Beruflich Dokumente
Kultur Dokumente
JOIN ON FB VIJAY
JOTANIS BLOG
please check answers before
writing we are not responsible for anything.
October,
2014 (For July 2014 Session)
15
th
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
recompile login (and any other apps that will do authentication via the new method) so they
support the new system. As you can imagine this is quite laborious and prone to errors.
PAM introduces a layer of middleware between the application and the actual authentication
mechanism. Once a program is PAM'ified, any authentication methods PAM supports will be
usable by the program. In addition to this PA can handle account, and session data which is
something normal authentication mechanisms don't do very well. For example using PAM you
can easily disallow login access by normal users between 6pm and 6am, and when they do login
you can have them authenticate via a retinal scanner. By default Red Hat systems are PAM
aware, and newer versions of Debian are as well (see bellow for a table of PAMified systems).
Thus on a system with PAM support all I have to do to implement shadow passwords is convert
the password and group files; and possibly add one or two lines to some PAM config files (if
they weren't already added). Essentially, PAM gives you a great deal of flexibility when
handling user authentication, and will support other features in the future such as digital
signatures with the only requirement being a PAM module or two to handle it. This kind of
flexibility will be required if Linux is to be an enterprise-class operating system. Distributions
that do not ship as "PAM-aware" can be made so but it requires a lot of effort (you must
recompile all your programs with PAM support, install PAM, etc), it is probably easier to switch
straight to a PAM'ified distribution if this will be a requirement. PAM usually comes with
complete documentation, and if you are looking for a good overview you go
http://www.sun.com/software/solaris/pam/.
Other benefits of a PAM aware system is that you can now make use of an NT domain to do
your user authentication, meaning you can tie Linux workstations into an existing Microsoft
based network without having to say buy NIS / NIS+ for NT and go through the hassle of
installing that. As far as I know all modern Linux distributions have PAM support and default to
it.
PAM Cryptocard Module
A PAM cryptocard module is available
http://projects.jdimedia.nl/index.phtml?ID=crypto&L=&BROW=1&W=1260&H=886.
Cryptocards are excellent for securing interactive logins since they do not require any special
equipment on the client end, thus you can log in from a cybercafe for example with no fear of
your password being stolen (since it changes each time you log in). Unfortunately Cryptocards
tend to be expensive and require some user training, I would advise them primarily for
installations with a higher need of security then "normal" or for infrastructure related servers and
equipment (i.e. Authentication servers).
Pam Smart Card Module
MSG: Recently Vijay has been working with IIT-GANDHINAGAR and SIEMENS AEROSPACE
CENTRE.and because of his busy schedule ,we (Anikesh, Neeraj) will have been trying to serve
your problems and material.so we request you to co-operate us.yes, when sir will become free
from his work, they will surely continue to maintain this blog.. you can join Mr. Vijay Jotani at
facebook.com/vijay.jotani
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
Smartcards can be used to sign and encrypt email as well as providing login services. The
primary problem with smartcards however is that the client station needs a compatible card
reader, the chances of finding these on a system outside of your office are slim indeed. A module
to provide PAM support for smartcards is available http://www.linuxnet.com/apps.html.
Pam module for SMB
SMB (Server Message Block) is incredibly popular protocol for the simple reason Microsoft has
choosen to use it as their primary protocol for Windows 9x and NT (it is also supported in 2000).
Many sites have existing NT infrastructures, adding Linux servers that require their own
authentications infrastructure can be quite troublesome. Fortunately you can authenticate on
Linux machines against SMB servers, packages are available
http://rpmfind.net/linux/rpm2html/search.php?query=pam_smb and the primary site is
http://www.csn.ul.ie/~airlied/pam_smb/. You can also install SAMBA on the machine and use
this to authenticate but for workstations the PAM module is much more appropriate.
Pam module for LDAP
http://www.padl.com/OSS/pam_ldap.html
Authentication services
Authentication services such as NIS and Kerberos are covered in the network servers section of
the LASG <a href="../network-servers/authentication/">here. Generally speaking they are easy
to implement client side on modern Linux distributions, during install you are often given the
choice of Kerberos, LDAP or NIS+ passwords and their related settings. Setting up the servers
however is another matter.
