Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 15. February 2008 TDT4285 Planl&drift IT-syst Lecture no 17: Name spaces TDT4285 Planlegging og drift av IT-systemer Spring 2008 Anders Christensen,

Similar presentations


Presentation on theme: "1 15. February 2008 TDT4285 Planl&drift IT-syst Lecture no 17: Name spaces TDT4285 Planlegging og drift av IT-systemer Spring 2008 Anders Christensen,"— Presentation transcript:

1 1 15. February 2008 TDT4285 Planl&drift IT-syst Lecture no 17: Name spaces TDT4285 Planlegging og drift av IT-systemer Spring 2008 Anders Christensen, IDI

2 2 15. February 2008 TDT4285 Planl&drift IT-syst Definition A name space is a set of possible identifiers that satisfy certain syntactic rules, and where each identifier refers to a unique resource. The name space is usually finite, although other limitations often restrict the number of identifiers that can simultaneously exist in the name space.

3 3 15. February 2008 TDT4285 Planl&drift IT-syst Examples of name spaces User names at a computer system Phone numbers IP-addresses on the network Hostnames on the network UIDs for users URLs on the Web Nicknames on IRC -addresses

4 4 15. February 2008 TDT4285 Planl&drift IT-syst Categories of name spaces Flat. All identifiers at the same level Hierarchic. Duplicates are permitted, as long as they exist in different branches of the hierarchy (or network) Anarchistic (or adaptive). The result of a dynamic process where the name space is constantly changed by identities autonomously being added or subtracted.

5 5 15. February 2008 TDT4285 Planl&drift IT-syst Sparse and Compact name spaces Sparse name spaces. Where there are enormously many more possible names than are acturally in use. Compact name spaces. Where a large percentage of the possible names are usually in use. Single errors may be undetectable in compact name spaces, but can be automatically catched in sparse name spaces.

6 6 15. February 2008 TDT4285 Planl&drift IT-syst Metrics for name spaces Diameter. How many systems (machines) use this namespace? Thickness. How many different services use this name space. Consistency. When the same name space is used for several systems in parallel, to what degree are the attributes interpreted the same way by all systems?

7 7 15. February 2008 TDT4285 Planl&drift IT-syst Diameter and thickness IDI NTNU Norway Mail Web Print Samba

8 8 15. February 2008 TDT4285 Planl&drift IT-syst Examples of name spaces anders (user name) (phone number) (IP-address) furu (hostname) (UID for user) (URL) anchr (nickname on IRC)

9 9 15. February 2008 TDT4285 Planl&drift IT-syst Rules of thumb 1.Flat name spaces scale badly, and require a central coordination authority. 2.Dynamic name spaces are practical, but may be chaotic and can have implications for security and overhead. 3.Hierarchic name spaces are very scalable, but may require a distributed database. 4.Plan well, because name lives for a long time.

10 February 2008 TDT4285 Planl&drift IT-syst Five name space policies Note: there are several hybrids of these: Formula-based. E.g pc001, pc002 etc Theme-based. E.g january, february etc Functional. E.g mail, skriver, backup Anarchistic. I.e everybody chooses their own names Random. Just choose meaningless, random identifiers.

11 February 2008 TDT4285 Planl&drift IT-syst Case: naming the printers Organizational. After group and department Room-based. After room and building Theme. After some common theme Anarchistic. Choose whatever comes to mind HW-based. Model specification Serial-no. Name is unique s/n Formula-based. Enumerate the printers

12 February 2008 TDT4285 Planl&drift IT-syst Name space policy Should be written Must be part of the training Must be enforced (by whom?) Must specified accepted (and unacceptable) names How are new names to be choosen How are collisions to be handled Operational: scope, thickness, diameter, etc

13 February 2008 TDT4285 Planl&drift IT-syst Implications for security Functional names may reveal information Deviations from what’s normal may reveal information Access to changes and additions in a name space may be an important step during a break-in attempt All info about name spaces are important during reconnaissance and break-in attempts

