New Secrets OF Making N100,000 Printing GSM Recharge Vouchers Cheaper And Selling Profitably to Over 100 Call Centers In Your Area To Buy From You and Smiling to the Bank!
Have you ever wanted to go into recharge card business but you are wondering if it will actually be profitable for you. You just don't want to make mistake, you are afraid you don't know much about the business.
You have thought, if only you could know where to buy recharge card cheaper and sell profitably. Or how you can buy in bulk and sell to all the retailers in your area and smile to the bank.
I have good news for you, all that dream you can make it come true, if you take advantage of the tips I'm offloading to you here. The commonest challenges faced by every entrepreneur, even the successful ones is the fear of the unknown and so you are not alone but don't let it stop you from becoming the next GSM millionaire.
Have you observed that all the GSM operators have introduced lower recharge card values in N100, N150, N200, N250, N300, N400 and N500. Why do you think they all now have these lower recharge vouchers? Remember, N500 was the lowest value in the market before MTN came out with N400. But now the lowest is N100 and do you believe we could have even N50 value soon.
One thing can only explain the reason for the lower recharge cards, it sells faster. Operators are experiencing a boom in recharge card consumption since the introduction of lower recharge cards.
For example, I used to spend N3000 monthly on recharge card on my phone, but now I buy at least one N200 card everyday and that has increased my monthly bill in one phone to N6000 per month.
Now relate this to selling of these lower recharge cards. The demand for them is he reason they are being sold above the price value. N100 to N400 cards sell for N20 above their values.
Who do you think takes these values? Who do you think takes these extra profit, the retailers because even though dealers get it at almost 8 percent discount, they sell at N195 for the N200 to retailers and some even sell for the N200, pocketing N16 per voucher.
The most interesting thing however is that only few people supply these vouchers to retailers. Imagine if it's only one or two people are supplying all the lower recharge cards in your town, how much profit could he be making in one month?
You may think it's impossible for just one person to be supplying these vouchers when there are many dealers scattered all over the state.
The printing and distributing of voucher pins are the exclusivity of some few GSM operators' dealers. About 2 per cent of the dealers have this license. Do you now see why only one person could be making all these money in your state?
Well, I didn't mean to wet your financial appetite and leave you waiting. You too can be among the few people that can print and distribute these fast selling vouchers in your state. And you don't have to become a GSM operator’s licensed dealer that would be a costly process. You can take advantage of dealers who have the license but don't wish to print themselves.
With their full support and supply of vouchers pins, you are on your way to making N100,000 or more monthly, printing and selling lower recharge vouchers that are hotcakes all over the country whether it's MTN, Vmobile, Glo, Mtel, you can print them in any quantity you so wish.
In case you are wondering if it would not cost you millions to start, not at all, with as low as N50,000 you can start printing vouchers. Some people print with computer, special voucher printing software; one can also just walk into a cybercafé and, browse for 10 minutes, download the pins, and send it to print at the café, pay N10 or N20 per A4 page
you print and walk away to sell your vouchers to your customers
ON HOW TO GET THE RECHARGE CARD PRINTING BUSINESS MANUAL,PLEASE SEND AN EMAIL TO princetom08@yahoo.com or call 08061329652
Thanks;
Tochukwu Michael.
Saturday 15 August 2009
TROUBLESHOOTING ATM
TROUBLESHOOTING ATM
SWITCHING
ENVIRONMENTS
Table of Contents
Troubleshooting ATM Switching Environments
Cell Relay Packet Handling
Technologies Compared
Fitting ATM into the OSI Model
Placing User Data into ATM Cells
ATM Label Switching
Virtual Channel Connections and Virtual Paths
The ATM Cell
The ATM Adaptation Layer
The ATM Layer
Placing Cells on a Physical Transport Medium
Troubleshooting ATM Switching Environments
Basic Port Checks
Checking Bit Rates
Performing Loopback Tests
Looping Trunk Ports
Looping Edge Ports
Using the ping Command
ATM Switching: Trunk Does Not Come Up
ATM Switching: Frame Relay Port Does Not Come Up
ATM Switching: Virtual Circuit Fails to Be Created
ATM Switching: Partial Data Delivered over Virtual Circuit
Troubleshooting ATM Switching
Environments
This chapter describes the Asynchronous Transfer Mode (ATM) technology on which the Light
Stream 2020 multiservice ATM switch (LS2020 switch) is based. ATM is a communications
standard based on cell relay techniques. The next sections discuss cell relay and ATM
technology. They also contrast ATM techniques with time-division multiplexing (TDM) and
other packet-handling technologies.
Cell Relay Packet Handling
Cell relay is a flexible and responsive method for multiplexing all forms of digital traffic (data,
voice, image, and video). Cell relay can handle rapid changes in the quantity and pattern of the
traffic in the network. All traffic is placed in fixed-length packets of information (cells) and
switched at high speeds. Cell relay is generally acknowledged as the best multiplexing
technology for modern communication applications because it combines the strengths of TDM
and conventional packet switching. Using cell relay packet-handling techniques, a mixture of
burst and delay-sensitive traffic can be processed simultaneously, while at the same time
providing the services required by each traffic type.
Also, because cell relay processing is based on the use of small packets, the process technology
is adaptable and cost-effective for a wide range of interface speeds.
Technologies Compared
ATM technology first appeared in the Broadband Integrated Services Digital Network (BISDN).
However, ATM is now recognized as a useful technology in and of itself and is based on the
specifications and standards being developed by ITU-T (International Telecommunications
Union Telecommunication Standardization Sector), ANSI (American National Standards
Institute), and the ATM Forum.
Note ITU-T carries out the functions of the former Consultative Committee for International
Telegraph and Telephone (CCITT).
Each ATM cell contains a header and the data to be transferred. Cells are switched in the
network based on routing information contained in the cell headers. ATM transports all types of
traffic (data, voice, image, and video) using the same cell format.
ATM contrasts with TDM in the way it allocates communications channels. In TDM,
communications channels are divided into fixed periods of time called frames. The frames are
divided into a fixed number of time slots of equal duration (see Figure 21-1). Each user is
assigned certain time slots within each frame. As Figure 21-1 indicates, a user can be given more
than one time slot in a frame.
Figure 21-1: User Assignments on Communications Channel Using TDM
The time slots allocated for each user occur at precisely the same time in every frame. Because
the time slots are synchronous, TDM is sometimes referred to as synchronous transfer mode
(STM).
Users can access the communications channel only when a time slot that has been allocated to
them is available. For example, User A can send messages over the communications channel
only during the time slot(s) designated for User A. If no traffic is ready to send when the
designated time slot occurs, that time slot is unused. If a user has a burst of traffic that exceeds
the capacity of the -designated time slots, additional slots cannot be used, even if they are idle.
As a result, a long delay could result before the burst of traffic is transferred over the TDM
network.
In ATM, access to the communications channel is more flexible. Any user needing the
communications channel can use it whenever it is available. In contrast to TDM, ATM imposes
no regular pattern on the way users are given access to the communications channel. ATM is
also described as providing bandwidth on demand.
In other packet-handling technologies, such as High-Level Data Link Control (HDLC), any user
can gain access to the communications channel, but a user who has a long message to send can
prevent other users from gaining access to the channel until the entire message has been passed.
However, with ATM, every message is divided into small, fixed-length cells. Thus, no single
user can monopolize access to the communications channel while other users have messages to
send (see Figure 21-2).
Figure 21-2: User Assignments on ATM Communications Channel
Fitting ATM into the OSI Model
ATM standards define protocols that operate at Layer 2 (the data link layer) of the International
Organization for Standardization (ISO) seven-layer Open Systems Interconnection (OSI)
reference model. Figure 21-3 shows the layered architecture of the OSI model.
Figure 21-3: The OSI Reference Model
The data link layer is concerned with data transmission between two network switches. This
layer is not concerned with the transmission of an entire message between a source and a
destination switch---this responsibility belongs to Layer 3 (the network layer). Rather, the data
link layer transports portions of messages (cells, in the case of ATM) between two points in the
network. These points may be the source and the destination of the message, or they may be only
intermediate hops between the source and the destination.
The data link layer may divide higher-level data into smaller units (cells, in this case), whose
sizes are compatible with overall network requirements. Layer 2 data units contain a cell header,
an information field, and some method of checking for transmission errors.
Placing User Data into ATM Cells
Before frames can be transported across an ATM network, they must be divided into ATM cells.
The processes that divide the frames into cells occur at Layer 2. Layer 2 is divided into two
parts: the ATM adaptation layer (AAL) and the ATM layer. After frames are divided into ATM
cells, the cells can be transferred to Layer 1 (see Figure 21-4).
Figure 21-4: Layer 2---The Data Link Layer
ATM Label Switching
ATM uses label switching, a technique in which a simple label is placed in the header of each
cell. The label provides information used in transporting the cell across the next hop in the
network. Networks that do not use label switching usually require each packet (or cell) to contain
the explicit address of the final destination. ATM uses label switching because it is simpler,
thereby making faster switching possible.
Here is how label switching works:
1. A switching unit reads an incoming cell from a particular port. The incoming cell has a
routing label.
2. The switching unit uses the combination of the input port on which the cell was
received and the information in the label to determine where the cell should go next. It
does this by referring to a routing table that correlates the incoming port and label with an
outgoing port and label.
3. The switch replaces the incoming label with a new outgoing label and sends the cell
through the outgoing port, which is connected to another switching device. (The new
outgoing label is taken from the routing table.)
4. This process is repeated until the cell reaches its final destination in the ATM network.
For example, suppose your network includes a switching unit called Boston. A number of data
paths go through the Boston switch. When those data paths are created, a routing table is set up
within the Boston switch. The table in the Boston switch has one entry for each data path that
goes through the switch. The entries in the table map the incoming port and label to an outgoing
port and label for each data path, as shown in Table 21-1 .
Table 21-1: A Sample Routing Table for a Boston Switch
Port In Label In Port Out Label Out
1 L 6 Z
1 M 7 X
2 N 7 Y
When the Boston switch receives an incoming cell on port 1 with label M, it consults the routing
table and finds that label M should be replaced with label X and that the cell should be passed
out of the Boston switch on port 7. The cell is then transported to the switch in the network that
is connected to port 7 of the Boston switch, as shown in Figure 21-5.
Figure 21-5: Cell Passing Through a Boston Switch
In all cases, transporting cells through the use of label switching requires a connection.
Information about the connections is provided in the routing tables (sometimes called lookup
tables) of switching and multiplexing units. ATM uses virtual channel connections and virtual
paths to accomplish routing functions.
Virtual Channel Connections and Virtual Paths
A virtual channel connection (VCC) is a series of virtual channel links (VCLs) between two
ATM points. A VCL is a means of bidirectional transport of ATM cells between a point where a
virtual channel identifier (VCI) value is assigned and the point where the same value is either
reassigned or terminated. The VCI identifies the VCL to which a cell belongs and determines
where the cell should go next. Figure 21-6 shows the relationship between VCLs and VCCs in an
ATM network.
Figure 21-6: The Relationship Between VCLs and VCCs in an ATM Network
VCCs are sometimes transported within virtual paths (VPs). A VP is identified by its virtual path
identifier (VPI). VPs provide a convenient way of bundling traffic directed to the same
destination or traffic requiring the same Quality of Service (QoS) in the network (see Figure 21-
7).
Figure 21-7: VCCs Transported Within VPs
The ATM Cell
The ATM cell is the fixed-length transmission unit defined by the ATM standard. An ATM cell
contains two major types of information: the payload and the header. The payload is the
information to be transferred through an ATM network. It can include data, voice, image, or
video. The header is the information used to route the cell through the network and to ensure that
the cell is forwarded to its destination.
Every ATM cell is 53 bytes long. The first 5 bytes contain header information, and the remaining
48 bytes contain the payload (see Figure 21-8).
Figure 21-8: An ATM Cell
The 5-byte header (see Figure 21-9) contains several different fields (see Table 21-2). The 48
bytes following the header (the payload) contain user data.
Figure 21-9: The User-Network Interface ATM Cell Header Format
Table 21-2: Fields in an ATM Cell Header
Header
Field
Name
Location in
Header
Description
GFC1 First 4 bits of
Byte 1
Controls the flow of traffic across the user network interface
and thus into the ATM network.
VPI2 Second 4 bits of
Byte 1 and the
first 4 bits of
Byte 2
Identifies a particular VPC3. A VPC is a group of virtual
connections carried between two points and may involve
several ATM links. VPIs provide a way to bundle traffic
heading to the same destination.
VCI4 Second 4 bits of
Byte 2, Byte 3,
and the first 4
bits of Byte 4
Identifies a particular VCC5. A VCC is a connection between
two active, communicating ATM entities. The VCI consists of
a concatenation of several ATM links.
PT6 The fifth, sixth, Indicates the type of information in the payload field. ATM
and seventh bits
of Byte 4
cells carry different types of information that may require
different handling by the network or terminating equipment.
CLP7 The eighth bit of
Byte 4
Indicates the cell loss priority set by the user. This bit
indicates the eligibility of the cell for discard by the network
under congested conditions. If the bit is set to 1, the cell may
be discarded by the network if congestion occurs.
HEC8 Byte 5 Contains an error-correcting code calculated across the
previous four bytes of the header. The HEC detects multiplebit
header errors and can be used to correct single-bit errors.
The HEC provides protection against incorrect delivery of
messages caused by address errors. The HEC does not provide
any protection for the payload field itself.
1GFC = generic flow control. For a network-to-node (NNN) interface, there is no GFC field.
These 4 bits are part of the VPI field.
2VPI = virtual path identifier
3VPC = virtual path connection
4VCI = virtual channel identifier
5VCC = virtual channel connection
6PT = payload type
7CLP = cell loss priority
8HEC = header error control
The ATM Adaptation Layer
The AAL accepts frames from higher OSI layers and adapts them to the 48-byte segments that
are placed into the Payload field of ATM cells. The ATM layer accepts the 48-byte segments,
adds the 5-byte header, and produces ATM cells to be transferred to the physical layer, as
illustrated in Figure 21-10.
Figure 21-10: ATM Adaptation Layer Functions
When ATM cells are transferred through a network, each cell is processed in isolation from all
other cells. All processing decisions are made based on the cell header; no processing of the data
in the payload field occurs.
Figure 21-11 shows some examples of AAL processing.
Figure 21-11: AAL Processing Examples
Hosts A and C are connected to the network through ATM interfaces, so they do all their AAL
processing internally. The network does not do any processing for hosts A and C. Hosts B and D
are connected to native Ethernet interfaces on Nodes 1 and 2. Therefore, Node 2 does all the
AAL processing for Host D. Node 3 does no AAL processing.
Depending on the type of traffic entering the ATM network, the AAL uses one of four different
AAL types to divide the traffic into small segments. These types are classified according to the
timing -relationship between the source and destination, the constant or variable bit rate, and the
mode (connection-oriented or connectionless). The AAL types defined in the ATM standard are
listed in Table 21-3 .
Table 21-3: AAL Types
AAL
Type
Examples of Traffic Type
1 Circuit emulation, constant bit rate video
2 Variable bit rate video and audio
3/4 Connection-oriented or connectionless data transfer (AAL 3/4 has cell-by-cell error
checking and multiplexing)
5 Connectionless data transfer (AAL 5 has lower overhead than AAL 3/4)
The AAL is divided into two sublayers: the convergence sublayer (CS) and the segmentation and
reassembly sublayer (SAR; see Figure 21-12).
Figure 21-12: Information Flow Through AAL
The convergence sublayer (CS) accepts higher-layer traffic for transmission across the network.
Depending on the AAL type, header and/or trailer fields are added to the packet. The packet is
then segmented by the SAR sublayer to form 48-byte payloads (also known collectively as SARPDUs).
Upon receipt of cell payloads, the AAL removes any AAL-specific information from each
payload and reassembles the entire packet before passing it to a higher layer (see Figure 21-13).
Figure 21-13: The SAR Portion of the AAL Process
The ATM Layer
The ATM layer accepts the 48-byte SAR-PDUs from the SAR process, adds a 5-byte header to
each, and produces ATM cells for transfer to the physical layer (see Figure 21-14).
Figure 21-14: The ATM Layer Process
Placing Cells on a Physical Transport Medium
After the data is packaged into 53-byte ATM cells, the cells are transferred to the physical layer,
where they are placed on a physical transport medium, such as fiber optic cable or coaxial cable.
The process of placing cells on the physical medium takes place in two sublayers: the physical
medium dependent (PMD) sublayer and the transmission convergence (TC) sublayer.
Each PMD is specific to a particular physical medium and includes definitions of proper cabling
as well as bit timing. The TC sublayer generates and receives transmission frames and performs
all overhead functions associated with the transmission frame. The TC sublayer performs a
convergence function by receiving a bit stream from the PMD and extracting cells.
Although PMD operation depends on the physical medium, the following TC functions remain
common to all physical layers:
• Cell delineation---Extraction of cells from the bit stream received from the PMD
• Cell rate decoupling---Adaptation of the speed of the ATM layer cell stream to the rate of
the physical interface
• Header error control (HEC) generation and checking---Performed when the TC sublayer
checks where each received cell starts and ends by calculating the HEC for that cell
• Various operation and maintenance (OAM) functions---ATM Forum specification for
cells used to monitor virtual circuits. OAM cells provide a virtual circuit-level loopback
in which a router responds to the cells, demonstrating that the circuit is up and the router
is operational.
Troubleshooting ATM Switching Environments
This section presents troubleshooting information for connectivity and performance problems in
ATM switching environments. The chapter begins with general information about checking
ports, performing loopback tests, and using the ping command on a LightStream 2020 ATM
switch.
The remaining sections describe specific ATM switching symptoms, the problems that are likely
to cause each symptom, and the solutions to those problems.
• ATM Switching: Trunk Does Not Come Up
• ATM Switching: Frame Relay Port Does Not Come Up
• ATM Switching: Virtual Circuit Fails to Be Created
• ATM Switching: Partial Data Delivered over Virtual Circuit
Basic Port Checks
The following steps outline the procedure for performing basic port checks. It is important to
perform basic port checks to verify that a LightStream 2020 port is enabled and functioning
correctly:
Step 1 Use the show port port-number all command to display information about a port.
Step 2 Check the Admin Status field to make sure that the port is up.
Step 3 Check for excessive line errors, packet drops, or a lack of receive data. If there is no
receive data or if the error rate on the receive data is excessive, check the hardware, cabling, and
other physical layer components.
For more information on troubleshooting hardware, refer to "Troubleshooting Hardware and
Booting Problems."
Step 4 If the port is directly connected to a host, ensure that one side of the connection is
configured as data communications equipment (DCE) and the other side is configured as data
circuit-terminating equipment (DTE).
If two ports are connected through a channel service unit (CSU), ensure that the ports on both
sides of the connection are configured as DTE.
Step 5 If you are working with a low-speed line card (LSC) port, check the bit rate. Refer to the
section "Checking Bit Rates" later in this chapter.
