IGNOU MCA MCS-022 Solved Assignments 2010Course Code Course Title Assignment Number Maximum Marks Weightage Last Date of Submission : : : : : : MCS-022 Operating System Concepts and Networking Management MCA(2)/022/Assign/09 100 25% 15th October, 2009 (for July, 2009 session) 15th April, 2010 (for January, 2010 session)

This assignment has five questions. Answer all questions. Rest 20 marks are for viva voce. You may use illustrations and diagrams to enhance the explanations. Please go through the guidelines regarding assignments given in the Programme Guide for the format of presentation. Answer each part of the question should be confined to about 300 words. Question 1: a) Describe the structure of 5 classes of IP address. Also draw the network configuration of your study centre/organisation showings IP addresses assigned your organization by ISP. How do these classes differ? How do you identify a particular classes? (5 Marks) b) How does DNS improve the name resolution? c) What is real time OS? How it is different from the traditional OS. (5 Marks) (5 Marks)

Answer 1 : In the original Internet routing scheme developed in the 1970s, sites were assigned addresses from one of three classes: Class A, Class B and Class C. The address classes differ in size and number. Class A addresses are the largest, but there are few of them. Class Cs are the smallest, but they are numerous. Classes D and E are also defined, but not used in normal operation. To say that class-based IP addressing in still used would be true only in the loosest sense. Many addressing designs are still class-based, but an increasing number can only be explained using the more general concept of CIDR, which is backwards compatible with address classes. Suffice it to say that at one point in time, you could request the Internet NIC to assign you a class A, B or C address. To get the larger class B addresses, you might have to supply some justification, but only the class A was really tough to get. In any case, NIC would set the network bits, or n-bits, to some unique value and inform the local network engineer. It would then be up to the engineer to assign each of his hosts an IP address starting with the assigned n-bits, followed by host bits, or h-bits, to make the address unique.

Internet routing used to work like this: A router receiving an IP packet extracted its Destination Address, which was classified (literally) by examining its first one to four bits. Once the address's class had been determined, it was broken down into network and host bits. Routers ignored the host bits, and only needed to match the network bits to find a route to the network. Once a packet reached its target network, its host field was examined for final delivery. Summary of IP Address Classes Class A - 0nnnnnnn hhhhhhhh hhhhhhhh hhhhhhhh First bit 0; 7 network bits; 24 host bits Initial byte: 0 - 127 126 Class As exist (0 and 127 are reserved) 16,777,214 hosts on each Class A Class B - 10nnnnnn nnnnnnnn hhhhhhhh hhhhhhhh First two bits 10; 14 network bits; 16 host bits Initial byte: 128 - 191 16,384 Class Bs exist 65,532 hosts on each Class B Class C - 110nnnnn nnnnnnnn nnnnnnnn hhhhhhhh First three bits 110; 21 network bits; 8 host bits Initial byte: 192 - 223 2,097,152 Class Cs exist 254 hosts on each Class C Class D - 1110mmmm mmmmmmmm mmmmmmmm mmmmmmmm First four bits 1110; 28 multicast address bits Initial byte: 224 - 247 Class Ds are multicast addresses Class E - 1111rrrr rrrrrrrr rrrrrrrr rrrrrrrr First four bits 1111; 28 reserved address bits Initial byte: 248 - 255 Reserved for experimental use b) Answer: A DNS server is any computer registered to join the Domain Name System. A DNS server runs special-purpose networking software, features a public IP address, and contains a database of network names and addresses for other Internet hosts. DNS Root Servers DNS servers communicate with each other using private network protocols. All DNS servers are organized in a hierarchy. At the top level of the hierarchy, so-called root servers store the complete database of Internet domain names and their corresponding IP addresses. The Internet employs 13 root servers that

