政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/23927
English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  全文笔数/总笔数 : 112881/143847 (78%)
造访人次 : 50293631      在线人数 : 742
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜寻范围 查询小技巧:
  • 您可在西文检索词汇前后加上"双引号",以获取较精准的检索结果
  • 若欲以作者姓名搜寻,建议至进阶搜寻限定作者字段,可获得较完整数据
    •  进阶搜寻
    政大機構典藏 > 資訊學院 > 資訊科學系 > 會議論文 >  Item 140.119/23927


    请使用永久网址来引用或连结此文件: https://nccur.lib.nccu.edu.tw/handle/140.119/23927


    题名: A Secure PC-Based Architecture for Remote Server Management
    作者: 林鳳銘;張景堯;李蔡彥
    贡献者: 資科系
    关键词: 主控台;序列埠;修補程式
    Server Console;Serial Port;Patch;IP-Based KVM
    日期: 2006-11
    上传时间: 2009-01-09 16:53:48 (UTC+8)
    摘要: 網際網路不斷發展,每天都有為數不少各式各樣的新伺服器上線,提供各種不同的服務。伺服器提供的服務也許不同,但對每一部伺服器而言,共同的例行工作就是伺服器的管理。一般而言,伺服器的管理者必須透過網路或者站在主控台(console)前進行管理的工作;如何簡化且安全地管理伺服器,是一項十分重要的課題。在本文中,我們改變原有透過網路或在主控台前來直接管理伺服器的方法,而提出另一種透過PC-based防火牆與序列埠主控台管理系統(Serial Console Management)來管理伺服器的架構。這個架構類似內含防火牆的IP-based KVM,但所花費的成本僅需要一般等級的PC伺服器。透過這種架構,管理者不必擔心新安裝好的伺服器一旦接上網路後,就立刻中毒或者被入侵;管理者也不一定要站在主控台前來管理伺服器,而可以在伺服器上線後安全地對新系統執行修補(patch)或者Windows update的動作,以確保伺服器的安全狀態。為了瞭解進出伺服器的資訊,我們也同時在所提出架構中的防火牆上,建立了一個簡單而且可以輸出Netflow資訊的架構,讓我們可以透過網路流通的資訊來進一步掌握伺服器的狀態。
    With the continuous development of the Internet, new network services are brought on-line every day. Despite the service contents provided by the servers are different, a common routine task for every server is daily system administration. Generally speaking, the administrator of a server uses the network or stands in front of the machine to remotely or directly perform the tasks of system administration. It is an important issue on how to provide a convenient management scheme without sacrificing system security. In this paper, we have proposed a new economical architecture with a PC-based firewall and a serial console management scheme to provide the service of remote server management. The architecture is similar to IP-based KVM but the cost is much less. By the use of this architecture, the system administrator does not need to worry about that a server may be infected or intruded before necessary security patches are applied. The system administrators can remotely bring a system on-line and then apply system patches or windows updates without putting the system security into jeopardy. In order to understand the information flowing in and out of the server, we have also implemented a netflow-based monitoring system to proactively detect network anomalies.
    關聯: Proceedings of the 2006 Taiwan Academic Network Conference
    数据类型: conference
    显示于类别:[資訊科學系] 會議論文

    文件中的档案:

    档案 大小格式浏览次数
    tanet2006.pdf547KbAdobe PDF21144检视/开启


    在政大典藏中所有的数据项都受到原著作权保护.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回馈