- •Ssd2: Introduction to Computer Systems contents
- •Prerequisites
- •Course Textbook
- •Hardware/Software Requirements
- •The purpose of ssd2 is for students to
- •Students successfully completing ssd2 will be able to
- •1.1 Overview of Computer Systems
- •1.1.1 Components of a Computer System
- •Hardware System
- •Software System—Operating System Software and Application Software
- •Network System
- •1.2 Evolution of Computer Systems
- •1.2.1 Brief History
- •1200S—Manual Calculating Devices
- •1600S—Mechanical Calculators
- •1800S—Punched Cards
- •1940S—Vacuum Tubes
- •1950S—Transistors
- •1960S—Integrated Circuits
- •1970S to Present—Microprocessor
- •Pace of Advancement
- •1.2.2 Applications of Computer Systems
- •In Education Multimedia-Facilitated Learning
- •Simulation-Based Education
- •Intelligent Machine-Based Training
- •Interactive Learning
- •In Business Supply Chain Management
- •Project Management
- •Customer Relationship Management
- •Sales and Marketing Using Electronic Commerce
- •Manufacturing Research
- •In Entertainment Movies
- •Video Games
- •1.3 Data Representation in a Computer System
- •1.3.1 Bits and Bytes
- •Data Representation Using Binary Digits
- •Increasing Need for Bytes
- •1.3.2 Number Systems
- •Decimal
- •Hexadecimal
- •Learning Exercise
- •2.1 Processor and Memory
- •2.1.1 Processor Basics
- •Processor
- •Instruction Execution with the cpu
- •Performance: Factors and Measures
- •Types of Processors
- •2.1.2 Types of Memory
- •Cmos Memory
- •Summary
- •2.1.3 Lab: Benchmarking (Optional)
- •2.2 Peripherals
- •2.2.1 Connecting Peripherals
- •Expansion Slots and Cards
- •Usb and FireWire
- •Comparing Different Ports
- •2.2.2 Buses
- •2.2.3 Input/Output Devices
- •Input Devices
- •Cameras
- •Digital Camcorders
- •Scanners
- •Output Devices: Monitors and Projectors
- •Crt Monitors
- •Lcd Monitors
- •Projectors
- •Output Devices: Printers
- •Ink Printers
- •Dye-Sublimation Printers
- •Laser Printers
- •Comparing Printers
- •2.3 Storage Devices
- •2.3.1 Disk Controller Interfaces
- •Ide Interface
- •Eide Master/Slave
- •2.3.2 Mass Storage
- •How Mass Storage Devices Differ from ram
- •Disk Drive Reliability
- •Optical Media: cDs versus dvDs
- •Magnetic Media
- •Optical versus Magnetic
- •Solid State
- •Comparing Storages
- •2.4 Putting Together the Hardware Components
- •2.4.1 How Components Work Together
- •2.4.2 Lab: Researching a Computer System
- •2.4.3 Lab: Online Configuration
- •2.5 Improving Computer Performance
- •2.5.1 Moore's Law
- •2.5.2 Bottlenecks
- •Bottlenecks—Slowing a Process
- •Typical Bottlenecks
- •Eliminating Bottlenecks
- •2.5.3 Throughput and Latency
- •Unit 3. Operating System Software
- •3.1 Structure
- •3.1.1 Layers of Software
- •Layers and Process Management
- •Encapsulation and Abstraction
- •Layers of Software
- •3.1.2 The bios: Life at the Bottom
- •The Role of the bios
- •Changing bios Settings
- •3.1.3 Process Control
- •3.1.4 Lab: The Task Manager
- •3.2 Device Management and Configuration
- •3.2.1 Interrupt Handling
- •Interrupts
- •Interrupt Priority and Nested Interrupts
- •Traps and Faults
- •3.2.2 Hardware Attributes
- •Installing Drivers
- •Changing a Driver's Configuration
- •3.2.3 Configuration
- •3.2.4 Lab: Device Management
- •3.3 Resource Sharing
- •3.3.1 Virtual Memory
- •Managing Memory
- •Relocation
- •Virtual Memory
- •3.3.2 File and Printer Sharing
- •Printers
- •3.4 File Systems
- •3.4.1 File Organization
- •Folders
- •Shortcuts
- •File Names and Types
- •3.4.2 File Allocation Table and nt File System
- •Clusters and File Allocation Tables
- •Nt File System
- •Unit 4. Application Software
- •4.1 Software Basics
- •4.2 Using Software Systems
- •4.2.1 Lab: dos Commands
- •4.2.2 Lab: Macros
- •4.2.3 Lab: Embedding Application Objects
- •4.3 Batch Script Files
- •4.3.1 Advanced Command-Line Functions
- •Dos Command Syntax
- •Review of File System Commands
- •Wildcard Characters
- •Redirection and Piping
- •4.3.2 Batch File Commands
- •Batch Files
- •Commands
- •4.3.3 Lab: Creating a Batch File
- •Example of a Batch File
- •Example of a Batch File with Arguments
- •4.4 Databases
- •4.4.1 Lab: Searching the Library of Congress
- •4.5 Software Engineering
- •4.5.1 Issues in Large-Scale Software Development
- •The Software Development Process
- •Define or Redefine the Problem
- •Plan a Solution to the Problem
- •Code the Solution
- •Evaluate and Test Everything
- •4.5.2 Open Source Model
- •Free Software
- •4.5.3 Tools for Software Creation and Management
- •Editors
- •Compilers
- •Debuggers
- •Integrated Development Environments (idEs)
- •Unit 5. Network Systems
- •5.1 Internet Basics
- •5.1.1 Mime Types
- •5.1.2 Internet Languages
- •JavaScript
- •5.2 Local and Wide Area Networks
- •5.3 Communication Strategies
- •5.3.1 Client-Server Framework
- •5.3.2 Peer-to-Peer Connectivity
- •5.4 Data Transfer Technologies
- •5.5 Internet Architecture
- •5.5.1 Routers and tcp/ip
- •Internet Protocol
- •Routers
- •Transmission Control Protocol
- •5.5.2 Domain Name Service
- •Domain Name Service
- •5.5.3 Connectivity
- •Conventional Analog Phone Lines
- •Isdn: Integrated Services Digital Network
- •Cable Modem
- •XDsl: Digital Subscriber Line
- •Dedicated High Speed Lines
- •5.5.4 Internet Service Providers
- •Unit 6. Computer Security
- •6.1 Security Threats
- •6.1.1 Intruders: Who, Why, and How?
