Transcript Electronic Commerce

COMP2221
Networks in Organisations
Richard Henson
March 2013
Week 6:
Windows Services…

Objectives:
 Explain the role of the registry in desktop
configuration, usability, and security
 Explain the client-server mechanisms of typical
TCP/IP-based network services
 Use appropriate software tools for network services,
system/network monitoring and troubleshooting
Rapid Boot-up with
Windows 7 (1)

Huge improvements in time to logon
screen…
32-bit colour animation appears at an early
stage
» driven by the CPU (& using Intel EFI)

graphics card not yet initiated…
meanwhile, operating system's kernel and
critical device drivers are loading into
memory in the background…
Rapid Boot-up with
Windows 7 (2)

Early stage of boot process bound to i/o:
loading the kernel
device driver files
other system component files

Dimensions of the boot animation limited
to a small region of the screen
avoids i/o delay loading animation images
during the early stage of boot…
Rapid Boot-up
with Windows

Even better with Windows 8….


BUT…

In an organisation, the user then needs
to log on…
endless loading of policy files…
subsequent configuration to accommodate
settings into the local registry…
Groups and Group Policy

Convenient for users to be put into
groups
Settings for group provides particular
access to data & services

Problems…
user in wrong group(s)
group has wrong settings
Policy Files: Controlling User
and System Settings…

Arguably the most
important part of a
network manager’s job
 get it right: happy users,
happy managers
 get it wrong:
» frustrated users…
» angry managers…
Revisiting Peer-Peer Networks
(formerly known as “workgroups”)
i.e. No domain logon
 Advantages…

» no group policies to download!
» much faster boot up!
» run client-server apps

Disadvantages…
» no central accountability!
» users & computers both difficult to
manage
» more untested software…
Specifying a
Client-Server Application
May be (even…) trickier than stating
requirements for software residing on a
single machine
 Even standalone software has been
known to have missed something…

OK with overtly specified requirements
problem with implicit requirements…
Implicit and Explicit Requirements

Typically, customers only really understand/care
about Explicit (Functional) Requirements
 e.g. a Local Authority may want a Bridge
New
Bridge
• The expressed Functional Requirement may only be:
• Vector (end points  direction, length)
• Capacity (number of lanes)
11
[TSI/2012/183]
© Copyright 2003-2012
Implicit Requirements (NFRs)

In most industries, Supplier also gives due
weight to all relevant guidance
 {c.f. Ethical Principles}
 including Non-Functional Requirements (NFR)

NFRs for the Bridge:
• Strength (of components and overall)
• Clearance required over river
• Known Failures modes - - - - - - - - - - >

NFRs & software industry?
1st Tacoma Narrows Bridge 1940-11-07
 overlooked? not a good track record for
Trustworthiness…
12
[TSI/2012/295]
© Copyright 2003-2012
Trustworthy Software
Requirement (1)
•
Requirements for Trustworthy Software can
arise from
• Explicit (Functional) Requirement for Trustworthiness
• Implicit (Non Functional) Requirement (NFR) for
Trustworthiness
• direct NFR for software under consideration
• as Collateral NFR from other software in environment
13
[TSI/2012/183]
© Copyright 2003-2012
Trustworthy Software
Requirement (2)
• Requirements cover
• whole of ICT (including ICS)
• devt activities (Specification, Realisation and Use)
•
Assurance requirements range
• Due Diligence (all software)
• …
• to Comprehensive
Typical Implicit (Non-Functional)
Requirements: “NFR”
PAGICC






Performance
ARM (Availability (incl.
Resilience), Reliability (incl.
Robustness) & Maintainability
(incl. Documentation))
Governance (Legal (incl. IPR),
Regulatory, Policy)
ILS (Integrated Logistic Support
incl. Escrow)
Compatibility (Operating
Environment, Interfaces,
Platforms and Dependencies)
Cultural Fit (including Reputation,
Brand)
QUESTESS