have become somewhat famous for their special role. Maintained by various independent agencies, the servers are aptly named A, B, C and so on up to M. Ten of these servers reside in the United States, one in Japan, one in London, UK and one in Stockholm, Sweden. DNS resolution Resolution occurs when a client queries a name server to obtain the IP address with which it wants to connect. If a name server in the local domain cannot resolve a client's request, it queries other servers to locate a server that can. There are two types of resolution: by iteration by recursion Iterative queries By default, a name server queries ``iteratively'' (or non-recursively). This means that it queries several name servers in turn until it finds an answer. It starts by consulting a known name server within the domain hierarchy that contains the destination machine. If it does not already know of a suitable server to ask, it first asks a server in the root domain. Each server responds by referring to a name server in the domain name hierarchy that is closer to the one containing the destination machine. The local server then repeats its query to the name server whose name and IP address it has just been given. In this way, the local server traverses the domain name space until it reaches a name server for the domain that contains the destination machine. This name server should be able to provide the IP address of the destination machine. ``Obtaining an IP address by iterative query'' illustrates how a client in the domain reseau.co.fr might obtain the IP address of the remote host missouri.rivers.mynet.com. Obtaining an IP address by iterative query The steps taken to resolve missouri.rivers.mynet.com to its IP address are: 1. The local client asks the local name server for the IP address of missouri.rivers.mynet.com. 2. The local name server does not know the IP address of Missouri .rivers .mynet.com . It also does not know the IP address of the name servers for rivers.mynet.com or mynet.com so it asks a root name server for the IP address of missouri.rivers.mynet.com. 3. The root name server does not know the IP address of Missouri .rivers .mynet.com, but it does know the IP address of the name server for mynet .com so it tells this to the local name server.

4. The local name server asks mynet.com's name server for the IP address of issouri.rivers.mynet.com. 5. mynet.com's name server does not know the IP address of Missouri .rivers.mynet.com, but it does know the IP address of the name server for rivers.mynet.com so it tells this to the local me server. 6. The local name server asks rivers.mynet.com's name server for the IP address of missouri.rivers.mynet.com. 7. rivers.mynet.com's name server is authoritative for its zone so it can supply the IP address of missouri.rivers.mynet.com c) A real-time operating system (RTOS) is an operating system that guarantees a certain capability within a specified time constraint. For example, an operating system might be designed to ensure that a certain object was available for a robot on an assembly line. In what is usually called a "hard" real-time operating system, if the calculation could not be performed for making the object available at the designated time, the operating system would terminate with a failure. In a "soft" real-time operating system, the assembly line would continue to function but the production output might be lower as objects failed to appear at their designated time, causing the robot to be temporarily unproductive. Some real-time operating systems are created for a special application and others are more general purpose. Some existing general purpose operating systems claim to be a real-time operating systems. To some extent, almost any general purpose operating system such as Microsoft's Windows 2000 or IBM's OS/390 can be evaluated for its real-time operating system qualities. That is, even if an operating system doesn't qualify, it may have characteristics that enable it to be considered as a solution to a particular real-time application problem. In general, realtime operating systems are said to require: multitasking Process threads that can be prioritized A sufficient number of interrupt levels Real-time operating systems are often required in small embedded operating systems that are packaged as part of microdevices. Some kernels can be considered to meet the requirements of a real-time operating system. However, since other components, such as device drivers, are also usually needed for a particular solution, a real-time operating system is usually larger than just the kernel. The key difference between general-computing operating systems and real-time operating

systems is the need for " deterministic " timing behavior in the real-time operating systems. Formally, "deterministic" timing means that operating system services consume only known and expected amounts of time. In theory, these service times could be expressed as mathematical formulas. These formulas must be strictly algebraic and not include any random timing components. Random elements in service times could cause random delays in application software and could then make the application randomly miss real-time deadlines a scenario clearly unacceptable for a real-time embedded system. Many non-realtime operating systems also provide similar kernel services. General-computing non-real-time operating systems are often quite non-deterministic. Their services can inject random delays into application software and thus cause slow responsiveness of an application at unexpected times. If you ask the developer of a nonreal- time operating system for the algebraic formula describing the timing behavior of one of its services (such as sending a message from task to task), you will invariably not get an algebraic formula. Instead the developer of the nonreal-time operating system (such as Windows, Unix or Linux) will just give you a puzzled look. Deterministic timing behavior was simply not a design goal for these general-computing operating systems. On the other hand, real-time operating systems often go a step beyond basic determinism. For most kernel services, these operating systems offer constant load-independent timing: In other words, the algebraic formula is as simple as: T(message_send) = constant , irrespective of the length of the message to be sent, or other factors such as the numbers of tasks and queues and messages being managed by the RTOS.

