Starting and Stopping the Server
Important
When the DHCP server is started for the first time, it fails unless the dhcpd.leases file exists. Use the command touch /var/lib/dhcpd/dhcpd.leases to create the file if it does not exist.
If the same server is also running BIND as a DNS server, this step is not necessary, as starting the named service automatically checks for a dhcpd.leases file.
To start the DHCP service, use the command /sbin/service dhcpd start. To stop the DHCP server, use the command /sbin/service dhcpd stop.
If more than one network interface is attached to the system, but the DHCP server should only be started on one of the interfaces, configure the DHCP server to start only on that device. In /etc/sysconfig/dhcpd, add the name of the interface to the list of DHCPDARGS:
# Command line options here DHCPDARGS=eth0This is useful for a firewall machine with two network cards. One network card can be configured as a DHCP client to retrieve an IP address to the Internet. The other network card can be used as a DHCP server for the internal network behind the firewall. Specifying only the network card connected to the internal network makes the system more secure because users can not connect to the daemon via the Internet.
Other command line options that can be specified in /etc/sysconfig/dhcpd include:
· -p <portnum> — Specifies the UDP port number on which dhcpd should listen.
· -f — Runs the daemon as a foreground process. This is mostly used for debugging.
· -d — Logs the DHCP server daemon to the standard error descriptor. This is mostly used for debugging. If this is not specified, the log is written to /var/log/messages.
· -cf <filename> — Specifies the location of the configuration file. The default location is /etc/dhcpd.conf.
· -lf <filename> — Specifies the location of the lease database file. If a lease database file already exists, it is very important that the same file be used every time the DHCP server is started. It is strongly recommended that this option only be used for debugging purposes on non-production machines. The default location is /var/lib/dhcpd/dhcpd.leases.
· -q — Do not print the entire copyright message when starting the daemon.
4.Telecommunication technologies.
Telecommunications involves the transmission over long distances of all forms of information between computers various types of communication lines. By definition, to ensure prompt and accessible exchange of information files is necessary, that users had access to the Internet and software for data processing. All modern telecommunication technologies based on the use of networks.
|
|
|
Network resources are divided into these types:
• Hardware (servers);
• Software (provides reception, transmission and processing of information);
• Information (storage of different arrays of information).
There are several services, or types of services that are provided to consumers on the Internet. For their correct use is necessary to have two computers, one of them is a workstation user, and the second - the server is the source of network resources. The work of all services based on the use of application protocols that specify a list of rules to which all companies to ensure the compatibility of hardware and software. Also the data transfer is based on a client-server program, which involves client requesting services from the server.
The Internet can provide the following services:
• Telecommunication (messaging, information of various types and sizes, teleconference, etc.);
• Information (search for information in any format that the user interests);
• Consulting (training and advice on any matters relating to the use of public resources);
• Technical services (installation and testing of hardware and software);
• Commercial (all commercial activities on the Internet);
• On-line communication between subscribers;
• Placement of advertisements on various websites, social networks and other sites;
• Cellular and mobile communications.
The introduction of telecommunication technologies in different spheres of life
Initially telecommunication technologies conceived for uninterrupted messaging at a great distance. The uniqueness of the network was that it could properly function even after damage to its parts. Internet invented for military purposes, but it was leaked to a wide range of users and has been used successfully in many spheres of activity. With the help of scientists, students and professionals of different professions quick access to information in any format could facilitate its work. Search essential data in minutes, and the software provides them with the correct treatment. The opportunity to keep track of all the processes of personnel and execution of orders in remote access for executives, which greatly increased the productivity of labor.
|
|
|
Questions:
1. Why do we need to connect computers?
2. What is a computer network?
3. Briefly describe the following network components.
4. a. Client b. Server c. Hub d. Router
5. What are the differences between a Hub and a Switch?
6. How do we use a MODEM?
7. Describe the following categories of networks briefly
8. a. PAN b. LAN c. WAN d. MAN
9. Explain the classifications of networks according to the topology.
10. What does it mean Internet and Intranet? Why is it important to use intranet than internet?
11. What is the most suitable connection method for the following;
a. Computers within a laboratory.
b. Connect two computer laboratories.