Quality (e.g. Faults Delivered,
Fault Removal Efficacy)
Usability / human factors and
Accessibility
Evolution (incl. Extensibility /
Scalability, PDS (Post Design
Services))
Standards
TEA (Training, Education and
Awareness)
Environmental Impact
Security (incl. IA, Audit/control
and DPA)
Safety
15
[TSI/2012/183]
© Copyright 2003-2012
Platforms and Software
Trustworthiness

Only through
extensive testing….
 over many years…
Local user control and
Local Policy Settings
Users and groups – exactly the same
principle as domain users and domain
groups
System settings for computer may
need to be changed for particular users
»e.g. lower screen refresh rate required for
epileptic
The all-important Registry


Hierarchical store of system and user settings
Reminder:
 HKEY_LOCAL_MACHINE : local computer info.
Does not change no matter which user is logged on
 HKEY_USERS : default user settings
 HKEY_CURRENT_USER : current user settings
 HKEY_CLASSES_ROOT : software config data
 HKEY_CURRENT_CONFIG : “active” hardware
profile
Editing “Live” Registry Settings

Registry data that is loaded into memory
was taken from locally saved copy
 some then overwritten by:
» local user profile file (ntconfig.pol)
» local groups
» local computer settings

Special command line tool available for
editing individual system settings:
 REGEDT32
What is a Policy File anyway?

Collection of registry settings in a text file
 settings depend on the user or group logging
on

Can overwrite:
 local machine registry settings
 current user registry settings

Should therefore only be created and used
by those who know what they are doing!!!
Peer-Peer Sharing
No active Directory!
 Resources shared through:

File shares
Printer shares

Responsibility rests with the
administrator of the local machine
Contradictions of Peer-peer

Meant to be just for small networks
e.g. <10 computers
but what about the Internet?

Still client-server!
depending on the process
» peer computer could be acting as server…
» or client!!!
The Redirector
(OSI Level 5)


Client-server
service
Provides file and
print connectivity
between
computers
 one end must be
“server”
 provides the
service…
may be
redirector logged on
requests
service
server
client
Server
Provides
service
Redirector
(“Workstation” i.e. client-end)

Implemented as a file system driver
called… if local file system cannot find the
file or service
then… sends request to active directory to
locate the data object via next OSI layer
(4): Transport Driver Interface (TDI)
» communicates directly with transport protocols
» allows independence of networking
components in OSI layers 2-4
Redirector
(Workstation Service)

Adherence to OSI layers…
 Can independently add or remove:
» transport protocols (layers 3 & 4)
» network cards (layers 1 & 2)
without reconfiguring the whole system

Completely transparent in redirection of i/o
calls not serviced locally
 esp. important when applications are being used
Server Service

Server end of redirector:
 implemented as a file system driver
 communicates with lower layers via TDI


Supplies the network connections
requested by the client redirector
Receives requests via adapter card
drivers, transport protocol (e.g. TCP/IP),
and TDI
Running Client-Server
Applications

Client process & server process provide a
mechanism for:
 pipes to link processes that need bi-directional
communication
 mailslots to link processes only requiring onedirectional communication
 running Winsock to manage the communication
channel
 RPCs (Remote Procedure Calls) allowing
distributed applications to call procedures
anywhere on the network
File and Print Sharing

Shared resource access requires use of
 redirector
 server service…

Multiple UNC Provider allows connection to a
resource on any computer that supports UNC
Universal Naming Convention) names
 Files \\server\shared folder[\sub-folder]\filename)
 Printers \\server\shared printer

Multiple Provider Router supports multiple
redirectors
Network Binding


Binding is about linking network components
working at different OSI levels together to
enable communication
Windows binding is about linking the
redirector & server service with the transport
protocol and (via NDIS) adapter card drivers
 happens automatically when:
» there is a change of protocol, or protocol settings
» different network adapter drivers are installed
» existing adapter card settings are altered
WINS (Windows Internet
Names Service)

Client-server protocol like DNS, DHCP
 used on first Windows TCP/IP networks to enable
computer devices to communicate using IP
 manages a dynamic database of IP addresses and
local network (NetBIOS) names
 clients request IP addresses for particular NetBIOS
names
 WINS server provides that information