Question 2: a) Write the Linux command for the followings : i) to display the information about LS command ii) to sort all the files in ascending order in IGNOU directory iii) to kill a particular process iv) to run any process in a background v) to list the users currently logged on to the system (5 Marks)

b)

What are the different kinds of file systems available to Linux operating system ? Discuss. (5 Marks) c) How would you set the IP address of a LAN card in Linux ? (5 Marks) ==================================================================== Question 3:(i) How do you share files, folders and drive in Window XP? Why is sharing an entire drive is not recommended ? (5 Marks) (ii) Describe the role of the primary and backup domain controller in enhancing security in windows 2000. (5 Marks) (iii) What are the shared folders in windows and why are they used? (5 Marks) (iv) Write the purpose of VPN and name some VPN protocols supported in windows 2000. (5 Marks) Answer 3 : To share files on your computer with other computers on a network, you need to: Share a folder on your computer. This will make all of the files in the folder available to all the computers on your network (you cant share individual files). Set up user accounts on your computer for everyone who needs to connect to your shared folder. If any of the accounts are Limited User accounts (unless an account is a Computer Administrator account, it is a Limited User account), follow the steps in Set permissions for files and folders to enable them to open your files. To access shared files that are on another computer on your network, you need to: Connect to the shared folder from other computers on the network. This procedure is described in Map a network drive. Note: By default, file permissions only allow your user account and administrators on your local computer to open your files, regardless of whether a person is sitting at your keyboard or at another computer. It may help to keep these three things in mind when setting up file sharing: Files have user permission settings. Every computer has its own user database. Some accounts are administrator accounts and some arent. Configure your computer to share files

To share a folder on your computer so that files stored in the folder can be accessed from other computers on your home network 1. Log on to your computer as an administrator. For more information, see Access the administrator account from the Welcome screen. 2. Click Start, and then click My Documents. Tip: If you want to share your entire My Documents folder, open My Documents, and then click the Up button on the toolbar. You can then select the My Documents folder. 4. If you see a message that reads, As a security measure, Windows has disabled remote access to this computer, click the Network Setup Wizard link. Then follow the instructions in How to set up your computer for home networking. On the File and printer sharing page of the Network Setup Wizard, be sure to select Turn on 5. If you want to be able to edit your files from any computer on your network (instead of just being able to open them without saving any changes), select the Allow network users to change my files check box. 7. Click OK. Windows Explorer will show a hand holding the folder icon, indicating that the folder is now shared. (ii) Describe the role of the primary and backup domain controller in enhancing security in windows 2000. Answer. A Primary Domain Controller (PDC) is a server computer in a pre- Windows 2000 NT server Domain. A domain is a concept used in NT server operating systems whereby a user may be granted access to a number of computer resources with the use of a single username and password combination.Such domains have at least a Primary Domain Controller, and will often have one or more Backup Domain Controllers (BDCs). The PDC has the master copy of the user accounts database which it can access and modify. The BDC computers have a copy of this database, but

these copies are read-only. The PDC will replicate its account database to the BDCs on a regular basis. The BDCs exist in order to provide a backup to the PDC, and can also be used to authenticate users logging on to the network. If a PDC should fail, one of the BDCs can then be promoted to take its place. The PDC will usually be the first domain controller that was created unless it was replaced by a promoted BDC. Backup Domain Controller (BDC) is a computer that has a copy of the user accounts database. Unlike the accounts database on the Primary Domain Controller (PDC), the BDC database is a read only copy. When changes are made to the master accounts database on the PDC, the PDC pushes the updates down to the BDCs. Most domains will have at least one BDC, often there are several BDCs in a domain. These domains exist to provide fault tolerance. If the PDC fails, then it can be replaced by a BDC. In such circumstances, an administrator promotes a BDC to be the new PDC. BDCs can also authenticate user logon requests - and take some of the authentication load from the PDC. Use of the Legacy Client is not recommended in secure environments. Installing the Legacy Client on the domain controller is not recommended because many Legacy Client accounts require local Administrator rights, which become domain admins on a domain controller. Account and password creation When installing Legacy Clients with Client Push Installation, Client Configuration Manager (CCM) creates this domain account to run the CCM boot loader service on client computers that are domain controllers. This account is made unique by including the domain controller name in the account name. For enhanced security, SMS randomly generates and encrypts the passwords for these accounts. This account is automatically deleted after the client is set up. Account location

