Your browser doesn't support the features required by impress.js, so you are presented with a simplified version of this presentation.
For the best experience please use the latest Chrome, Safari or Firefox browser.
CIS 527
Lecture 4 - Processes, Services & Software
Process Information
- PID - Process ID
- Memory Usage
- Description
- Image Path - Location of executable
- Command Line - Full arguments provided to executable
- Ports - Network communication ports
Task Manager
Process Explorer
Ubuntu System Monitor
Ubuntu Processes - top
Services
- Programs that run in the background on an operating system
- Performs many important functions automatically
- Consumes system resources
Linux Services - daemons
- Term comes from Maxwell's demon
- Daemons run as background processes in Linux
- Usually started by the init process at boot
- Process names typically end in 'd'
Important Services - Windows
- Computer Browser - Network file sharing
- DHCP Client & DNS Client - Network addressing
- Microsoft Antimalware Service
- Performance Logs & Alerts
- Print Spooler
- Windows Update
Important Services - Linux
- init - Initial Process
- sshd - Secure Shell Server
- rsyslogd - System Logs
- cupsd - Printing System
- smbd - Samba Server
- cron - Scheduled Tasks
Service Host Process
- svchost.exe
- Process that runs a number of system services
- Helps conserve system resources (1 process instead of many)
- Targeted by malware & viruses
Service Host Process
Services Management
Service Properties
Startup Types
- Automatic - Starts at system boot
- Automatic (Delayed) - Starts shortly after system boot
- Manual - Starts only when needed
- Disabled - Will not start/run at all
Windows 8 Pseudo Accounts
- LocalSystem - system-level tasks & services
- LocalService - fewer rights than LocalSystem
- NetworkService - fewer rights than LocalService, but allows network access
Services Recovery
Recovery Options
- Take No Action
- Restart the Service
- Run a Program
- Restart the Computer
Starting Linux Services - init
- The init process is loaded first
- It then loads the services for a particular runlevel
- See /etc/init.d/ and /etc/rc*.d/ directories
Starting Linux Services - Upstart
- Allows services to be started based on events or triggers
- Can monitor and restart services
- Very similar to Windows Service Management
- See /etc/init directory
Linux Runlevels
- Define different modes of operation
- Typically seven levels used
- Runlevel 0 = shutdown
- Runlevel 1 = single-user mode
- Runlevel 6 = restart
- Check documentation for exact details
Linux Daemon Commands
- init
sudo /etc/init.d/apache2 start
start, stop, reload, restart, status
- Upstart
sudo service ufw start
start, stop, status
Windows Software Architecture
- Executable Image (.EXE)
- Dynamic Link Library (.DLL)
- Initialization File (.INI)
- Registry Keys
- Drivers
- Services
Dynamic Link Library (.DLL)
- Shared library files used by programs
- Uses same format as .EXE file
- Programs can access same .DLL files simultaneously
Installation Locations
- C:\Program Files
- C:\Program Data - global data files
- %UserProfile%\AppData - user data files
- C:\Windows\system32 - drivers & dlls
Ubuntu Software Architecture
- Binary Files
- Shared Object Files (.SO)
- Library Files
- Settings Files
- Documentation Files
- Upstart/init scripts
Shared Object & Library Files
- Shared information or code used by multiple programs
- Install once, use everywhere
- May have to store multiple versions for different programs
- Usually stored in /usr/lib
Installation Locations
- /usr/bin - Binary Files
- /usr/lib - Shared Object Files
- /usr/share - Documentation
- /var/log - Log Files
- /etc/<app> - Global Settings
- ~/.<app> - User Settings
Installing - Thunderbird
Tracking - Synaptic
Assignments
- Lab 1 - Secure Workstations - Due Sunday, Feb 9th by 12:30 PM
- Build secure Windows & Linux using VMWare Workstation
- Turn in:
- CIS Transient Storage
- via Storage Media in class Monday Feb 9th