Computer System Management: Hosting Servers, Miscellaneous

Computer System Management:

Hosting Servers, Miscellaneous

Amarjeet Singh October 22, 2012

Logistics

Any doubts on project/hypo explanation etc.?

Final deadline for Learn it yourself and Bonus deadline for Mini project today

From next class onwards, we will take up topics that were assigned as part of Learn it yourself but are useful for everyone to learn – more on it at the end of the class

Revision

How does the telephone and DHL work simultaneously on the same cable?

What is typical bandwidth arrangement from ISP – symmetric/asymmetric and why?

Revision

What are the two protocols at Transport layer? What is the difference between the two?

For what applications are they typically used? What is DNS load balancing?

Proxy server

A proxy is a host which relays web access requests

from clients

Used when clients do not access the web directly

Used

for

security,

logging,

accounting

and

performance

What is Web Caching?

Storing copies of recently accessed web pages

Pages are delivered from the cache when requested again

Browser caches Proxy caches

Why cache?

Shorter response time

Reduced bandwidth requirement Reduced load on servers

Popular Proxy Caches

Apache proxy MS proxy server WinProxy

Squid

Squid is popular because it is powerful, configurable and free Many others

Squid setup

Daemon is squid (service squid start/stop/restart)

Files used

Configuration file: /etc/squid/squid.conf Log files: /var/log/squid

Configuration options:

Disk Cache size and location Authentication

Allowed Hosts

Any other access restrictions (sites, content, size, time of access etc.) using ACL

Mail architecture

Internet

Protocols at work

Simple Mail Transfer Protocol (SMTP) - Standard for sending emails across IP networks

Post Office Protocol (POP), Internet Message Access Protocol (IMAP) - Application layer protocol used to retrieve email from a remote server over a TCP/IP connection

POP3 vs IMAP

Post Office Protocol Version 3 (POP3):

Clients using POP generally connect, retrieve all messages, store them as new messages on user PC, delete them from server and disconnect

POP3 vs IMAP

Internet Message Access Protocol (IMAP):

Clients often stay connected as long as user interface is active and download message content on demand

Mail Architecture

_{Popular Mail Servers}

Sendmail/Postfix

Microsoft Exchange

Server

What is Voice over IP (VoIP)

The packetization and transport of classic public switched telephone system audio over an IP network.

The analog audio stream is encoded in a digital format, with possible compression, and encapsulated in IP for transport over your LAN/WAN or the public Internet

Modes of Operation: - PC to PC - PC to Telephone - Telephone to PC - Telephone to Telephone Protocols H.323 SIP

H.323 Architecture

• H.323 Terminal: Simple IP phone or complex videoconferencing system

• Gateway: Enable communication between H.323 and other network (ISDN/PSTN) • Gatekeeper: Optional component managing miscellaneous services such as

endpoint registration, address resolution etc.

• Multipoint Control Units (MCU): Manage multipoint conferences (both video and audio)

Session Initiation Protocol (SIP)

SIP is a text-based protocol similar to HTTP and SMTP, for initiating interactive communication sessions between users

SIP is an application-layer control (signaling) protocol for creating, modifying and terminating sessions with one or more participants

SIP can be used with different transport protocols, it doesn't even require reliable transport protocols

A simple SIP client can be implemented using only UDP

H.323 vs SIP

Designed with good

understanding of multimedia requirements over IP network Well defined standards result in high level of robustness and interoperability

Strict guidelines make the system more constrained and less complex

Most H.323 entities use reliable transport for signaling

Designed to setup a “session” between two points: modular and flexible

with no multimedia

conferencing support

Integration of disparate standards left to vendors

Lack of guidelines make the system more complex

Most SIP entities use unreliable transport for signaling

Cryptography

Encrypt before sending, decrypt on receiving (plain text and cipher text)

Cryptography

All cryptosystems are based only on three Cryptographic Algorithms:

Message Digest

(MD2-4-5, SHA, SHA-1, …)

Private KEY

(Blowfish, DES, IDEA, RC2-4-5, Triple-DES, …)

Public KEY

(DSA, RSA, …)

Maps variable length plaintext into fixed length ciphertext

No key usage, computationally infeasible to recover the plaintext

Encrypt and decrypt messages by using the same Secret Key

Encrypt and decrypt messages by using two different Keys: Public Key, Private Key (coupled together)

Cryptography

Two components: key, and the algorithm

Algorithms are publicly known and Secrecy is in the Key Key distribution must be secure

Plaintext Encryption Ciphertext Decryption Plaintext

Key Key

Cryptography

Symmetric Key Cryptography (DES, Triple DES, RC4): K_E =K_D Asymmetric Key Cryptography (RSA): K_E K_D

Private/Public key cryptography

Private Key: The Sender and Receiver share the same Key which is private

Public Key:

Both the Sender and Receiver have their Private Key and Public Key Messages are encrypted using receiver’s Public Key and the receiver decrypts it using his/her Private Key

Plaintext Encryption Ciphertext Decryption Plaintext

Sender/Receiver’s Private Key

Sender/Receiver’s Private Key

Plaintext Encryption Ciphertext Decryption Plaintext

Digital Signature

Hash Function Message

Signature

Private Key Encryption

Digest Message Decryption Public Key Expected Digest Actual Digest Hash Function Digest Algorithm Digest Algorithm