Because the client is a domain controller, the account is created in the domain that the client belongs to. You will have one account for each domain controller in the domain running the Legacy Client. The accounts include the server name in the account name to keep them unique. Account maintenance Do not change the passwords, account names, or permissions for this account. If you change the account manually, the related processes do not run successfully, and you run the risk of causing account lockouts by forcing the accounts out of synchronization. Security best practices Resolve problems that prevent temporary accounts from being deleted because it would prevent the SMS#_dc from being deleted after installation is completed. Shared folders is a term used for IMAP folders that can be accessed simultaneously by many users. Kolab allows to specify a variety of access rights for such folders so that you can easily specify which users can read, write or modify the messages held in the IMAP folder. Since a shared folder can also hold groupware resources (like events, tasks, addresses, notes, etc.) instead of plain mail they are an ideal tool for team organization and communication. (iii) What are the shared folders in windows and why are they used? Answer. 1. Open "My Network Places" from the Start Menu or from the left pane of Windows Explorer (under Desktop, below My Documents and My Computer). 2. Open the "Entire Network" item listed in the left pane of My Network Places. 3. Open the "Microsoft Windows Network" item. 4. Next, open the new item that appears showing the computer's workgroup (or domain) name. 5. Finally, click on the new item that appears showing the computer's name. 6. In the right pane, any non-administrative Windows shares set on this computer will appear. If no items appear, no folders have been set for sharing. Folders shown in this window link to the actual shared folders. Opening any of these shares will reveal

the contents of the actual folder. Note that renaming or deleting files from this linked location is not permitted. Note also that this method reveals the contents but does not reveal the actual location of the shared folders on the hard drive. 7. To find the actual location of file shares on Windows XP or Windows 2000, and also to view administrative shares, open a command prompt. To open a command prompt, click the Start Menu, choose the Accessories option, then choose Command Prompt. Alternatively, click the Start Menu, choose the Run option, then type 'cmd' in the Run window that opens. 8. Type the command 'net share' and press Enter in the command prompt window. The 'net share' command shows the name and location of each shared folder on that computer. Share names that end with a dollar sign ($) are administrative shares. Several administrative shares are created automatically by Windows; these should not be modified. (iv) Write the purpose of VPN and name some VPN protocols supported in windows 2000. Answer. VPN Protocols The term "VPN" has taken on many different meanings in recent years. VPNC has a white paper about VPN technologies that describes many of the terms used in the VPN market today. In specific, it differentiates between secure VPNs and trusted VPNs, which are two very different technologies. For secure VPNs, the technologies that VPNC supports are IPsec with encryption L2TP inside of IPsec SSL with encryption For trusted VPNs, the technologies that VPNC supports are: MPLS with constrained distribution of routing information through BGP ("layer 3 VPNs") Transport of layer 2 frames over MPLS ("layer 2 VPNs") IPsec is the most dominant protocol for secure VPNs. SSL gateways for remote-access users are also

popular for secure VPNs. L2TP running under IPsec has a much smaller but significant deployment. For trusted VPNs, the market is split on the two MPLS-based protocols. Companies want to do their own routing thend to use layer 2 VPNs; companies that want to outsource their routing tend to use layer 3 VPNs. The various VPN protocols are defined by a large number of standards and recommendations that are codified by the Internet Engineering Task Force (IETF). There are many flavors of IETF standards, recommendations, statements of common practice, and so on. Some of the protocols used in IPsec are full IETF standards; however, the others are often useful and stable enough to be treated as standard by people writing IPsec software. Neither of the trusted VPN technologes are IETF standards yet, although there is a great deal of work being done on them to get them to become standards. RFCs The IETF codifies the decisions it comes to in documents called "Requests For Comments". These are almost universally called by their acronym "RFCs". Many RFCs are the standards on which the Internet is formed. The level of standardization that an RFC reaches is determined not only by "how good" the RFC is, but by how widely it is implemented and tested. Some RFCs are not solid standards, but they nonetheless document technologies that are of great value to the Internet and thus should be used as guidelines for implementing VPNs. For the purpose of defining VPNs, any protocol that has become an IETF Request For Comments (RFC) document can be treated as somewhat of a standard. Certainly, any IPsec-related RFC that has been deemed to be on the IETF "standards track" should certainly be considered a standard.