- •6.1.2 Identity Theft and Privacy Violation
- •Password Cracking
- •Packet sniffing
- •Social Engineering/Fraud
- •Spoofing
- •Port Scanning
- •6.1.3 Malicious Software
- •Trojan Horse
- •Prevention
- •Detection
- •Counter Measures
- •6.1.4 Denial of Service
- •Network Connectivity
- •Network Bandwidth
- •Other Resource Consumption Attacks
- •Distributed Denial of Service Attack
- •Prevention
- •6.2 Security Technologies
- •6.2.1 Encryption
- •Substitution Cipher
- •Transmitting the Key
- •Private Key Encryption Scheme
- •Public Key Encryption Scheme
- •Hybrid Encryption Schemes
- •6.2.2 Applications of Encryption
- •Hard Drives
- •Dvd Movies
- •Cellular Phones
- •6.2.3 Authentication
- •Strong Passwords
- •Smart Cards
- •Biometrics
- •Digital Signatures
- •Digital Certificates and Certificate Authorities
- •Ssl Protocol
- •6.3 Prevention, Detection, and Recovery
- •6.3.1 Firewall
- •Application Gateway
- •Packet Filter
- •Application Gateway versus Packet Filter
- •Intruder Attacks Prevented by Firewall
- •Setting up a Firewall
- •6.3.2 Intrusion Detection Tools
- •Intrusion Detection Systems
- •Network Monitoring Tools
- •Anti-Virus Software
- •6.3.3 Data Recovery
- •6.3.4 Summary of Security Tips
Application Gateway versus Packet Filter
Compared to packet filters, application proxies can provide a finer-grained access control than packet filters, and they also have the advantage that they can check contents. For example, application proxies can screen email for privileged information. Additionally, they can reject mal-formed data or change the data to a proper form. A drawback is that they are much slower than packet filters. Moreover, a proxy has to be developed for each application. Note that if a corporate network is connected to the Internet through a firewall that uses application gateways, the hosts on that network are not visible on the Internet. This means their IP addresses will never show up in any packets on the Internet.
Hybrid
In an attempt to combine the security of the application gateways and the flexibility and speed of packet filtering, some vendors have created systems that use the principles of both. In these hybrid systems, new connections are authenticated and approved at the application layer. Then the remainder of the connection is passed down to the session layer, where packet filters ensures that only packets that are part of an ongoing (already authenticated and approved) transmission are being passed.
Other possibilities include using both packet filtering and application layer proxies. This method protects computers that provide services to the Internet (for example, public Web server), and serve as an application layer gateway to protect the internal network. Additionally, this method provides multiple layers of defense for intrusions aimed at services on the internal network.
Intruder Attacks Prevented by Firewall
A firewall may protect against the following intruder attempts to breach the security of the system:
Remote login - Intruders may enter your protected network via Telnet logins. Firewalls can block traffic from Telnet and other remote data transfer methods.
Application backdoors - Some programs have special features that may allow intruders to enter illegitimately. Some other programs may contain bugs that provide a backdoor or hidden access that can provide the intruder with some level of control of the program. A firewall can be set up to allow traffic to pass through legitimate ports of the application only.
Source routing - In most cases, the path a packet travels over the Internet is determined by the routers along that path. But, the sender of the packet can arbitrarily specify the route that the packet should travel. Hackers sometimes take advantage of this to make information appear to come from a trusted source or even from inside the network. Most firewall products disable source routing by default.
Viruses - A hybrid firewall can be used to examine mail traffic and filter out those with specific attachments (such as those with file extensions .exe and .vbs).
Denial of service- A firewall can block offending IP addresses
Setting up a Firewall
The effectiveness of a firewall is dependent upon the rules regarding what type of data can pass through, and what type of data is not permitted. The firewall can also be configured to help reinforce certain security policy set up by you or your organization on machines within the protected network. For applications, it can serve as an added layer of security check to ensure that application backdoors are not exploitable.
Firewall configuration is based on the level of security you or your organization wants to establish. The highest level of security would be to block all traffic, but that would defeat the purpose of having an Internet connection. Some firewalls permit only email traffic, thereby protecting the network against any attacks other than those against the email service. Other firewalls provide a lower level of security, and only block services that are known to be problems. Generally, firewalls are configured to protect against unauthorized remote logins via Telnet. This helps prevent intruders from logging into machines on your network.
Some firewalls can be configured to block traffic from the outside to the inside, but permit users on the inside to communicate freely with the outside. However, it is also important to ensure messages from the inside are filtered through the firewall. In case of a virus infection, filtering packets internal to the network can prevent the infection from spreading. A common rule of thumb for setting up a firewall is to block everything and then begin to select what types of traffic you will allow.
Despite how a firewall is set up, be aware that a firewall only protects you from the traffic it denies, and denying all traffic may not be feasible. There are other tools to strengthen the security of your computer system, which you will learn in the next section.