Presentation is loading. Please wait.

Presentation is loading. Please wait.

Operating System VISC lab Na Young Lee 09-20-02. Agenda  Operating System  UNIX (standard UNIX)  Window (2000)  Manage Window.

Published byCarol Stanley Modified over 9 years ago

Similar presentations

Presentation on theme: "Operating System VISC lab Na Young Lee 09-20-02. Agenda  Operating System  UNIX (standard UNIX)  Window (2000)  Manage Window."— Presentation transcript:

1 Operating System VISC lab Na Young Lee 09-20-02

2 Agenda  Operating System  UNIX (standard UNIX)  Window (2000)  Manage Window

3 Operating System (OS)  Computer consists of Hardware and OS  What is OS? ManagerManager OS manages users, access rights and userOS manages users, access rights and user interaction. interaction. OS manages resourcesOS manages resources  Files, directories  Devices  Processes  Memory  I/O

4 Operating System (OS)  To understand OS ~= what and how manage ProcessProcess MemoryMemory I/OI/O File SystemFile System SecuritySecurity

5 Operating System (OS)  How manage User interaction : command, GUIUser interaction : command, GUI Device controllers : busDevice controllers : bus InterruptsInterrupts Tables : fdTables : fd Signals, messages : systemSignals, messages : system

6 UNIX - Interfaces Users Standard Utility Program Standard library OS Hardware User mode Kernel mode

7 UNIX-User interaction  User interaction Shell : Command programming languageShell : Command programming language providing an interface to the Unix OS. Modifiable compilercompiler Kernel : Core of the OS.Kernel : Core of the OS. Invoked by system call Invoked by system call

8 UNIX - Kernel System calls Interrupts and traps Terminal handling Sockets File naming Mappin g Signal handle Preoces s creation and termina tion Raw tty Cooked tty Network protocol File system Virtual memor y Line disciplin es Routing Buffer cache Character devices Network device drivers Disk device driver Hardware

9 UNIX – Device  Device Control Abstraction of the physical devicesAbstraction of the physical devices Input : keyboard, mouse, CD-ROMInput : keyboard, mouse, CD-ROM Output : Screen, printersOutput : Screen, printers I/O : disk, tape, networkI/O : disk, tape, network  Commands Lp, ioctl, sockio, streamio, tarLp, ioctl, sockio, streamio, tar

10 UNIX – process  Abstraction of running program  Address space that contains data, instruction, hardware resources. Running, ready, block statusRunning, ready, block status Interrupt from input (vector) – current process's info pushed to stack – hardware access the address to be assigned for interrupt device – after process done, one of the processes in the ready status is scheduled.Interrupt from input (vector) – current process's info pushed to stack – hardware access the address to be assigned for interrupt device – after process done, one of the processes in the ready status is scheduled.

11 UNIX – process  Process table Process status, program counter, stack pointer, PIDProcess status, program counter, stack pointer, PID Scheduling parameters : process priority, CPU running time, -> decide next processScheduling parameters : process priority, CPU running time, -> decide next process Memory info : how to find the process not in the memory (ready or block)Memory info : how to find the process not in the memory (ready or block) Signals : mask signal, effective signalSignals : mask signal, effective signal

12 UNIX – process  Kernel process start a series of processes -Daemons (started at system booting) ttymon watches various terminals for loginttymon watches various terminals for login ttymon starts new process for user shellttymon starts new process for user shell CommandCommand  ps, exit, kill, fork, wait, bg, fg, signal, sigset, alarm

13 UNIX – File System  Hierarchical File System sbin home varusr tmp mail etckernel spool dev / tmpuser2user1sbinbin System binary Device file Data of sa Binary fileSystem files

14 UNIX – File System  Command mkdir, link, mount, cd, rmdir, cp, mv, rmmkdir, link, mount, cd, rmdir, cp, mv, rm Create/open, close, read/write, pipeCreate/open, close, read/write, pipe  NFS (Network File System)

15 UNIX - Security  UNIX is designed for multi-user system UID (user ID), GID (group ID)UID (user ID), GID (group ID)  each process, file, and folder  File and folder permission 9 bit SETUIDSETUID  Set on the program by superuser (root) chmod, setuid, setgidchmod, setuid, setgid  owner, superuser

16 UNIX - Security  Login is program with SETUID root Login asks the username and passwordLogin asks the username and password Hash function h (username)Hash function h (username) Call setuid and setgid system callCall setuid and setgid system call Open keyboard (fd 0), screen (fd 1), screen error (fd 2), start user shell (UID), and terminateOpen keyboard (fd 0), screen (fd 1), screen error (fd 2), start user shell (UID), and terminate All processes forked by shell inherit the UIDAll processes forked by shell inherit the UID