References
1. June J. Parsons and Dan Oja, New Perspectives on Computer Concepts 16th Edition - Comprehensive, Thomson Course Technology, a division of Thomson Learning, Inc Cambridge, MA, COPYRIGHT © 2014.
2. Lorenzo Cantoni (University of Lugano, Switzerland) James A. Danowski (University of Illinois at Chicago, IL, USA) Communication and Technology, 576 pages.
3. Craig Van Slyke Information Communication Technologies: Concepts, Methodologies, Tools, and Applications (6 Volumes). ISBN13: 9781599049496, 2008, Pages: 4288
4. Utelbaeva A.K.,Utelbaeva A.K. Study guide for lectures on discipline “Computer science”, Shimkent 2008, 84 pages.
Lecture № 8. Cybersafety.
Purpose: Have an idea about e-business and e-government.
Plan:
1.Security risks of information and their classification. Industry of cybersafety. Cybersafety and control of the Internet.
2.Malicious applications. Measures and means of information protection.
3.Standards and specifications in information security field. The acts of the Republic of Kazakhstan governing legal relations in the sphere of information security.
4.Digital signature. Encoding.
1.Security risks of information and their classification. Industry of cybersafety. Cybersafety and control of the Internet.
|
|
|
One of the main aspects of the problem of security automated system (AS) is the identification, analysis and classification of possible threats to specific speakers. A list of the most significant threats, assess their likelihood and model of the attacker are basic information for an optimal protection.
Information Security Risk - a set of conditions and factors that create a potential or actual violation of the existing danger of information security. AS security threats - it is an opportunity to influence the implementation of the information processed in the AS, which leads to a breach of confidentiality, integrity or availability of information, as well as the opportunity to influence the AC components, leading to their loss, destruction or failure of the operation.
threats to the security of information source - a subject that is a direct cause of a threat of safety information
The main sources of security breaches are in AS:
• accidents and disasters (fire, earthquake, hurricane, flood, etc.);
• faults and failures of hardware;
• design and development component error AC (software and data processing technology, hardware, etc.);
• Operating error;
• deliberate actions of violators.
There are many criteria for classifying threats. Consider the most common ones.
1. The nature of the origin: natural and artificial
Natural threats - a threat caused by exposure to the AS and its objective elements of natural physical processes or natural phenomena, independent of man. In turn, artificial threat - a threat to the AS, caused by human activities.
2. The degree of motivation: unintentional (accidental) and intentional. The first related to the different kinds of errors - in the design of the AS, in the software, human error when working with the AS and etc. The second group is related to the self-serving, and other ideological goals of people, in this case, the intruders. The reason may be to obtain material gain, revenge, moral beliefs, and so forth.
3. The position in relation to controlled areas: internal and external threats. As an example, external threats can be to intercept data transmitted over the network or through a leak PEMIN. The internal threats include theft of media with confidential information, damage to equipment, the use of various types of bookmarks.
|
|
|
4. The degree of impact on AS: passive and active. Passive threats - threats that do not violate the composition and the normal operation of the AS. Example - copying of confidential information leakage through technical channels of leakage, eavesdropping, etc. Active threat, respectively, disrupts the normal functioning of the AS, its structure or composition.
5. The mean infringed property information - confidentiality, availability, integrity.
6. The type of system, which is aimed threat: a system based on a stand-alone workstation and system having a connection to the PSTN.
7. The method of realization: unauthorized access (including random) to protected information, a special effect on the information, technical information leakage through leak paths.
2.Malicious applications. Measures and means of information protection.