Historical, but NETBIOS names still used in
some places
Terminal Services

Allows any PC running a version of
Windows to remotely run a Windows
server
uses a copy of the server’s desktop on the
client machine

Client tools must be installed first, but the
link can run with very little bandwidth
possible to remotely manage a server
thousands of miles away using a phone
connection…
The www service

Provided by Microsoft’s Web Server (IIS)
 links to TCP port 80
 can also provide:
» ftp service (port 21)
» smtp service (port 25)

Purpose of www service:
 Works with http protocol make html pages
available:
» across the network as an Intranet
» across trusted external users/domains as an Extranet
Features of IIS

Provides server end program execution
environment:
 runs server-scripts



Sets up its own directory structure on the
Server for developing Intranets, Extranets,
etc.
Sets up communication via TCP port 80 in
response to client request
Client end:
 browser HTML display environment on client
“Static” web page service
client (browser) requests information (HTML page)
server (IIS, web server) processes the request, sends
HTML page back to the client…
CLIENT
Client
Program
SERVER
REQUEST
RESPONSE
Send Request
Read Results
Server
Program
Process Request
Send Back Results
More Features of IIS

Access to any client-server service can
be restricted using username/password
security at the server end
or could bypass security with “anonymous
login
» uses a “guest” account – access granted only
to files that make up the Intranet
» prevents worries about hacking in through
guessing passwords of existing users
Client-Server Web
Applications


Associated with “dynamic” web pages
Web servers provides a server-side
environment that can allow browser data to
query remote online databases using
SQL…
 processing takes place at the server end…
» usually .aspx or .php
 centralised and secure!
Some recent challenges to
client-server applications

apps (especially phone apps…) using
local processing, even storage (!)
open to wireless retrieval?
again…issue of availability v security

Server with logically attached database
can be wide open to SQL injection
attack….
Troubleshooting Local Resources

Task Manager
 Applications tab just gives the name and status of
each application that is loaded into memory
 Processes tab:
»
»
»
»
all system processes
Memory usage of each
% CPU time for each
Total CPU time since boot up
 Performance tab
» Total no. of threads, processes, handles running
» % CPU usage


Kernel mode
User mode
» Physical memory available/usage
» Virtual memory available/usage
Troubleshooting Local Resources

Event viewer
 System events recorded into “event log” files
» Three by default: system, auditing, application
» customisable
 Three types of events:
» Information
» Warning
» Error
 More information for each event obtained by
double-clicking
 Event management also required…
» E.g. new files daily, old ones archived? dumped? when?
» how often to check event files?
» Important to detect security issues and potential failures
Troubleshooting Local Resources

System Monitor (perfmon.msc)
 monitor many aspects of system performance
 e.g. capture, filter, or analyses frames or packets sent over
the network, or capture data from hardware devices
» either display current data graphically, in real-time
» or log data at regular intervals to get a longer term
picture
 Alerts
» notify when a particular threshold value has been reached

System Recovery…
 If a fatal error occurs:
» immediate dump of system memory is made

can be used for identifying the cause of the problem
» alerts are sent to users
» system is restarted automatically
NFR Example:
Possible Security Features






















Remote diagnostic and configuration port
Information labelling and handling
protection
Equipment siting and protection

Segregation in networks
Supporting utilities

Network connection control
Cabling security

Network routing control
Maintenance

Secure log-on procedures
Secure disposal or re-use

User identification and authentication
Separation of development, test and operational

Password management system
facilities

Use of system utilities
Controls against malicious code

Session time-out
Controls against mobile code

Limitation of connection time
Information back-up

Information access restriction
Network controls

Sensitive system isolation
Security of network services

Input data Verification
Electronic messaging

Control of internal processing, including Least
On-line transactions
Privilege
Publicly available information

Message integrity
Audit logging

Output data Verification
Auditing system use

Cryptographic controls
Protection of log information

Key management
Clock synchronisation

Technical vulnerability management (patches and
Privilege management
updates)
A Checklist
of areas to consider, abstracted from ISO/IEC
27001 / 27002 Control Sets
Equipment identification
in networks

Collection of evidence
41
[TSI/2012/183]
© Copyright 2003-2012