Passwords
In all UNIX-like operating systems there are several constants, and one of them is the file
/etc/passwd and how it works. For user authentication to work properly you need (minimally)
some sort of file(s) with UID to username mappings, GID to groupname mappings, passwords
for the users, and other misc. info. The problem with this is that everyone needs access to the
passwd file, every time you do an ls it gets checked, so how do you store all those passwords
safely, yet keep them world readable? For many years the solution has been quite simple and
effective, simply hash the passwords, and store the hash, when a user needs to authenticate take
the password they enter it, hash it, and if it matches then it was obviously the same password.
The problem with this is that computing power has grown enormously and I can now take a copy
of your passwd file, and try to brute force it open in a reasonable amount of time (assuming you
use a poor hash system, or weak passwords).
Use a better hash
MSG: Recently Vijay has been working with IIT-GANDHINAGAR and SIEMENS AEROSPACE
CENTRE.and because of his busy schedule ,we (Anikesh, Neeraj) will have been trying to serve
your problems and material.so we request you to co-operate us.yes, when sir will become free
from his work, they will surely continue to maintain this blog.. you can join Mr. Vijay Jotani at
facebook.com/vijay.jotani
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
Using a hash such as MD5 or blowfish significantly increases the amount of computing power
needed to execute a brute force attack, but there are two large problems with switching from the
traditional crypt hash. The first is compatibility, if you use NIS or NIS+ with systems such as
Solaris using a different hash then crypt will break authentication, obviously a problem. The
other problem is that no matter how strong a hash you use poor passwords (such as the username
or "dog") will still be easily discovered. If possible you should use a better hash, but if this is not
possible then there is another solution.
Use shadow passwords
User account data is stored in /etc/passwd traditionally, but the actual password hashes and
related data (password expiry, etc.) is stored in /etc/shadow, a file only readable by root.
Programs that need to check a password can either run as root or use a setuid or setgid wrapper
program (like PAM provides) to check the password, the only way to get access to /etc/shadow
requires root privileges. There have been problems in past with setuid programs that read
/etc/shadow leaking information, however these are relatively rare (and you are no worse off
then storing passwords in a world readable location).
Several OS's take the first solution, Linux has implemented the second for quite a while now.
Because most vendors rely on PAM for authentication services, implementing a new
authentication scheme is relatively simple, all you need to do it add a PAM module that
understands the new authentication scheme and edit the PAM config file for whichever program
(say login) uses it. Now for an attacker to look at the hashed passwords they must go to quite a
bit more effort then simply copying the /etc/passwd file.
Cracking passwords
In Linux the passwords are stored in a hashed format, however this does not make them
irretrievable, chances are you cannot reverse engineer the password from the resulting hash,
however you can hash a list of words and compare them. If the results match then you have
found the password (the chances of a different word hashing to the same value as another are
slim), this is why good passwords are critical, and dictionary based words are a terrible idea.
Even with a shadow passwords file the passwords are still accessible by the root user, and if you
have improperly written scripts or programs that run as root (say a www based CGI script) the
password file may be retrieved by attackers. The majority of current password cracking software
also allows running on multiple hosts in parallel to speed things up.
Most modern Linux distributions use MD5 hashed passwords at a minimum (notable exceptions
are SuSE and Debian which default to crypt for backwards compatibility with NIS and the like).
In any event password crackers will usually catch poor passwords or dictionary based passwords
quickly. As well on modern systems passwords are protected in shadow password files, if an
MSG: Recently Vijay has been working with IIT-GANDHINAGAR and SIEMENS AEROSPACE
CENTRE.and because of his busy schedule ,we (Anikesh, Neeraj) will have been trying to serve
your problems and material.so we request you to co-operate us.yes, when sir will become free
from his work, they will surely continue to maintain this blog.. you can join Mr. Vijay Jotani at
facebook.com/vijay.jotani
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
attacker has access to this file chances are they have sufficient privilege to do other things to
compromise the system.
