (March 21, 2011)

Solution Recipe: Improve PC Security and Reliability with Intel Virtualization Technology

Lesson Objectives. To provide a grand tour of the major operating systems components To provide coverage of basic computer system organization

Chapter 5 System Software: Operating Systems and Utility Programs

x86 ISA Modifications to support Virtual Machines

Computer Science. About PaaS Security. Donghoon Kim Henry E. Schaffer Mladen A. Vouk

SOFTWARE UNIT 1 PART B C O M P U T E R T E C H N O L O G Y ( S 1 O B J A N D O B J 3-2)

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Network Security. 1 Pass the course => Pass Written exam week 11 Pass Labs

Sandbox Roulette: Are you ready for the gamble?

Virtualization System Vulnerability Discovery Framework. Speaker: Qinghao Tang Title:360 Marvel Team Leader

Upon completion of this chapter, you will able to answer the following questions:

KVM: A Hypervisor for All Seasons. Avi Kivity avi@qumranet.com

ANNEXURE-1 TO THE TENDER ENQUIRY NO.: DPS/AMPU/MIC/1896. Network Security Software Nessus- Technical Details

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

GETTING STARTED WITH THE ISCAN ONLINE DATA BREACH PREVENTION LIFECYCLE

Virtualization: What does it mean for SAS? Karl Fisher and Clarke Thacher, SAS Institute Inc., Cary, NC

Learning Objectives. Chapter 1: Networking with Microsoft Windows 2000 Server. Basic Network Concepts. Learning Objectives (continued)

5 Steps to Advanced Threat Protection

An overwhelming majority of IaaS clouds leverage virtualization for their foundation.

The Sandbox Roulette: are you ready to gamble? Rafal Wojtczuk Rahul Kashyap

Transcription:

Topic 5a Operating System Fundamentals

What is an operating system? a computer is comprised of various types of software device drivers (storage, I/O, etc.) process and control software memory management user interface software utility software application software

Early computers (1940-1960's) required all of these types of software to be loaded every time an application was run this was early 'batch' processing The 'operating system' became the set of software that initialize the computer run diagnostic checks provide for device management prepare the computer for an application

As operating systems evolved through the 1960-1980's they gained more functions provide graphic user interface provide set of user utility programs manage multiple processes and users provide network functionality some operating systems are special-purpose

An important base function of the operating system is to provide an interface between the application software and the hardware today, this set of low-level OS functions is called the OS 'kernel An OS kernel is typically always kept in memory for greatest speed Many OS s today are built on top of the Linux kernel, or some variation

There are many operating systems - not all are current the forensics examiner must be on the lookout for older, obsolete operating systems a criminal might try using these hoping to thwart an investigation Here is a listing of scores of operating systems with pointers to more information http://en.wikipedia.org/wiki/list_of_operating_systems

the most important operating systems for the forensic examiner today are: - Microsoft Windows (and DOS) - Macintosh OSX - Unix/Linux - Android - Apple ios many forensics labs will need to have hardware and software to deal with these there may be the occasion to locate hardware/software for an older OS example OS9 - unix-like OS for 8-bit Motorola 6809 based micros

As much as 50% of all system vulnerabilities are in the OS system devices such as routers, IDS's and firewalls also have operating systems the most effective mitigation strategy is to harden the OS ensure that security patches are installed as soon as they are available

Hardening an operating system - installation/configuration measures that can reduce the OS exposure - closing unneeded ports - turning off (or not installing) unneeded services - removing auto-response banner messages - note: there are many more hardening steps most of these are OS or application specific

patch management - applying security patches as soon as they are available - servers, network appliances, workstations, etc. - having a back-down strategy if needed - many applications may need to be tested after a patch is applied - zero-day vulnerability - one for which a patch is not available

processes (tasks) and states - early computers were single-process systems - could only run a single program (task) at a time - the DOS operating system worked like this - switching tasks had to be done manually

processes (tasks) and states - later computer operating systems introduced the concept of multi-processing (multi-tasking) - a single user could have multiple tasks running simultaneously - a given task could have multiple sub-tasks (threads) - the OS manages process memory (memory management) and other resources and would switch between tasks as needed - for example, listening to music while writing a paper while having a chat window open while having a browser window open

Process (task) management requires that the OS properly handle the memory/resource management of the various tasks and threads - various ways to do this include system calls, message passing, stacks/heaps

Processes have various states etc. - running, waiting, created, terminated, - the process management function of the OS ensures that memory is adjusted, that resources are available, and that processes run when appropriate

Process privilege and priority - some processes require greater privileges (such as root or administrtator) - this should be done only when absolutely needed - a popular way to attack a system is to exploit a vulnerability in a process that has root privs - using an LPA is one way to restrict privileges - sandboxing is another approach

Processes may be prioritized - real-time processes typically have greater priority - note: process management today is typically called 'task' management - the early term for computers able to manage multiple tasks on a single processor was 'multi-processing - today we call it 'multi-tasking - multi-processing is used to describe situations where there are multiple CPUs available

Memory management - process/task management requires that the memory associated with a task be available in the address space where it is requested - one can think of this as like a sliding window - memory may be swapped to/from storage - this is called virtual memory - gives the illusion of having more real memory than you actually have

File systems - this determines how the bits of files are mapped onto storage devices. - examples include FAT, NTFS, EXT3, etc. - it is extremely relevant to cyber-forensics, since file system features (like slack space) can be exploited to hide data - we will cover file systems in more detail in subsequent topics

Virtualization - this refers to running an instance of an operating system as a process - possible since, in theory, any UTM (Universal Turing Machine) can simulate any other UTM - for example, running Mac OSX in a VM on a Windows computer, or running Unbuntu Linux in a VM on a windows computer

Virtualization: - the actual program run is called a 'virtual machine' - it is a simulation of a processor, with specific resources - the OS is installed on the virtual machine - the program that creates or manages VMs is called a 'hypervisor' - virtualization has many uses in cyber-forensics, we will discuss this in greater depth later

Fundamental security design principles: - domain separation - separating tasks from resources - the hypervisor or OS would mediate resource access - sandboxing is an example of this

Fundamental security design principles: - process isolation - preventing processes/tasks from communicating with each other or sharing resources such as memory - resource encapsulation - methods used to protect a resource - for example, specific system calls and specific privilege requirements

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information