17 Windows – OS Structure  Operating System Structure Hardware Kernel ObjConfigProcessMemorySecurityCachePower System Service System Interface Win32 programWin32 subsystem HAL

18 Windows – OS Structure  Kernel mode HAL : present rest OS with abstract hardware device (winnt/system32/hal.dll)HAL : present rest OS with abstract hardware device (winnt/system32/hal.dll) ex) map device address to logical system address (bus) ex) map device address to logical system address (bus) interrupt service set the priority on the device interrupt service set the priority on the device

19 Windows – OS Structure Kernel : present complete hardware independencyKernel : present complete hardware independency ex) save the CPU register, ex) save the CPU register, flush CPU table flush CPU table System service : accept windows system callsSystem service : accept windows system calls

20 Windows – OS Structure  User mode : provide each user process with system call interface Environment Subsystems ~= win32 API (application programming interface)Environment Subsystems ~= win32 API (application programming interface) System Interface : DLL (dynamic link libraries)System Interface : DLL (dynamic link libraries) Service processesService processes

21 Window - Manage  Interrupt  Direct memory access access  I/O  Memory

22 Window - Registry  Registry Don’t change if you have a plan to use machine again.Don’t change if you have a plan to use machine again. Directory (key)Directory (key) Entry : name, type, valueEntry : name, type, value

23 Window - Registry All the win32 application include win32API functionsAll the win32 application include win32API functions ( RegCreateKeyEx, _Delete_, _Open_, etc) ( RegCreateKeyEx, _Delete_, _Open_, etc) All the registry file is in the winnt/system32/confgAll the registry file is in the winnt/system32/confg Some file can not open, but if you succeed opening file (?), you can see the file start “regf…”Some file can not open, but if you succeed opening file (?), you can see the file start “regf…”

24 Windows  Booting Boot sector : first sector of the partition having the bootable OS and has ntldrBoot sector : first sector of the partition having the bootable OS and has ntldr ntldr look up boot.ini file to get the info on configurationntldr look up boot.ini file to get the info on configuration ntoskrnl.exe, and bootvid.dll are loaded.ntoskrnl.exe, and bootvid.dll are loaded. Finally ntldr load all the drives needed to finish booting ( like mouse, keyboard) and load smass.exe Finally ntldr load all the drives needed to finish booting ( like mouse, keyboard) and load smass.exe winlogin.exe,winlogin.exe,

25 Windows - Security  Winlogin.exe create lass.exe (authentication manager) and services.exe (look in registry and start services)  Services : Printer server, File server, Telnet Daemon, DNS resolver, Event logger, Plug-and-play manager Event logger, Plug-and-play manager

26 Windows - Security  User SID (security ID)  Process has access token Header Expiration time GroupsDefault CACL User SID Group SID Restricted SID Privilege

27 Windows - Security  Security descriptor  Implementation Winlogon.exe give initial process access tokenWinlogon.exe give initial process access token  lass.exe decides success of login and lookup registry to get correct user profile and start services.exe with access token Subsequent processes inherit parent ’ s access token.Subsequent processes inherit parent ’ s access token. Thread usually inherit the process ’ s access token.Thread usually inherit the process ’ s access token. Owner’s SID Group SID DACL SACL Deny access List System Access Control List

28 Manage Windows  Why have to protect windows? Bugs : Every software contains bugsBugs : Every software contains bugs Intruders : Crackers find a vulnerability in the OS and exploit it to break into and controlIntruders : Crackers find a vulnerability in the OS and exploit it to break into and control Virus Infections : antivirus softwareVirus Infections : antivirus software Violation of your privacy : spyware (software to collect data about you and secretly send it home)Violation of your privacy : spyware (software to collect data about you and secretly send it home)

29 Manage Windows  How to protect windows Service packService pack Windows updateWindows update Installing HotfixesInstalling Hotfixes Microsoft Baseline Security AnalyzerMicrosoft Baseline Security Analyzer Virus protectionVirus protection Firewall protectionFirewall protection Malicious Script ProtectionMalicious Script Protection

30 Manage Windows  Service packs contain hundreds of bug and security fixes and enable you to apply these fixes in one fell swoopcontain hundreds of bug and security fixes and enable you to apply these fixes in one fell swoop Check the service pack version and download the newest versionCheck the service pack version and download the newest version  Windows Update Updates are being released constantlyUpdates are being released constantly http://windowsupdate.microsoft.com/http://windowsupdate.microsoft.com/http://windowsupdate.microsoft.com/