VCU
VCU (Velocity Cracking Utilities) is a windows based programs to aid in cracking passwords,
VCU attempts to make the cracking of passwords a simple task for computer users of any
experience level. You can download it
http://packetstormsecurity.org/groups/wiltered_fire/NEW/vcu/
Password storage
This is something many people don't think about much. How can you securely store passwords?
The most obvious method is to memorize them, this however has it's drawbacks, if you
administer 30 different sites you generally want to have 30 different passwords, and a good
password is 8+ characters in length and generally not the easiest thing to remember. This leads to
many people using the same passwords on several systems (come on, admit it). One of the
easiest methods is to write passwords down. This is usually a BIG NO-NO; you'd be surprised
what people find lying around, and what they find if they are looking for it. A better option is to
store passwords in an encrypted format, usually electronically on your computer or palm pilot,
this way you only have to remember one password to unlock the rest which you can then use.
Something as simple as PGP or GnuPG can be used to accomplish this. If you can afford it using
authentication tokens or smartcards are a good way to reduce the number of passwords you must
memorize.
Many of these programs have been found to contain flaws, I advise using them with caution.
Strip
Strip is a palm pilot program for storing passwords securely and can also be used to generate
passwords. It is GNU licensed and available http://www.zetetic.net/products.html. The
generation function is flawed and should not be used.
b) List the drawbacks of Windows 2000 operating system.
Windows 2000 is an older operating system still used in some small and large offices. Windows 2000
professional is the operating system edition used on client machines. Even though the operating system has
been replaced by several newer Windows versions, it still has some advantages and disadvantages for client
machines and networks.
The Windows 2000 Professional operating system uses the NTFS standard for its file system. NTFS allows
users to share folders and set permissions on the machine. Users can also set profiles for each person who
accesses the machine. Each user has a different profile that contains custom settings, so backgrounds, fonts
MSG: Recently Vijay has been working with IIT-GANDHINAGAR and SIEMENS AEROSPACE
CENTRE.and because of his busy schedule ,we (Anikesh, Neeraj) will have been trying to serve
your problems and material.so we request you to co-operate us.yes, when sir will become free
from his work, they will surely continue to maintain this blog.. you can join Mr. Vijay Jotani at
facebook.com/vijay.jotani
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
and startup programs are specific for the person logging in. The NTFS file system also offers users the ability to
set permissions on files, so users could only read some documents without changing the content. If users want
to block other users from seeing the file, Windows 2000 Professional allows them to password-protect the
folder.
The Windows 2000 operating system has been on the market for several years. Because it's been a part of the
Windows operating system for so long, several patches and security hotfixes are available. This makes it
incredibly stable compared to newer Windows operating systems. The amount of time the operating system
has been on the market has allowed Microsoft to fix any issues that arise for newer Windows versions, which is
why some users choose to keep the older Windows 2000 version.
Microsoft no longer supports Windows 2000 Professional as of July 13, 2010. Because of this, updates,
hotfixes and phone support are no longer offered for this product. For this reason, users with Windows 2000 on
a machine may encounter an issue that cannot be fixed. Windows 2000 users should consider upgrading to
avoid loss of support features.
Windows 2000 Professional (known here as Windows 2000) made its debut in February. As the Computer Age
matures, so must the operating systems that power these brain trusts. Where once everyone was only
concerned about accessing basic files and playing simple games, today's sophisticated computer user not only
needs but wants more out of his or her system. Microsoft Corporation is betting that its new Windows 2000 for
business and soon to be released Windows Millennium for consumers will meet those needs with flying colors.
Company Chairman Bill Gates called the operating system "the most ambitious software project ever." But
without proper preparation, upgrading a computer's operating system to Windows 2000 is a lot like jumping out
of an airplane without first testing a parachute.
The high marks Windows 2000 has received for stability and performance might be enough to warrant an
upgrade, but users need to check their hardware for compatibility. Even consumers, who will find that Windows
Millennium (also known as Windows ME), which lacks Windows 2000's stability but caters more to their needs,
should be wary.
Windows 2000 offers an even more impressive set of improvements. Originally called Windows NT (New
Technology) 5.0, it inherits Windows 95/ 98 features such as Plug and Play hardware detection, support for the
FAT32 file system, and power management. But small businesses still running Windows 95/ 98 should stick
with their current operating systems, for the time being.