Step 6 If you are working with a medium-speed line card (MSC) port, check for mismatches in
port configuration attributes such as cell payload scrambling, line type, and cable length.
Checking Bit Rates
This procedure outlines the steps for determining whether the bit rate for a port is correctly
configured. This procedure applies only to low-speed line cards:
Step 1 Use the show port port-number all command to display information about a port.
Step 2 Check the Measured Bit Rate field to ensure that the specified bit rate is legal. If the bit
rate is not legal, use the set port c.p characteristics dce-bitrate-bps or set port c.p
characteristics dte-bitrate-bps command, as appropriate, to configure a legal bit rate for the
port. The following is the syntax for the set port command:
characteristics {dce-bitrate Kbits | dte-bitrate bits}
Set the DCE or DTE bit rate for the specified port, depending on the dce-dte-type value
described below. The value of Kbits for the DCE bit rate may be 56, 64, 128, 192, 256, 384, 448,
512, 768, 896, 1344, 1536, 1792, 2688, 3584, 4000, or 5376. The value of bits for the DTE bit
rate is unrestricted in the range of decimal integers 9,000---6,000,000.
Step 3 Compare the Measured Bit Rate with the Admin DCE Rcv Bit Rate field. If the value
shown in the Measured Bit Rate field is significantly different from that shown in the Admin
DCE Rcv Bit Rate field, a problem exists.
Step 4 If the port is DCE, it provides the clocking function. Make sure that the cabling is correct
and that the configured bit rate is valid. If an attempt is made to activate the port when an invalid
bit rate is configured, problems will occur. The value of Kbits for the DCE bit rate may be 56,
64, 128, 192, 256, 384, 448, 512, 768, 896, 1344, 1536, 1792, 2688, 3584, 4000, or 5376.
Step 5 If the port is DTE, it uses the clock supplied by the attached device (such as a CSU/DSU
or a router). If the correct clock is not being detected, make sure that the correct cable type is
used to connect the port to the attached device and that the attached device is providing a clock
function.
Performing Loopback Tests
Loopback tests can help you pinpoint faults by looping a signal at various points in the network.
The LightStream 2020 ATM switch provides the following two types of loopback tests:
• Remote loopback test---The remote loopback test loops data from an external device
through the I/O module and back. This test verifies that the data sent from the remote end
can cross the telephone company line or cable, pass through the I/O module, and return to
the remote end.
• Internal loopback test---The internal loopback test loops data from the line card to the
line chip or to the physical layer protocol processor (PLPP) I/O module to see whether
the I/O module is able to receive data intact.
If the test is successful, data is reaching the I/O module properly. However, a successful
test does not verify whether the I/O module correctly encodes the data that will be sent
onto the line.
Note You can loop any port. However, only trunk ports and Frame Relay ports have active port
management protocols that automatically verify the port's ability to process data.
Looping Trunk Ports
This procedure outlines the steps for looping data through a trunk, the physical and logical
connections between two LightStream 2020 trunk ports. If you know that data is not passing on a
trunk between two trunk ports, follow these steps to set up a remote loop on one of the trunk
ports:
Step 1 Enter the set port port-number loop remote command. The port is set to testing mode
and the loopback test begins automatically.
Step 2 If the remote loop succeeds, the trunk port comes up at the remote end. If the local port
displays an operational status of down during the loopback test, there is probably a problem with
the local port. Proceed to Step 3.
If the remote loop fails and the trunk does not come up, then a problem exists somewhere
between the local access card and the remote system.
Step 3 To run an internal loop on the port, enter the set port port-number loop internal
command. The port is set to testing mode and the loopback test begins automatically.
Step 4 If the internal loop succeeds and the local trunk comes up, the problem is the local access
card.
Step 5 To stop the loopback test, enter the set port port-number unloop command.
Looping Edge Ports
This procedure outlines the steps for looping data through an edge port. The line from the port
connects a LightStream 2020 ATM switch to a third-party external device. If you suspect that
data is not passing between the LightStream 2020 edge port and the host, or that the line is
unreliable, use this looping procedure to isolate the problem:
Step 1 If the port is a Frame Relay User-Network Interface (UNI) port, enter the set port portnumber
framerelay netinterfacetype nni command to set the netinterfacetype attribute to
Network-to-Network Interface (NNI).
Internal loopback tests do not work on Frame Relay ports with the Local Management Interface
(LMI) type set to UNI.
Step 2 Run a remote loop on the LightStream 2020 edge port by entering the set port portnumber
loop remote command. The port is set to testing mode and the loopback test begins
automatically.
Step 3 If the internal loop fails and the line does not come up, the problem is in the line or access
card.
Step 4 To stop the loopback test, enter the set port port-number unloop command.
Step 5 If you changed a Frame Relay UNI port to NNI for the loopback test, reset the port to the
UNI network interface type by entering the set port port-number framerelay netinterfacetype
uni command.
Using the ping Command
The ping command is useful for determining whether communication is possible over a
particular Internet Protocol (IP) connection. The ping command sends an Internet Control
Message Protocol (ICMP) echo packet to the specified IP address. If communication with that
address is possible, the host replies with an ICMP-echo-reply message.
The following steps describe how to perform a ping test from a LightStream 2020 ATM switch:
Step 1 Log in as root on the LightStream 2020 switch from which you want to send ICMP echo
packets.
Step 2 Enter the ping [packet-size] hostname command (where packet-size is the size of the
packets to send and hostname is the name or IP address of the host). The packet size argument is
optional. The default packet size is 64 bytes.
Step 3 To stop the ping and display a summary of the results, press ^C.
ATM Switching: Trunk Does Not Come Up
Symptom: An ATM trunk does not come up properly and connections cannot be made.
Table 21-4 outlines the problems that might cause this symptom and describes solutions to those
problems.
Table 21-4: ATM Switching: Trunk Does Not Come Up
Possible
Problem
Solution
Card not
configured as a
trunk card
Step 1 Check the port at each end of the trunk with the show port portnumber
statistics command. Make sure that both ports are periodically
sending cells.
Step 2 Check the Octets Sent field to verify that it is incrementing.
Step 3 If one port never sends trunk-up-down messages, make sure the card
is correctly configured as a trunk card.
Step 4 Make sure that a trunk is configured on port 0. The trunk can be
configured as inactive if desired.
Step 5 If both sides of the trunk show that they are sending cells, find out
which side is not receiving cells. Perform a basic port check as described in
the section "Basic Port Checks" earlier in this chapter.
Incorrect line
type
Make sure that the line type parameter (dsx3Linetype) is correctly
configured. Check with your carrier for the correct line type for your
connection. Use the show port physical command to display the line type as
well as the following information:
• Port type
• Operational and administrative CSU type
• Operational and administrative DCE receive bit rate
• Operational transmit bit rate
• Measured bit rate
• Link transmit utilization rate (data plus control)
• Administrative expected dte rate and operational and administrative
net interface type (dte/dce; these are for low-speed line cards only)
• Operational and administrative protocol
• LC auto enable state and debug level
• Data cell capacity and available capacity
• Call setup retry and backoff times
• Operational maximum frame size
• Modem status (DCD, DSR)
Framing type
mismatch
Step 1 Check to see whether both ends of the trunk are configured to use the
same framing type (PLCP, HEC, or G.804). Enter the show port command.
If there is a mismatch, the display for both ports will indicate "DS3 other
failure."
Step 2 Change the framing type on one of the ports, as appropriate, using the
set port c.p characteristics framing type {plcp | t3-hec | q-804} command.
Cell payload
scrambling
mismatch
If there is a cell payload scrambling mismatch, the trunk-up-down (TUD)
protocol will fail because the payload of the cells is scrambled at one end and
not unscrambled at the other end. The trunks will never come up. However,
packets will appear to be received and transmitted without error in the port
statistics display.
Step 1 Check to see whether one end of a trunk has cell payload scrambling
enabled and the other end has cell payload scrambling disabled. Use the
show port c.p physical command to verify the status of the payload
scrambling.
Step 2 Reconfigure the trunk ports using the set port c.p characteristics
cell-scrambling {enable | disable} command so that cell payload scrambling
is either enabled or disabled on both ends of the trunk.
Telephone
company
network
problem
Isolate the problem by running the loopback tests described in the section
"Performing Loopback Tests" earlier in this chapter. If you determine that the
problem is occurring in the telephone company network, contact your carrier
to solve the problem.
Hardware or
cabling
problem
Step 1 Check all cabling and connections to make sure there are no worn
cables or loose connections.
Step 2 Make sure that cable lengths are within specification and that the
cable length port attribute is properly configured. Use the set port c.p
characteristics cable len length command to change the cable length
attribute.
Step 3 Check all hardware for problems. For more information on
troubleshooting hardware, refer to "Troubleshooting Hardware and Booting
Problems."
ATM Switching: Frame Relay Port Does Not Come Up
Symptom: A Frame Relay port on a LightStream 2020 ATM switch does not come up properly.
Data cannot be transmitted out the port.
Table 21-5 outlines the problems that might cause this symptom and describes solutions to those
problems.
Table 21-5: ATM Switching: Frame Relay Port Does Not Come Up
Possible
Problem
Solution
LMI1 type
mismatch
Step 1 Use the show port port-number all command to see whether the Normal
Packets Received counter is incrementing. A packet should be received every
10 seconds from the Frame Relay host.
Step 2 If the counter is not incrementing, check the Discarded Received Packets
statistic. If the Discarded Received Packets entry is incrementing, the packets are
coming in but on a different DLCI2. This occurs when there is an LMI type
mismatch.
Step 3 Make sure that both the Frame Relay port and the Frame Relay host are
configured to use the same LMI protocol (FRIF, ANSI T1 617D, or Q933A).
Use the show port c.p framerelay command to check the LightStream 2020
port. For information on checking and configuring the LMI type on the Frame
Relay host, refer to the vendor documentation.
Step 4 Change the LMI type on the port using the set port c.p framerelay
lmiconfig {none | frif | ansi_t1_617d | q933a} command and see whether the
port becomes active. If the LMI does not come up, make sure that packets are
being received on the LMI DLCI. The FRIF LMI uses DLCI 1023. The ANSI
and Q933A LMIs use DLCI 0.
Port
protocol
incorrect
Step 1 Use the show port c.p framerelay command to make sure that the
LightStream 2020 port is correctly configured as a UNI3 port or an NNI4 port.
In general, ports should be configured to use the UNI protocol. The NNI
protocol is designed for network device-to-network device connection and is
rarely used.
Step 2 If the port protocol is incorrect, use the set port port-number framerelay
netinterfacetype {nni | uni} command to reconfigure it.
DLCI is not
activated
Step 1 Use the show port c.p listdlci command to see whether the Frame Relay
DLCI is deactivated. The output will show an uppercase I in front of the DLCI
entry if it has been manually deactivated.
Step 2 If the DLCI is deactivated, use the set port port-number dlci dlci-number
activate command to activate the DLCI.
1LMI = Local Management Interface
2DLCI = Data Link Connection Identifier
3UNI = User-Network Interface
4NNI = Network-to-Network Interface
ATM Switching: Virtual Circuit Fails to Be Created
Symptom: A Frame Relay, frame forwarding, UNI, or constant bit rate (CBR) virtual circuit
fails to be created.
Table 21-6 outlines the problems that might cause this symptom and describes solutions to those
problems.
Table 21-6: ATM Switching: Virtual Circuit Fails to Be Created
Possible Problem Solution
Virtual circuit not
configured on both
Step 1 Use the show port command to verify that the virtual circuit is
configured on both endpoints. The virtual circuit must be configured on
endpoints both endpoints for the circuit to be created.
Step 2 If one endpoint does not have the virtual circuit configured,
reconfigure the endpoint. For each virtual circuit you must specify the
node, card, and port at each end and the required bandwidth.
For detailed information on configuring virtual circuits, refer to the
LightStream 2020 Configuration Guide.
Port in inactive
mode
Step 1 Check to see whether the virtual circuit is configured on an
inactive port. Use the show port command to check the status of the port.
Step 2 If the port is in inactive or testing mode, bring the port up using the
set port port-number active command.
cardMaxVCs
attribute set too
low
If the cardMaxVCs attribute is set too low on a line card, there might be
insufficient resources available for creating a virtual circuit. Increase the
value of this attribute and reboot the line card. The following switchwide
attribute may be configured only in expert mode in the configuration tool:
• Max VCs for this card---setsnmp cardMaxVCs.card# nnn
Bandwidth or
other circuit
attributes
misconfigured
If the virtual circuit has illegal attributes set, the circuit will not be
created. Review the bandwidth values in particular. Use the following
commands to review the settings:
• Use the show port c.p vci VCI# command to display, for the
specified ATM UNI port, the following attributes of the PVC1
with the specified VCI2:
o Source node, port, and VCI
o Source insured rate, insured burst, maximum rate, and
maximum burst (operational and administrative)
o Destination operational node, port, VCI, insured rate,
insured burst, maximum rate, and maximum burst
o To-net and from-net circuit ID and circuit state, last error
reported by ATM management, and cells required
o Counts of cells to the switch with CLP= 0 or 1, a count of
cells to the switch with CLP = 0 upon arrival at the port,
but forwarded with CLP = 1, and a count of discarded cells
A virtual circuit cannot have a MaxRate larger than the port.
Also, certain combinations of parameters are illegal. If a virtual
circuit uses guaranteed bandwidth, it cannot have any excess
bandwidth. The insured rate must equal the max rate.
• Use the set port c.p vci vci# insured-rate cells/sec command to
set the insured rate to cells/sec for the specified ATM UNI PVC.
The insured rate is the upper bound on the non-sharable bandwidth
that the connection may use in a sustained way. The range is 0-
100,000,000 bits per second. The default for ATM UNI circuits is
0 cells per second.
• Use the set port c.p vci vci# max-rate cells/sec command to set
the maximum rate to cells/sec for the specified ATM UNI PVC.
The maximum rate is the upper bound on the rate of all traffic
(insured and noninsured) allowed to enter the LightStream 2020
network, congestion permitting. The default rate is the line rate for
all cards except the CLC3, for which the default rate is 218
cells/sec.
Refer to the LightStream 2020 Configuration Guide for more information.
Not enough Step 1 If there is not enough bandwidth available to support the virtual
bandwidth circuit, the circuit cannot be created. Check the cells available attribute to
determine how much bandwidth is available (that is, how much has not
been allocated to other virtual circuits). Use the show port c.p all
command to display all port attributes (name, status, statistics, physical,
frameforward, framerelay, DLCI, VCI, PVC, VPI). This is the default,
with show port c.p followed by no arguments.
Step 2 Check the cells required attribute to see how many cells of
bandwidth are needed to carry the virtual circuit over a trunk. Use the
show port c.p vci VCI# command to display, for the specified ATM UNI
port, the following attributes of the PVC with the specified VCI:
• Source node, port, and VCI
• Source insured rate, insured burst, maximum rate, and maximum
burst (operational and administrative)
• Destination operational node, port, VCI, insured rate, insured
burst, maximum rate, and maximum burst
• To-net and from-net circuit ID and circuit state, last error reported
by ATM management, and cells required
• Counts of cells to the switch with CLP= 0 or 1, a count of cells to
the switch with CLP = 0 upon arrival at the port, but forwarded
with CLP = 1, and a count of discarded cells
Trunk down Make sure that any trunks in the path between the endpoints are active.
For more information, see the section "ATM Switching: Trunk Does Not
Come Up" earlier in this chapter.
1PVC = permanent virtual circuit
2VCI = virtual channel identifier
3CLC = cell line card
ATM Switching: Partial Data Delivered over Virtual Circuit
Symptom: Partial data is delivered over a Frame Relay, frame forwarding, UNI, or CBR virtual
-circuit.
Table 21-7 outlines the problems that might cause this symptom and describes solutions to those
problems.
Table 21-7: ATM Switching: Partial Data Delivered over Virtual Circuit
Possible Problem Solution
Network congestion Check whether the network is congested. Check your traffic
management configuration and make adjustments as appropriate.
Use the show chassis congestion command to display the maximum
and minimum intervals between permit limit updates and the
minimum interval between CA updates.
For detailed information, refer to the LightStream 2020 System
Overview.
Target depth and
maximum depth
parameters
misconfigured (CBR1
only)
Use the set port c.p cbrpvc PVC# {targetdepth | maxdepth} bytes
command to control the reassembly buffer at the point where input
cells are converted back into a CBR stream. An adaptive control
loop maintains data in the buffer close to the level specified by
targetdepth bytes. Data in excess of maxdepth bytes is discarded.
The default values of the targetdepth and maxdepth attributes are
usually best left unchanged. If the target depth is set too high or if
the maximum depth is set too far above the target, end-to-end delay
for the entire circuit increases. With voice traffic, such delay can
cause annoying echo. If the target depth is set too low or if the
maximum depth is set too close to the target depth, random CDV2
may cause the circuit to overflow or underflow sporadically, causing
data errors and reframe events for equipment downstream. For
certain applications, such as video and phone, where some
discarding of overflow data is an acceptable cost of maintaining a
constant bit rate, it may be preferable to set these two parameters
closer together.
1CBR = constant bit rate
2CDV = cell delay variation
!"#$%&'()*+&&#&'
SWITCHING
ENVIRONMENTS
Table of Contents
Troubleshooting ATM Switching Environments
Cell Relay Packet Handling
Technologies Compared
Fitting ATM into the OSI Model
Placing User Data into ATM Cells
ATM Label Switching
Virtual Channel Connections and Virtual Paths
The ATM Cell
The ATM Adaptation Layer
The ATM Layer
Placing Cells on a Physical Transport Medium
Troubleshooting ATM Switching Environments
Basic Port Checks
Checking Bit Rates
Performing Loopback Tests
Looping Trunk Ports
Looping Edge Ports
Using the ping Command
ATM Switching: Trunk Does Not Come Up
ATM Switching: Frame Relay Port Does Not Come Up
ATM Switching: Virtual Circuit Fails to Be Created
ATM Switching: Partial Data Delivered over Virtual Circuit
Troubleshooting ATM Switching
Environments
This chapter describes the Asynchronous Transfer Mode (ATM) technology on which the Light
Stream 2020 multiservice ATM switch (LS2020 switch) is based. ATM is a communications
standard based on cell relay techniques. The next sections discuss cell relay and ATM
technology. They also contrast ATM techniques with time-division multiplexing (TDM) and
other packet-handling technologies.
Cell Relay Packet Handling
Cell relay is a flexible and responsive method for multiplexing all forms of digital traffic (data,
voice, image, and video). Cell relay can handle rapid changes in the quantity and pattern of the
traffic in the network. All traffic is placed in fixed-length packets of information (cells) and
switched at high speeds. Cell relay is generally acknowledged as the best multiplexing
technology for modern communication applications because it combines the strengths of TDM
and conventional packet switching. Using cell relay packet-handling techniques, a mixture of
burst and delay-sensitive traffic can be processed simultaneously, while at the same time
providing the services required by each traffic type.
Also, because cell relay processing is based on the use of small packets, the process technology
is adaptable and cost-effective for a wide range of interface speeds.