31 Manage Windows  Installing hotfixs additional patchesadditional patches subscribe to Microsoft's Security Bulletin - http://www.microsoft.com/technet/security/bu lletin/notify.asp - or the CERT Advisory Mailing List - http://www.cert.org/contact_cert/certmaillist.h tml. You will receive regular e-mail notifications about vulnerabilities and fixes you might need to apply to your system.subscribe to Microsoft's Security Bulletin - http://www.microsoft.com/technet/security/bu lletin/notify.asp - or the CERT Advisory Mailing List - http://www.cert.org/contact_cert/certmaillist.h tml. You will receive regular e-mail notifications about vulnerabilities and fixes you might need to apply to your system. http://www.microsoft.com/technet/security/bu lletin/notify.asp http://www.cert.org/contact_cert/certmaillist.h tml http://www.microsoft.com/technet/security/bu lletin/notify.asp http://www.cert.org/contact_cert/certmaillist.h tml

32 Manage Windows  Microsoft Baseline Security Analyzer MBSA allows you to check your Windows NT4, 2000, or XP installation for a number of security issues, i.e. Windows vulnerabilities, weak passwords, IIS vulnerabilities, SQL vulnerabilities, and missing hotfixesMBSA allows you to check your Windows NT4, 2000, or XP installation for a number of security issues, i.e. Windows vulnerabilities, weak passwords, IIS vulnerabilities, SQL vulnerabilities, and missing hotfixes

33 Manage Windows  Virus protection Anti-virus program : known virus, update virus definitionAnti-virus program : known virus, update virus definition Common senseCommon sense  unknown virus  DON'T OPEN ATTACHMENTS FROM UNKNOWN SOURCES!  DELETE IT!  e-mail with an attachment from a person you know but didn't expect it - DO NOT OPEN IT - DELETE IT!

34 Manage Windows  Firewall Protection Internet connetion : exposed to worldInternet connetion : exposed to world DSL or cable modem with static IPDSL or cable modem with static IP Find out how vulnerable your machine isFind out how vulnerable your machine is http://grc.com/default.htmhttp://grc.com/default.htmhttp://grc.com/default.htm click on Shield's UP!. Do Test My Shields! and Probe My Ports!.Do Test My Shields! and Probe My Ports!. Check for obvious vulnerabilities of your PC. Check for obvious vulnerabilities of your PC. Chances are you have a number of open and/or visible ports that can make your machine a target for crackers Chances are you have a number of open and/or visible ports that can make your machine a target for crackers

35 Manage Windows Firewall protects machine by closing these security holes.Firewall protects machine by closing these security holes. Firewall software monitors your Internet connection and filters all traffic to keep undesired traffic out and only allow legitimate traffic through.Firewall software monitors your Internet connection and filters all traffic to keep undesired traffic out and only allow legitimate traffic through. recommend is ZoneLab's Zone Alarmrecommend is ZoneLab's Zone Alarm http://www.zonelabs.com.http://www.zonelabs.com.http://www.zonelabs.com After installing Zone Alarm, and perform another Shields UP! test and Port Probe.After installing Zone Alarm, and perform another Shields UP! test and Port Probe.

36 Manage Windows  Spyware Protection What is SpywareWhat is Spyware  come in form of software installed on your machine with or without your knowledge  tracks and collects data about you and your computer and sends it back to a central database for processing and analyzing  Lavasoft's Ad-aware http://www.lavasoftusa.com/. http://www.lavasoftusa.com/  After installing this software you can scan your entire system including hard drives and registry for any traces of spyware.

37 Manage Windows  Lavasoft's Ad-aware

38 Manage Windows  Malicious Script Protection A lot of e-mail viruses are scripts.A lot of e-mail viruses are scripts. In order to function, they need to be executed.In order to function, they need to be executed. Prevent you from accidentally launching a malicious script that was not caught by your antivirus software by installing script monitoring softwarePrevent you from accidentally launching a malicious script that was not caught by your antivirus software by installing script monitoring software AnalogX's Script Defender http://www.analogx.com/contents/download/s ystem/sdefend.htmAnalogX's Script Defender http://www.analogx.com/contents/download/s ystem/sdefend.htm http://www.analogx.com/contents/download/s ystem/sdefend.htm http://www.analogx.com/contents/download/s ystem/sdefend.htm

39 Manage Windows  Malicious Script Protection

40 Manage Windows  Email If possible, set the format as plain /text :HTML mail is a potential risk and allows for snooping and malicious code infectionIf possible, set the format as plain /text :HTML mail is a potential risk and allows for snooping and malicious code infection Disable to running ActiveX, scriptDisable to running ActiveX, script ActiveX applets (or "controls" as they are called) are downloadable programs that are run by your system. Unlike the normal EXE files, ActiveX can be run transparently in your Internet Explorer to perform any action such as erasing files or stealing your passwords.ActiveX applets (or "controls" as they are called) are downloadable programs that are run by your system. Unlike the normal EXE files, ActiveX can be run transparently in your Internet Explorer to perform any action such as erasing files or stealing your passwords. Do not open EXE, BAT, VBS, and SCR type attachments everDo not open EXE, BAT, VBS, and SCR type attachments ever Consider using a plain text (non-HTML) e-mail reader such as Eudora or The Bat!Consider using a plain text (non-HTML) e-mail reader such as Eudora or The Bat!EudoraThe Bat!EudoraThe Bat! DOC file can be opened up in like WordPad to view the text contents without the risk of a macro virus infection.DOC file can be opened up in like WordPad to view the text contents without the risk of a macro virus infection.

41 Manage Windows  Perform frequent data backups.  Disable file sharing.  Create an emergency boot disk.

42 Manage Windows -VISC  Secure Shell

43 Manage Windows - VISC

44 Reference  Modern operating systems – Andrew S. Tanenbaum  A practical Guide to Solaris –Mark G. Sobell  Lecture 2 – Dr. Spring

Download ppt "Operating System VISC lab Na Young Lee 09-20-02. Agenda  Operating System  UNIX (standard UNIX)  Window (2000)  Manage Window."

Similar presentations

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.

This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.
Operating System Structures

Operating System Structures
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
EEE 435 Principles of Operating Systems Operating System Concepts (Modern Operating Systems 1.5)

EEE 435 Principles of Operating Systems Operating System Concepts (Modern Operating Systems 1.5)
Chap 2 System Structures.

Chap 2 System Structures.
Operating-System Structures

Operating-System Structures
1 UNIX 1 History of UNIX 2 Overview of UNIX 3 Processes in UNIX 4 Memory management in UNIX 5 The UNIX file system 6 Input/output in UNIX.

1 UNIX 1 History of UNIX 2 Overview of UNIX 3 Processes in UNIX 4 Memory management in UNIX 5 The UNIX file system 6 Input/output in UNIX.
Operating System - Overview Lecture 2. OPERATING SYSTEM STRUCTURES Main componants of an O/S Process Management Main Memory Management File Management.

Operating System - Overview Lecture 2. OPERATING SYSTEM STRUCTURES Main componants of an O/S Process Management Main Memory Management File Management.
1 CS 333 Introduction to Operating Systems Class 2 – OS-Related Hardware & Software The Process Concept Jonathan Walpole Computer Science Portland State.

1 CS 333 Introduction to Operating Systems Class 2 – OS-Related Hardware & Software The Process Concept Jonathan Walpole Computer Science Portland State.
Introduction to Kernel

Introduction to Kernel
2: OS Structures 1 Jerry Breecher OPERATING SYSTEMS STRUCTURES.

2: OS Structures 1 Jerry Breecher OPERATING SYSTEMS STRUCTURES.
Home: www.cse.dmu.ac.uk/~pkang Phones OFF Please Unix Kernel Parminder Singh Kang Home: www.cse.dmu.ac.uk/~pkang Email: pkang@dmu.ac.uk.

Home: Phones OFF Please Unix Kernel Parminder Singh Kang Home:
Process Management. External View of the OS Hardware fork() CreateProcess() CreateThread() close() CloseHandle() sleep() semctl() signal() SetWaitableTimer()

Process Management. External View of the OS Hardware fork() CreateProcess() CreateThread() close() CloseHandle() sleep() semctl() signal() SetWaitableTimer()
Operating Systems - Introduction S H Srinivasan

Operating Systems - Introduction S H Srinivasan
Process in Unix, Linux and Windows CS-3013 C-term 20081 Processes in Unix, Linux, and Windows CS-3013 Operating Systems (Slides include materials from.

Process in Unix, Linux and Windows CS-3013 C-term Processes in Unix, Linux, and Windows CS-3013 Operating Systems (Slides include materials from.
CS-502 Fall 2006Processes in Unix, Linux, & Windows 1 Processes in Unix, Linux, and Windows CS502 Operating Systems.

CS-502 Fall 2006Processes in Unix, Linux, & Windows 1 Processes in Unix, Linux, and Windows CS502 Operating Systems.
Cs238 Lecture 3 Operating System Structures Dr. Alan R. Davis.

Cs238 Lecture 3 Operating System Structures Dr. Alan R. Davis.
OPERATING SYSTEMS Introduction

OPERATING SYSTEMS Introduction
Unix & Windows Processes 1 CS502 Spring 2006 Unix/Windows Processes.

Unix & Windows Processes 1 CS502 Spring 2006 Unix/Windows Processes.
Chapter 6 Implementing Processes, Threads, and Resources.

Chapter 6 Implementing Processes, Threads, and Resources.

Similar presentations

Ads by Google