English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 112721/143689 (78%)
Visitors : 49527757      Online Users : 930
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
    •  Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    政大機構典藏 > 資訊學院 > 資訊科學系 > 會議論文 >  Item 140.119/23927


    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/23927


    Title: A Secure PC-Based Architecture for Remote Server Management
    Authors: 林鳳銘;張景堯;李蔡彥
    Contributors: 資科系
    Keywords: 主控台;序列埠;修補程式
    Server Console;Serial Port;Patch;IP-Based KVM
    Date: 2006-11
    Issue Date: 2009-01-09 16:53:48 (UTC+8)
    Abstract: 網際網路不斷發展,每天都有為數不少各式各樣的新伺服器上線,提供各種不同的服務。伺服器提供的服務也許不同,但對每一部伺服器而言,共同的例行工作就是伺服器的管理。一般而言,伺服器的管理者必須透過網路或者站在主控台(console)前進行管理的工作;如何簡化且安全地管理伺服器,是一項十分重要的課題。在本文中,我們改變原有透過網路或在主控台前來直接管理伺服器的方法,而提出另一種透過PC-based防火牆與序列埠主控台管理系統(Serial Console Management)來管理伺服器的架構。這個架構類似內含防火牆的IP-based KVM,但所花費的成本僅需要一般等級的PC伺服器。透過這種架構,管理者不必擔心新安裝好的伺服器一旦接上網路後,就立刻中毒或者被入侵;管理者也不一定要站在主控台前來管理伺服器,而可以在伺服器上線後安全地對新系統執行修補(patch)或者Windows update的動作,以確保伺服器的安全狀態。為了瞭解進出伺服器的資訊,我們也同時在所提出架構中的防火牆上,建立了一個簡單而且可以輸出Netflow資訊的架構,讓我們可以透過網路流通的資訊來進一步掌握伺服器的狀態。
    With the continuous development of the Internet, new network services are brought on-line every day. Despite the service contents provided by the servers are different, a common routine task for every server is daily system administration. Generally speaking, the administrator of a server uses the network or stands in front of the machine to remotely or directly perform the tasks of system administration. It is an important issue on how to provide a convenient management scheme without sacrificing system security. In this paper, we have proposed a new economical architecture with a PC-based firewall and a serial console management scheme to provide the service of remote server management. The architecture is similar to IP-based KVM but the cost is much less. By the use of this architecture, the system administrator does not need to worry about that a server may be infected or intruded before necessary security patches are applied. The system administrators can remotely bring a system on-line and then apply system patches or windows updates without putting the system security into jeopardy. In order to understand the information flowing in and out of the server, we have also implemented a netflow-based monitoring system to proactively detect network anomalies.
    Relation: Proceedings of the 2006 Taiwan Academic Network Conference
    Data Type: conference
    Appears in Collections:[資訊科學系] 會議論文

    Files in This Item:

    File SizeFormat
    tanet2006.pdf547KbAdobe PDF21134View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback