Transcript Document

CPS120 Introduction to
Computer Science
Lecture 2
Types of Programming
Languages
•
•
•
•
Machine language
Procedure-oriented languages
Object-oriented languages
Event-driven languages
What Can a Program Do?
• A program can only instruct a computer to:
–
–
–
–
–
–
–
Read Input
Sequence
Calculate
Store data
Compare and branch
Iterate or Loop
Write Output
Fundamental Programming Concepts
• Assignment of values to a variable
• Iteration (Looping)
– Over a set of set of statements
– With respect to a logical expressions
(conditions)
• Delegation of sub-tasks to functions /
procedures
The Structure Theorem
•
•
The Structure Theorem states that any algorithm
can be built from three basic control structures.
One-after-another (Sequence)
Decision-making (Selection)
–
•
Making choices between 2 or more alternatives
Repetition (Iteration)
–
Concerned with repetitive tasks (and the termination
conditions of loops)
Electronic Communications
CPS120 Introduction to Computer Science
E-Mail
• Addresses
– Location of an individual mailbox on the
Internet
– User name, @ sign, domain – no spaces
Web-based E-mail
• Don’t need email client
• Popular Web-based E-mail Services
– www.hotmail.com
– www.email.com
– mail.yahoo.com
Organization
• By type:
•
•
•
•
•
•
.com
.edu
.gov
.mil
.net
.org
• By country
•
•
•
•
•
•
Other new codes have been defined
Australia - .au
Canada - .ca
Ireland - .ie
Italy - .it
Japan - .jp
United Kingdom - .uk
Newest Additions to the Web
New domain names:
•
.info
•
.biz
•
.name
•
.pro
•
.museum
•
.coop
•
.aero
E-mail Features
• Address books
• Signatures
• Attachment of files
– Try to keep under 50Kb
– Sometimes certain types of files are screened
E-Mail Issues
• Emoticons
• :-)
• Abbreviations
– LOL
– TTFN
• Netiquette
– Shouting
– Flame
Viruses
• An e-mail virus is a program that can disrupt the
normal operation of a computer
– Display of unusual messages
– Destroying files on the hard drive
– Sending mail to people in your address book
• Triggered by opening files; sometimes only in
preview
• Anti-Virus programs available commercially
– Must be kept up-to-date
Newsgroups and Chat
Mail Groups
• A mailing list is a discussion group that uses
e-mail to communicate
– A list of mailing lists is at www.liszt.com
• Moderated vs. un-moderated lists
• Must subscribe to participate
• Two addresses
– Mailing list addresses
– Administrative addresses
Newsgroups
• A discussion group that allows people with
common interests to communicate with each other
• USENET (User’s Network)
– All the computes that distribute newsgroup information
• Messages
– Individual posts
• Threads
– Messages and all replies
Addressing
• First word describes the main topic
• Each additional word is separated by a dot
and serves to narrow the topic
Networking Aspects
• Newsreader – program that lets you read
and post online
– Microsoft Outlook has a built-in reader
– Gravity
– Free Agent
• News server
– A computer that stores newsgroup messages
Newsgroup Categories
alt
biz
comp
misc
rec
sci
Soc
talk
•
•
•
•
•
•
•
General Interest
Business
Computers
Miscellaneous
Recreation & Hobbies
Science
Social
(culture/politics)
• Debate
•
•
•
•
•
•
•
alt.fans.actors
biz.entrepreneurs
comp.security.misc
misc.books.technical
rec.food.recipes
sci.physics
soc.history
• talk.politics.misc
Newsgroup Etiquette
•
•
•
•
Lurk first
Read FAQ
Reply
Send a private reply
Chatting
• One of the most popular features on the Internet
(but no one admits to doing it)
• Text-based
• Multi-media
– Internet Relay Chat (IRC) channels
• Need a program to participate (www.mirc.com)
• Instant messaging allows you to communicate
privately with others
– MSN or AOL
Networks
CPS120 Introduction to Computer Science
What Is a Network
• A network is a group of connected
computers that allow people to share
information and equipment
Types of Networks
• LAN (Local Area Network) connects
computers within a small geographic area
like a building
• WAN (Wide Area Network) connects
computers across a large geographic area
like a city or country (often via satellite)
• Internet: World-wide network of networks
Advantages to Networking
•
•
•
•
Road warriors
Eliminate “sneakernet”
Share information
Share equipment
Who Runs It?