Internet Drafts Before a document becomes an RFC, it starts out as an Internet Draft (often called "IDs" or "IDs"). IDs are rough drafts, and are sometimes created for no other benefit than to tell the Internet world what the author is thinking. On the other hand, there is often very good information in some IDs, particularly those that cover revisions to current standards. Some Internet Drafts go along for years, but are then dropped or abandoned; others get on a fast track to becoming RFCs, although this is rare. Internet Drafts are given names when they first appear; if they become RFCs, the I-D name disappears and an RFC number is assigned. It should be emphasized here that it is unwise to make any programming decisions based on information in Internet Drafts. Most IDs go through many rounds of revisions, and some rounds make wholesale changes in the protocols described in a draft. Further, many IDs are simply abandoned after discussion reveals major flaws in the reasoning that lead to the draft. That being said, it is worthwhile to know which IDs pertain to areas of interest. The following is a list of the IDs that are related to Internet mail. Some of these drafts will likely become RFCs in the months or years to come, possibly with heavy revision; some will be merged with other drafts; others will be abandoned. ++Protocol listings The relevant IETF Working Groups for the protocols used by secure VPNs and trusted VPNs are: Profiling Use of PKI in IPsec Working Group Transport Layer Security Working Group Layer 2 Virtual Private Networks (l2vpn) Working Group Layer 3 Virtual Private Networks (l2vpn) Working Group Pseudo Wire Emulation Edge to Edge (pwe3) Working Group Note that the IPsec Working Group was disbanded in April, 2005. The documents are arranged by the general categories they apply to. These categories are:

For secure VPNs: General IPsec ESP and AH (encryption and authentication headers) Key exchange (ISAKMP, IKE, and others) Cryptographic algorithms IPsec policy handling Remote access SSL and TLS For trusted VPNs: General MPLS MPLS constrained by BGP routing Transport of layer 2 frames over MPLS ===================================================================== Question 4: (i) What is a Instruction Detection system (IDS)? (5 Marks) (ii) What are the two general methods of implementing network security by firewalls? (5 Marks) (iii) Distinguish between Symmetric and Asymmetric Cryptography? (5 Marks) (iv) List different types of malicious codes and describe their features. (5 Marks) Answer 4 : Security risks have grown dramatically for Internet service providers because entire infrastructures are based on open standards systems. As a result, ISPs need to be able to quickly and accurately detect unauthorized changes and respond accordingly, in order to maximize security and minimize downtime. Intrusion Detection Systems (IDS) remain relatively youthful, but in terms of development they are growing at an extraordinary rate. Generally speaking, there are four different categories of intrusion detection systems network instruction detection, system integrity verifiers, log file monitors, and deception systems. Network intrusion detection systems (NIDS) monitor packets traversing the system in an attempt to discover anomalies, indicating that an intruder trying to break into a system, or worselaunch a distributed denial of service (DDoS) attack. NIDSs look for frequent connection requests to different ports to reveal port scans. System integrity verifiers (SIV) monitor system files in an attempt to discover when an intruder changes the filesleaving behind a backdoor. A SIV may be capable of detecting changes in critical files, but these systems usually don't generate real-time alerts to network intruders. Log file monitors (LFM) simply monitor log files generated across network services. LFMs also look for patterns and anomalies in log files that suggest an intruder is attacking the network. The sole purpose of a deception systemknown in the industry as decoys, fly traps and honeypotsis to lure an unsuspecting intruder into a network through well-known security holes and trap the intruder.