Malicious program (in the jargon of the anti-virus services, "malware", English malware, malicious software -. «Malicious software") - any software designed to gain unauthorized access to computing resources most computer or information stored on the computer, with the purpose of unauthorized owner use computer resources or damage (damage) owner information, and / or the owner of a computer and / or the owner of the computer network by copying, distortion, deletion or substitution of information.
| Types of viruses and malware | Description |
| joke Program | joke Program - it is a virus-like program that usually changes the appearance of elements on a computer screen. |
| "Trojan horse" | Trojan horse - is a executable program that does not replicate itself, and being introduced into the system for the performance of potentially dangerous actions, such as opening ports for hackers to access. This program often uses ports "Trojan horses" to gain access to the system. An example of a Trojan horse program can serve as asserting that it saves your computer from viruses when it actually introduces them into the system. |
| Virus | Virus - a program that can reproduce itself. For this purpose, the virus has been attached to any program. As a result, it will be automatically executed during starting of the program. Boot virus: A type of virus that infects partition or disk boot sector The malicious Java code: platform-independent virus code written in the Java language, or embedded in a Java application. A macro virus: a kind of virus, written as a macro for a specific application and often embedded in the document Viruses VBScript, JavaScript or HTML: viruses that are on Web pages and downloaded through a browser Worm: self-contained program (or set of programs) that can spread copies of itself or segments to other computers, often through email |
| The test virus | Test virus - it is an inactive file, which is detected by the antivirus program. Test viruses (such as the EICAR test script) are used to verify the correct operation of the anti-virus. |
| Packer | Packer - is compressed and / or encrypted executable for Windows or Linux, you are often a "Trojan horse". Compress executable packer difficult to determine the antivirus software. |
| Probable virus / malware | This category of viruses and malware are suspicious files with some signs of a virus or malware. For details about probable virus or malware, see the following page of the online encyclopedia viruses Trend Micro.: http://www.trendmicro.com/vinfo/emea/virusencyclo/default.asp |
| Other | The category "Other" get viruses and malware that are not related to any of the types listed above. |
Table 9- Types of viruses
Measures and means of information protection.
Information security is a confrontation of information security specialists and hackers. The attacker - a subject who illegally trying to obtain, modify or destroy data of legitimate users.
Data protection is slaboformalizuemymi task, that is, has no formal methods of solution, and is characterized as follows:
• a large number of factors influencing the construction of effective protection;
• lack of accurate baseline data input;
• lack of mathematical methods for optimal results at the aggregate source data.
Confidentiality, integrity and availability are the three most important properties of the information in the framework of its safety:
• confidentiality of information - the state of the information in which access to it is carried out only entities that have a right to it;
• integrity of the information - the state of the information for which there is no any change in any change is only intentionally subjects have a right to it;
• the availability of information - the state of the information in which entities with access rights can sell them freely
Among these types of protection are the basic legal, organizational and technical protection of information.
Legal protection - protection of information by legal methods, including the development of legislative and regulatory documents (acts) that regulate subjects regarding the protection of information, the use of these documents (acts), as well as supervision and control over their execution
For legal protection measures include the RК laws, decrees and other legal acts. At the legislative level, there is regulation of the rules for handling the information are determined participants of information relations, their rights and duties as well as liability in the event of breaches of the law. In some way measures of the group may include prophylactic. Their main function is to prevent potential intruders, because in most cases it is the fear of punishment stops from committing crimes. The advantages of legal protections is their versatility in terms of application to all illegal methods of information extraction. Moreover, in some cases, they are only applicable, such as in the protection of copyright in case of illegal replication.
For moral and ethical measures include standards of conduct established in the society. In some cases, they can be made in writing, such as charter or code of honor of the organization. Compliance with ethical standards is not mandatory, and is more of a preventive nature.
Organizational security measures - organizational measures designed to regulate the functioning of information systems, staff performance, users interact with the system. Among the basic organizational information protection measures can be identified as follows:
• Formation of a security policy;
• The regulation of access to premises;
• Regulation of access of employees to use resources information system and others.