Microsoft's upgrade site lists 5,765 PC models that conform to Windows 2000's system requirements: Users
should have at least a 133-MHz (166 MHz preferred) Pentium-class system with at 64MB of memory, and a
2GB hard disk with a minimum of 650MB of free space.
Furthermore, users should be sure their PC's manufacturer offers Windows 2000 BIOS upgrades, if necessary.
The BIOS the code that lives directly on a PC's motherboard and boots the computer describes some hardware
characteristics to the operating system. It's crucial that a PC has an ACPI BIOS to run Windows 2000.
MSG: Recently Vijay has been working with IIT-GANDHINAGAR and SIEMENS AEROSPACE
CENTRE.and because of his busy schedule ,we (Anikesh, Neeraj) will have been trying to serve
your problems and material.so we request you to co-operate us.yes, when sir will become free
from his work, they will surely continue to maintain this blog.. you can join Mr. Vijay Jotani at
facebook.com/vijay.jotani
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
Windows 2000 does have its advantages. Besides being more stable, requiring far fewer reboots than
Windows 98, it also shuts down quickly. And it's better than its predecessors at supplying big chunks of
memory quickly to applications such as Adobe Photoshop.
But with advantages come disadvantages. Unlike Windows 95/ 98, Windows 2000 requires users to log on
using a name and password, and it uses that log-on authentication to control file access. More important,
hardware compatibility and system requirements make Windows 2000 an iffy choice for antiquated hardware.
And just because hardware is new doesn't make it compatible with Windows 2000.
Also, users can't uninstall Windows 2000 Professional like Windows 98. If an installation doesn't work, their
only recourse is to wipe out everything by reformatting the disk drive and reinstalling the operating system and
all their applications.
Finally, Windows 2000 Professional lists at $319 retail, with an upgrade from Windows 95/98 at $219.With an
expected street price of about $90, Millennium is the way to go for most home and casual users.
Users who want Windows 2000 should purchase a computer that comes with it and all the necessary
peripherals installed. Those who want better performance should invest in a faster processor or a memory
upgrade.
Q.2.
a) Which users/ groups have access to audit logs in windows
2000? Why are audit policies disabled by default?
Auditing changes to groups is very easy. Windows provides different event IDs for each combination of group type, group scope and
operation. In AD, you have 2 types of groups. Distribution groups cannot be assigned rights or permissions. Distribution groups are
reserved exclusively for distribution lists in Exchange 2000. In the security log distribution groups are referred to as security
disabled groups. Security groups are the more familiar type of group and the only group type that you can assign permissions and
rights. Security groups are referred to as security enabled groups in the security log. Groups also have 1 or 3 scopes: Universal,
Global and Local. The chart below illustrates the difference between the 3 scopes.
Scope
Universal
Global
Domain local
Can be granted
permissions
Users and global or universal Anywhere in the forest
groups from any domain in
the forest
Users and other global
Anywhere in the forest
groups from same the
domain
Users and global or universalOnly within the same
MSG: Recently Vijay has been working with IIT-GANDHINAGAR and SIEMENS AEROSPACE
CENTRE.and because of his busy schedule ,we (Anikesh, Neeraj) will have been trying to serve
your problems and material.so we request you to co-operate us.yes, when sir will become free
from his work, they will surely continue to maintain this blog.. you can join Mr. Vijay Jotani at
facebook.com/vijay.jotani
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
Windows logs 5 different event IDs for each group type and scope combination. The 5 events correspond to the 5 operations
Windows audits for each group: creation, change, deletion, member added and member removed.
Type
Scope
Created
Changed
Deleted
Security
Local
Global
Universal
Local
Global
Universal
635
631
658
648
653
663
641
639
659
649
654
664
638
634
662
652
657
667
Distribution
Member
Added Removed
636
637
632
633
660
661
650
651
655
656
665
666
From an access control auditing perspective, the most important column would have to member added since that operation usually
corresponds to a user being granted new access.