Technologies Compared
ATM technology first appeared in the Broadband Integrated Services Digital Network (BISDN).
However, ATM is now recognized as a useful technology in and of itself and is based on the
specifications and standards being developed by ITU-T (International Telecommunications
Union Telecommunication Standardization Sector), ANSI (American National Standards
Institute), and the ATM Forum.
Note ITU-T carries out the functions of the former Consultative Committee for International
Telegraph and Telephone (CCITT).
Each ATM cell contains a header and the data to be transferred. Cells are switched in the
network based on routing information contained in the cell headers. ATM transports all types of
traffic (data, voice, image, and video) using the same cell format.
ATM contrasts with TDM in the way it allocates communications channels. In TDM,
communications channels are divided into fixed periods of time called frames. The frames are
divided into a fixed number of time slots of equal duration (see Figure 21-1). Each user is
assigned certain time slots within each frame. As Figure 21-1 indicates, a user can be given more
than one time slot in a frame.
Figure 21-1: User Assignments on Communications Channel Using TDM
The time slots allocated for each user occur at precisely the same time in every frame. Because
the time slots are synchronous, TDM is sometimes referred to as synchronous transfer mode
(STM).
Users can access the communications channel only when a time slot that has been allocated to
them is available. For example, User A can send messages over the communications channel
only during the time slot(s) designated for User A. If no traffic is ready to send when the
designated time slot occurs, that time slot is unused. If a user has a burst of traffic that exceeds
the capacity of the -designated time slots, additional slots cannot be used, even if they are idle.
As a result, a long delay could result before the burst of traffic is transferred over the TDM
network.
In ATM, access to the communications channel is more flexible. Any user needing the
communications channel can use it whenever it is available. In contrast to TDM, ATM imposes
no regular pattern on the way users are given access to the communications channel. ATM is
also described as providing bandwidth on demand.
In other packet-handling technologies, such as High-Level Data Link Control (HDLC), any user
can gain access to the communications channel, but a user who has a long message to send can
prevent other users from gaining access to the channel until the entire message has been passed.
However, with ATM, every message is divided into small, fixed-length cells. Thus, no single
user can monopolize access to the communications channel while other users have messages to
send (see Figure 21-2).
Figure 21-2: User Assignments on ATM Communications Channel
Fitting ATM into the OSI Model
ATM standards define protocols that operate at Layer 2 (the data link layer) of the International
Organization for Standardization (ISO) seven-layer Open Systems Interconnection (OSI)
reference model. Figure 21-3 shows the layered architecture of the OSI model.
Figure 21-3: The OSI Reference Model
The data link layer is concerned with data transmission between two network switches. This
layer is not concerned with the transmission of an entire message between a source and a
destination switch---this responsibility belongs to Layer 3 (the network layer). Rather, the data
link layer transports portions of messages (cells, in the case of ATM) between two points in the
network. These points may be the source and the destination of the message, or they may be only
intermediate hops between the source and the destination.
The data link layer may divide higher-level data into smaller units (cells, in this case), whose
sizes are compatible with overall network requirements. Layer 2 data units contain a cell header,
an information field, and some method of checking for transmission errors.
Placing User Data into ATM Cells
Before frames can be transported across an ATM network, they must be divided into ATM cells.
The processes that divide the frames into cells occur at Layer 2. Layer 2 is divided into two
parts: the ATM adaptation layer (AAL) and the ATM layer. After frames are divided into ATM
cells, the cells can be transferred to Layer 1 (see Figure 21-4).
Figure 21-4: Layer 2---The Data Link Layer
ATM Label Switching
ATM uses label switching, a technique in which a simple label is placed in the header of each
cell. The label provides information used in transporting the cell across the next hop in the
network. Networks that do not use label switching usually require each packet (or cell) to contain
the explicit address of the final destination. ATM uses label switching because it is simpler,
thereby making faster switching possible.
Here is how label switching works:
1. A switching unit reads an incoming cell from a particular port. The incoming cell has a
routing label.
2. The switching unit uses the combination of the input port on which the cell was
received and the information in the label to determine where the cell should go next. It
does this by referring to a routing table that correlates the incoming port and label with an
outgoing port and label.
3. The switch replaces the incoming label with a new outgoing label and sends the cell
through the outgoing port, which is connected to another switching device. (The new
outgoing label is taken from the routing table.)
4. This process is repeated until the cell reaches its final destination in the ATM network.
For example, suppose your network includes a switching unit called Boston. A number of data
paths go through the Boston switch. When those data paths are created, a routing table is set up
within the Boston switch. The table in the Boston switch has one entry for each data path that
goes through the switch. The entries in the table map the incoming port and label to an outgoing
port and label for each data path, as shown in Table 21-1 .
Table 21-1: A Sample Routing Table for a Boston Switch
Port In Label In Port Out Label Out
1 L 6 Z
1 M 7 X
2 N 7 Y
When the Boston switch receives an incoming cell on port 1 with label M, it consults the routing
table and finds that label M should be replaced with label X and that the cell should be passed
out of the Boston switch on port 7. The cell is then transported to the switch in the network that
is connected to port 7 of the Boston switch, as shown in Figure 21-5.
Figure 21-5: Cell Passing Through a Boston Switch
In all cases, transporting cells through the use of label switching requires a connection.
Information about the connections is provided in the routing tables (sometimes called lookup
tables) of switching and multiplexing units. ATM uses virtual channel connections and virtual
paths to accomplish routing functions.
Virtual Channel Connections and Virtual Paths
A virtual channel connection (VCC) is a series of virtual channel links (VCLs) between two
ATM points. A VCL is a means of bidirectional transport of ATM cells between a point where a
virtual channel identifier (VCI) value is assigned and the point where the same value is either
reassigned or terminated. The VCI identifies the VCL to which a cell belongs and determines
where the cell should go next. Figure 21-6 shows the relationship between VCLs and VCCs in an
ATM network.
Figure 21-6: The Relationship Between VCLs and VCCs in an ATM Network
VCCs are sometimes transported within virtual paths (VPs). A VP is identified by its virtual path
identifier (VPI). VPs provide a convenient way of bundling traffic directed to the same
destination or traffic requiring the same Quality of Service (QoS) in the network (see Figure 21-
7).
Figure 21-7: VCCs Transported Within VPs
The ATM Cell
The ATM cell is the fixed-length transmission unit defined by the ATM standard. An ATM cell
contains two major types of information: the payload and the header. The payload is the
information to be transferred through an ATM network. It can include data, voice, image, or
video. The header is the information used to route the cell through the network and to ensure that
the cell is forwarded to its destination.
Every ATM cell is 53 bytes long. The first 5 bytes contain header information, and the remaining
48 bytes contain the payload (see Figure 21-8).
Figure 21-8: An ATM Cell
The 5-byte header (see Figure 21-9) contains several different fields (see Table 21-2). The 48
bytes following the header (the payload) contain user data.
Figure 21-9: The User-Network Interface ATM Cell Header Format
Table 21-2: Fields in an ATM Cell Header
Header
Field
Name
Location in
Header
Description
GFC1 First 4 bits of
Byte 1
Controls the flow of traffic across the user network interface
and thus into the ATM network.
VPI2 Second 4 bits of
Byte 1 and the
first 4 bits of
Byte 2
Identifies a particular VPC3. A VPC is a group of virtual
connections carried between two points and may involve
several ATM links. VPIs provide a way to bundle traffic
heading to the same destination.
VCI4 Second 4 bits of
Byte 2, Byte 3,
and the first 4
bits of Byte 4
Identifies a particular VCC5. A VCC is a connection between
two active, communicating ATM entities. The VCI consists of
a concatenation of several ATM links.
PT6 The fifth, sixth, Indicates the type of information in the payload field. ATM
and seventh bits
of Byte 4
cells carry different types of information that may require
different handling by the network or terminating equipment.
CLP7 The eighth bit of
Byte 4
Indicates the cell loss priority set by the user. This bit
indicates the eligibility of the cell for discard by the network
under congested conditions. If the bit is set to 1, the cell may
be discarded by the network if congestion occurs.
HEC8 Byte 5 Contains an error-correcting code calculated across the
previous four bytes of the header. The HEC detects multiplebit
header errors and can be used to correct single-bit errors.
The HEC provides protection against incorrect delivery of
messages caused by address errors. The HEC does not provide
any protection for the payload field itself.
1GFC = generic flow control. For a network-to-node (NNN) interface, there is no GFC field.
These 4 bits are part of the VPI field.
2VPI = virtual path identifier
3VPC = virtual path connection
4VCI = virtual channel identifier
5VCC = virtual channel connection
6PT = payload type
7CLP = cell loss priority
8HEC = header error control
The ATM Adaptation Layer
The AAL accepts frames from higher OSI layers and adapts them to the 48-byte segments that
are placed into the Payload field of ATM cells. The ATM layer accepts the 48-byte segments,
adds the 5-byte header, and produces ATM cells to be transferred to the physical layer, as
illustrated in Figure 21-10.
Figure 21-10: ATM Adaptation Layer Functions
When ATM cells are transferred through a network, each cell is processed in isolation from all
other cells. All processing decisions are made based on the cell header; no processing of the data
in the payload field occurs.
Figure 21-11 shows some examples of AAL processing.
Figure 21-11: AAL Processing Examples
Hosts A and C are connected to the network through ATM interfaces, so they do all their AAL
processing internally. The network does not do any processing for hosts A and C. Hosts B and D
are connected to native Ethernet interfaces on Nodes 1 and 2. Therefore, Node 2 does all the
AAL processing for Host D. Node 3 does no AAL processing.
Depending on the type of traffic entering the ATM network, the AAL uses one of four different
AAL types to divide the traffic into small segments. These types are classified according to the
timing -relationship between the source and destination, the constant or variable bit rate, and the
mode (connection-oriented or connectionless). The AAL types defined in the ATM standard are
listed in Table 21-3 .
Table 21-3: AAL Types
AAL
Type
Examples of Traffic Type
1 Circuit emulation, constant bit rate video
2 Variable bit rate video and audio
3/4 Connection-oriented or connectionless data transfer (AAL 3/4 has cell-by-cell error
checking and multiplexing)
5 Connectionless data transfer (AAL 5 has lower overhead than AAL 3/4)
The AAL is divided into two sublayers: the convergence sublayer (CS) and the segmentation and
reassembly sublayer (SAR; see Figure 21-12).
Figure 21-12: Information Flow Through AAL
The convergence sublayer (CS) accepts higher-layer traffic for transmission across the network.
Depending on the AAL type, header and/or trailer fields are added to the packet. The packet is
then segmented by the SAR sublayer to form 48-byte payloads (also known collectively as SARPDUs).
Upon receipt of cell payloads, the AAL removes any AAL-specific information from each
payload and reassembles the entire packet before passing it to a higher layer (see Figure 21-13).
Figure 21-13: The SAR Portion of the AAL Process
The ATM Layer
The ATM layer accepts the 48-byte SAR-PDUs from the SAR process, adds a 5-byte header to
each, and produces ATM cells for transfer to the physical layer (see Figure 21-14).
Figure 21-14: The ATM Layer Process
Placing Cells on a Physical Transport Medium
After the data is packaged into 53-byte ATM cells, the cells are transferred to the physical layer,
where they are placed on a physical transport medium, such as fiber optic cable or coaxial cable.
The process of placing cells on the physical medium takes place in two sublayers: the physical
medium dependent (PMD) sublayer and the transmission convergence (TC) sublayer.
Each PMD is specific to a particular physical medium and includes definitions of proper cabling
as well as bit timing. The TC sublayer generates and receives transmission frames and performs
all overhead functions associated with the transmission frame. The TC sublayer performs a
convergence function by receiving a bit stream from the PMD and extracting cells.
Although PMD operation depends on the physical medium, the following TC functions remain
common to all physical layers:
• Cell delineation---Extraction of cells from the bit stream received from the PMD
• Cell rate decoupling---Adaptation of the speed of the ATM layer cell stream to the rate of
the physical interface
• Header error control (HEC) generation and checking---Performed when the TC sublayer
checks where each received cell starts and ends by calculating the HEC for that cell
• Various operation and maintenance (OAM) functions---ATM Forum specification for
cells used to monitor virtual circuits. OAM cells provide a virtual circuit-level loopback
in which a router responds to the cells, demonstrating that the circuit is up and the router
is operational.
Troubleshooting ATM Switching Environments
This section presents troubleshooting information for connectivity and performance problems in
ATM switching environments. The chapter begins with general information about checking
ports, performing loopback tests, and using the ping command on a LightStream 2020 ATM
switch.
The remaining sections describe specific ATM switching symptoms, the problems that are likely
to cause each symptom, and the solutions to those problems.
• ATM Switching: Trunk Does Not Come Up
• ATM Switching: Frame Relay Port Does Not Come Up
• ATM Switching: Virtual Circuit Fails to Be Created
• ATM Switching: Partial Data Delivered over Virtual Circuit
Basic Port Checks
The following steps outline the procedure for performing basic port checks. It is important to
perform basic port checks to verify that a LightStream 2020 port is enabled and functioning
correctly:
Step 1 Use the show port port-number all command to display information about a port.
Step 2 Check the Admin Status field to make sure that the port is up.
Step 3 Check for excessive line errors, packet drops, or a lack of receive data. If there is no
receive data or if the error rate on the receive data is excessive, check the hardware, cabling, and
other physical layer components.
For more information on troubleshooting hardware, refer to "Troubleshooting Hardware and
Booting Problems."
Step 4 If the port is directly connected to a host, ensure that one side of the connection is
configured as data communications equipment (DCE) and the other side is configured as data
circuit-terminating equipment (DTE).
If two ports are connected through a channel service unit (CSU), ensure that the ports on both
sides of the connection are configured as DTE.
Step 5 If you are working with a low-speed line card (LSC) port, check the bit rate. Refer to the
section "Checking Bit Rates" later in this chapter.
Step 6 If you are working with a medium-speed line card (MSC) port, check for mismatches in
port configuration attributes such as cell payload scrambling, line type, and cable length.
Checking Bit Rates
This procedure outlines the steps for determining whether the bit rate for a port is correctly
configured. This procedure applies only to low-speed line cards:
Step 1 Use the show port port-number all command to display information about a port.
Step 2 Check the Measured Bit Rate field to ensure that the specified bit rate is legal. If the bit
rate is not legal, use the set port c.p characteristics dce-bitrate-bps or set port c.p
characteristics dte-bitrate-bps command, as appropriate, to configure a legal bit rate for the
port. The following is the syntax for the set port command:
characteristics {dce-bitrate Kbits | dte-bitrate bits}
Set the DCE or DTE bit rate for the specified port, depending on the dce-dte-type value
described below. The value of Kbits for the DCE bit rate may be 56, 64, 128, 192, 256, 384, 448,
512, 768, 896, 1344, 1536, 1792, 2688, 3584, 4000, or 5376. The value of bits for the DTE bit
rate is unrestricted in the range of decimal integers 9,000---6,000,000.
Step 3 Compare the Measured Bit Rate with the Admin DCE Rcv Bit Rate field. If the value
shown in the Measured Bit Rate field is significantly different from that shown in the Admin
DCE Rcv Bit Rate field, a problem exists.
Step 4 If the port is DCE, it provides the clocking function. Make sure that the cabling is correct
and that the configured bit rate is valid. If an attempt is made to activate the port when an invalid
bit rate is configured, problems will occur. The value of Kbits for the DCE bit rate may be 56,
64, 128, 192, 256, 384, 448, 512, 768, 896, 1344, 1536, 1792, 2688, 3584, 4000, or 5376.
Step 5 If the port is DTE, it uses the clock supplied by the attached device (such as a CSU/DSU
or a router). If the correct clock is not being detected, make sure that the correct cable type is
used to connect the port to the attached device and that the attached device is providing a clock
function.
Performing Loopback Tests
Loopback tests can help you pinpoint faults by looping a signal at various points in the network.
The LightStream 2020 ATM switch provides the following two types of loopback tests:
• Remote loopback test---The remote loopback test loops data from an external device
through the I/O module and back. This test verifies that the data sent from the remote end
can cross the telephone company line or cable, pass through the I/O module, and return to
the remote end.
• Internal loopback test---The internal loopback test loops data from the line card to the
line chip or to the physical layer protocol processor (PLPP) I/O module to see whether
the I/O module is able to receive data intact.
If the test is successful, data is reaching the I/O module properly. However, a successful
test does not verify whether the I/O module correctly encodes the data that will be sent
onto the line.
Note You can loop any port. However, only trunk ports and Frame Relay ports have active port
management protocols that automatically verify the port's ability to process data.
Looping Trunk Ports
This procedure outlines the steps for looping data through a trunk, the physical and logical
connections between two LightStream 2020 trunk ports. If you know that data is not passing on a
trunk between two trunk ports, follow these steps to set up a remote loop on one of the trunk
ports:
Step 1 Enter the set port port-number loop remote command. The port is set to testing mode
and the loopback test begins automatically.
Step 2 If the remote loop succeeds, the trunk port comes up at the remote end. If the local port
displays an operational status of down during the loopback test, there is probably a problem with
the local port. Proceed to Step 3.
If the remote loop fails and the trunk does not come up, then a problem exists somewhere
between the local access card and the remote system.
Step 3 To run an internal loop on the port, enter the set port port-number loop internal
command. The port is set to testing mode and the loopback test begins automatically.
Step 4 If the internal loop succeeds and the local trunk comes up, the problem is the local access
card.
Step 5 To stop the loopback test, enter the set port port-number unloop command.
Looping Edge Ports
This procedure outlines the steps for looping data through an edge port. The line from the port
connects a LightStream 2020 ATM switch to a third-party external device. If you suspect that
data is not passing between the LightStream 2020 edge port and the host, or that the line is
unreliable, use this looping procedure to isolate the problem:
Step 1 If the port is a Frame Relay User-Network Interface (UNI) port, enter the set port portnumber
framerelay netinterfacetype nni command to set the netinterfacetype attribute to
Network-to-Network Interface (NNI).
Internal loopback tests do not work on Frame Relay ports with the Local Management Interface
(LMI) type set to UNI.
Step 2 Run a remote loop on the LightStream 2020 edge port by entering the set port portnumber
loop remote command. The port is set to testing mode and the loopback test begins
automatically.
Step 3 If the internal loop fails and the line does not come up, the problem is in the line or access
card.
Step 4 To stop the loopback test, enter the set port port-number unloop command.
Step 5 If you changed a Frame Relay UNI port to NNI for the loopback test, reset the port to the
UNI network interface type by entering the set port port-number framerelay netinterfacetype
uni command.
Using the ping Command
The ping command is useful for determining whether communication is possible over a
particular Internet Protocol (IP) connection. The ping command sends an Internet Control
Message Protocol (ICMP) echo packet to the specified IP address. If communication with that
address is possible, the host replies with an ICMP-echo-reply message.
The following steps describe how to perform a ping test from a LightStream 2020 ATM switch:
Step 1 Log in as root on the LightStream 2020 switch from which you want to send ICMP echo
packets.