• A network administrator manages the
network and makes sure it runs smoothly
– Often called a systems administrator or an IS
manager
Network Applications
• Electronic mail
• Groupware
– Calendaring
– Scheduling
• Video-conferencing
– Requires sound card, speakers, mike & camera
Physical Networking
• Hubs
– A hub is a device that provides a central location where
all the cables on a network come together
• NICs (Network Interface Card)
– An expansion card that physically connects each
computer to the network
• Cables
– Coaxial, Unshielded Twisted Pair (UTP), Shielded
Twisted Pair, Fiber-optic
– Wireless
How Information Is Stored
• Client-Server:
– Used for large networks
– Files are stored on a central computer and everyone
who can access the network can be given access them
• Easy to create scheme to backup and protect files
– Client: a computer that can access information stored
on the server
– Server: Central computer that stores files
– NetWare, UNIX, Windows NT/2000
How Information Is Stored
• Peer-to-Peer:
– Used for a small number of computes (e.g. 10)
– Files stored on own computers; access given to
them to others on the network
– LANtastic, Windows-98, Windows-ME
How Information Is Exchanged
• Ethernet:
– Most popular and least expensive solution
– Each computer waits for a pause before sending
information
• Like polite conversation
– Collisions between information often occur
• Computers wait a moment, then resend
– Ethernet – 10 Mbps, Fast Ethernet – 100 Mbps,
Gigabit Ethernet 1000 Mbps
How Information Is Exchanged
• Token-ring is a type of network where a token that
collects and delivers information is passed from
compute to computer
– Speeds of 4 or 16 Mbps
• Asynchronous Transfer Mode (ATM) is a type of
network that works by sending information in
equal-sized pieces called cells
– 25, 155, 622 or 2488 Mbps
– Often networks networks
Network Security
• Operating System Security
– Other system software
• Firewall – specialized hardware or software
package designed to protect a private computer
network from unauthorized access
– Think “Moat”
• User name and password
– Used for authentication
– Good passwords
Intranet
• Small version of the Internet in a company
• Uses familiar web-browsers and email
packages
• Allows hyper-linking
• VPNs (Virtual Private Network)
– End-to-end encryption
– More cost efficient than private lines
Internet and WWW
Chapter 10
Internet Fundamentals
• Dates from DARPA in the 1960s
• Consists of thousands of connected networks
around the world
– Each organization on the Internet is responsible for
maintaining its own equipment
• These organizations allow you to pass-through their nets
• Designed to provide multiple routing to bypass
disabled computers
• Called cyber-space or the information
superhighway
Internet Offerings
•
•
•
•
•
•
•
Electronic mail (Most popular application)
Information
Entertainment
Discussion Groups
Chat
Programs (Shareware)
Online shopping
Connecting
•
•
•
•
Computer
Software
Modem or high-speed connection
ISP (Internet Service Provider)
– Access for a fee
World Wide Web
• Part of the Internet consisting of a huge
collection of documents stored on
computers around the world
– Web server: computer that stores and delivers
web pages
– Web site: collection of web pages
• URL (Uniform Resource Locator) – unique address
– HTTP, Computer, Directory, Name of Page
– Hyperlinks jump to different web pages
Browsers
• A program that lets you view and navigate
information on the World Wide Web
– Home Page: Web page that appears each time you start
your web browser
– Browser:
• Internet Explorer
• Netscape Navigator
– Features
• Bookmark
• History lists
Multimedia
• MP3 – compressed files containing music or video
– WinAmp
• Streaming video – requires player
– RealPlayer, QuickTime
• Enhancements
– Java
– JavaScript
– ActiveX
Web Portal
• Central starting point for browsing
personalized by the individual
– Yahoo, Excite, Go, Lycos
– Info
– Free services like email, shopping, chat, games,
stock quotes and sports scores
Create & Publish Web Pages
• HyperText Mark-up Language is a
computer code used to create Web pages
• There are many programs available, called
visual editors which can help you create
Web pages without having to learn HTML
• Publishing your pages – loaded to an
addressable server
Security
CPS120
Introduction to Computer Science
Aspects of Computer Security
• A. Hardware
• B. Files
• C. Connectivity
Key Areas Addressed by Security
• Physical security – how do I keep my hardware and key
files safe
• Password security – what is a good password and how do
you set one
• Computer viruses – what they are and how to protect your
computer
• Network security -- how to protect yourself
• Firewalls - what the can and can’t do and why they are
important for always-on connections
• Backup strategies - why and how to backup your work
Physical Security
All Computers
• Temperature
– If too high, components malfunction
– Components generate heat which must be removed
• Humidity
– If too high: condensation and corrosion of metal parts
– If too low: static electricity (very high voltage!)
• Electric power
– Irregularities: power spikes, dips, and brown-outs
– Special care during thunderstorms!
– Power failure: un-interruptible power supply (UPS)
Physical Access
• Access to the computer room
– Logs of who goes in and out
– Console security
• Screen passwords, etc.
• Access to the physical network
• Locking laptops, protecting components on
desktops, servers, etc.
• Policies
• Contingency planning
Password Security
Security Principles
• Access is restricted to safeguard the computer. Use
is allowed only with user code and password:
– User ID:
• Like hotel room number
• Gives private access to data files
– Password:
• Like hotel room key
• All users must enter valid user code and password
before doing anything
– Combines who you are and what you know
Password Cracking
• There are many software programs available now that can
guess your password if you are using words that are in the
English or foreign dictionary
• When guessing passwords involves simple transformations
such as:
– Converting all the letters in a word to lowercase
– Applying user specific information about a person to a password
– Using numeric suffixes
• The number 1 is far and away the most common suffix. More than all
other digits combined
– Using numeric prefixes
– The number 1 is the most common prefix. The number 2 is a
distant second
– 0 and 6 are rarely used as prefixes
Creating Good Passwords
• In order to be useful in authentication and
authorization, a password should meet the
following criteria:
– Passwords must be at least six characters
– Passwords must include three of four types of
characters:
–
–
–
–
Uppercase letters
Lowercase letters
Numbers
Non-alphabetic characters such as punctuation marks
• Passwords shouldn't contain personal information
Pass-phrases
• If you are serious about good password
security, get in the habit of using ‘passphrases’. For example, it is easy enough to
remember a phrase like ‘…born on the 4th
of July’, but creating a password from it like
bot4thoJ would create a password that
meets the criteria discussed above.
Computer Viruses
Virus Definition
• A computer virus is a computer program that
can infect other computer programs by
modifying them in such a way as to include a
copy of itself. A virus, by definition, can't
exist by itself. It must infect an executable
program.
– A simple virus that can make a copy of itself over
and over again is relatively easy to produce. Even
such a simple virus is dangerous because it will
quickly use all available memory and bring the
system to a halt.
Other Types of Viruses
• An e-mail virus is not any different from a regular
virus; it just has a different mode of transportation
ILOVEYOU"
– Melissa
• Script viruses are destructive code that does its
damage by executing a program on a client
machine
• A macro virus is a type of computer virus that is
encoded as a macro embedded in a document
Virus Software
• Use of a virus checker regularly is the
best way to combat viruses
– Freeware, shareware, and commercial
anti-virus programs are widely available
Combating Script Viruses
• The most important thing to do is to check every
email you receive, file you download or are sent
for a double file type (ie: .txt.vbs, or .html.jse, or
whatever).
• Never save executable attachments from email
messages to your computer and run them
– (files that end with .EXE, .COM, .VBS, and .BAT are
executable on Windows computers).
– Change the default on your machine to open those file
types in an editor rather than run them
• "Hardening your PC"
• If you want to make your PC more secure in
regard to script viruses, you may want to remove
the Windows Scripting host from your machine.
Anti-Virus Software
• Anti-viral software can be set up to run automatically each time you
boot up the machine or run an executable. You can also execute antiviral software manually if you suspect you have had a problem or you
have received a suspicious attachment or some sort of un-trusted
media.
• There are two parts to most pieces of anti-viral software; the engine
and the definitions.
– The definitions change all the time. This is the part of anti-viral software
that needs to be updated constantly, because the population of viruses
changes rapidly, with newly developed viruses springing up along with
minor modifications of existing viruses (mutations) appearing constantly.
– The engine, on the other hand, is static and changes only at major release
points. The engine is the driving force behind a virus program that checks
for virus signatures on you machine and in your software.
Stay Current
• The program you use isn't as important as
how often you use it and that you keep it
updated with the most recent virus
definitions
– To be effective, antiviral software must be
current -- even two-month-old software can be
dangerously outdated
Other Types of 'Malware'
• A worm is a special type of virus that can replicate
itself and use memory, but cannot attach itself to
other programs
– 'Code Red'
– Nimda
• A Trojan horse is a program that pretends to do
something useful, but instead does something
nefarious.
– Trojans aren't infectious
– Often they place executables on the drive
Combating 'Malware'
• Promptly apply all security patches to all
Internet-exposed systems and replace with
more secure products those that continually
have vulnerabilities exposed.
Network Security
Hardening Your System
• The term "hardening" refers to the process of
configuring software so as to minimize potential
security risks
• Hardening security-specific applications like
firewalls, intrusion detection systems, and
antiviral tools involves turning on features and
setting restrictive access rules
Your Security Profile
• A port is an interface on a computer to which you
can connect a device
– A port is an endpoint to a logical connection
– The port number identifies what type of port it is
• Personal computers have various types of ports. In
this context
• A key to determining your computer’s security
profile is to determine port usage
Firewalls
What is a Firewall
• A system designed to prevent unauthorized
access to or from a private network
• Firewalls can be both hardware and
software, or a combination of both
• Firewalls are used to prevent unauthorized
Internet users from accessing private
networks connected to the Internet
How Does It Work
• A firewall is analogous to a moat around a
medieval castle. In essence, the moat and
drawbridge represent a "choke" point for all
traffic in and out
• A single point is much easier to monitor and
can be closed if needed
– All messages entering or leaving the intranet pass
through the firewall, which examines each
message and blocks those that do not meet the
specified security criteria
How Does it Work Technically?
• Firewalls act as proxy servers, by masking
the address of internal machines
• Or packet filters using a "wall of code" that
inspects each individual "packet" of data as
it arrives at either side of the firewall
Backups
Making Backups
• Copy original files onto another medium.
This is called "making a backup"
– Program files:
• Copy or install the original disks to a hard disk
• Use the copy and store the originals in a safe place
– Data files:
• Copy the originals to another disk or tape
• Put the backup disk or tape in a safe place
Backups for This Class
• Diskettes, Zip Disks, CD-R's:
For every floppy you own, have a backup copy
• Hard disk: backup on diskettes, tapes,
removable hard disk, CD-RW or networked
drive
Different Types of Backups
• Different types
– Full
– Incremental
– Differential
Full Backups
• Includes all files on your drive(s)
– Advantages
• Files are easily found when needed
– All of the most current information can be found on
the last backup tape
– Disadvantages
• Full backups are redundant backups
• Full backups take longer to perform and can be
very time consuming
Incremental Backups
• Includes files that were created or changed
since the last backup
• Advantages
– Incremental backups provide better use of media
– Much less data storage space required
– Less time is also required
• Disadvantages
– Multiple disks or tapes are needed for restore
– You may have to search several volumes to find the file
you wish to restore
Differential Backups
• Includes all files that were created or
modified since last Full backup
– Advantages
• Differential backups take less time
• Provides more efficient restores
• Maximum of two media sets to perform a full
restore
– The last Full backup and the last Differential backup tape
– Disadvantages
• As time goes on a longer and longer time needed for
a differential backup
• The amount of data gets larger and larger each day
Backup Plans
• Backups are performed according to a
schedule. For example:
– Weekly: back up all files ("complete" backup);
Often done on the Friday evening
– Daily: back up only files that have been
changed ("incremental" backup)
• Incremental
• Differential
Contingency Plans
• A "system backup plan" is like an insurance
policy: a contract with company having a
computer system similar to ours or a 'hot'
site
– In case of computer disaster, we can use theirs