As you can see, Audit account management provides a wealth of information for tracking changes to your users and groups in
Active Directory. Remember though, you must monitor and/or collect these events from each domain controller within your domain
since the only domain controllers that logs an account management event is the one where the change was actually
executed. While a change to a user or group does get replicated to all the other domain controllers, replication does not trigger any
events in the security log. For effective use of the security log you need someway of collecting events into a single database for
monitoring and reporting purposes using some home grown scripts or an event log management tool such as GFIs LanGuard
SELM.
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
hacker far more access on a system than should be given. These have
been disabled by default since 2000, and you should make sure they stay
that way.
Enable User Account Control: Lastly, since Windows Vista, UAC has
been the No. 1 protection tool for people browsing the Web. I find that
many clients turn it off due to old information about application
compatibility problems. Most of those problems have gone away, and
many of the remaining ones can be solved with Microsoft's free
application compatibility troubleshooting utility. If you disable UAC, you're
far closer to Windows NT security than you are a modern operating
system.
Here's the best part: Each of these settings is set correctly by default in
Windows Vista/Server 2008 (and later). Most of my Windows security
books were all about the settings I wanted you to more securely harden.
These days, my best advice is don't muck it up. When I see problems, it's
because people go out of their way to weaken them, and that's never
good.
Q.3.
Write the steps for installing a network printer in Windows 2000
and LINUX operating system.
Step 1
Typically, there are three safe ways how to install the Linux platform onto a machine that is running the Microsoft Windows
Operating System. To execute Linux using the Virtual PC, go to step 6. To make use of the Wubi installer, skip to step 10.
Step 2
The first technique in running the Linux Operating System on a Windows platform machine involves the use of the Live Disk. Launch
your Web browser and download the Live Disk version from the Linux site.
Step 3
Save the file onto the hard drive of your machine. Once the downloading process is completed, open any authoring program which
will burn the file onto a CD or DVD media to create the Live Disk.
Step 4
Upon completion of the Live Disk, reboot the machine making sure that the first boot device is the CD or DVD drive. This allows
Linux to run directly from the optical media. A drawback to this though is that it is comparatively slow compared to running the
Operating System from the hard drive. This process however does not require the partitioning of the hard drive.
Step 5
MSG: Recently Vijay has been working with IIT-GANDHINAGAR and SIEMENS AEROSPACE
CENTRE.and because of his busy schedule ,we (Anikesh, Neeraj) will have been trying to serve
your problems and material.so we request you to co-operate us.yes, when sir will become free
from his work, they will surely continue to maintain this blog.. you can join Mr. Vijay Jotani at
facebook.com/vijay.jotani
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
To boot back into Windows, simply remove the Live Disk and reboot the machine. Live Disk may also be distributed freely with some
computer magazines.
Step 6
To use Virtual PC, launch your Web browser and go to the website of Microsoft to download the application.
Step 7
Upon completion of the download process, install the file into your machine. This will create a virtual machine which will share
resources with the host computer.
Step 8
Load the ISO format file of the Linux Operating System in the virtual machine which will execute the platform. This eliminates the
need to create a Live Disk version of Linux.
Step 9
To go back to the Windows platform, simply unload the ISO file and the corresponding virtual machine program.
Step 10
The last method is using the Wubi installer which will put the Ubuntu version of the Linux Operating System into your machine as
part of the Windows file system.
Step 11
Upon completion of the installation process, reboot the machine completely.
Step 12
On boot up the user will be given the option either to boot Ubuntu or the Windows platform. Choosing Ubuntu will complete the
process as well as prepare the hard drive to be used under Linux.
Step 13
Reboot the machine again and select Ubuntu to start using the Linux platform. Wubi like most Window-based programs can be
uninstalled using the Add/Remove Programs function.
Q.4.
a) Draw and explain the features of various networking
components: Switch, Hub, Nods, Cables, Router, and Bridges.
Hubs
Hubs form the heart of a network, with every separate node of the network
connected to the hub through its ports. Anything from a file server to a
workstation to a print server can be connected to the hub, making it
accessible to every other node of the network.