Step 2 Enter the ping [packet-size] hostname command (where packet-size is the size of the
packets to send and hostname is the name or IP address of the host). The packet size argument is
optional. The default packet size is 64 bytes.
Step 3 To stop the ping and display a summary of the results, press ^C.
ATM Switching: Trunk Does Not Come Up
Symptom: An ATM trunk does not come up properly and connections cannot be made.
Table 21-4 outlines the problems that might cause this symptom and describes solutions to those
problems.
Table 21-4: ATM Switching: Trunk Does Not Come Up
Possible
Problem
Solution
Card not
configured as a
trunk card
Step 1 Check the port at each end of the trunk with the show port portnumber
statistics command. Make sure that both ports are periodically
sending cells.
Step 2 Check the Octets Sent field to verify that it is incrementing.
Step 3 If one port never sends trunk-up-down messages, make sure the card
is correctly configured as a trunk card.
Step 4 Make sure that a trunk is configured on port 0. The trunk can be
configured as inactive if desired.
Step 5 If both sides of the trunk show that they are sending cells, find out
which side is not receiving cells. Perform a basic port check as described in
the section "Basic Port Checks" earlier in this chapter.
Incorrect line
type
Make sure that the line type parameter (dsx3Linetype) is correctly
configured. Check with your carrier for the correct line type for your
connection. Use the show port physical command to display the line type as
well as the following information:
• Port type
• Operational and administrative CSU type
• Operational and administrative DCE receive bit rate
• Operational transmit bit rate
• Measured bit rate
• Link transmit utilization rate (data plus control)
• Administrative expected dte rate and operational and administrative
net interface type (dte/dce; these are for low-speed line cards only)
• Operational and administrative protocol
• LC auto enable state and debug level
• Data cell capacity and available capacity
• Call setup retry and backoff times
• Operational maximum frame size
• Modem status (DCD, DSR)
Framing type
mismatch
Step 1 Check to see whether both ends of the trunk are configured to use the
same framing type (PLCP, HEC, or G.804). Enter the show port command.
If there is a mismatch, the display for both ports will indicate "DS3 other
failure."
Step 2 Change the framing type on one of the ports, as appropriate, using the
set port c.p characteristics framing type {plcp | t3-hec | q-804} command.
Cell payload
scrambling
mismatch
If there is a cell payload scrambling mismatch, the trunk-up-down (TUD)
protocol will fail because the payload of the cells is scrambled at one end and
not unscrambled at the other end. The trunks will never come up. However,
packets will appear to be received and transmitted without error in the port
statistics display.
Step 1 Check to see whether one end of a trunk has cell payload scrambling
enabled and the other end has cell payload scrambling disabled. Use the
show port c.p physical command to verify the status of the payload
scrambling.
Step 2 Reconfigure the trunk ports using the set port c.p characteristics
cell-scrambling {enable | disable} command so that cell payload scrambling
is either enabled or disabled on both ends of the trunk.
Telephone
company
network
problem
Isolate the problem by running the loopback tests described in the section
"Performing Loopback Tests" earlier in this chapter. If you determine that the
problem is occurring in the telephone company network, contact your carrier
to solve the problem.
Hardware or
cabling
problem
Step 1 Check all cabling and connections to make sure there are no worn
cables or loose connections.
Step 2 Make sure that cable lengths are within specification and that the
cable length port attribute is properly configured. Use the set port c.p
characteristics cable len length command to change the cable length
attribute.
Step 3 Check all hardware for problems. For more information on
troubleshooting hardware, refer to "Troubleshooting Hardware and Booting
Problems."
ATM Switching: Frame Relay Port Does Not Come Up
Symptom: A Frame Relay port on a LightStream 2020 ATM switch does not come up properly.
Data cannot be transmitted out the port.
Table 21-5 outlines the problems that might cause this symptom and describes solutions to those
problems.
Table 21-5: ATM Switching: Frame Relay Port Does Not Come Up
Possible
Problem
Solution
LMI1 type
mismatch
Step 1 Use the show port port-number all command to see whether the Normal
Packets Received counter is incrementing. A packet should be received every
10 seconds from the Frame Relay host.
Step 2 If the counter is not incrementing, check the Discarded Received Packets
statistic. If the Discarded Received Packets entry is incrementing, the packets are
coming in but on a different DLCI2. This occurs when there is an LMI type
mismatch.
Step 3 Make sure that both the Frame Relay port and the Frame Relay host are
configured to use the same LMI protocol (FRIF, ANSI T1 617D, or Q933A).
Use the show port c.p framerelay command to check the LightStream 2020
port. For information on checking and configuring the LMI type on the Frame
Relay host, refer to the vendor documentation.
Step 4 Change the LMI type on the port using the set port c.p framerelay
lmiconfig {none | frif | ansi_t1_617d | q933a} command and see whether the
port becomes active. If the LMI does not come up, make sure that packets are
being received on the LMI DLCI. The FRIF LMI uses DLCI 1023. The ANSI
and Q933A LMIs use DLCI 0.
Port
protocol
incorrect
Step 1 Use the show port c.p framerelay command to make sure that the
LightStream 2020 port is correctly configured as a UNI3 port or an NNI4 port.
In general, ports should be configured to use the UNI protocol. The NNI
protocol is designed for network device-to-network device connection and is
rarely used.
Step 2 If the port protocol is incorrect, use the set port port-number framerelay
netinterfacetype {nni | uni} command to reconfigure it.
DLCI is not
activated
Step 1 Use the show port c.p listdlci command to see whether the Frame Relay
DLCI is deactivated. The output will show an uppercase I in front of the DLCI
entry if it has been manually deactivated.
Step 2 If the DLCI is deactivated, use the set port port-number dlci dlci-number
activate command to activate the DLCI.
1LMI = Local Management Interface
2DLCI = Data Link Connection Identifier
3UNI = User-Network Interface
4NNI = Network-to-Network Interface
ATM Switching: Virtual Circuit Fails to Be Created
Symptom: A Frame Relay, frame forwarding, UNI, or constant bit rate (CBR) virtual circuit
fails to be created.
Table 21-6 outlines the problems that might cause this symptom and describes solutions to those
problems.
Table 21-6: ATM Switching: Virtual Circuit Fails to Be Created
Possible Problem Solution
Virtual circuit not
configured on both
Step 1 Use the show port command to verify that the virtual circuit is
configured on both endpoints. The virtual circuit must be configured on
endpoints both endpoints for the circuit to be created.
Step 2 If one endpoint does not have the virtual circuit configured,
reconfigure the endpoint. For each virtual circuit you must specify the
node, card, and port at each end and the required bandwidth.
For detailed information on configuring virtual circuits, refer to the
LightStream 2020 Configuration Guide.
Port in inactive
mode
Step 1 Check to see whether the virtual circuit is configured on an
inactive port. Use the show port command to check the status of the port.
Step 2 If the port is in inactive or testing mode, bring the port up using the
set port port-number active command.
cardMaxVCs
attribute set too
low
If the cardMaxVCs attribute is set too low on a line card, there might be
insufficient resources available for creating a virtual circuit. Increase the
value of this attribute and reboot the line card. The following switchwide
attribute may be configured only in expert mode in the configuration tool:
• Max VCs for this card---setsnmp cardMaxVCs.card# nnn
Bandwidth or
other circuit
attributes
misconfigured
If the virtual circuit has illegal attributes set, the circuit will not be
created. Review the bandwidth values in particular. Use the following
commands to review the settings:
• Use the show port c.p vci VCI# command to display, for the
specified ATM UNI port, the following attributes of the PVC1
with the specified VCI2:
o Source node, port, and VCI
o Source insured rate, insured burst, maximum rate, and
maximum burst (operational and administrative)
o Destination operational node, port, VCI, insured rate,
insured burst, maximum rate, and maximum burst
o To-net and from-net circuit ID and circuit state, last error
reported by ATM management, and cells required
o Counts of cells to the switch with CLP= 0 or 1, a count of
cells to the switch with CLP = 0 upon arrival at the port,
but forwarded with CLP = 1, and a count of discarded cells
A virtual circuit cannot have a MaxRate larger than the port.
Also, certain combinations of parameters are illegal. If a virtual
circuit uses guaranteed bandwidth, it cannot have any excess
bandwidth. The insured rate must equal the max rate.
• Use the set port c.p vci vci# insured-rate cells/sec command to
set the insured rate to cells/sec for the specified ATM UNI PVC.
The insured rate is the upper bound on the non-sharable bandwidth
that the connection may use in a sustained way. The range is 0-
100,000,000 bits per second. The default for ATM UNI circuits is
0 cells per second.
• Use the set port c.p vci vci# max-rate cells/sec command to set
the maximum rate to cells/sec for the specified ATM UNI PVC.
The maximum rate is the upper bound on the rate of all traffic
(insured and noninsured) allowed to enter the LightStream 2020
network, congestion permitting. The default rate is the line rate for
all cards except the CLC3, for which the default rate is 218
cells/sec.
Refer to the LightStream 2020 Configuration Guide for more information.
Not enough Step 1 If there is not enough bandwidth available to support the virtual
bandwidth circuit, the circuit cannot be created. Check the cells available attribute to
determine how much bandwidth is available (that is, how much has not
been allocated to other virtual circuits). Use the show port c.p all
command to display all port attributes (name, status, statistics, physical,
frameforward, framerelay, DLCI, VCI, PVC, VPI). This is the default,
with show port c.p followed by no arguments.
Step 2 Check the cells required attribute to see how many cells of
bandwidth are needed to carry the virtual circuit over a trunk. Use the
show port c.p vci VCI# command to display, for the specified ATM UNI
port, the following attributes of the PVC with the specified VCI:
• Source node, port, and VCI
• Source insured rate, insured burst, maximum rate, and maximum
burst (operational and administrative)
• Destination operational node, port, VCI, insured rate, insured
burst, maximum rate, and maximum burst
• To-net and from-net circuit ID and circuit state, last error reported
by ATM management, and cells required
• Counts of cells to the switch with CLP= 0 or 1, a count of cells to
the switch with CLP = 0 upon arrival at the port, but forwarded
with CLP = 1, and a count of discarded cells
Trunk down Make sure that any trunks in the path between the endpoints are active.
For more information, see the section "ATM Switching: Trunk Does Not
Come Up" earlier in this chapter.
1PVC = permanent virtual circuit
2VCI = virtual channel identifier
3CLC = cell line card
ATM Switching: Partial Data Delivered over Virtual Circuit
Symptom: Partial data is delivered over a Frame Relay, frame forwarding, UNI, or CBR virtual
-circuit.
Table 21-7 outlines the problems that might cause this symptom and describes solutions to those
problems.
Table 21-7: ATM Switching: Partial Data Delivered over Virtual Circuit
Possible Problem Solution
Network congestion Check whether the network is congested. Check your traffic
management configuration and make adjustments as appropriate.
Use the show chassis congestion command to display the maximum
and minimum intervals between permit limit updates and the
minimum interval between CA updates.
For detailed information, refer to the LightStream 2020 System
Overview.
Target depth and
maximum depth
parameters
misconfigured (CBR1
only)
Use the set port c.p cbrpvc PVC# {targetdepth | maxdepth} bytes
command to control the reassembly buffer at the point where input
cells are converted back into a CBR stream. An adaptive control
loop maintains data in the buffer close to the level specified by
targetdepth bytes. Data in excess of maxdepth bytes is discarded.
The default values of the targetdepth and maxdepth attributes are
usually best left unchanged. If the target depth is set too high or if
the maximum depth is set too far above the target, end-to-end delay
for the entire circuit increases. With voice traffic, such delay can
cause annoying echo. If the target depth is set too low or if the
maximum depth is set too close to the target depth, random CDV2
may cause the circuit to overflow or underflow sporadically, causing
data errors and reframe events for equipment downstream. For
certain applications, such as video and phone, where some
discarding of overflow data is an acceptable cost of maintaining a
constant bit rate, it may be preferable to set these two parameters
closer together.
1CBR = constant bit rate
2CDV = cell delay variation
!"#$%&'()*+&&#&'
Friday 15 May 2009
LEARN HOW TO USE YOUR COMPUTER AND SECURE YOUR HOME
ACKNOWLEDGEMENT
I expressed my appreciation and gratitude to all my friends who have been involved in
making this work successful, my regard to Mr. Aneke I.C, the lecturer of this course, who
gave me the privilege of knowing how to write text book and my parents who gave me
financial support. I will not also forget friends Tochukwu (De Prince), Elechi Jude for
their advice but my special thanks goes to Almighty God who gave me life and healthy
up till date because some of my mate have passed away. To God be the Glory.
3
ABSTRACT
Computer security is a branch of technology known as information security as applied to
computer(s). The objective of computer security can include protection of information
from theft or corruption, or the preservation of availability, as defined in the security
policy.
Computer security imposes requirements on computers that are different from most
system requirements because they often take the form of constraints on what computers
are not supposed to do. This makes computer security particularly challenging because it
is hard enough just to make computer programs do everything they are designed to do
correctly. Furthermore, negative requirements are deceptively complicated to satisfy and
require exhaustive testing to verify, which is impractical for most computer programs.
Computer security provides a technical strategy to convert negative requirements to
positive enforceable rules. For this reason, computer security is often more technical and
mathematical than some computer science fields.
Typical approaches to improving computer security (in approximate order of strength)
can include the following:
· Physically limit access to computers to only those who will not compromise security.
· Hardware mechanisms that impose rules on computer programs, thus avoiding depending
on computer programs for computer security.
· Operating system mechanisms that impose rules on programs to avoid trusting computer
programs.
· Programming strategies to make computer programs dependable and resist subversion.
4
Table of content
Abstract …………………………………………………………………… i
Acknowledge ……………………………………………………………… ii
Table of content…………………………………………………………… iii
Chapter 1
1.0 Introduction……………………………………………………………… 1-2
Chapter 2
2.0 Things you ought to know………………………………………………. 2-4
2.1 Information in the clear…………………………………………………. 5
Chapter 3
3.0 Pir – control floodlights………………………………………………… 6-7
3.1 Energy conservation…………………………………………………… 7
3.2 How to use Pir property………………………………………………… 7
3.2 Customized security solution ………………………………………….. 7-9
3.3 Use care when reading e mail with attachment………………………… 9-14
3.4 Now, what can you do………………………………………………….. 14-15
Chapter 4
4.0 Importance of computer in our home…………………………………… 16-17
4.1 Secure operating system ……………………………………………….. 17-19
4.2 Security architecture……………………………………………………. 19
Chapter 5
5.0 Security by design ……………………………………………… …….. 20-21
5.1 Early history of security design………………………………………… 21-22
5.2 Secure coding…………………………………………………………… 22-25
Conclusion………………………………………………………………….. 26
Reference…………………………………………………………………… 27
5
CHAPTER 1
1.0 INTRODUCTION
Your home computer is a popular target for intruders. Why? Because intruders want what
you’ve stored there. They look for credit card numbers, bank account information, and
anything else they can find. By stealing that information, intruders can use your money to buy
themselves goods and services. But it’s not just money-related information they’re after.
Intruders also want your computer’s resources, meaning your hard disk space, your fast
processor, and your Internet connection. They use these resources to attack other computers on
the Internet. In fact, the more computers an intruder uses, the harder it is for law enforcement
to figure out where the attack is really coming from. If intruders can’t be found, they can’t be
stopped, and they can’t be prosecuted.
Why are intruders paying attention to home computers? Home computers are typically not
very secure and are easy to break into. When combined with high-speed Internet connections
that are always turned on, intruders can quickly find and then attack home computers. While
intruders also attack home computers connected to the Internet through dial-in connections,
high-speed connections (cable modems and DSL modems) are a favorite target.
No matter how a home computer is connected to the Internet, intruders’ attacks are often
successful. Many home computer owners don’t realize that they need to pay attention to
computer security. In the same way that you are responsible for having insurance when you
drive a car, you need to also be responsible for your home computer’s security. This document
explains how some parts of the Internet work and then describes tasks you can do to improve
the security of your home computer system. The goal is to keep intruders and their programs
off your computer.
How do intruders break into your computer? In some cases, they send you email with a virus.
Reading that email activates the virus, creating an opening that intruders use to enter or access
your computer. In other cases, they take advantage of a flaw or weakness in one of your
computer’s programs – a vulnerability – to gain access.
6
Once they’re on your computer, they often install new programs that let them continue to use
your computer – even after you plug the holes they used to get onto your computer in the first
place. These backdoors are usually cleverly disguised so that they blend in with the other
programs running on your computer.
The next section discusses concepts you need to know, especially trust. The main part of this
document explains the specific issues that need your attention. There are examples of how to
do some of these tasks to secure a Microsoft Windows 2000-based computer. We also provide
checklists you can use to record information about the steps you have taken to secure your
computer. Finally, a glossary defines many of the technical terms used in this document.
Unless otherwise stated in the glossary, the definitions come from the Whether your computer
runs Microsoft® Windows®, Apple’s Mac OS, LINUX, or something else, the issues are the
same and will remain so as new versions of your system are released. The key is to understand
the security-related problems that you need to think about and solve. Before diving into the
tasks you need to do to secure your home computer, let’s first think about the problem by
relating it to something you already know how to do. In this way, you can apply your
experience to this new area.
So, think of your computer as you would your house, your apartment, or your condo. What do
you know about how that living space works, what do you routinely do to keep it secure, and
what have you installed to improve its security? (We’ll use this “computer-is-like-a-house-andthe-
things-in-it” analogy throughout, departing only a few times to make a point.)
For example, you know that if you have a loud conversation, folks outside your space can
probably hear you. You also routinely lock the doors and close the windows when you leave,
and you don’t give the keys to just anyone. Some of you may install a security system to
complement your practices. All of these are part of living in your home. Let’s now apply
similar thinking to your home computer. Email, instant messaging, and most web traffic go
across the Internet in the clear; that is, anyone who can capture that information can read it.
These are things you ought to know. You should always select and use strong passwords and
exercise due care when reading you ought to do. Finally, you can add a firewall, an anti-virus program,
patches, and file encryption to improve the level of security on your home computer, and we’ll call these things
you ought to install. all email, especially the unsolicited variety.
7
CHAPTER2
2.0 THINGS YOU OUGHT TO KNOW
Trust
Human beings are trusting by nature. We trust much of what we hear on the radio, see on
television, and read in the newspaper. We trust the labels on packages. We trust the mail we
receive. We trust our parents, our partner or spouse, and our children. We trust our co-workers.
In fact, those who don’t trust much are thought to be cynical. Their opinions may be all too
quickly ignored or dismissed.
The Internet was built on trust.1 Back in the mid 1960s, computers were very expensive and
slow by today’s standards, but still quite useful. To share the expensive and scarce computers
installed around the country, the U.S. government funded a research project to connect these
computers together so that other researchers could use them remotely. This project was called
the ARPAnet, named after the government research agency – ARPA, the Advanced Research
Projects Agency – that funded and managed the project.