• Determination of liability in the event of non-compliance with information security requirements.
Organizational measures alone can not solve the security problem. They should work in conjunction with physical and technical means of information protection in the definition of the actions of people.
Physical protection is a set of tools that prevent physical penetration of a potential intruder in the monitored area. They may be mechanical, electro-mechanical or electronic devices of various types. Most often, it is with the construction of the physical protection of security begins in the organization, including the information.
The last and most extensive in its composition echelon protection system is the technical protection of information. It is this type of protection is dedicated to this course.
Technical protection of information - data protection is to ensure nekriptograficheskimi methods of safety information (data) to be protection in accordance with applicable law, the application of technical, software and software and hardware. It is important to note that technical protection - is not only a protection against leakage of information through technical channels of leakage, but also protection against unauthorized access from the mathematical effects, malware, etc. The objects of technical protection of information can be:
• information of the object;
• Information system;
• resources information system;
• Information Technology;
• software;
• communication network.
We proceed to the review of the standards and specifications of two different types:
3.Standards and specifications in information security field. The acts of the Republic of Kazakhstan governing legal relations in the sphere of information security.
LAW OF THE REPUBLIC OF KAZAKHSTAN
On National Security of the Republic of Kazakhstan
(With amendments and additions as 26.07.2016 )
Article 4. Types of National Security
5) information security - the state of protection of information space of the Republic of Kazakhstan, as well as the rights and interests of man and citizen, society and the state in the information sphere of the real and potential threats, which provides a sustainable development of the country's independence and information.
4.Digital signature. Encoding.
1. What is a digital signature?
Digital signature - is the resulting cryptographic (encryption) transformation of information using a private key signature props electronic document designed to protect the document from forgery, as well as from unauthorized changes. In fact, the electronic signature - a full, having the same legal effect as handwritten signature analogue, bonded stamp.
2. Why use digital signature?
The purpose of digital signature is authentication information, ie protection of transmitted information, the participants of information exchange for guarantees of their authenticity. EDS system requires that every user has a private key that is used to generate the signature, and the corresponding public key for checking signatures and distributed to a certain circle of users in the system of information exchange.
From a practical point of view of electronic signature is used in electronic document management systems, and for participation in electronic auctions.
What is the key certificate?
The certificate is an electronic document that links signature verification data to a specific person, confirms the identity of that person and certified by an electronic digital signature Certification Center
4. What is a Certification Authority?
Certification Center - a specialized organization performing the following functions:
• registration of users;
• Production of signature key certificates;
• creation of electronic digital signature keys to guarantee the secrecy of the closed key EDS;
• Suspension and resumption of signature key certificates of action, as well as their cancellation;
• maintaining a register of signature key certificates, ensuring its relevance and the possibility of free circulation to it participants of information systems;
• verification of the uniqueness of a public key digital signature in the register of signature key certificates;
• certification of the signature key information about their action;
• implementation of the appeals of the user certificate authentication signature key signature in the electronic document in respect of signature key certificates issued to them.
6. How does the digital signature?
With the help of electronic signature information is encrypted and is accessible to anyone having access to it to the user. To determine the identity of the author of the document and the authenticity verification using the so-called "Hash function".
In the first stage of signing the document EDS built a special function (such as a checksum), a hash function that identifies the contents of the document. In the second stage the author of a document encrypts the content hash his personal private key. Thus they encrypted hash function is placed in the document and is stored and sent with it. The size of the hash function is negligible, so there is no appreciable increase in the size of the document.
When you receive a document signed by the electronic signature, the user can verify its authenticity. There it is. At the first stage the recipient of the document is building its own version of a hash of the signed document. In the second stage decrypted hash function, that contain the document. The third step is the comparison of the two hash functions. Their match is a guarantee of the authenticity of the document and its authorship.
Дата добавления: 2018-11-24; просмотров: 426; Мы поможем в написании вашей работы! |
Мы поможем в написании ваших работ!