Whether you need a simple intrusion alert system and network anomaly reports, or need to defend your network against DDoS attacks, smurfing, ping floods and the like, it's a imperative that you prepare a line of defense today or risk having your business be exploited by some script kiddie tomorrow. With the rapid increase in the number of LAN connections to the world's largest computer network (the Internet), new security techniques should be used to protect local networks against intrusion from the Internet. Basically, we need to prevent destruction of data by intruders, maintain the privacy of local information, and prevent unauthorized use of computing resources. To improve network security, network connections to the Internet, in general, do not take place transparently. Instead, firewall servers are used to protect the systems connected to the local network against assaults from the Internet. But, there is a price to pay, usually, because the firewall server results in a bottleneck for assaults from the Internet into the LAN as well as for allowed communication between the LAN and the Internet. Security protection methods are basically concerned with ensuring network's efficiency and effectiveness. With successful security implementations, risks can be reduced but not eliminated. There are several protection methods to ensure confidentiality, integrity and continuity. The dominating security protection method in the mainframe computing environment is the Access Control. It consists primarily of functions related to: 1. Access Mediation via connection control establishment, 2. Identification by means of Logon-Ids, 3. Authentication by means of Passwords, 4. Deferent levels of authorization controlled by Access Privileges, 5. Monitoring and enforcement, 6. Disaster recovery programs to respond to incidents, 7. Logging to record traffic and usage of services. Protection With Firewalls The best line of defense is an up-to-date and constantly maintained firewall. A firewall/proxy server is a mechanism that is used to protect a trusted network, such as an organization's internal network, from an untrusted network, typically the Internet, or any other untrusted network [second]. Firewall/Proxy servers provide the most reliable method to control outbound access and to protect networks against unauthorized intrusions. It checks addresses and characteristics of messages to make sure that they follow authorization rules. All messages that are verified to be legitimate are allowed to flow through the firewall, while others are blocked. The majority of firewalls are used between internal networks and the Internet, but they can be used in any internet, such as a company's wide area network [second]. The design decision sets the general attitude of the firewall whether to provide a higher degree of service or a higher degree of security. To protect the firewall server itself, no users should be allowed to login on the firewall server [sixth]. (ii) What are the two general methods of implementing network security by firewalls? Answer Firewall Concepts A firewall is a trusted system that is placed between a trusted internal network and another un trusted external network. The firewall system implements a policy that defines what information should be allowed to pass through. In general firewalls have the following features and limitations [fourth]: Features: 1. It can control the access to the protected network. 2. It can provide one central point of security.

3. It provides more privacy by hiding addresses. 4. It provides logging for security and other purposes. 5. It can notify the network administrator of security related events, so that he can take the appropriate actions. 6. It can be integrated with authentication keys. 7. It enforces the security policy. Limitations: 1. Restricted access to desirable services. 2. Back door access problem. 3. Inside attacks. 4. Email viruses. 5. Potential bottleneck 6.Single point of failure. (iii) Distinguish between Symmetric and Asymmetric Cryptography? Answer. Symmetric cryptography uses the same secret (private) key to encrypt and decrypt its data whereas asymmetric uses both a public and private key. Symmetric requires that the secret key be known by the party encrypting the data and the party decrypting the data. Asymmetric allows for distribution of your public key to anyone with which they can encrypt the data they want to send securely and then it can only be decoded by the person having the private key. This eliminates the need of having to give someone the secret key (as with symmetric encryption) and risk having it compromised. The issue with asymmetric is that it is about 1000 times slower than symmetric encryption which makes it impractical when trying to encrypt large amounts of data. Also to get the same security strength as symmetric, asymmetric must use strong a stronger key than symmetric.In a symmetric key cryptosystem, a single key is used to encrypt and decrypt data between two communicating hosts. In order to break the system, an attacker must either: A) discover the key through trial-and-error, or discover the key during the initial key agreement. (From Navy) Symmetric Key Encryption Schema Symmetric key protocols are known to be faster and stronger than their asymmetric counterparts but do possess unique disadvantages that we will discuss later. We will now look at some common symmetric algorithms. Asymmetric cryptography ... provides the foundation for password-authenticated key agreement and zero-knowledge password proof techniques. This is important in light of empirical and theoretical proof that secure password-only authentication over a network cannot be achieved with just symmetric cryptography and hash functions. (iv) List different types of malicious codes and describe their features. Answer. viruses and other malicious code that can threaten your data and system security. We will discuss the different types of viruses and malicious code, what they are, how they infect your computer and what

damage they can cause. What is a Virus? Simply put, viruses are small programs designed with (usually) malicious intent that attach themselves to other programs or files. They are capable of copying themselves throughout a computer or computers. They are called viruses because of the way they emulate their biological namesakes. A virus will infect healthy programs in a host computer and then spread to other healthy hosts, infecting them as well. Just as biological viruses range from being quite harmless to lethal, computer viruses may simply cause a harmless message to appear on your screen occasionally, or may render your system inoperable. Worms A worm is a piece of code that can make fully functional copies of itself and travel through a computer network and/or across the Internet through a number of means. A worm does not attach themselves to other programs like traditional viruses, but creates copies of itself, which in turn create even more copies. The computer 'worm' is so-called because of the way in which 'rogue' computer code was originally detected. Printouts of computer memory locations would show random 'wormhole' patterns, much like that of the patterns on worm-eaten wood. The term eventually became shortened and used to describe viruses that could 'worm' or propagate across networks and the Internet, leaving copies of themselves as they travelled. Worms are prolific due to the fact that most are created using simple scripting languages that can be created with a text editor and become fully functional 'programs' under the right conditions. For example, if you were to obtain a copy of the 'I Love You' worm and changed the files extension from vbs to txt, you could safely open the file in Notepad and ssview the structure of the worm. This makes the vbs script worm extremely popular among the 'script kiddy' fraternity, as it takes no (or very little) programming knowledge to modify an existing worm and release it into the wild (when a virus is circulating in the computing community or throughout the Internet, it is said to be 'in the wild'.) Trojan Horses Trojan horses are named after the wooden horse from Greek mythology in which Greek soldiers snuck into the city of Troy. Accordingly Trojans are malicious programs that sneak into a victim computer disguised

as harmless software. Trojans may also be 'wrapped' inside another program so that when the original innocent program is installed, the Trojan program is installed as well. The most commonly described Trojan has a payload that will allow a user on another computer somewhere else in the world to gain full control and access to the files on your computer. In this way, they can be used to launch denial of service attacks such as those that brought down Yahoo! and E-bay early in 2000. How Can a Virus, Worm or Trojan Infect Your System? Malicious code can be spread through just about any computer medium. They can arrive on an infected floppy disk and infect your system when a file on the disk is opened. Worse still, a floppy disk could be inadvertently left in the computer when it is shut down. Upon reboot, if the floppy is infected with a boot sector virus, the infection will be transmitted to your system. The most common methods employed to spread viruses and worms are either through email as attachments or through IRC (Internet Relay Chat). Typically, in the case of email, a message will arrive with an attachment, the user clicks on the message and the code is executed immediately. Viruses are capable of bringing down entire networks by clogging e-mail servers with copies of themselves. Some viruses will repeatedly extract addresses from e-mail 'address' books and send themselves to the recipients. Some contact lists can generate potentially thousands of messages, causing massive network bandwidth problems. Don't think that just because your new software program is in a shrink-wrapped box it is virusfree either. Viruses have been found on software disks distributed by major software companies, as well as on computer systems that have come fresh from the factory. In 1995, Microsoft inadvertently released a Compact Disc containing the 'Concept' macro virus and as late as last year, IBM shipped an undisclosed number of Aptiva computers infected with the CIH (Chernobyl) virus. Potential Damage Virus infection can have a variety of effects on an infected system. Some viruses may simply take up space on the computer hard drive until you receive 'low disk space' messages from the system. Others may popup messages on a particular date or change system icons. For example, the 4K virus will pop up a message on the screen, 'FRODO LIVES!' on the 22nd of September. The Tentacle2 virus will change your icons to

that of a purple 'monster'. Other viruses are potentially much more damaging. The CIH, or Chernobyl virus will, if not detected and removed, overwrite files on your hard disk and destroy the BIOS information on your computer. Chernobyl spreads easily and hides in an infected system until the 26th of a particular month depending on which variety it is. The BIOS chip is the 'heart' of your computer. If the information contained in this chip is overwritten by CIH, the system will become unusable, meaning the chip will have to be replaced. However, on some systems, the chip cannot be removed, which means the entire mainboard of the computer will have to be replaced, an expensive, time consuming process.

Question 5: i) Write a Linux Shall Script to shift all characters in a file forwarding five characters i.e. a become f. (5 Marks) ii) How does information flow from the top layer to the bottom layer in the OSI model.