Key to the ARPAnet was the level of trust placed in its users; there was little thought given to
malicious activity. Computers communicated using a straightforward scheme that relied on
everybody playing by the rules. The idea was to make sharing ideas and resources easy and as
efficient as the technology of the day provided. This philosophy of trust colors many of the
practices, procedures, and technologies that are still in place today.
Only within the last few years, when Internet commerce (known as e-commerce) began to
spread, it has become inadequate to rely principally on trust. Since the days of the ARPAnet,
we’ve changed the way we use computer networks while others have changed the underlying
technologies, all in an attempt to improve the security of the Internet and the trust we place on
it.
Let’s dig deeper into two examples of what we trust in our daily lives. When you receive mail
through the post office, many envelopes and the letters in them contain the sender’s address.
8
Have you ever wondered if those addresses were valid; that is, do they match the address of
the person or persons who really sent them? While you could check to see that those addresses
are valid and refer to the person they name, it’s not an easy task.
How would you go about it? Would you call the phone number provided with the letter? That
number could also be invalid, and the person that answers the phone could be as misleading as
the original address. Perhaps you could call directory assistance or the police department that
has jurisdiction over the town where the letter was supposedly from. They might be helpful,
but that is likely to take lots of time. Most people wouldn’t bother.
And it’s not just return addresses either. How about advertisements, news stories, or the
information printed on groceries? Suppose you were on a low-fat diet. You’d want to buy
foods low in fat. To select the right foods, you’d read the product label at the grocery store.
How do you know that the label information is valid? What’s to say it’s not forged? And how
would you know?
The Internet has many of the same issues, and email is one of the best examples. In an email
message, an intruder can easily fabricate where the came from. But this information forging –
called spoofing by intruders and security professionals – is not limited to just email. In fact, the
basic unit of information transferred on the Internet – called a packet – can also be easily
forged or spoofed.
What does this mean and why should you care? It means that any information you receive
from some other computer on the Internet should not be trusted automatically and
unconditionally. When you trust an email message that turns out to have a harmful virus
attached to it, your computer can be infected, your files destroyed, and your work lost. And
that’s why you should care.
This is how the Internet works. It was built on trust. Over time, there have been technological
changes that are worthy of a higher level of our trust than before. Nonetheless, a true sense of
insecurity is better than a false sense of security. So, think about the information you trust. Be
critical and cautious.
9
2.1 INFORMATION IN THE CLEAR
When you have a conversation with someone in your living space, everybody within earshot
can hear the words and probably understand them. If your conversation is especially loud and
your windows open, even passersby can hear. If you want privacy, you and your conversation
partner need to go to another room and close the doors and windows.The Internet works much
the same way, except the room is much, much bigger. When you send email, browse a web
site, or chat online with someone, the conversation between you and that person does not go
directly from your computer to his or her computer. Instead, it goes from your computer to
another computer to still another computer and so on, eventually reaching his or her computer.
Think of all of these computers as an Internet “room.”
Anyone, or, more accurately, any program, in that Internet room that can hear that
conversation can also probably understand it. Why? Because just like the conversation at
home, most Internet conversations are in the clear, meaning that the information exchanged
between computers systems is not concealed or hidden in any way. Again, this is how the
Internet works. You need to know that the information sent across the Internet may be at risk
of others listening in, capturing what you send, and using it for their own benefit. Later, we’ll
talk about encryption as a way to address this problem. Encryption uses mathematics to
conceal information. There are many programs you can install to encrypt the information you
send across the Internet.
10
CHAPTER 3
3.0 PIR-CONTROLLED FLOODLIGHTS
· Illuminate only when the criminal has picked a house and crossed its boundaries. This is
too late and does not deter criminals when it matters most, namely when they are
selecting a house.
· Emit a harsh, intrusive and environmentally unfriendly light that is often a serious
nuisance to neighbors (The Chartered Institute of Environmental Health reports
increasing complaints of nuisance from this type of lighting). Lights where the PIR can
be overridden to be switched on permanently can also cause nuisance.
· Instantly switch on a powerful white light, resulting in a ‘flash factor’ that disturbs
rather than aids human vision. When located near roads, this can be positively
dangerous. Equally, badly adjusted and aimed lights can cause dark shadows due to
their high intensity light.
· Are extremely energy inefficient
· Require regular bulb replacements
· Are easily interfered with unless installed at the recommended height of more than 10'
· Can be so unreliable that they are quickly discredited by householders and neighbours -
common sense suggests that few people will check why a light has activated, assuming
they have seen it activate
· Can increase the fear of crime amongst the most vulnerable by regularly activating for
no apparent reason.
The alternative is to use high efficiency low energy lighting controlled by a photo-electric cell
(dusk to dawn switch). Such low wattage lighting, on permanently during the hours of
darkness, provides a more than adequate level of illumination, is not as harsh and is more
environmentally friendly than tungsten halogen floodlights. A low wattage unit placed out of
easy reach at a height of eight to ten feet could illuminate an average rear garden, helping to
11
create a reassuring environment and hopefully playing its part in deterring the burglar from
selecting that house in the first place. In cost terms, the low wattage ensures that even though
the light is on all night, the cost to run is minimal - no more than a few pound a year.
PIR switched tungsten halogen floodlights can cause problems, and due to some of the issues
highlighted above, may provide little in the way of extra security for a domestic dwelling.
They appear to be popular because many people think that PIR is the “right thing” in security
terms. However, low wattage lighting provides a more constant level of illumination with
fewer shadows. All of this assumes that the area being lit can be overlooked as there would be
little point in lighting an area which cannot be seen, except in practical terms for the
householder.
In conclusion, for security purposes, and from the Secured by Design perspective, the first
choice in security lighting is the low energy photo-electric cell controlled light. Whilst there is
a place for PIR controlled lighting, many domestic versions on sale do not operate well in the
hostile external environment and therefore may not function as well as expected.
3.1 ENERGY CONSERVATION
Energy supply companies have an obligation to contribute energy savings to national targets
over the 3 years to 2005. This may include free or discounted high efficiency low energy light
bulbs and it is therefore worth investigating with supply companies whether or not this is
available in your area. Neighborhoods Watch schemes could be involved to facilitate local
distribution of low energy lights for both internal and external use.
3.2 HOW TO USE PIRS PROPERLY
The Institute of Lighting Engineers have produced an easy-to-understand guide to security
lighting, balancing the pros and cons of both PIR halogen lighting and dusk-to-dawn low
wattage lighting. They also outline how to fit a PIR light to avoid or mitigate some of the
negative factors outlines above.
Protecting you, your loved ones and your home Often we see and hear incidents of burglary
and house fires but dismiss it and assume it won’t happen to us. Unfortunately the harsh reality
12
is that it can happen and we should take preventative actions to minimize the risks.
We understand this and that's why we are the UK's leading home security company, helping to
protect over 250,000 UK family homes (and 160,000 businesses)
across the country.
Whatever size or shape of your home, we offer a range of home
security systems which can be supplied as a set package or tailored
to meet your specific needs; constantly protecting you, your loved
ones and your home from burglary, personal attack, fire, flood and
carbon monoxide poisoning.
Peace of Mind - 24/7 365 days a year. How many times have you ignored a neighbors’ ringing
alarm bell? Unlike conventional alarms, our home security alarms will not be ignored. We
monitor your home 365 days a year, 24 hours a day to act if your alarm is triggered. We even
monitor fire and carbon monoxide detectors and personal alarms; giving you complete peace
of mind. For more details on our monitoring and service levels click here. All our alarms are
installed to the NACOSS gold standards and are monitored via our own security vetted,
professional, UK based alarm receiving centers; giving you full peace of mind.
WHAT IS A MONITORED ALARM?
A monitored alarm is connected via telephone line to an alarm receiving centre (ARC) which
is manned 24 hours a day, 365 days a year. If a monitored alarm is triggered it will alert the
ARC who in turn will contact the emergency services and/or a nominated keyholder.
For a monitored alarm to include emergency services response, it must meet a number of set
industry standards including the NSI NACOSS Gold Scheme.
13
3.3 CUSTOMISED SECURITY SOLUTIONS
Our customized security systems are suitable where there is a need for;
· guidance from a security professional
· larger properties
· pet friendly systems for large pets
· a conservatory needs to be protected
· CCTV and door entry systems
Our customized security solution are designed together with the homeowner following an
security survey and risk assessment of the home to be protected by one of our consultant
3.4 Task 3 - Use Care When Reading Email with Attachments
We’ve all heard stories about people receiving an item in the mail that in some way caused
them harm. We’ve heard of letter bombs and exploding packages, and in 2001, we learned
about Anthrax-laden letters. Although their frequency is low, they do make news.
These unsolicited items are sent to unsuspecting recipients. They may contain a return address,
a provocative envelope, or something else that encourages its receiver to open it. This
technique is called social engineering. Because we are trusting and curious, social engineering
is often effective.
In the case of the Anthrax letters addressed to United States senators, the envelopes contained
a school’s return address as an inducement to open them. What government official wouldn’t
14
want to serve their constituency by reading and responding to a letter supposedly sent by a
class at a school, especially an elementary school? By opening the letter and subsequently
spreading its lethal contents, the recipient complied with the wishes of the sender, a key
foundation of social engineering. In the pre-Anthrax letter days, a mail handler might have
given little thought to the contents of the letter or the validity of the return address. Those days
are behind us. You probably receive lots of mail each day, much of it unsolicited and
containing unfamiliar but plausible return addresses. Some of this mail uses social engineering
to tell you of a contest that you may have won or the details of a product that you might like.
The sender is trying to encourage you to open the letter, read its contents, and interact with
them in some way that is financially beneficial – to them. Even today, many of us open letters
to learn what we’ve won or what fantastic deal awaits us. Since there are few consequences,
there’s no harm in opening them.
Email-borne viruses and worms operate much the same way, except there are consequences,
sometimes significant ones. Malicious email often contains a return address of someone we
know and often has a provocative Subject line. This is social engineering at its finest –
something we want to read from someone we know.
Email viruses and worms are fairly common. If you’ve not received one, chances are you will.
Here are steps you can use to help you decide what to do with every email message with an
attachment that you receive. You should only read a message that passes all of these tests.
1. The Know test: Is the email from someone that you know?
2. The Received test: Have you received email from this sender before?
3. The Expect test: Were you expecting email with an attachment from this sender?
4. The Sense test: Does email from the sender with the contents as described in the
Subject line and the name of the attachment(s) make sense? For example, would
you expect the sender – let’s say your Mother – to send you an email message
with the Subject line “Here you have, ;o)” that contains a message with
attachment – let’s say AnnaKournikova.jpg.vbs? A message like that probably
doesn’t make sense. In fact, it happens to be an instance of the Anna Kournikova
worm, and reading it can damage your system.
15
5. The Virus test: Does this email contain a virus? To determine this, you need to
install and use an anti-virus program. That task is described in Task 1 - Install
and Use Anti-Virus Programs.
You should apply these five tests – KRESV – to every piece of email with an attachment that
you receive. If any test fails, toss that email. If they all pass, then you still need to exercise care
and watch for unexpected results as you read it.
Now, given the KRESV tests, imagine that you want to send email with an attachment to
someone with whom you’ve never corresponded – what should you do? Here’s a set of steps to
follow to begin an email dialogue with someone.
1. Since the recipient doesn’t already Know you, you need to send them an
introductory email. It must not contain an attachment. Basically, you’re
introducing yourself and asking their permission to send email with an
attachment that they may otherwise be suspicious of. Tell them who you are,
what you’d like to do, and ask for permission to continue.
2. This introductory email qualifies as the mail Received from you.
3. Hopefully, they’ll respond; and if they do, honor their wishes. If they choose not
to receive email with an attachment from you, don’t send one. If you never hear
from them, try your introductory email one more time.
4. If they accept your offer to receive email with an attachment, send it off. They
will Know you and will have Received email from you before. They will also
Expect this email with an attachment, so you’ve satisfied the first three
requirements of the KRESV tests.
5. Whatever you send should make Sense to them. Don’t use a provocative Subject
line or any other social engineering practice to encourage them to read your
email.
6. Check the attachments for Viruses. This is again based on having virus-checking
programs, and we’ll discuss that later.
The KRESV tests help you focus on the most important issues when sending and receiving
email with attachments. Use it every time you send email, but be aware that there is no
16
foolproof scheme for working with email, or security in general. You still need to exercise
care. While an anti-virus program alerts you to many viruses that may find their way to your
home computer, there will always be a lag between when a virus is discovered and when antivirus
program vendors provide the new virus signature. This means that you shouldn’t rely
entirely on your anti-virus programs. You must continue to exercise care when reading email.
Let’s return to your living space and our original analogy. Think about your checkbook, your
insurance policies, perhaps your birth certificate or passport, and other important documents
you have at home. Where are they? They’re probably stored in a filing cabinet or a safe, either
of which that can be or is routinely locked. Why do you store these important items in a locked
container?
Without realizing it, you are satisfying one of the three components of information security –
confidentiality. Confidentiality means keeping secrets secret. Only those who are supposed to
see that information should have access to it. You are keeping information sensitive to you and
others away from those who should not be able to get to it, for example a family member or an
intruder. By the way, the other two components of information security are integrity (Has my
information changed?) and availability (Can I get to my information whenever I need it?).
You further protect information confidentiality when you enforce it by using an access control
device, namely the lock on your filing cabinet or safe. This device stands between the
information and those seeking access, and it grants access to all who have the combination, the
key, or whatever tool unlocks the container. When several layers of access control devices are
used (called “defense in depth”) – you might also find that these containers are themselves in
locked rooms. Would-be intruders must pass through several levels of protection before finally
gaining access to the information they seek.
Now, think back to your home computer. The problem is to control access to files and folders.
The access control device here is the access control list or ACL. ACLs define who can perform
actions on a file or folder: reading and writing, for example. ACLs are equivalent to a locked
filing cabinet for paper documents.
Different computer systems provide different types of ACLs. Some have fine-grained controls
while others have virtually none. The key is to use all the controls that are available on your
17
computer.
Frequently, vendors define ACLs that are overly permissive. This satisfies their need to ensure
that access limitations don’t get in the way of using their systems. Your challenge is to tighten
those ACLs so that they properly restrict access to only those who need access. This means
that you need to modify the ACLs from the settings set by the vendor. We’ll talk more about
how to do this shortly.
Returning to the home environment, do you remember a time when adults in your house
wanted to say something to one another in front of their children but in such a way that the
children couldn’t understand what was being said? Perhaps they spelled their message or used
Pig Latin (ig-pay Atin-lay) to conceal the meaning. This worked for a while, until the children
learned to spell or could otherwise understand what was being said. What’s really happening
here?
Very simply, the adults could not control who could hear their conversation. It was
inconvenient or perhaps impossible for them to go to another room where they couldn’t be
heard. They had to talk in a way that only those who knew the concealing scheme could
understand what was being said.
On a computer, when access to information can’t be limited, such for an e-commerce
transaction over the Internet, that information is concealed through a mathematical process
called encryption. Encryption transforms information from one form (readable text) to another
(encrypted text). Its intent is to hide information from those who have neither the
transformation method nor the particulars (the decryption keys) to transform the encrypted text
into readable text. The encrypted text appears to be gibberish and remains so for people who
don’t have the scheme and the keys.
Back on the home front, the children eventually learned how to spell and perhaps also learned
the trick to using Pig Latin. They can now understand the conversations the adults are having.
While they could also understand the conversations held weeks, months, or even years before,
the information in those conversations is no longer important. The encryption scheme –
spelling or Pig Latin – is strong enough to guard the information during its useful lifetime.
18
Computer-based encryption schemes must also withstand the test of time. For example, if a
credit card encryption scheme needs six months of computer time to break, the resulting clear
text credit card number is probably still valid and, therefore, useful to an intruder. In this case,
the encryption scheme isn’t strong enough to guard the information for its entire useful
lifetime. So, to guard paper or computer files, you need to limit who has access to them by
using the access control devices, whether filing cabinets and safes for paper or access control
lists for information on a computer system. For assets whose access cannot be sufficiently
limited, you need to encrypt them strongly enough so that the time it takes to decrypt them is
longer than their useful life.
3.5 NOW, WHAT CAN YOU DO?
First, if more than one person uses your computer, you can adjust the ACLs that control access
to sensitive files and folders. Your goal is to allow the correct type of access to the files and
folders that each user needs, and nothing more. The steps below help you to decide how to
adjust the ACLs for files and folders:
1. The Who test: Who – which users – need access to files besides you?
2. The Access test: What type of access do they need? Read? Write?
3. The Files/Folders test: Which files and folders need special access? Just like
your firewall rules, your general policy should be to limit access to only you
first, and then grant access beyond that where needed.
By applying the WAF tests, you can limit access to sensitive files on your computer to only
those who need it. Setting proper ACLs is not a trivial task. Be prepared to repeat it a few
times until you get it right for the way your computer is used. It’s worth the time spent, but
knows that it may take longer than you expect. For very sensitive files and for files that are on
a laptop, don’t rely solely on file and folder ACLs. You need to go further and use encryption.
Some vendors provide encryption with their systems right from the start. This means that all
you have to do is follow the vendor’s instructions on how to use those features, but be certain
to use them. On systems where encryption is not included, you need to install additional
encryption programs. For encryption programs that you download from the Internet, be sure to
follow the instructions in Task 7 - Use Care When Downloading and Installing Programs.
19
Also follow the instructions in Task 6 - Use Strong Passwords for additional guidance on
passwords required by encryption programs. There are free and commercial encryption
programs, and in most cases, the free versions suffice. However, commercial programs may
provide more features and may keep up better with newer and, therefore, stronger encryption
methods. If you rely on a laptop computer, you should consider purchasing a commercial file
encryption programs.
Whether paper files around your living space or files and folders on your computer, limit
access where you can. On your computer, use encryption programs either when you can’t
restrict access to the extent that you’d like or when you want even more security protecting
your computer files and folders.
20
CHAPTER 4
4.0 IMPORTANCE OF COMPUTER IN OUR HOME
"Everyone uses a computer, but the average user doesn't think of the security involved in
keeping our information safe that's on our network," said Tech. Sgt. Ryan Kohler, 100th
Communications Squadron/100th Air Refueling Wing Information Assurance office
noncommissioned officer in charge. "The (Department of Defense) network is so integrated;
we're very dependent on it and we're constantly trying to keep it secure from malicious viruses
coming onto our network via outside sources, or even the users from inside.
"People bring in thumb drives from their homes that have been plugged into their computer,
which might be infected. They then bring it to their work computer, plugging it in to copy files
over, and end up introducing an infection to the government network," he said.
The current ban on any form of flash media - thumb drives, flash drives or card readers - is
permanent as of now, according to Sergeant Kohler. External portable hard drives are allowed,
but they must be virus-checked before each use.
"If you get a virus or a malicious logic on your thumb drive, you don't know it's even there; if
it gets plugged into a home computer, then straight into the computer at work, it can
automatically install without you doing anything to it.
"It can result in a 'key logger', which starts logging every single keystroke you do - for
example, when you start typing in a Web address, or your user name and password - key
loggers are very dangerous and can send the personal information off to whatever Web site is
requesting it," said the NCOIC.
This is one reason the wing IA office ensures all government computers are up-to-date with
patches, to fix vulnerabilities in software, to check for malicious software, such as the Trojan
Horse or Worm virus.
"Some of the things we also want to highlight are phishing scams, where everyone gets sent emails
telling them to click on a link, or send personal information. This can then be used to
break into your bank account, hotmail or find out whatever personal information you might
have," Sergeant Kohler said.
21
"What we're really concerned about is spear phishing - when an e-mail is targeted more
towards a certain individual, such as fake bank e-mails getting sent out to military members,
telling them there's a problem with their government travel card. In all reality, if and when you
click on a link it takes you to some foreign Web site that might be set up to look like the Air
Force Portal or another government site, encouraging members to enter their information."
Sergeant Kohler stressed that people should be wary, and if anyone receives a hyperlink or
attachment in their government e-mail, it shouldn't be opened unless the e-mail is digitally
signed.
Digital signatures must be used whenever necessary, to confirm the sender's identity to the
recipient. They should be used on all official e-mail, and any e-mail containing a hyperlink,
whether official or not.
"We're asking users to start treating the network in the same way they treat force protection - if
you see someone scaling the fence or asking you to get somebody else on the base, you'd
report it to security forces," Sergeant Kohler said. "We want people to be cautious about
security; virus-check anything that you plug into the computer, such as portable hard drives, or
files that you might get through e-mail. Get to know signs that your computer might be
infected, such as programs running very slowly or information starts being deleted from your
computer, and report it to your unit IA officer."
Hardware mechanisms that protect computers and data
Hardware based or assisted computer security offers an alternative to software-only computer
security. Devices such as dongles may be considered more secure due to the physical access
required in order to be compromised.
While many software based security solutions encrypt the data to prevent data from being
stolen, a malicious program may corrupt the data in order to make it unrecoverable or
unusable. Hardware-based security solutions can prevent read and write access to data and
hence offers very strong protection against tampering
4.1 SECURE OPERATING SYSTEMS
One use of the term computer security refers to technology to implement a secure operating
22
system. Much of this technology is based on science developed in the 1980s and used to
produce what may be some of the most impenetrable operating systems ever. Though still
valid, the technology is in limited use today, primarily because it imposes some changes to
system management and also because it is not widely understood. Such ultra-strong secure
operating systems are based on operating system kernel technology that can guarantee that
certain security policies are absolutely enforced in an operating environment. An example of
such a Computer security policy is the Bell-La Padula model. The strategy is based on a
coupling of special microprocessor hardware features, often involving the memory
management unit, to a special correctly implemented operating system kernel. This forms the
foundation for a secure operating system which, if certain critical parts are designed and
implemented correctly, can ensure the absolute impossibility of penetration by hostile
elements. This capability is enabled because the configuration not only imposes a security
policy, but in theory completely protects itself from corruption. Ordinary operating systems, on
the other hand, lack the features that assure this maximal level of security. The design
methodology to produce such secure systems is precise, deterministic and logical.
Systems designed with such methodology represent the state of the art[clarification needed] of
computer security although products using such security are not widely known. In sharp
contrast to most kinds of software, they meet specifications with verifiable certainty
comparable to specifications for size, weight and power. Secure operating systems designed
this way are used primarily to protect national security information, military secrets, and the
data of international financial institutions. These are very powerful security tools and very few
secure operating systems have been certified at the highest level (Orange Book A-1) to operate
over the range of "Top Secret" to "unclassified" (including Honeywell SCOMP, USAF
SACDIN, NSA Blacker and Boeing MLS LAN.) The assurance of security depends not only
on the soundness of the design strategy, but also on the assurance of correctness of the
implementation, and therefore there are degrees of security strength defined for COMPUSEC.
The Common Criteria quantifies security strength of products in terms of two components,
security functionality and assurance level (such as EAL levels), and these are specified in a
Protection Profile for requirements and a Security Target for product descriptions. None of this
ultra-high assurance secures general purpose operating systems have been produced for
decades or certified under the Common Criteria.
23
In USA parlance, the term High Assurance usually suggests the system has the right security
functions that are implemented robustly enough to protect DoD and DoE classified
information. Medium assurance suggests it can protect less valuable information, such as
income tax information. Secure operating systems designed to meet medium robustness levels
of security functionality and assurance have seen wider use within both government and
commercial markets. Medium robust systems may provide the same security functions as high
assurance secure operating systems but do so at a lower assurance level (such as Common
Criteria levels EAL4 or EAL5). Lower levels mean we can be less certain that the security
functions are implemented flawlessly, and therefore less dependable. These systems are found
in use on web servers, guards, database servers, and management hosts and are used not only
to protect the data stored on these systems but also to provide a high level of protection for
network connections and routing services.
4.2 SECURITY ARCHITECTURE
Security Architecture can be defined as the design artifacts that describe how the security
controls (security countermeasures) are positioned, and how they relate to the overall
information technology architecture. These controls serve the purpose to maintain the system's
quality attributes, among them confidentiality, integrity, availability, accountability and
assurance."[1]. In simpler words, security architecture is the plan that shows where security
measures need to be placed. If the plan describes a specific solution then, prior to building
such a plan, one would make a risk analysis. If the plan describes a generic high level design
(reference architecture) then the plan should be based on a threat analysis.
24
CHAPTER 5
5.1 SECURITY BY DESIGN
The technologies of computer security are based on logic. There is no universal standard
notion of what secure behavior is. "Security" is a concept that is unique to each situation.
Security is extraneous to the function of a computer application, rather than ancillary to it, thus
security necessarily imposes restrictions on the application's behavior.
There are several approaches to security in computing, sometimes a combination of
approaches is valid:
1. Trust all the software to abide by a security policy but the software is not trustworthy
(this is computer insecurity).
2. Trust all the software to abide by a security policy and the software is validated as
trustworthy (by tedious branch and path analysis for example).
3. Trust no software but enforce a security policy with mechanisms that are not
trustworthy (again this is computer insecurity).
4. Trust no software but enforce a security policy with trustworthy mechanisms.
Many systems have unintentionally resulted in the first possibility. Since approach two is
expensive and non-deterministic, its use is very limited. Approaches one and three lead to
failure. Because approach number four is often based on hardware mechanisms and avoids
abstractions and a multiplicity of degrees of freedom, it is more practical. Combinations of
approaches two and four are often used in a layered architecture with thin layers of two and
thick layers of four.
There are myriad strategies and techniques used to design security systems. There are few, if
any, effective strategies to enhance security after design.
One technique enforces the principle of least privilege to great extent, where an entity has only
the privileges that are needed for its function. That way even if an attacker gains access to one
25
part of the system, fine-grained security ensures that it is just as difficult for them to access the
rest.
Furthermore, by breaking the system up into smaller components, the complexity of individual
components is reduced, opening up the possibility of using techniques such as automated
theorem proving to prove the correctness of crucial software subsystems. This enables a closed
form solution to security that works well when only a single well-characterized property can
be isolated as critical, and that property is also assessable to math. Not surprisingly, it is
impractical for generalized correctness, which probably cannot even be defined, much less
proven. Where formal correctness proofs are not possible, rigorous use of code review and unit
testing represent a best-effort approach to make modules secure.
The design should use "defense in depth", where more than one subsystem needs to be violated
to compromise the integrity of the system and the information it holds. Defense in depth works
when the breaching of one security measure does not provide a platform to facilitate
subverting another. Also, the cascading principle acknowledges that several low hurdles do not
make a high hurdle. So cascading several weak mechanisms does not provide the safety of a
single stronger mechanism.
Subsystems should default to secure settings, and wherever possible should be designed to
"fail secure" rather than "fail insecure" (see fail safe for the equivalent in safety engineering).
Ideally, a secure system should require a deliberate, conscious, knowledgeable and free
decision on the part of legitimate authorities in order to make it insecure.
In addition, security should not be an all or nothing issue. The designers and operators of
systems should assume that security breaches are inevitable. Full audit trails should be kept of
system activity, so that when a security breach occurs, the mechanism and extent of the breach
can be determined. Storing audit trails remotely, where they can only be appended to, can keep
intruders from covering their tracks. Finally, full disclosure helps to ensure that when bugs are
found the "window of vulnerability" is kept as short as possible
5.1 EARLY HISTORY OF SECURITY BY DESIGN
26
The early Multics operating system was notable for its early emphasis on computer security by
design, and Multics was possibly the very first operating system to be designed as a secure
system from the ground up. In spite of this, Multics' security was broken, not once, but
repeatedly. The strategy was known as 'penetrate and test' and has become widely known as a
non-terminating process that fails to produce computer security. This led to further work on
computer security that prefigured modern security engineering techniques producing closed
form processes that terminate.
5.2 SECURE CODING
If the operating environment is not based on a secure operating system capable of maintaining
a domain for its own execution, and capable of protecting application code from malicious
subversion, and capable of protecting the system from subverted code, then high degrees of
security are understandably not possible. While such secure operating systems are possible and
have been implemented, most commercial systems fall in a 'low security' category because
they rely on features not supported by secure operating systems (like portability, et al.). In low
security operating environments, applications must be relied on to participate in their own
protection. There are 'best effort' secure coding practices that can be followed to make an
application more resistant to malicious subversion.
In commercial environments, the majority of software subversion vulnerabilities result from a
few known kinds of coding defects. Common software defects include buffer overflows,
format string vulnerabilities, integer overflow, and code/command injection.
Some common languages such as C and C++ are vulnerable to all of these defects (see
Seacord, "Secure Coding in C and C++"). Other languages, such as Java, are more resistant to
some of these defects, but are still prone to code/command injection and other software defects
which facilitate subversion.
Recently another bad coding practice has come under scrutiny; dangling pointers. The first
known exploit for this particular problem was presented in July 2007. Before this publication
the problem was known If one of your appliances broke, you’d probably try to have it repaired.
You’d call a repairperson that you hope could do the job. You’d get an estimate and then
27
you’d either get it fixed or replace it. Your goal is to somehow restore the functions that the
appliance provides.
What do you do when a software “appliance” – a program – or the operating system itself
breaks? How do you restore the functions that they provide? Do you know whom to call or
even where to look to determine what to do next?
Most vendors provide patches that are supposed to fix bugs in their products. Frequently these
patches do what they’re supposed to do. However, sometimes a patch fixes one problem but
causes another. For example, did you ever have a repairperson fix an appliance but in the
process, they scratched the floor or damaged a countertop during their visit? For a computer,
the repair cycle might have to be repeated until a patch completely fixes a problem.
Vendors often provide free patches on their web sites. When you purchase programs, it’s a
good idea to see if and how the vendor supplies patches, and if and how they provide a way to
ask questions about their products. Just as appliance vendors often sell extended warranties for
their products, some software vendors may also sell support for theirs.
Have you ever received a recall notice for your car or another product you’ve purchased?
Vendors send these notices to product owners when a safety-related problem has been
discovered. Registering your purchase through the warranty card gives the vendor the
information they need to contact you if there is a recall.
Program vendors also provide a recall-like service. You can receive patch notices through
email by subscribing to mailing lists operated by the programs’ vendors. Through this type of
service, you can learn about problems with your computer even before you discover them and,
hopefully, before intruders have the chance to exploit them. Consult the vendor’s web site to
see how to get email notices about patches as soon as they’re available.
Some vendors have gone beyond mailing lists. They provide programs bundled with their
systems that automatically contact their web sites looking for patches specifically for your
home computer. These automatic updates tell you when patches are available, download them,
and even install them. You can tailor the update features to do only want you want, such as just
28
telling you something new is waiting but doing nothing more.
While the patching process is getting easier, even to the point where it can be completely
automated, it is not yet foolproof. In some cases, installing a patch can cause another
seemingly unrelated program to break. The challenge is to do as much homework as you can to
learn what a patch is supposed to do and what problems it might cause once you’ve installed it.
This is a hard job. Often, the vendors don’t tell you about problems their patches can cause.
Why? Because it is simply impossible to test all possible programs with all possible patches to
discover unexpected side effects. Imagine doing that job and then continuing to do that for
each new program and patch that comes along. Vendors rely on their customers to tell them
when something unexpected happens once a patch is installed. So, if this happens to you, let
them know.
Imagine then that you’ve either found a patch on the vendor’s site or you’ve received notice
that a patch is available. What do you do next? Follow the steps below to evaluate a patch
before you install it:
1. The Affected test: Does this patch affect one of the programs on your computer?
If it doesn’t affect your computer, you’re done. Whew!
2. The Break test: Can you tell from the vendor’s web site or the patch’s
description if installing it breaks something else that you care about? If
installation does break something, then you have to decide how to proceed. Try
notifying the vendor of the program that might break to learn what their strategy
is for addressing this problem. Also, use your web browser to learn if anyone
else has experienced this problem and what he or she did about it.
3. The Undo test: Can you undo the patch? That is, can you restore your computer
to the way it was before you installed the patch? Currently, vendors are building
most patches with an uninstall feature that enables you to remove a patch that
has unwanted consequences. In addition, some computers also come with
features that help you restore them to a previously known and working state
should there be a problem. You need to know what your computer provides so
that you can undo a patch if necessary.
29
Recall from the Introduction that intruders exploit vulnerabilities to gain access to home
computers. How do intruders find out about these vulnerabilities? In many cases, they read the
same vendor mailing lists and use the same automatic notification schemes that you use. This
means that you need to evaluate and install patches on your home computer as soon as they’re
available. The longer vulnerability is known, the greater the chances are that an intruder will
find it on your home computer and exploit it. With the ABU tests, you can quickly evaluate
and install patches to keep intruders off your home computer.
One last thing: patches are usually distributed as programs. This means that you need to use
the DCAL steps described in Task 7 - Use Care When Downloading and Installing Programs
before loading and installing a patch. Intruders often take advantage of vulnerabilities
wherever they may be. In many cases, the vulnerabilities they exploit may have patches, but
those patches were not installed. For your home computer, make time to keep your programs
patched wherever possible. If you can’t patch a program, shop around for an equivalent
program and use it until the original program is fixed or you’ve abandoned it in favor of
something more reliable.
You can spend money on maintenance where you get patches for programs, but that’s usually
not necessary. Since most vendors provide free patches, mailing lists, and automatic updates,
keeping your computer patched usually only costs you time.
30
CONCLUSION
Growing up, you learn many of the things you need to know about how to operate and care for
a car by sitting in the back seat while adults drive and care for their vehicles. Similarly, you
learn many of the things you need to know about how to care for and maintain a home by
watching what is done to the one where you live. It is a slow, gradual process, so slow in fact
you are probably unaware that you are learning the skills you need to do these same jobs
yourself. You don’t have that same luxury of time to learn how to care for and operate your
home computer. When you attach it to the Internet for the first time, it instantly becomes a
target for intruders. You need to be ready right from the start. As you grow up, you also learn
that you need to spend time and money to repair and replace those things around your living
space and your car that need your attention. You learn that you have to spend more time and
more money to tailor them to meet your needs and to keep you and others safe during their use.
You accept these responsibilities and their costs as part of the total cost of ownership of that
car and living space.
Your home computer is much the same. There is the initial money that you pay to purchase
that system. Then there are additional costs to tailor it and to keep you and the others who use
your system safe. These additional costs are also your responsibility, and they are part of the
total cost of ownership of your home computer. This document helps you think about the
problems you face when you have a home computer and gives you advice on how to address
these problems. By taking the time to read this document, you know more about securing your
home computer and the extra costs required to do this job. Do the tasks described here and
share this document with your friends. We all benefit from a more secure Internet.
31
I expressed my appreciation and gratitude to all my friends who have been involved in
making this work successful, my regard to Mr. Aneke I.C, the lecturer of this course, who
gave me the privilege of knowing how to write text book and my parents who gave me
financial support. I will not also forget friends Tochukwu (De Prince), Elechi Jude for
their advice but my special thanks goes to Almighty God who gave me life and healthy
up till date because some of my mate have passed away. To God be the Glory.
3
ABSTRACT
Computer security is a branch of technology known as information security as applied to
computer(s). The objective of computer security can include protection of information
from theft or corruption, or the preservation of availability, as defined in the security
policy.
Computer security imposes requirements on computers that are different from most
system requirements because they often take the form of constraints on what computers
are not supposed to do. This makes computer security particularly challenging because it
is hard enough just to make computer programs do everything they are designed to do
correctly. Furthermore, negative requirements are deceptively complicated to satisfy and
require exhaustive testing to verify, which is impractical for most computer programs.
Computer security provides a technical strategy to convert negative requirements to
positive enforceable rules. For this reason, computer security is often more technical and
mathematical than some computer science fields.
Typical approaches to improving computer security (in approximate order of strength)
can include the following:
· Physically limit access to computers to only those who will not compromise security.
· Hardware mechanisms that impose rules on computer programs, thus avoiding depending
on computer programs for computer security.
· Operating system mechanisms that impose rules on programs to avoid trusting computer
programs.
· Programming strategies to make computer programs dependable and resist subversion.
4
Table of content
Abstract …………………………………………………………………… i
Acknowledge ……………………………………………………………… ii
Table of content…………………………………………………………… iii
Chapter 1
1.0 Introduction……………………………………………………………… 1-2
Chapter 2
2.0 Things you ought to know………………………………………………. 2-4
2.1 Information in the clear…………………………………………………. 5
Chapter 3
3.0 Pir – control floodlights………………………………………………… 6-7
3.1 Energy conservation…………………………………………………… 7
3.2 How to use Pir property………………………………………………… 7
3.2 Customized security solution ………………………………………….. 7-9
3.3 Use care when reading e mail with attachment………………………… 9-14
3.4 Now, what can you do………………………………………………….. 14-15
Chapter 4
4.0 Importance of computer in our home…………………………………… 16-17
4.1 Secure operating system ……………………………………………….. 17-19
4.2 Security architecture……………………………………………………. 19
Chapter 5
5.0 Security by design ……………………………………………… …….. 20-21
5.1 Early history of security design………………………………………… 21-22
5.2 Secure coding…………………………………………………………… 22-25
Conclusion………………………………………………………………….. 26
Reference…………………………………………………………………… 27
5
CHAPTER 1
1.0 INTRODUCTION
Your home computer is a popular target for intruders. Why? Because intruders want what
you’ve stored there. They look for credit card numbers, bank account information, and
anything else they can find. By stealing that information, intruders can use your money to buy
themselves goods and services. But it’s not just money-related information they’re after.
Intruders also want your computer’s resources, meaning your hard disk space, your fast
processor, and your Internet connection. They use these resources to attack other computers on
the Internet. In fact, the more computers an intruder uses, the harder it is for law enforcement
to figure out where the attack is really coming from. If intruders can’t be found, they can’t be
stopped, and they can’t be prosecuted.
Why are intruders paying attention to home computers? Home computers are typically not
very secure and are easy to break into. When combined with high-speed Internet connections
that are always turned on, intruders can quickly find and then attack home computers. While
intruders also attack home computers connected to the Internet through dial-in connections,
high-speed connections (cable modems and DSL modems) are a favorite target.