There are three main points to remember about hubs:
MSG: Recently Vijay has been working with IIT-GANDHINAGAR and SIEMENS AEROSPACE
CENTRE.and because of his busy schedule ,we (Anikesh, Neeraj) will have been trying to serve
your problems and material.so we request you to co-operate us.yes, when sir will become free
from his work, they will surely continue to maintain this blog.. you can join Mr. Vijay Jotani at
facebook.com/vijay.jotani
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
cable.
All hubs can be uplinked together, either with straight-through cable or cross-over cable,
depending on whether or not the hub has an uplink port.
Performance will decrease as the number of users is increased.
When choosing a hub, the main consideration should be performance. If the hub is 100Mbps and there
are five users, each user will receive only 20Mbps of bandwidth. If the hub is intended for a small
network with very little traffic, this should not be a problem. However, if the network is large or expected
to expand, a switch is a better option in the end.
When considering a hub, always remember that the network may expand in the future. Try to buy a hub
that has enough ports to allow expansion without more hardware purchases. If expansion is not an
immediate concern, remember that in the future you can add more hubs.
The standard hub is great for starting a small network, or providing a
network to one department. There are two basic types: 10baseT, which will
support a speed of 10Mbps; and 100baseTX, which supports 100Mbps. A
standard 10baseT hub cannot connect to hardware that runs at 100Mbps
unless a switch or hub with auto-sensing capabilities is used between them.
If your network is small and will not require expansion in the near future, a
standard hub is the perfect solution.
Many hubs have one or more of the following extra features, which can increase ease of use, efficiency,
and expandability:
Auto-sensing or dual-speed 10/100Mbps. Hubs with this feature can support hardware running at
both speeds, increasing the length of time you can use your old 10baseT hardware.
Stackable hubs. Hubs with this feature are very expandable, operating as a single hub when
stacked together. While standard hubs can only be uplinked through four hubs, a stacked hub is
considered a single hub and there is no uplinking required.
SNMP (Simple Network Management Protocol). Hubs that support SNMP allow configuration of
the hub from anywhere on the network. This feature can be extremely useful in LANs that span
two or more floors, or have more than 50 users.
Final note on hubs: Always remember that hubs can only communicate in half duplex mode, which
means that a computer on the network can only send data when it is not receiving. If the network
requires full duplex mode, use a switch rather than a hub.
Nodes:
node has the following features:
MSG: Recently Vijay has been working with IIT-GANDHINAGAR and SIEMENS AEROSPACE
CENTRE.and because of his busy schedule ,we (Anikesh, Neeraj) will have been trying to serve
your problems and material.so we request you to co-operate us.yes, when sir will become free
from his work, they will surely continue to maintain this blog.. you can join Mr. Vijay Jotani at
facebook.com/vijay.jotani
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
Name specifies the name of the node. The default name is node_n, where n is an incremental
integer starting with 0. To enter a detailed description of the node, use the Description tab.
Stereotype specifies the stereotype of the element, if any. They are enclosed in guillemets,
for example s1 and enable you to tag classes for documentation purposes.
To select from a list of current stereotypes in the project, click the Select Stereotype
button
To sort the order of the selected stereotypes, click the Change Stereotype Order
button
o
Cable and Connection Features
Build complete machine automation solutions with Rexroth power cables and data
communications products. Designed to provide a comprehensive array of reliable, proven cabling
solutions, you can be certain that your Rexroth drives, controls, I/O and motors will deliver the
performance and value your machines require, because they are connected and powered by
components engineered and manufactured to the highest standards of quality and flexibility.
Rexroth data communications and power cable products incorporate key features designed to ensure long product life and safe,
virtually error-free operation:
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
The eight key features that every wired router should have are detailed
1. Firewall
2. Additional Security
3. Number of Connection Ports
4. Port Forwarding
5. Fast Data Transfer Rate
6. Easy Setup
7. Remote Management
8. Virtual Private Network Capability
the function of bridges is to give access to people and moving vehicles to places which beforehand were not
avalible to access in the first place. eg to cross a river and get to the other side.
