Artificially enhanced research : Free software and fantastic research

Scott, Dan

23 September 2008

The free software community has developed a number of tools that are useful to researchers. This presentation introduces four tools: the LibX toolbar to extend library searching throughout your Web experience; the Zotero plug-in for collecting, organizing, and citing your research materials; the LU|ZONE|UL institutional repository built on DSpace for making your research openly accessible; and the quick lookup Linux laptops that have made quick searches fast and easy for library visitors and saved Laurentian University tens of thousands of dollars in hardware replacement costs.

LibX

Zotero

Linux

Institutional repository

Enhancing Network Security in Linux Environment

Mohammed, Ali, Sama, Sachin, Mohammed, Majeed

January 2012

Designing a secured network is the most important task in any enterprise or organization development. Securing a network mainly involves applying policies and procedures to protect different network devices from unauthorized access. Servers such as web servers, file servers, mail servers, etc., are the important devices in a network. Therefore, securing these servers is the first and foremost step followed in every security implementation mechanism. To implement this, it is very important to analyse and study the security mechanisms provided by the operating system. This makes it easier for security implementation in a network. This thesis work demonstrates the tasks needed to enhance the network security in Linux environment. The various security modules existing in Linux makes it different from other operating systems. The security measures which are mainly needed to enhance the system security are documented as a baseline for practical implementation. After analysing the security measures for implementing network security, it is important to understand the role of network monitoring tools and Linux inbuilt log management in maintaining the security of a network. This is accomplished by presenting a detailed discussion on network monitoring tools and log management in Linux. In order to test the network security, a network is designed using Linux systems by configuring different servers and application firewall for packet filtering. The security measures configured on each server to enhance its security are presented as part of the implementation. The results obtained while an unauthorized user accessing the servers from the external network are also documented along with attack information retrieved by different network monitoring tools and Linux inbuilt log messages.

Network Security

Linux

Computer Networks

Implementation of Dynamic MUX/DEMUX VoIP Gateway in Heterogeneous WLAN and WiMAX Networks

Huang, Cheng-Ming

17 August 2009

Because the relatively long headers in voice packets may cause unnecessary waste in network bandwidth, in this Thesis, we propose a dynamic MUX/DEMUX mechanism to compress the overhead headers in the VoIP packets. The proposed mechanism can dynamically adjust the length of the compressed VoIP packets for multiple VBR voice connections in a mixed WLAN and WiMAX environment. QoS in terms of voice jitter can be guaranteed after the multiplexed voice packets are de-multiplexed. To validate the proposed mechanism, we implement two VoIP MUX/DEMUX gateways on Linux platform and place them in a mixed WLAN and WiMAX (IEEE 802.16a) network at NSYSU campus. On the VoIP MUX/DEMUX gateways, we implement four functions; (i) the header formats of two different mini compressions, (ii) the mechanism of compressing voice packets, (iii) multiple waiting buffers, and (iv) the mechanism of dynamically adjusting waiting time of voice packets from different sources. According to the experimental results, the proposed VoIP MUX/DEMUX mechanism has shown that it can substantially save WiMAX bandwidth and consistently stabilize packet arrival interval (PAI) of voice packets under different levels of background traffic (constant or burst). Thus, the QoS of voice communications are guaranteed through our proposed mechanism.

Linux

DEMUX

MUX

Dynamic

WiMAX

Strömsparande arkitektur för inbyggnadslinux

Engström, Adam

January 2014

The objective of this work was to evaluate and implement a number of energy saving functions for a specific embedded system. The functions were then grouped into a number of energy levels with known properties in terms of functionality, energy consumption, and transition time between the levels. The embedded system consisted of an AT91 ARM9 processor, GSM/GPRS modem, display, Ethernet and other peripheral units. Some energy saving methods that were considered were suspend to RAM, suspend to disk, frequency scaling, and methods for saving energy in the modem, Ethernet, USB and display backlight. The functions were grouped into levels and an interface was specified for controlling the energy level. It proved possible to get known properties within the defined energy levels, even though the paritioning of functions into these levels proved to be sub-optimal in a typical application usage scenario because it was designed for mainly energy consumption, not usage. The final result is a number of energy saving functions grouped into levels, which are controllable via an application interface. Each of the levels have a known energy consumption in both loaded and un-loaded mode.

linux

energy

embedded

arm

at91

Linux hoist review : En undersökning av automatiserade auditverktyg

Wecksten, Magnus, Michael, Haugland

January 2014

Manuell säkerhetsgranskning av Linuxsystems konfigurationer är en tidskrävandeoch mödosam uppgift. Det existerar flera automatiserade verktyg som säger sigkunna underlätta arbetet, upptäcka uppenbara säkerhetsrisker och genereraunderlag för manuella granskningar. I detta arbetet ställer vi oss frågorna; “Hur väl klarar befintliga verktyg, på ettautomatiserat vis, att identifiera kritiska konfigurationsbrister i ett linuxsystem?”och “Går det att ta fram metoder som bättre identifierar dessa brister?”. Arbetetundersöker detta genom att samla verktyg för automatisk auditing och testar dessa iavsiktligt sårbart konfigurerade testmiljöer baserade på vedertagna riktlinjer försystemhärdning. Parallellt med detta tog vi också ta fram förbättradeidentifieringsmetoder genom att utveckla ett eget verktyg som inkluderas iundersökningen.

Audit

Härdning

Konfiguration

Linux

Säkerhet

A Cross-platform Picture Transfer Protocol for Linux-based Camera

Högberg, Marcus

January 2015

The Universal Serial Bus, USB, is widely used for connecting peripheral devices to a computer. Through the years devices that use USB has evolved and more and more complicated communication protocols have been developed using the USB standard. There are many different ways to set up communication between a USB device and a host computer. The USB standard does not include any security and this poses risks when designing communication over such a connection. This thesis investigates how a USB-based picture transfer protocol can be designed between a small camera running embedded Linux and a host computer. The USB functionality in Windows and Mac OS/X operating systems are investigated. Solutions to create a secure USB communication are also investigated. One of three the methods of creating a USB connection with a USB device running embedded Linux are chosen based on the investigations. A protocol is then designed and an implementation developed. The protocol designed in the thesis uses existing USB functionality in the host computer operating systems Windows and Mac OS/X. The designed protocol is evaluated for performance and security. The evaluation is made on an evaluation platform for the camera. The transfer speed of the protocol is measured to around 18 MB/s in an ideal environment. The designed protocol could be improved by using one of the security methods found in the investigations.

USB

Embedded Linux

USB Security

Transparent large-page support for Itanium linux

Wienand, Ian Raymond, Computer Science & Engineering, Faculty of Engineering, UNSW

January 2008

The abstraction provided by virtual memory is central to the operation of modern operating systems. Making the most efficient use of the available translation hardware is critical to achieving high performance. The multiple page-size support provided by almost all architectures promises considerable benefits but poses a number of implementation challenges. This thesis presents a minimally-invasive approach to transparent multiple page-size support for Itanium Linux. In particular, it examines the interaction between supporting large pages and Itanium's two inbuilt hardware page-table walkers; one being a virtual linear page-table with limited support for storing different page-size translations and the other a more flexible but higher overhead hash table based translation cache. Compared to a single-page-size kernel, a range of benchmarks show performance improvements when multiple page-sizes are available, generally large working sets that stress the TLB. However, other benchmarks are negatively impacted. Analysis shows that the increased TLB coverage, resulting from the use of large pages, frequently does not reduce TLB miss rates sufficiently to make up for the increased cost of TLB reloads. These results, which are specific to the Itanium architecture, suggest that large-page support for Itanium Linux is best enabled selectively with insight into application behaviour.

Superpage

Itanium

Large-Page

Linux

Condor - Job-Managementsystem Ausarbeitungen zum Hauptseminar "Cluster - und Gridcomputing" /

Grabner, René.

January 2002

Chemnitz, Techn. Univ., Studienarb., 2002.

LINUX. Cluster <Rechnernetz>

Konzeption und Implementierung eines ortsbezogenen Ad-Hoc Routing Protokoll für die Linux Plattform

Klinger, Richard.

January 2003

Stuttgart, Univ., Diplomarb., 2003.

Routing. Ad-hoc-Netz. LINUX.

Um verificador seguro de integridade de arquivos

Serafim, Vinícius da Silveira

January 2002

Este trabalho apresenta um modelo de mecanismo para o controle de integridade de arquivos em sistemas operacionais, com a capacidade de bloquear o acesso à arquivos inválidos de forma a conter os danos causados por possíveis ataques. O modelo foi inicialmente formulado a partir do estudo detalhado do processo de controle de integridade, revelando diversos pontos críticos de segurança nele existentes, e da avaliação dos mecanismos atualmente implementados nos sistemas operacionais que oferecem, mesmo que indiretamente, algum tipo de garantia de integridade dos arquivos do sistema. Durante o seu desenvolvimento, a segurança do próprio modelo foi detalhadamente analisada de forma a enumerar os seus pontos críticos e possíveis soluções a serem empregadas, resultando na definição dos requisitos mínimos de segurança que devem ser encontrados nesse tipo de mecanismo. Em seguida, visando a validação do modelo especificado e decorrente disponibilização do mecanismo para uso prático e em estudos futuros, um protótipo foi implementado no sistema operacional GNU/Linux. Procurando confirmar a sua viabilidade, foram realizadas análises do impacto causado sobre o desempenho do sistema. Por fim, foi confirmada a importância e viabilidade do emprego do modelo apresentado como mecanismo adicional de segurança em sistemas operacionais. Além disso, foi colocado em evidência um campo de pesquisa ainda pouco explorado e portanto atrativo para a realização de novos estudos.

Sistemas operacionais

Integridade : Arquivos

Linux