No matter how a home computer is connected to the Internet, intruders’ attacks are often
successful. Many home computer owners don’t realize that they need to pay attention to
computer security. In the same way that you are responsible for having insurance when you
drive a car, you need to also be responsible for your home computer’s security. This document
explains how some parts of the Internet work and then describes tasks you can do to improve
the security of your home computer system. The goal is to keep intruders and their programs
off your computer.
How do intruders break into your computer? In some cases, they send you email with a virus.
Reading that email activates the virus, creating an opening that intruders use to enter or access
your computer. In other cases, they take advantage of a flaw or weakness in one of your
computer’s programs – a vulnerability – to gain access.
6
Once they’re on your computer, they often install new programs that let them continue to use
your computer – even after you plug the holes they used to get onto your computer in the first
place. These backdoors are usually cleverly disguised so that they blend in with the other
programs running on your computer.
The next section discusses concepts you need to know, especially trust. The main part of this
document explains the specific issues that need your attention. There are examples of how to
do some of these tasks to secure a Microsoft Windows 2000-based computer. We also provide
checklists you can use to record information about the steps you have taken to secure your
computer. Finally, a glossary defines many of the technical terms used in this document.
Unless otherwise stated in the glossary, the definitions come from the Whether your computer
runs Microsoft® Windows®, Apple’s Mac OS, LINUX, or something else, the issues are the
same and will remain so as new versions of your system are released. The key is to understand
the security-related problems that you need to think about and solve. Before diving into the
tasks you need to do to secure your home computer, let’s first think about the problem by
relating it to something you already know how to do. In this way, you can apply your
experience to this new area.
So, think of your computer as you would your house, your apartment, or your condo. What do
you know about how that living space works, what do you routinely do to keep it secure, and
what have you installed to improve its security? (We’ll use this “computer-is-like-a-house-andthe-
things-in-it” analogy throughout, departing only a few times to make a point.)
For example, you know that if you have a loud conversation, folks outside your space can
probably hear you. You also routinely lock the doors and close the windows when you leave,
and you don’t give the keys to just anyone. Some of you may install a security system to
complement your practices. All of these are part of living in your home. Let’s now apply
similar thinking to your home computer. Email, instant messaging, and most web traffic go
across the Internet in the clear; that is, anyone who can capture that information can read it.
These are things you ought to know. You should always select and use strong passwords and
exercise due care when reading you ought to do. Finally, you can add a firewall, an anti-virus program,
patches, and file encryption to improve the level of security on your home computer, and we’ll call these things
you ought to install. all email, especially the unsolicited variety.
7
CHAPTER2
2.0 THINGS YOU OUGHT TO KNOW
Trust
Human beings are trusting by nature. We trust much of what we hear on the radio, see on
television, and read in the newspaper. We trust the labels on packages. We trust the mail we
receive. We trust our parents, our partner or spouse, and our children. We trust our co-workers.
In fact, those who don’t trust much are thought to be cynical. Their opinions may be all too
quickly ignored or dismissed.
The Internet was built on trust.1 Back in the mid 1960s, computers were very expensive and
slow by today’s standards, but still quite useful. To share the expensive and scarce computers
installed around the country, the U.S. government funded a research project to connect these
computers together so that other researchers could use them remotely. This project was called
the ARPAnet, named after the government research agency – ARPA, the Advanced Research
Projects Agency – that funded and managed the project.
Key to the ARPAnet was the level of trust placed in its users; there was little thought given to
malicious activity. Computers communicated using a straightforward scheme that relied on
everybody playing by the rules. The idea was to make sharing ideas and resources easy and as
efficient as the technology of the day provided. This philosophy of trust colors many of the
practices, procedures, and technologies that are still in place today.
Only within the last few years, when Internet commerce (known as e-commerce) began to
spread, it has become inadequate to rely principally on trust. Since the days of the ARPAnet,
we’ve changed the way we use computer networks while others have changed the underlying
technologies, all in an attempt to improve the security of the Internet and the trust we place on
it.
Let’s dig deeper into two examples of what we trust in our daily lives. When you receive mail
through the post office, many envelopes and the letters in them contain the sender’s address.
8
Have you ever wondered if those addresses were valid; that is, do they match the address of
the person or persons who really sent them? While you could check to see that those addresses
are valid and refer to the person they name, it’s not an easy task.
How would you go about it? Would you call the phone number provided with the letter? That
number could also be invalid, and the person that answers the phone could be as misleading as
the original address. Perhaps you could call directory assistance or the police department that
has jurisdiction over the town where the letter was supposedly from. They might be helpful,
but that is likely to take lots of time. Most people wouldn’t bother.
And it’s not just return addresses either. How about advertisements, news stories, or the
information printed on groceries? Suppose you were on a low-fat diet. You’d want to buy
foods low in fat. To select the right foods, you’d read the product label at the grocery store.
How do you know that the label information is valid? What’s to say it’s not forged? And how
would you know?
The Internet has many of the same issues, and email is one of the best examples. In an email
message, an intruder can easily fabricate where the came from. But this information forging –
called spoofing by intruders and security professionals – is not limited to just email. In fact, the
basic unit of information transferred on the Internet – called a packet – can also be easily
forged or spoofed.
What does this mean and why should you care? It means that any information you receive
from some other computer on the Internet should not be trusted automatically and
unconditionally. When you trust an email message that turns out to have a harmful virus
attached to it, your computer can be infected, your files destroyed, and your work lost. And
that’s why you should care.
This is how the Internet works. It was built on trust. Over time, there have been technological
changes that are worthy of a higher level of our trust than before. Nonetheless, a true sense of
insecurity is better than a false sense of security. So, think about the information you trust. Be
critical and cautious.
9
2.1 INFORMATION IN THE CLEAR
When you have a conversation with someone in your living space, everybody within earshot
can hear the words and probably understand them. If your conversation is especially loud and
your windows open, even passersby can hear. If you want privacy, you and your conversation
partner need to go to another room and close the doors and windows.The Internet works much
the same way, except the room is much, much bigger. When you send email, browse a web
site, or chat online with someone, the conversation between you and that person does not go
directly from your computer to his or her computer. Instead, it goes from your computer to
another computer to still another computer and so on, eventually reaching his or her computer.
Think of all of these computers as an Internet “room.”
Anyone, or, more accurately, any program, in that Internet room that can hear that
conversation can also probably understand it. Why? Because just like the conversation at
home, most Internet conversations are in the clear, meaning that the information exchanged
between computers systems is not concealed or hidden in any way. Again, this is how the
Internet works. You need to know that the information sent across the Internet may be at risk
of others listening in, capturing what you send, and using it for their own benefit. Later, we’ll
talk about encryption as a way to address this problem. Encryption uses mathematics to
conceal information. There are many programs you can install to encrypt the information you
send across the Internet.
10
CHAPTER 3
3.0 PIR-CONTROLLED FLOODLIGHTS
· Illuminate only when the criminal has picked a house and crossed its boundaries. This is
too late and does not deter criminals when it matters most, namely when they are
selecting a house.
· Emit a harsh, intrusive and environmentally unfriendly light that is often a serious
nuisance to neighbors (The Chartered Institute of Environmental Health reports
increasing complaints of nuisance from this type of lighting). Lights where the PIR can
be overridden to be switched on permanently can also cause nuisance.
· Instantly switch on a powerful white light, resulting in a ‘flash factor’ that disturbs
rather than aids human vision. When located near roads, this can be positively
dangerous. Equally, badly adjusted and aimed lights can cause dark shadows due to
their high intensity light.
· Are extremely energy inefficient
· Require regular bulb replacements
· Are easily interfered with unless installed at the recommended height of more than 10'
· Can be so unreliable that they are quickly discredited by householders and neighbours -
common sense suggests that few people will check why a light has activated, assuming
they have seen it activate
· Can increase the fear of crime amongst the most vulnerable by regularly activating for
no apparent reason.
The alternative is to use high efficiency low energy lighting controlled by a photo-electric cell
(dusk to dawn switch). Such low wattage lighting, on permanently during the hours of
darkness, provides a more than adequate level of illumination, is not as harsh and is more
environmentally friendly than tungsten halogen floodlights. A low wattage unit placed out of
easy reach at a height of eight to ten feet could illuminate an average rear garden, helping to
11
create a reassuring environment and hopefully playing its part in deterring the burglar from
selecting that house in the first place. In cost terms, the low wattage ensures that even though
the light is on all night, the cost to run is minimal - no more than a few pound a year.
PIR switched tungsten halogen floodlights can cause problems, and due to some of the issues
highlighted above, may provide little in the way of extra security for a domestic dwelling.
They appear to be popular because many people think that PIR is the “right thing” in security
terms. However, low wattage lighting provides a more constant level of illumination with
fewer shadows. All of this assumes that the area being lit can be overlooked as there would be
little point in lighting an area which cannot be seen, except in practical terms for the
householder.
In conclusion, for security purposes, and from the Secured by Design perspective, the first
choice in security lighting is the low energy photo-electric cell controlled light. Whilst there is
a place for PIR controlled lighting, many domestic versions on sale do not operate well in the
hostile external environment and therefore may not function as well as expected.
3.1 ENERGY CONSERVATION
Energy supply companies have an obligation to contribute energy savings to national targets
over the 3 years to 2005. This may include free or discounted high efficiency low energy light
bulbs and it is therefore worth investigating with supply companies whether or not this is
available in your area. Neighborhoods Watch schemes could be involved to facilitate local
distribution of low energy lights for both internal and external use.
3.2 HOW TO USE PIRS PROPERLY
The Institute of Lighting Engineers have produced an easy-to-understand guide to security
lighting, balancing the pros and cons of both PIR halogen lighting and dusk-to-dawn low
wattage lighting. They also outline how to fit a PIR light to avoid or mitigate some of the
negative factors outlines above.
Protecting you, your loved ones and your home Often we see and hear incidents of burglary
and house fires but dismiss it and assume it won’t happen to us. Unfortunately the harsh reality
12
is that it can happen and we should take preventative actions to minimize the risks.
We understand this and that's why we are the UK's leading home security company, helping to
protect over 250,000 UK family homes (and 160,000 businesses)
across the country.
Whatever size or shape of your home, we offer a range of home
security systems which can be supplied as a set package or tailored
to meet your specific needs; constantly protecting you, your loved
ones and your home from burglary, personal attack, fire, flood and
carbon monoxide poisoning.
Peace of Mind - 24/7 365 days a year. How many times have you ignored a neighbors’ ringing
alarm bell? Unlike conventional alarms, our home security alarms will not be ignored. We
monitor your home 365 days a year, 24 hours a day to act if your alarm is triggered. We even
monitor fire and carbon monoxide detectors and personal alarms; giving you complete peace
of mind. For more details on our monitoring and service levels click here. All our alarms are
installed to the NACOSS gold standards and are monitored via our own security vetted,
professional, UK based alarm receiving centers; giving you full peace of mind.
WHAT IS A MONITORED ALARM?
A monitored alarm is connected via telephone line to an alarm receiving centre (ARC) which
is manned 24 hours a day, 365 days a year. If a monitored alarm is triggered it will alert the
ARC who in turn will contact the emergency services and/or a nominated keyholder.
For a monitored alarm to include emergency services response, it must meet a number of set
industry standards including the NSI NACOSS Gold Scheme.
13
3.3 CUSTOMISED SECURITY SOLUTIONS
Our customized security systems are suitable where there is a need for;
· guidance from a security professional
· larger properties
· pet friendly systems for large pets
· a conservatory needs to be protected
· CCTV and door entry systems
Our customized security solution are designed together with the homeowner following an
security survey and risk assessment of the home to be protected by one of our consultant
3.4 Task 3 - Use Care When Reading Email with Attachments
We’ve all heard stories about people receiving an item in the mail that in some way caused
them harm. We’ve heard of letter bombs and exploding packages, and in 2001, we learned
about Anthrax-laden letters. Although their frequency is low, they do make news.
These unsolicited items are sent to unsuspecting recipients. They may contain a return address,
a provocative envelope, or something else that encourages its receiver to open it. This
technique is called social engineering. Because we are trusting and curious, social engineering
is often effective.
In the case of the Anthrax letters addressed to United States senators, the envelopes contained
a school’s return address as an inducement to open them. What government official wouldn’t
14
want to serve their constituency by reading and responding to a letter supposedly sent by a
class at a school, especially an elementary school? By opening the letter and subsequently
spreading its lethal contents, the recipient complied with the wishes of the sender, a key
foundation of social engineering. In the pre-Anthrax letter days, a mail handler might have
given little thought to the contents of the letter or the validity of the return address. Those days
are behind us. You probably receive lots of mail each day, much of it unsolicited and
containing unfamiliar but plausible return addresses. Some of this mail uses social engineering
to tell you of a contest that you may have won or the details of a product that you might like.
The sender is trying to encourage you to open the letter, read its contents, and interact with
them in some way that is financially beneficial – to them. Even today, many of us open letters
to learn what we’ve won or what fantastic deal awaits us. Since there are few consequences,
there’s no harm in opening them.
Email-borne viruses and worms operate much the same way, except there are consequences,
sometimes significant ones. Malicious email often contains a return address of someone we
know and often has a provocative Subject line. This is social engineering at its finest –
something we want to read from someone we know.
Email viruses and worms are fairly common. If you’ve not received one, chances are you will.
Here are steps you can use to help you decide what to do with every email message with an
attachment that you receive. You should only read a message that passes all of these tests.
1. The Know test: Is the email from someone that you know?
2. The Received test: Have you received email from this sender before?
3. The Expect test: Were you expecting email with an attachment from this sender?
4. The Sense test: Does email from the sender with the contents as described in the
Subject line and the name of the attachment(s) make sense? For example, would
you expect the sender – let’s say your Mother – to send you an email message
with the Subject line “Here you have, ;o)” that contains a message with
attachment – let’s say AnnaKournikova.jpg.vbs? A message like that probably
doesn’t make sense. In fact, it happens to be an instance of the Anna Kournikova
worm, and reading it can damage your system.
15
5. The Virus test: Does this email contain a virus? To determine this, you need to
install and use an anti-virus program. That task is described in Task 1 - Install
and Use Anti-Virus Programs.
You should apply these five tests – KRESV – to every piece of email with an attachment that
you receive. If any test fails, toss that email. If they all pass, then you still need to exercise care
and watch for unexpected results as you read it.
Now, given the KRESV tests, imagine that you want to send email with an attachment to
someone with whom you’ve never corresponded – what should you do? Here’s a set of steps to
follow to begin an email dialogue with someone.
1. Since the recipient doesn’t already Know you, you need to send them an
introductory email. It must not contain an attachment. Basically, you’re
introducing yourself and asking their permission to send email with an
attachment that they may otherwise be suspicious of. Tell them who you are,
what you’d like to do, and ask for permission to continue.
2. This introductory email qualifies as the mail Received from you.
3. Hopefully, they’ll respond; and if they do, honor their wishes. If they choose not
to receive email with an attachment from you, don’t send one. If you never hear
from them, try your introductory email one more time.
4. If they accept your offer to receive email with an attachment, send it off. They
will Know you and will have Received email from you before. They will also
Expect this email with an attachment, so you’ve satisfied the first three
requirements of the KRESV tests.
5. Whatever you send should make Sense to them. Don’t use a provocative Subject
line or any other social engineering practice to encourage them to read your
email.
6. Check the attachments for Viruses. This is again based on having virus-checking
programs, and we’ll discuss that later.
The KRESV tests help you focus on the most important issues when sending and receiving
email with attachments. Use it every time you send email, but be aware that there is no
16
foolproof scheme for working with email, or security in general. You still need to exercise
care. While an anti-virus program alerts you to many viruses that may find their way to your
home computer, there will always be a lag between when a virus is discovered and when antivirus
program vendors provide the new virus signature. This means that you shouldn’t rely
entirely on your anti-virus programs. You must continue to exercise care when reading email.
Let’s return to your living space and our original analogy. Think about your checkbook, your
insurance policies, perhaps your birth certificate or passport, and other important documents
you have at home. Where are they? They’re probably stored in a filing cabinet or a safe, either
of which that can be or is routinely locked. Why do you store these important items in a locked
container?
Without realizing it, you are satisfying one of the three components of information security –
confidentiality. Confidentiality means keeping secrets secret. Only those who are supposed to
see that information should have access to it. You are keeping information sensitive to you and
others away from those who should not be able to get to it, for example a family member or an
intruder. By the way, the other two components of information security are integrity (Has my
information changed?) and availability (Can I get to my information whenever I need it?).
You further protect information confidentiality when you enforce it by using an access control
device, namely the lock on your filing cabinet or safe. This device stands between the
information and those seeking access, and it grants access to all who have the combination, the
key, or whatever tool unlocks the container. When several layers of access control devices are
used (called “defense in depth”) – you might also find that these containers are themselves in
locked rooms. Would-be intruders must pass through several levels of protection before finally
gaining access to the information they seek.
Now, think back to your home computer. The problem is to control access to files and folders.
The access control device here is the access control list or ACL. ACLs define who can perform
actions on a file or folder: reading and writing, for example. ACLs are equivalent to a locked
filing cabinet for paper documents.
Different computer systems provide different types of ACLs. Some have fine-grained controls
while others have virtually none. The key is to use all the controls that are available on your
17
computer.
Frequently, vendors define ACLs that are overly permissive. This satisfies their need to ensure
that access limitations don’t get in the way of using their systems. Your challenge is to tighten
those ACLs so that they properly restrict access to only those who need access. This means
that you need to modify the ACLs from the settings set by the vendor. We’ll talk more about
how to do this shortly.
Returning to the home environment, do you remember a time when adults in your house
wanted to say something to one another in front of their children but in such a way that the
children couldn’t understand what was being said? Perhaps they spelled their message or used
Pig Latin (ig-pay Atin-lay) to conceal the meaning. This worked for a while, until the children
learned to spell or could otherwise understand what was being said. What’s really happening
here?
Very simply, the adults could not control who could hear their conversation. It was
inconvenient or perhaps impossible for them to go to another room where they couldn’t be
heard. They had to talk in a way that only those who knew the concealing scheme could
understand what was being said.
On a computer, when access to information can’t be limited, such for an e-commerce
transaction over the Internet, that information is concealed through a mathematical process
called encryption. Encryption transforms information from one form (readable text) to another
(encrypted text). Its intent is to hide information from those who have neither the
transformation method nor the particulars (the decryption keys) to transform the encrypted text
into readable text. The encrypted text appears to be gibberish and remains so for people who
don’t have the scheme and the keys.
Back on the home front, the children eventually learned how to spell and perhaps also learned
the trick to using Pig Latin. They can now understand the conversations the adults are having.
While they could also understand the conversations held weeks, months, or even years before,
the information in those conversations is no longer important. The encryption scheme –
spelling or Pig Latin – is strong enough to guard the information during its useful lifetime.
