(IJCSIS) International Journal of Computer Science and Information Security,Vol. 10, No. 3, March 2012
ECHNIQUES WERE USED FOR
:This section presents different tools that had been used toadministrate remote Linux and Windows systems and toaccess services for performing different tasks on the agents.
As mentioned in  Remote Procedure Call (RPC) is amechanism offers the capability of data exchange andinvocation of functions residing in different process. Thatprocess can be on the same computer, on the local areanetwork “LAN”, or across the Internet. With RPC, essentialprogram logic and related procedure code can exist ondifferent computers, which is important for distributedapplications.In this work XML-RPC,
which is a set of specificationsthat allow software running on disparate operating systems,have been used for running in different environments to makeprocedure calls over the network, since a heterogeneousenvironment in terms of operating systems are used.
Windows Management Instrumentation (WMI) is a set of Windows Driver model that provides an operating systeminterface, it allows scripting languages like Python to manageMicrosoft Windows personal computers, both locally andremotely . It is the management framework available inrecent Windows systems. WMI is built on the COM“Component Object Model” infrastructure and can thusoperate remotely, using DCOM “Distributed COM”.WMI had been used in this work to access Windowssystem parts and information.
GTK (GIMP Toolkit) was originally developed as a toolkitfor the GIMP (General Image Manipulation Program). It is aset of functions that have been used in implementation of screen snapshot in Linux and Windows systems.
Python has built-in support for the XML-RPC protocol andoffers tools for implementing client-server applicationswithout needing to install any additional packages.In this work, python have been used to develop server andagents programs working in different operating system.
:According to Eleen, the most important features/functionsof the system administration are monitoring system activity,File management, system rebooting, and software monitoring. This work implements an efficient and fast techniquesto introduce a portable agent which contains all of thesefunctions. The most important features which have beenimplemented by MPSA are described below:i.
Process AdministrationThe ability to inspect a running process and control itsexecution is a basic requirement security tool may requirecontrolling opportunities. This work offering newcapability for process administration. It uses an efficientmethod to view hidden processes depending on keeptacking of /proc system file, which contains informationabout each process. Also the work implements a newmethod for process deletion to delete specified processand all its children in order to avoid creation of zombieprocesses.ii.
System Resources Monitoring & PerformanceControlling:If system resources become too low, it can cause a lotof problems. The ability of resource monitoring can helpto determine whether system is stable, or if some servicesneed to be terminated or suspended temporarilydepending on some criteria such as amount of CPU ormemory usage.iii.
File Systems MonitoringIn any administration system, management files anddirectories represent an essential part. In this work, tomanipulate files and directories, related system calls hadbeen used in Linux and special API functions forWindows. The API functions and system calls providecomplete control over the creation and maintenance of files and directories.iv.
Desktop ScreenshotsA snapshot is thestateof a system at a particular pointin time. It can refer to anactual copyof the state of asystem or to a capability provided by certain systems.Implementing desktop snapshot remotely couldprovide a appropriate means for monitoring user activityin the target machine in any given time and rapidly.v.
Gathering System Information.One of the basic task of system administration is howto find general system information when the system isrunning, such as CPU usage, the amount of memory on asystem and its usage, and the amount of available disk space and its usage. Some of these tasks are performedrepetitively, at regular intervals. Other tasks need to runonly once.vi.
Port ScanningThis feature helps the administrator to check thenetwork ports on the clients and to check the ports statueswith giving the administrator the ability to close anyunauthorized port to protect the clients’ computers.