- •Ssd2: Introduction to Computer Systems contents
- •Prerequisites
- •Course Textbook
- •Hardware/Software Requirements
- •The purpose of ssd2 is for students to
- •Students successfully completing ssd2 will be able to
- •1.1 Overview of Computer Systems
- •1.1.1 Components of a Computer System
- •Hardware System
- •Software System—Operating System Software and Application Software
- •Network System
- •1.2 Evolution of Computer Systems
- •1.2.1 Brief History
- •1200S—Manual Calculating Devices
- •1600S—Mechanical Calculators
- •1800S—Punched Cards
- •1940S—Vacuum Tubes
- •1950S—Transistors
- •1960S—Integrated Circuits
- •1970S to Present—Microprocessor
- •Pace of Advancement
- •1.2.2 Applications of Computer Systems
- •In Education Multimedia-Facilitated Learning
- •Simulation-Based Education
- •Intelligent Machine-Based Training
- •Interactive Learning
- •In Business Supply Chain Management
- •Project Management
- •Customer Relationship Management
- •Sales and Marketing Using Electronic Commerce
- •Manufacturing Research
- •In Entertainment Movies
- •Video Games
- •1.3 Data Representation in a Computer System
- •1.3.1 Bits and Bytes
- •Data Representation Using Binary Digits
- •Increasing Need for Bytes
- •1.3.2 Number Systems
- •Decimal
- •Hexadecimal
- •Learning Exercise
- •2.1 Processor and Memory
- •2.1.1 Processor Basics
- •Processor
- •Instruction Execution with the cpu
- •Performance: Factors and Measures
- •Types of Processors
- •2.1.2 Types of Memory
- •Cmos Memory
- •Summary
- •2.1.3 Lab: Benchmarking (Optional)
- •2.2 Peripherals
- •2.2.1 Connecting Peripherals
- •Expansion Slots and Cards
- •Usb and FireWire
- •Comparing Different Ports
- •2.2.2 Buses
- •2.2.3 Input/Output Devices
- •Input Devices
- •Cameras
- •Digital Camcorders
- •Scanners
- •Output Devices: Monitors and Projectors
- •Crt Monitors
- •Lcd Monitors
- •Projectors
- •Output Devices: Printers
- •Ink Printers
- •Dye-Sublimation Printers
- •Laser Printers
- •Comparing Printers
- •2.3 Storage Devices
- •2.3.1 Disk Controller Interfaces
- •Ide Interface
- •Eide Master/Slave
- •2.3.2 Mass Storage
- •How Mass Storage Devices Differ from ram
- •Disk Drive Reliability
- •Optical Media: cDs versus dvDs
- •Magnetic Media
- •Optical versus Magnetic
- •Solid State
- •Comparing Storages
- •2.4 Putting Together the Hardware Components
- •2.4.1 How Components Work Together
- •2.4.2 Lab: Researching a Computer System
- •2.4.3 Lab: Online Configuration
- •2.5 Improving Computer Performance
- •2.5.1 Moore's Law
- •2.5.2 Bottlenecks
- •Bottlenecks—Slowing a Process
- •Typical Bottlenecks
- •Eliminating Bottlenecks
- •2.5.3 Throughput and Latency
- •Unit 3. Operating System Software
- •3.1 Structure
- •3.1.1 Layers of Software
- •Layers and Process Management
- •Encapsulation and Abstraction
- •Layers of Software
- •3.1.2 The bios: Life at the Bottom
- •The Role of the bios
- •Changing bios Settings
- •3.1.3 Process Control
- •3.1.4 Lab: The Task Manager
- •3.2 Device Management and Configuration
- •3.2.1 Interrupt Handling
- •Interrupts
- •Interrupt Priority and Nested Interrupts
- •Traps and Faults
- •3.2.2 Hardware Attributes
- •Installing Drivers
- •Changing a Driver's Configuration
- •3.2.3 Configuration
- •3.2.4 Lab: Device Management
- •3.3 Resource Sharing
- •3.3.1 Virtual Memory
- •Managing Memory
- •Relocation
- •Virtual Memory
- •3.3.2 File and Printer Sharing
- •Printers
- •3.4 File Systems
- •3.4.1 File Organization
- •Folders
- •Shortcuts
- •File Names and Types
- •3.4.2 File Allocation Table and nt File System
- •Clusters and File Allocation Tables
- •Nt File System
- •Unit 4. Application Software
- •4.1 Software Basics
- •4.2 Using Software Systems
- •4.2.1 Lab: dos Commands
- •4.2.2 Lab: Macros
- •4.2.3 Lab: Embedding Application Objects
- •4.3 Batch Script Files
- •4.3.1 Advanced Command-Line Functions
- •Dos Command Syntax
- •Review of File System Commands
- •Wildcard Characters
- •Redirection and Piping
- •4.3.2 Batch File Commands
- •Batch Files
- •Commands
- •4.3.3 Lab: Creating a Batch File
- •Example of a Batch File
- •Example of a Batch File with Arguments
- •4.4 Databases
- •4.4.1 Lab: Searching the Library of Congress
- •4.5 Software Engineering
- •4.5.1 Issues in Large-Scale Software Development
- •The Software Development Process
- •Define or Redefine the Problem
- •Plan a Solution to the Problem
- •Code the Solution
- •Evaluate and Test Everything
- •4.5.2 Open Source Model
- •Free Software
- •4.5.3 Tools for Software Creation and Management
- •Editors
- •Compilers
- •Debuggers
- •Integrated Development Environments (idEs)
- •Unit 5. Network Systems
- •5.1 Internet Basics
- •5.1.1 Mime Types
- •5.1.2 Internet Languages
- •JavaScript
- •5.2 Local and Wide Area Networks
- •5.3 Communication Strategies
- •5.3.1 Client-Server Framework
- •5.3.2 Peer-to-Peer Connectivity
- •5.4 Data Transfer Technologies
- •5.5 Internet Architecture
- •5.5.1 Routers and tcp/ip
- •Internet Protocol
- •Routers
- •Transmission Control Protocol
- •5.5.2 Domain Name Service
- •Domain Name Service
- •5.5.3 Connectivity
- •Conventional Analog Phone Lines
- •Isdn: Integrated Services Digital Network
- •Cable Modem
- •XDsl: Digital Subscriber Line
- •Dedicated High Speed Lines
- •5.5.4 Internet Service Providers
- •Unit 6. Computer Security
- •6.1 Security Threats
- •6.1.1 Intruders: Who, Why, and How?
- •6.1.2 Identity Theft and Privacy Violation
- •Password Cracking
- •Packet sniffing
- •Social Engineering/Fraud
- •Spoofing
- •Port Scanning
- •6.1.3 Malicious Software
- •Trojan Horse
- •Prevention
- •Detection
- •Counter Measures
- •6.1.4 Denial of Service
- •Network Connectivity
- •Network Bandwidth
- •Other Resource Consumption Attacks
- •Distributed Denial of Service Attack
- •Prevention
- •6.2 Security Technologies
- •6.2.1 Encryption
- •Substitution Cipher
- •Transmitting the Key
- •Private Key Encryption Scheme
- •Public Key Encryption Scheme
- •Hybrid Encryption Schemes
- •6.2.2 Applications of Encryption
- •Hard Drives
- •Dvd Movies
- •Cellular Phones
- •6.2.3 Authentication
- •Strong Passwords
- •Smart Cards
- •Biometrics
- •Digital Signatures
- •Digital Certificates and Certificate Authorities
- •Ssl Protocol
- •6.3 Prevention, Detection, and Recovery
- •6.3.1 Firewall
- •Application Gateway
- •Packet Filter
- •Application Gateway versus Packet Filter
- •Intruder Attacks Prevented by Firewall
- •Setting up a Firewall
- •6.3.2 Intrusion Detection Tools
- •Intrusion Detection Systems
- •Network Monitoring Tools
- •Anti-Virus Software
- •6.3.3 Data Recovery
- •6.3.4 Summary of Security Tips
Spoofing
Spoofing is the act of using one machine to impersonate another. An intruder can launch attacks using the identity of another machine so that the intruder would not be held liable for his actions. For instance, an intruder can mask the identity of a machine with special access privileges to obtain control of other computers on the network. Then the intruder can launch a denial of service attack (will be discussed later in 6.1.4 Denial of Service) on a target computer system by sending numerous data packets to tie up the target system's network resources, and cause the system to become unavailable to other users. When the targeted system tries to find the attacker, the trace results would likely to point to the machine that was used to mask the identity of the intruder.
Two methods of spoofing are IP spoofing and email spoofing.
IP spoofing is a technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. To use IP spoofing, an intruder must first identify an IP address of a trusted host and then modify the packet headers so that the packets look like they are coming from that host. This method is effective because dialog between machines are automated, which eliminates the need for username or password.
For more information on the many forms of IP spoofing, read "Spoofing: An Overview of Some of the Current Spoofing Threats" from the SANS website. The SANS website also contains a paper on "Introduction to IP spoofing".
Another technique is email spoofing where an attacker fakes an email header to make it appear as if it came from somewhere or someone other than the actual source.
The following are examples of spoofed emails that could lead to an attack on data integrity:
Email from a system administrator instructing users to delete files, or provide sensitive information such as logins and passwords
Email claiming to be from a system administrator requesting users to change their passwords to a specified string and threatening to suspend their account if they do not comply
Email claiming to be from a person in authority requesting users to send them a copy of a password file or other sensitive information
Note that Internet service providers usually will not specify your new password. Also, most legitimate service providers would never ask you to send them any password information via email, phone, or any other means.
You can read about a real-world e-mail spoofing on Best Buy, "E-mail Scam Makes Best Buy Scramble."
Prevention:
Monitor transaction logs of servers such as email server, Web server, and scan for unusual behaviors (monitoring should be done off-line to avoid attacks during the process)
Minimize system privileges of servers
Limit user access to network or administrator command functions
Port Scanning
The objective of port scanning is to detect security weaknesses in a remote or local host. A port scanner is a program that scans TCP/IP ports and services (for example, TELNET or FTP) and reports responses from the target system. An intruder can use a port scanner to find information about the target host such as which port is open and whether an anonymous user can log in. Once an intruder logs in successfully through the open port, the intruder can try to gain access to more computers on the network. Port scanning activity is usually a precursor to an attack on a target system.
Prevention:
Close unused ports
Monitor suspicious network activities (for example, if a host is scanning through port activities, the attacker may be preparing for an attack)