14 February 2008 TDT4285 Planl&drift IT-syst Hostnames at IDI abasolo adf-sw admiral aiG5 aicube ailife alm amble amnesix anfield anneberit ans0066 ans0070 ans0074 ans0075 ans0083 ans0095 ans0096 ans0100 ans0172 ans0176 ans0177 ans0183 ans0184 ans0190 ans0252 ans1077 ans1089 ans1098 ans1115 ans1116 ans1124 ans1145 ans1165 ans1194 ans1203 ans1222 aoc aocdev apollo apprentice april ardmore arendal artemis arvid ash ask ask ask ask astar asylum ataboy atlas atlesa august baardk bakkaun balblair barlind batseba bb-agnar bb-ahs bb-aslakr bb-birgitss bb- misje bb-sari bb-stalhane bb-sveinbra bb-trondheg bb-veres benriach bergen beta bever bikkja binky bitbucket bonmore bootle brann brisbane bromstad bruichladdich bruse bryssel buran cardhu carl carlbarks casper clustis clustis2 clynelish coleburn cork cray cubix dags dalholen dalmore daria db-gr4 delfi desember dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dhcp dionysus disy1 disy2 disy3 divinity docweb dogbert dotserver driftburn duchamp dusk dyndahl ecoli eden edradour eidheim eik einer ekorn.idipc elefant endless01 endless02 endless03 endless04 endless05 endless06 endless07 enolagay enyo erots eventseer evicum falk fast-vpn fautmoen februar fenris festus frodeso furu fw-kt galway gamma gibboso gigabase gill gisna gisnadal glenden glenesk glenny glenspey goldwing gran gran-110 gruva guru4 hamar hangar18 harryklein hdl hector hegg heistad helgebostad hemsedal heskey heuristic hexley hiennam hillesvaag hillesvaagii himpy hugo iccbr idi-ans-353s-h idics idivhosts ils ilya ingeborg irkutsk its222 itux itv142 itv154 itv354 jaguar jakobsli jerevan joebar josefine jsp juli kappabel kasper kaunas keegan ketilb kigali kilkenny kina kjellbra kompjuter kvitpil lade laringsrom larris lemen leporello license light lillehammer lind lind-z1 lochside loenn los luanda mac-heri macallan macroger mars marvika masscomp matros mdu4-1 melhus merkur merlin mersey mi midgard mikke millburn minix misty mmdb mobelix modesty monster morpheus mortix moss mserver mserver2 mtr mtux mug multi munkvold murmansk mutt nalle napoli nardo narvik natalon neural nidaros ninjaturtle nova2 nova3 nsep.vhosts nyeden oktober oleb olgas omikron ontario or orderud os oslo osp osp osp osp osp2 ottawa pakke palermo parma pat pat pat pat pat pat peon phoenix pil pinball pisa potomac prigogine qui radioeye02 raudeik reppe resident roma rotte.idipc rover rudsviki sandbox sari saturn scan scan scapa scapi schedule scylla search seinfeld selje sensa-em1 shade shadow shankly sigma skippy skomaker skybox slavebox slimmy smestad sofie

15 February 2008 TDT4285 Planl&drift IT-syst Cache poisoning Odin Tor 1. Request Trym Name server 2. Request Loke 3. False answer 4. Real answer Frøy Frøya 5. Use of service False service Real service

16 February 2008 TDT4285 Planl&drift IT-syst Procedures Additions, changes and deletions Backup Revision control Phase-outs and cleanups Quarantine/no-reuse period Checking for consistency

17 February 2008 TDT4285 Planl&drift IT-syst Generic names and aliases Names often live a lot longer than you may think, so consider the following method: Name resources according to formula or theme or randomness Make aliases for every important function Connect the aliases to the currently relevant resource.


Download ppt "1 15. February 2008 TDT4285 Planl&drift IT-syst Lecture no 17: Name spaces TDT4285 Planlegging og drift av IT-systemer Spring 2008 Anders Christensen,"

Similar presentations


Ads by Google