18
Computer-based encryption schemes must also withstand the test of time. For example, if a
credit card encryption scheme needs six months of computer time to break, the resulting clear
text credit card number is probably still valid and, therefore, useful to an intruder. In this case,
the encryption scheme isn’t strong enough to guard the information for its entire useful
lifetime. So, to guard paper or computer files, you need to limit who has access to them by
using the access control devices, whether filing cabinets and safes for paper or access control
lists for information on a computer system. For assets whose access cannot be sufficiently
limited, you need to encrypt them strongly enough so that the time it takes to decrypt them is
longer than their useful life.
3.5 NOW, WHAT CAN YOU DO?
First, if more than one person uses your computer, you can adjust the ACLs that control access
to sensitive files and folders. Your goal is to allow the correct type of access to the files and
folders that each user needs, and nothing more. The steps below help you to decide how to
adjust the ACLs for files and folders:
1. The Who test: Who – which users – need access to files besides you?
2. The Access test: What type of access do they need? Read? Write?
3. The Files/Folders test: Which files and folders need special access? Just like
your firewall rules, your general policy should be to limit access to only you
first, and then grant access beyond that where needed.
By applying the WAF tests, you can limit access to sensitive files on your computer to only
those who need it. Setting proper ACLs is not a trivial task. Be prepared to repeat it a few
times until you get it right for the way your computer is used. It’s worth the time spent, but
knows that it may take longer than you expect. For very sensitive files and for files that are on
a laptop, don’t rely solely on file and folder ACLs. You need to go further and use encryption.
Some vendors provide encryption with their systems right from the start. This means that all
you have to do is follow the vendor’s instructions on how to use those features, but be certain
to use them. On systems where encryption is not included, you need to install additional
encryption programs. For encryption programs that you download from the Internet, be sure to
follow the instructions in Task 7 - Use Care When Downloading and Installing Programs.
19
Also follow the instructions in Task 6 - Use Strong Passwords for additional guidance on
passwords required by encryption programs. There are free and commercial encryption
programs, and in most cases, the free versions suffice. However, commercial programs may
provide more features and may keep up better with newer and, therefore, stronger encryption
methods. If you rely on a laptop computer, you should consider purchasing a commercial file
encryption programs.
Whether paper files around your living space or files and folders on your computer, limit
access where you can. On your computer, use encryption programs either when you can’t
restrict access to the extent that you’d like or when you want even more security protecting
your computer files and folders.
20
CHAPTER 4
4.0 IMPORTANCE OF COMPUTER IN OUR HOME
"Everyone uses a computer, but the average user doesn't think of the security involved in
keeping our information safe that's on our network," said Tech. Sgt. Ryan Kohler, 100th
Communications Squadron/100th Air Refueling Wing Information Assurance office
noncommissioned officer in charge. "The (Department of Defense) network is so integrated;
we're very dependent on it and we're constantly trying to keep it secure from malicious viruses
coming onto our network via outside sources, or even the users from inside.
"People bring in thumb drives from their homes that have been plugged into their computer,
which might be infected. They then bring it to their work computer, plugging it in to copy files
over, and end up introducing an infection to the government network," he said.
The current ban on any form of flash media - thumb drives, flash drives or card readers - is
permanent as of now, according to Sergeant Kohler. External portable hard drives are allowed,
but they must be virus-checked before each use.
"If you get a virus or a malicious logic on your thumb drive, you don't know it's even there; if
it gets plugged into a home computer, then straight into the computer at work, it can
automatically install without you doing anything to it.
"It can result in a 'key logger', which starts logging every single keystroke you do - for
example, when you start typing in a Web address, or your user name and password - key
loggers are very dangerous and can send the personal information off to whatever Web site is
requesting it," said the NCOIC.
This is one reason the wing IA office ensures all government computers are up-to-date with
patches, to fix vulnerabilities in software, to check for malicious software, such as the Trojan
Horse or Worm virus.
"Some of the things we also want to highlight are phishing scams, where everyone gets sent emails
telling them to click on a link, or send personal information. This can then be used to
break into your bank account, hotmail or find out whatever personal information you might
have," Sergeant Kohler said.
21
"What we're really concerned about is spear phishing - when an e-mail is targeted more
towards a certain individual, such as fake bank e-mails getting sent out to military members,
telling them there's a problem with their government travel card. In all reality, if and when you
click on a link it takes you to some foreign Web site that might be set up to look like the Air
Force Portal or another government site, encouraging members to enter their information."
Sergeant Kohler stressed that people should be wary, and if anyone receives a hyperlink or
attachment in their government e-mail, it shouldn't be opened unless the e-mail is digitally
signed.
Digital signatures must be used whenever necessary, to confirm the sender's identity to the
recipient. They should be used on all official e-mail, and any e-mail containing a hyperlink,
whether official or not.
"We're asking users to start treating the network in the same way they treat force protection - if
you see someone scaling the fence or asking you to get somebody else on the base, you'd
report it to security forces," Sergeant Kohler said. "We want people to be cautious about
security; virus-check anything that you plug into the computer, such as portable hard drives, or
files that you might get through e-mail. Get to know signs that your computer might be
infected, such as programs running very slowly or information starts being deleted from your
computer, and report it to your unit IA officer."
Hardware mechanisms that protect computers and data
Hardware based or assisted computer security offers an alternative to software-only computer
security. Devices such as dongles may be considered more secure due to the physical access
required in order to be compromised.
While many software based security solutions encrypt the data to prevent data from being
stolen, a malicious program may corrupt the data in order to make it unrecoverable or
unusable. Hardware-based security solutions can prevent read and write access to data and
hence offers very strong protection against tampering
4.1 SECURE OPERATING SYSTEMS
One use of the term computer security refers to technology to implement a secure operating
22
system. Much of this technology is based on science developed in the 1980s and used to
produce what may be some of the most impenetrable operating systems ever. Though still
valid, the technology is in limited use today, primarily because it imposes some changes to
system management and also because it is not widely understood. Such ultra-strong secure
operating systems are based on operating system kernel technology that can guarantee that
certain security policies are absolutely enforced in an operating environment. An example of
such a Computer security policy is the Bell-La Padula model. The strategy is based on a
coupling of special microprocessor hardware features, often involving the memory
management unit, to a special correctly implemented operating system kernel. This forms the
foundation for a secure operating system which, if certain critical parts are designed and
implemented correctly, can ensure the absolute impossibility of penetration by hostile
elements. This capability is enabled because the configuration not only imposes a security
policy, but in theory completely protects itself from corruption. Ordinary operating systems, on
the other hand, lack the features that assure this maximal level of security. The design
methodology to produce such secure systems is precise, deterministic and logical.
Systems designed with such methodology represent the state of the art[clarification needed] of
computer security although products using such security are not widely known. In sharp
contrast to most kinds of software, they meet specifications with verifiable certainty
comparable to specifications for size, weight and power. Secure operating systems designed
this way are used primarily to protect national security information, military secrets, and the
data of international financial institutions. These are very powerful security tools and very few
secure operating systems have been certified at the highest level (Orange Book A-1) to operate
over the range of "Top Secret" to "unclassified" (including Honeywell SCOMP, USAF
SACDIN, NSA Blacker and Boeing MLS LAN.) The assurance of security depends not only
on the soundness of the design strategy, but also on the assurance of correctness of the
implementation, and therefore there are degrees of security strength defined for COMPUSEC.
The Common Criteria quantifies security strength of products in terms of two components,
security functionality and assurance level (such as EAL levels), and these are specified in a
Protection Profile for requirements and a Security Target for product descriptions. None of this
ultra-high assurance secures general purpose operating systems have been produced for
decades or certified under the Common Criteria.
23
In USA parlance, the term High Assurance usually suggests the system has the right security
functions that are implemented robustly enough to protect DoD and DoE classified
information. Medium assurance suggests it can protect less valuable information, such as
income tax information. Secure operating systems designed to meet medium robustness levels
of security functionality and assurance have seen wider use within both government and
commercial markets. Medium robust systems may provide the same security functions as high
assurance secure operating systems but do so at a lower assurance level (such as Common
Criteria levels EAL4 or EAL5). Lower levels mean we can be less certain that the security
functions are implemented flawlessly, and therefore less dependable. These systems are found
in use on web servers, guards, database servers, and management hosts and are used not only
to protect the data stored on these systems but also to provide a high level of protection for
network connections and routing services.
4.2 SECURITY ARCHITECTURE
Security Architecture can be defined as the design artifacts that describe how the security
controls (security countermeasures) are positioned, and how they relate to the overall
information technology architecture. These controls serve the purpose to maintain the system's
quality attributes, among them confidentiality, integrity, availability, accountability and
assurance."[1]. In simpler words, security architecture is the plan that shows where security
measures need to be placed. If the plan describes a specific solution then, prior to building
such a plan, one would make a risk analysis. If the plan describes a generic high level design
(reference architecture) then the plan should be based on a threat analysis.
24
CHAPTER 5
5.1 SECURITY BY DESIGN
The technologies of computer security are based on logic. There is no universal standard
notion of what secure behavior is. "Security" is a concept that is unique to each situation.
Security is extraneous to the function of a computer application, rather than ancillary to it, thus
security necessarily imposes restrictions on the application's behavior.
There are several approaches to security in computing, sometimes a combination of
approaches is valid:
1. Trust all the software to abide by a security policy but the software is not trustworthy
(this is computer insecurity).
2. Trust all the software to abide by a security policy and the software is validated as
trustworthy (by tedious branch and path analysis for example).
3. Trust no software but enforce a security policy with mechanisms that are not
trustworthy (again this is computer insecurity).
4. Trust no software but enforce a security policy with trustworthy mechanisms.
Many systems have unintentionally resulted in the first possibility. Since approach two is
expensive and non-deterministic, its use is very limited. Approaches one and three lead to
failure. Because approach number four is often based on hardware mechanisms and avoids
abstractions and a multiplicity of degrees of freedom, it is more practical. Combinations of
approaches two and four are often used in a layered architecture with thin layers of two and
thick layers of four.
There are myriad strategies and techniques used to design security systems. There are few, if
any, effective strategies to enhance security after design.
One technique enforces the principle of least privilege to great extent, where an entity has only
the privileges that are needed for its function. That way even if an attacker gains access to one
25
part of the system, fine-grained security ensures that it is just as difficult for them to access the
rest.
Furthermore, by breaking the system up into smaller components, the complexity of individual
components is reduced, opening up the possibility of using techniques such as automated
theorem proving to prove the correctness of crucial software subsystems. This enables a closed
form solution to security that works well when only a single well-characterized property can
be isolated as critical, and that property is also assessable to math. Not surprisingly, it is
impractical for generalized correctness, which probably cannot even be defined, much less
proven. Where formal correctness proofs are not possible, rigorous use of code review and unit
testing represent a best-effort approach to make modules secure.
The design should use "defense in depth", where more than one subsystem needs to be violated
to compromise the integrity of the system and the information it holds. Defense in depth works
when the breaching of one security measure does not provide a platform to facilitate
subverting another. Also, the cascading principle acknowledges that several low hurdles do not
make a high hurdle. So cascading several weak mechanisms does not provide the safety of a
single stronger mechanism.
Subsystems should default to secure settings, and wherever possible should be designed to
"fail secure" rather than "fail insecure" (see fail safe for the equivalent in safety engineering).
Ideally, a secure system should require a deliberate, conscious, knowledgeable and free
decision on the part of legitimate authorities in order to make it insecure.
In addition, security should not be an all or nothing issue. The designers and operators of
systems should assume that security breaches are inevitable. Full audit trails should be kept of
system activity, so that when a security breach occurs, the mechanism and extent of the breach
can be determined. Storing audit trails remotely, where they can only be appended to, can keep
intruders from covering their tracks. Finally, full disclosure helps to ensure that when bugs are
found the "window of vulnerability" is kept as short as possible
5.1 EARLY HISTORY OF SECURITY BY DESIGN
26
The early Multics operating system was notable for its early emphasis on computer security by
design, and Multics was possibly the very first operating system to be designed as a secure
system from the ground up. In spite of this, Multics' security was broken, not once, but
repeatedly. The strategy was known as 'penetrate and test' and has become widely known as a
non-terminating process that fails to produce computer security. This led to further work on
computer security that prefigured modern security engineering techniques producing closed
form processes that terminate.
5.2 SECURE CODING
If the operating environment is not based on a secure operating system capable of maintaining
a domain for its own execution, and capable of protecting application code from malicious
subversion, and capable of protecting the system from subverted code, then high degrees of
security are understandably not possible. While such secure operating systems are possible and
have been implemented, most commercial systems fall in a 'low security' category because
they rely on features not supported by secure operating systems (like portability, et al.). In low
security operating environments, applications must be relied on to participate in their own
protection. There are 'best effort' secure coding practices that can be followed to make an
application more resistant to malicious subversion.
In commercial environments, the majority of software subversion vulnerabilities result from a
few known kinds of coding defects. Common software defects include buffer overflows,
format string vulnerabilities, integer overflow, and code/command injection.
Some common languages such as C and C++ are vulnerable to all of these defects (see
Seacord, "Secure Coding in C and C++"). Other languages, such as Java, are more resistant to
some of these defects, but are still prone to code/command injection and other software defects
which facilitate subversion.
Recently another bad coding practice has come under scrutiny; dangling pointers. The first
known exploit for this particular problem was presented in July 2007. Before this publication
the problem was known If one of your appliances broke, you’d probably try to have it repaired.
You’d call a repairperson that you hope could do the job. You’d get an estimate and then
27
you’d either get it fixed or replace it. Your goal is to somehow restore the functions that the
appliance provides.
What do you do when a software “appliance” – a program – or the operating system itself
breaks? How do you restore the functions that they provide? Do you know whom to call or
even where to look to determine what to do next?
Most vendors provide patches that are supposed to fix bugs in their products. Frequently these
patches do what they’re supposed to do. However, sometimes a patch fixes one problem but
causes another. For example, did you ever have a repairperson fix an appliance but in the
process, they scratched the floor or damaged a countertop during their visit? For a computer,
the repair cycle might have to be repeated until a patch completely fixes a problem.
Vendors often provide free patches on their web sites. When you purchase programs, it’s a
good idea to see if and how the vendor supplies patches, and if and how they provide a way to
ask questions about their products. Just as appliance vendors often sell extended warranties for
their products, some software vendors may also sell support for theirs.
Have you ever received a recall notice for your car or another product you’ve purchased?
Vendors send these notices to product owners when a safety-related problem has been
discovered. Registering your purchase through the warranty card gives the vendor the
information they need to contact you if there is a recall.
Program vendors also provide a recall-like service. You can receive patch notices through
email by subscribing to mailing lists operated by the programs’ vendors. Through this type of
service, you can learn about problems with your computer even before you discover them and,
hopefully, before intruders have the chance to exploit them. Consult the vendor’s web site to
see how to get email notices about patches as soon as they’re available.
Some vendors have gone beyond mailing lists. They provide programs bundled with their
systems that automatically contact their web sites looking for patches specifically for your
home computer. These automatic updates tell you when patches are available, download them,
and even install them. You can tailor the update features to do only want you want, such as just
28
telling you something new is waiting but doing nothing more.
While the patching process is getting easier, even to the point where it can be completely
automated, it is not yet foolproof. In some cases, installing a patch can cause another
seemingly unrelated program to break. The challenge is to do as much homework as you can to
learn what a patch is supposed to do and what problems it might cause once you’ve installed it.
This is a hard job. Often, the vendors don’t tell you about problems their patches can cause.
Why? Because it is simply impossible to test all possible programs with all possible patches to
discover unexpected side effects. Imagine doing that job and then continuing to do that for
each new program and patch that comes along. Vendors rely on their customers to tell them
when something unexpected happens once a patch is installed. So, if this happens to you, let
them know.
Imagine then that you’ve either found a patch on the vendor’s site or you’ve received notice
that a patch is available. What do you do next? Follow the steps below to evaluate a patch
before you install it:
1. The Affected test: Does this patch affect one of the programs on your computer?
If it doesn’t affect your computer, you’re done. Whew!
2. The Break test: Can you tell from the vendor’s web site or the patch’s
description if installing it breaks something else that you care about? If
installation does break something, then you have to decide how to proceed. Try
notifying the vendor of the program that might break to learn what their strategy
is for addressing this problem. Also, use your web browser to learn if anyone
else has experienced this problem and what he or she did about it.
3. The Undo test: Can you undo the patch? That is, can you restore your computer
to the way it was before you installed the patch? Currently, vendors are building
most patches with an uninstall feature that enables you to remove a patch that
has unwanted consequences. In addition, some computers also come with
features that help you restore them to a previously known and working state
should there be a problem. You need to know what your computer provides so
that you can undo a patch if necessary.
29
Recall from the Introduction that intruders exploit vulnerabilities to gain access to home
computers. How do intruders find out about these vulnerabilities? In many cases, they read the
same vendor mailing lists and use the same automatic notification schemes that you use. This
means that you need to evaluate and install patches on your home computer as soon as they’re
available. The longer vulnerability is known, the greater the chances are that an intruder will
find it on your home computer and exploit it. With the ABU tests, you can quickly evaluate
and install patches to keep intruders off your home computer.
One last thing: patches are usually distributed as programs. This means that you need to use
the DCAL steps described in Task 7 - Use Care When Downloading and Installing Programs
before loading and installing a patch. Intruders often take advantage of vulnerabilities
wherever they may be. In many cases, the vulnerabilities they exploit may have patches, but
those patches were not installed. For your home computer, make time to keep your programs
patched wherever possible. If you can’t patch a program, shop around for an equivalent
program and use it until the original program is fixed or you’ve abandoned it in favor of
something more reliable.
You can spend money on maintenance where you get patches for programs, but that’s usually
not necessary. Since most vendors provide free patches, mailing lists, and automatic updates,
keeping your computer patched usually only costs you time.
30
CONCLUSION
Growing up, you learn many of the things you need to know about how to operate and care for
a car by sitting in the back seat while adults drive and care for their vehicles. Similarly, you
learn many of the things you need to know about how to care for and maintain a home by
watching what is done to the one where you live. It is a slow, gradual process, so slow in fact
you are probably unaware that you are learning the skills you need to do these same jobs
yourself. You don’t have that same luxury of time to learn how to care for and operate your
home computer. When you attach it to the Internet for the first time, it instantly becomes a
target for intruders. You need to be ready right from the start. As you grow up, you also learn
that you need to spend time and money to repair and replace those things around your living
space and your car that need your attention. You learn that you have to spend more time and
more money to tailor them to meet your needs and to keep you and others safe during their use.
You accept these responsibilities and their costs as part of the total cost of ownership of that
car and living space.
Your home computer is much the same. There is the initial money that you pay to purchase
that system. Then there are additional costs to tailor it and to keep you and the others who use
your system safe. These additional costs are also your responsibility, and they are part of the
total cost of ownership of your home computer. This document helps you think about the
problems you face when you have a home computer and gives you advice on how to address
these problems. By taking the time to read this document, you know more about securing your
home computer and the extra costs required to do this job. Do the tasks described here and
share this document with your friends. We all benefit from a more secure Internet.
31
Subscribe to:
Posts (Atom)