Answer : 5 Printer sharing between Windows and Linux The less you need to rely on any proprietary protocol to get work done, the better off you are overall. Some of those protocols have been real stumbling blocks such as SMB, Microsofts proprietary protocol for file and printer sharing. Linux implementations of SMB exist, but youre probably better off without it in the long run whenever you can manage it. I recently set up a Linux workstation that shared out a Hewlett-Packard printer to the rest of my network a network that otherwise consisted entirely of Windows machines. I didnt like the idea of setting up SMB support on the Linux box, and instead, explored the possibility of having the Windows machines connect directly to the shared printer as a network printing device. To my surprise, this turned out to be pretty easy. Here are the steps to connect your Windows machines to the shared printer: Set up the printer on your Linux machine and share it using CUPS via port 631. The exact method for doing this varies between distributions, so check with your distros documentation. The end result should be a working printer, and a running CUPS service which you can access through your Web browser at http://localhost:631 from the Linux system. Using the CUPS Web interface, go to the Printers tab and make a note of the printer name, which is typically the Description: line). You can do this from the Windows machine where you plan to set up printer support. In Windows, go to Control Panel | Printers and click onAdd a printer. When prompted for a printer location, select Network printer, in the Add Printer Wizard. When prompted for the network location, select URL and use the following URL format:

http://:631/printers/. For instance, if the Linux host has a DNS name of linuxbox and the printer is named LaserJet-5, youd use http://linuxbox:631/printers/LaserJet-5 as the URL. When asked for a printer driver, select Generic as the manufacturer and MS Publisher Imagesetter as the driver. In truth, any generic PostScript driver will do, but this works as well as any. When finished with the wizard, print a test page to make sure everything is set up correctly. In Windows Vista, the steps are almost exactly the same, but the nomenclature for some of the steps is a little different. In the first step of the wizard, Vista will attempt to search for a printer (via SMB, which it wont find). Click Stop to halt the search and then click The printer that I want wasnt listed to add a printer manually. In the next step of the wizard, use Select a shared printer by name when you want to supply the printers URL. The rest should unfold exactly as before. Adding a printer by TCP/IP address or hostname will not work. Finally, if youre using a firewall product, make sure that port 631 is not being blocked. The Microsoft firewall on the Windows machine will usually know automatically what to do, but some thirdparty products may not. If youre managing a workgroup and using system images to deploy your desktops, you can use the Windows con2prt utility, or a freeware substitute like AdPrintX, as a way to automate adding references to a CUPS-managed printer. If youre dealing with multiple CUPS-driven printing systems on the Linux side, you may want to drop the cash for the CUPS Companion CD and its accompanying book. The CUPS Companion CD is now offered in lieu of the commercial UNIX printing product ESP Print Pro, which is being discontinued by the manufacturer. (b) How does a domain differ from workgroup? Answer . Workgroup vs. Domain: Windows has two modes of operation - Workgroup and Domain. Depending on the environment that your computer is in, you will be running in one of these two modes. Most home and small business environments will be Workgroup, and most mid- to large businesses will run in domain mode. There are different features and capabilities depending on each, and each serve a purpose Workgroups can be best understood as a loosely connected group of computers. They rely on each other for

nothing, but they are there to share resources should the need arise. There is no centralized management and so there is a low barrier to use. By default, Windows XP is in this mode. Domains, on the other hand, provide centralized management and security. User access is controlled from a separate server called a domain controller and there is a trust built between systems in a domain. There are much more robust differences as well. Workgroup A workgroup is best understood as a peer-to-peer network. That is, each computer is sustainable on its own. It has its own user list, its own access control and its own resources. In order for a user to access resources on another workgroup computer, that exact user must be setup on the other computer. In addition, workgroups offer little security outside of basic access control. Windows share permissions are very basic and do not offer any kind of granularity for who can access what, etc. Workgroups are more than adequate, though, for most small business and home use. Domain A domain is a trusted group of computers that share security, access control and have data passed down from a centralized domain controller server or servers. Domain Controllers handle all aspects of granting users permission to login. They are the gatekeeper. In addition, most modern domains use Active Directory which allows and even more centralized point for software distribution, user management and computer controls. ===================================================================== ===================================================================== =====================================================================