MSG: Recently Vijay has been working with IIT-GANDHINAGAR and SIEMENS AEROSPACE
CENTRE.and because of his busy schedule ,we (Anikesh, Neeraj) will have been trying to serve
your problems and material.so we request you to co-operate us.yes, when sir will become free
from his work, they will surely continue to maintain this blog.. you can join Mr. Vijay Jotani at
facebook.com/vijay.jotani
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
After an attack is detected, auditing can assist in determining what network resources are compromised.
This chapter shows how to audit your environment to give you the best chances of spotting and tracing an attack,
and looks at monitoring for intrusionincluding the use of intrusion detection systemssoftware specifically
designed to spot behavior that indicates an attack is occurring.
As part of your overall security strategy, you should determine the level of auditing appropriate for your environment.
Auditing should identify attacks, either successful or not, that pose a threat to your network, or against resources that
you have determined to be valuable in your risk assessment.
When deciding how much to audit, you should bear in mind that the more you audit, the more events you generate,
and the more difficult it can be to spot critical events. If you are doing extensive auditing, you should strongly
consider using additional tools, such as Microsoft Operations Manager (MOM), to help you filter events that are of
greater importance.
Audit events can be split into two categories: success events and failure events. A success event indicates that a user
has successfully gained access to a resource, whereas a failure event shows that they tried, but failed.
Failure events are very useful in tracking attempted attacks on your environment, but success events are much more
difficult to interpret. Although the vast majority of successful audit events are simply indications of normal activity, an
attacker who manages to gain access to a computer will also generate a success event. Often, a pattern of events is as
important as the events themselves. For example, a series of failures followed by a success may indicate an attempted
attack that was eventually successful.
Wherever possible you should combine audit events with other information you have about your users. For example,
if users leave on vacation, you may choose to disable their accounts while they are away, and audit for them when
they are re-enabled.
MSG: Recently Vijay has been working with IIT-GANDHINAGAR and SIEMENS AEROSPACE
CENTRE.and because of his busy schedule ,we (Anikesh, Neeraj) will have been trying to serve
your problems and material.so we request you to co-operate us.yes, when sir will become free
from his work, they will surely continue to maintain this blog.. you can join Mr. Vijay Jotani at
facebook.com/vijay.jotani
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT:
If you remove the Event Viewer settings from Group Policy, you can instead define them directly in Event Viewer.
However, it is recommended that you define your Event Viewer settings in Group Policy to ensure consistent settings
across similar computers.
In Contoso's environment, Group Policy is not configured to shut down the computers in the organization if the
security log reaches capacity. Rather, the computers are configured to overwrite event logs as needed.
Events to Audit
Microsoft Windows 2000 provides several categories of auditing for security events. When designing your
enterprise audit strategy, you will need to decide whether to include the following categories of security audit events:
Logon events
Account logon events
Object access events
Directory Service access events
Privilege use events
Process tracking events
System events
Policy change events
The following sections detail some of the more common event IDs that are returned when auditing is enabled for
specific categories.
Note Tools used to search and collect event log information are discussed in the "Passive Detection Methods"
section later in this chapter.
Logon Events
If you audit for logon eventsevery time that a user logs on or off a computeran event is generated in the security
log of the computer where the logon attempt occurs. Also, when a user connects to a remote server, a logon event is
generated in the security log of the remote server. Logon events are created when the logon session and token are
created or destroyed respectively.
Q.5.
a) Do the local policies cover security management functions for
administrators also in windows 2000? Can different security
functions be created for each user in Linux?
b) Is the quota limit applicable to all the users in windows 2000?
Is there any user that is not limited by the quota management?
MSG: Recently Vijay has been working with IIT-GANDHINAGAR and SIEMENS AEROSPACE
CENTRE.and because of his busy schedule ,we (Anikesh, Neeraj) will have been trying to serve
your problems and material.so we request you to co-operate us.yes, when sir will become free
from his work, they will surely continue to maintain this blog.. you can join Mr. Vijay Jotani at
facebook.com/vijay.jotani
WWW.VIJAY-JOTANI.WEEBLY.COM
www.vijay-jotani.weebly.com
WWW.VIJAY-JOTANI.WEEBLY.COM
YourWWW.VIJAY-JOTANI.WEEBLY.COM
favorite blog :www.vijay-jotani.weebly.com (popularly known
VISIT: