Syste Architecture & Programm em ming

MBATechMBATech 8 – IT/COMP

System Architecture & Programming
Prof. Rah M. Sam HOD MBATech hul mant, M

Prof. Prof Rahul M Samant M. Dept. Head., Technology Management

11/12/2010

Mukesh Patel School of Technology Management & Engineering

1

System Architecture & Programm e ming

Windows
Prof. Rah M. Sam HOD MBATech hul mant, M

UNIX

Prof. Rahul M. Samant f R
Dept Head, MBATech

11/12/2010

Mukesh Patel School of Technology Management & Engineering

2

Syste Architecture & Programm em ming

Why study this subject ?
• In the 50+ year history of the IT industry there has been industry, only one overriding constant:
– the continual presence of change, both in terms of the technology and th capability of computer systems. t h l d the bilit f t t

• Prof. Rah M. Sam HOD MBATech hul mant, M

Few other areas in business have experienced such rapid development and often terrifying levels of p p y g obsolescence, with equipment that was purchased new at $10,000 barely able to recoup $200 a mere three y years later—a 98% depreciation rate. p • The result of this continuing progress is that you as the IT decision maker are caught in a difficult situation.
– You can make no changes and risk your systems slipping into obsolescence, or you can make a change and risk joining a computing trend that turns out to be an evolutionary dead end.
11/12/2010 Mukesh Patel School of Technology Management & Engineering 3

Syste Architecture & Programm em ming

UNIX legacy
• • The various implementations of the UNIX operating system have served industry well, as witnessed by the very large base both of installed systems and large-scale applications installed on those systems. However, there are increasing signs of dissatisfaction with expensive, often g g p proprietary solutions and a growing sense that perhaps the concept of "big iron" has had its day—in the same way as it has for most of the mainframes of the type portrayed in 1970s science fiction films. One of the most extraordinary and unexpected successes of the Intel PC architecture is the extent to which this basic framework has been extended to encompass very large server and data center environments. Large-scale hosting companies are now offering enterprise-level services to multiple client companies at availability levels of over 99 99 percent on what 99.99 are simply racks of relatively cheap PCs. Technologies such as clustering, Network Load Balancing (NLB) and p g (CLB) enable the humble personal computer to ) p p Component Load Balancing ( take on and match the levels of throughput, availability and reliability of all but the most expensive "big iron" solutions and the supercomputers.

Prof. Rah M. Sam HOD MBATech hul mant, M

• •

11/12/2010

Mukesh Patel School of Technology Management & Engineering

4

Rah M. Sam HOD MBATech hul mant. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 5 .Syste Architecture & Programm em ming UNIX Why ??? • Three main reasons spring to mind: – Reduced costs – Increased flexibility – Improved performance Prof.

M The best i t Th b t price-to-performance ratio f ti The lowest Total Cost of Ownership An enterprise-level directory service g g y Integrated management and security model Rapid application development tools Built in Built-in clustering and high availability technologies • Worldwide enterprise support • Large network of trained consultants 11/12/2010 Mukesh Patel School of Technology Management & Engineering 6 . Rah M.Syste Architecture & Programm em ming UNIX • • • • • • Windows Prof. Sam HOD MBATech hul mant.

Rah M. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming UNIX LINUX Prof. M • Migrate UNIX applications with minimal g changes • Move to PC-based architecture. thus reducing hardware costs • Acquire an operating system at little or no apparent cost 11/12/2010 Mukesh Patel School of Technology Management & Engineering 7 .

enterprise management? – Will I require a well-defined enterprise roadmap of future innovation and features? Prof. – – – – Do I need an enterprise wide directory service? enterprise-wide Do I need to support clustering or load-balancing? Will I need to integrate with a heterogeneous environment? Will I need to use features on Linux that will tie me in to a single dt f t Li th t ill ti i t i l vendor? – Do I need consistent. Rah M. may find that Linux provides a less than ideal solution. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 8 . M • If you answer yes to any of these questions then you questions. you need to look at the following areas. Sam HOD MBATech hul mant. integrated.Syste Architecture & Programm em ming Problems with LINUX • T make a true assessment of the suitability of Li To k t t f th it bilit f Linux.

Sam HOD MBATech hul mant.Syste Architecture & Programming em m TPC-C TPC C Benchmark 2004 Prof. Rah M. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 9 .

Rah M. Sam HOD MBATech hul mant.Syste Architecture & Programming em m TPC-C TPC C Benchmark 2009 Prof. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 10 .

M . Sam HOD MBATech hul mant.Syste Architecture & Programm em ming Summary • • • • • • Why study this subject ? UNIX legacy UNIX Why ??? UNIX WINDOWS UNIX LINUX TPC-C benchmarks – 2004 – 2009 11/12/2010 Mukesh Patel School of Technology Management & Engineering 11 Prof. Rah M.

MBATech 11/12/2010 Mukesh Patel School of Technology Management & Engineering 12 . Samant HOD. Sam HOD MBATech hul mant. M Prof. Rahul M.System Architecture & Programm e ming 2. Rah M. Evolution & architecture : Introduction Prof.

The new operating system was called Microsoft Windows NT® (for new technology). an i i i user Th f i l d Pl d Play intuitive interface. Rah M. Sam HOD MBATech hul mant. The current Windows 2000 and Microsoft Windows XP operating systems are based on Windows NT. Prof. M • • 11/12/2010 Mukesh Patel School of Technology Management & Engineering 13 . These features include Plug and Pl support. and many innovative support services. Figure 1 illustrates the evolutionary development of the Windows family of operating systems. culminating in today's Windows XP and soon in Microsoft Windows Server 2003.Syste Architecture & Programm em ming Windows Evolution and Architecture • • • In the late 1980s. do s s built o the obust and g pe o a ce do s Windows XP is bu t on t e robust a d high-performance Windows NT kernel and incorporates many of the best features of Microsoft Windows 98 and Microsoft Windows Millennium Edition (Windows Me). Microsoft began to design a new operating system that could take advantage of advances in processor design and software development.

Rah M. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming Windows Evolution Vista Win7 Prof. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 14 2009 .

Syste Architecture & Programming em m Windows NT architecture Prof. Rah M. Sam HOD MBATech hul mant. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 15 .

Rah M. important subsystem is the Win32 subsystem. M . These subsystems are referred to as protected because each one is a separate process with its own protected virtual address space The most space. Sam HOD MBATech hul mant. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 16 Prof. b t including the Win32 subsystem.Syste Architecture & Programm em ming User Mode • Windows NT architecture uses two processor access modes: user mode and kernel mode mode. Th Wi d Wi d li ti The Windows subsystems. which supplies much of the Win32 functionality to 32-bit Windows applications. • User mode includes application processes (typically Microsoft Win32® programs) and a set of p p g ) protected subsystems.

M . Sam HOD MBATech hul mant. POSIX stands for Portable Operating System Interface for computing environments. particularly t t b t ti l l with respect to UNIX applications.Syste Architecture & Programm em ming POSIX… POSIX • A th i Another important subsystem. is the POSIX subsystem. POSIX g y y began as an effort by the IEEE community to promote the portability of applications across different versions of UNIX 11/12/2010 Mukesh Patel School of Technology Management & Engineering 17 Prof. Rah M. and consists of a set of international standards for implementing UNIX-like interfaces.

standards based interfaces and allows applications developers to more easily port their applications to Windows from another p g y operating system. The POSIX subsystem implements these standards-based interfaces. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 18 Prof. Rah M. However. Sam HOD MBATech hul mant. M .System Architecture & Programm e ming … • . including Windows NT systems NT. POSIX is not limited to the UNIX environment and has been implemented on a number of non-UNIX operating systems.

11/12/2010 Mukesh Patel School of Technology Management & Engineering 19 Prof. including the address spaces of all user mode processes and applications. Rah M. The kernel mode of Windows NT contains the executive as well as the system kernel. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming Kernel Mode • Kernel mode is a highly privileged mode of operation where program code has direct access to all memory. and to hardware. protected mode or Ring 0. M . • Kernel mode is also known as supervisor mode.

Sam HOD MBATech hul mant.System Architecture & Programm e ming … • Th executive exports generic services th t protected The ti t i i that t t d subsystems call to obtain basic operating system services. and performs operations such as scheduling. Rah M. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 20 Prof. p . and . and providing objects that the executive can use or export to applications. M . • The kernel controls how the operating system uses the processors. • Partitioning of the protected subsystems and the executive simplifies th b ti i lifi the base operating system d i ti t design and makes it possible to extend the features of an individual p o ec ed subsys e without a ec g the d dua protected subsystem ou affecting e kernel. d f ti h h d li multiprocessor synchronization. input/output ( ). such as file operations. synchronization services. p p (I/O).

M . Sam HOD MBATech hul mant. Rah M.Syste Architecture & Programm em ming Features • The Windows operating system supports the following features and capabilities: • Multitasking g • Choice of programming interfaces (subsystem and kernel application programming interfaces [APIs]) • Emphasis on graphical user interface (GUI) for users and administrators (the default user interface is graphical) • O i Optional command-line i l d li interface f • Built-in networking (Transmission Control Protocol/Internet Protocol [TCP/IP] is standard) • System services are provided by Windows Services • Single compatible implementation 11/12/2010 Mukesh Patel School of Technology Management & Engineering 21 Prof.

Bell Labs invented the C language so that they could rewrite UNIX. M . Thus. UNIX has evolved into a popular operating system that runs on computers ranging in size from personal computers to mainframes. Sam HOD MBATech hul mant. Although the first implementation was written in assembly language. B ll L b t i d In 1969 Bell Laboratories developed UNIX as a l d timesharing system (the term used at that time to describe a multitasking operating system that supported many users at terminals). 11/12/2010 Mukesh Patel School of Technology Management & Engineering 22 Prof. language the designers always intended for UNIX to be written in a higher-level language. Rah M.Syste Architecture & Programm em ming UNIX Evolution and Architecture • I 1969.

Sam HOD MBATech hul mant. which are open source products 11/12/2010 Mukesh Patel School of Technology Management & Engineering 23 . including: use • AIX from IBM • Solaris from SUN Microsystems • HP-UX and Tru64 from Hewlett Packard • UnixWare from Caldera • Linux and FreeBSD. In fact. Rah M.System Architecture & Programm e ming Prof. y y than fifty flavors of UNIX in use today. The codes on the diagram refer to the brands and versions of UNIX that are in common use. this is only a summary–there are more y . M • Fi Figure 3 shows the evolution of UNIX f h th l ti f from a single code i l d base into the wide variety of UNIX systems available today.

Sam HOD MBATech hul mant. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 24 .Syste Architecture & Programming em m Evolution of UNIX Prof. Rah M.

Syste Architecture & Programming em m Structure of UNIX Prof. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 25 . Sam HOD MBATech hul mant. Rah M.

Sam HOD MBATech hul mant.Syste Architecture & Programm em ming Features • • • • • • • • • • • • The UNIX operating system supports the following features and capabilities: Multitasking Multiuser Kernel written in high-level language Programming interface Use f files U of fil as h dl t reference d i handles to f devices and other objects d th bj t Large number of simple tools Use of pipes and filters to undertake complex tasks through simple tools t l Default user interface is character-based Built-in networking (TCP/IP is standard) System services are provided through daemon processes Wide number of vendor platform implementations Mukesh Patel School of Technology Management & Engineering 26 Prof. M 11/12/2010 . Rah M.

Sam HOD MBATech hul mant. 3 Comparison p Prof. Rah M. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 27 .System Architecture & Programm e ming 3.

Processes and threads 4. NET 13 . System configuration 10. M 9. 15 Shells and scripting 16. 6 Security 7. DLLs and shared libraries 12. 2 Hardware drivers 3. Kernels and APIs 2.NET 14. Development environments 28 Mukesh Patel School of Technology Management & Engineering . Sam HOD MBATech hul mant. Virtual memory management 5. File 5 Fil systems and t d networked file systems 6. User interfaces 11/12/2010 Syste Architecture & Programm em ming Prof. Middleware 15. Component-based development 13. Interprocess p communication (IPC) 11. Networking 8. Rah M.Comparison of Windows and UNIX Architectures 1.

Kernels and APIs • As do most operating systems. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming 1. Rah M. M . Windows and UNIX both have kernels. such as: system • Creating files • Starting processes • Managing input and output • Managing memory 11/12/2010 Mukesh Patel School of Technology Management & Engineering 29 Prof. The kernel is responsible for all the basic functions of the operating system.

calls in addition to other features features. • In most implementations. This h ll th Wi d operating systems to provide different APIs. some of which mimic the APIs provided by the kernels of other operating systems.Syste Architecture & Programm em ming Cont… • In UNIX. Rah M. in some implementations. System calls are a programming interface common to all p g g implementations of UNIX. there are minor differences. Windows has an API for programming calls to the executive. the API functions are called system calls. • Similarly. M . implementations however. In addition to this API. Standards such as POSIX include a definition of the implementation of system calls. the functions defined by the system calls are the same. 11/12/2010 30 Prof. each subsystem provides a hi h l higher-level API Thi approach allows the Windows l API. • The standard subsystem APIs include the Win32 API (the Windows native API) and the POSIX API (the standardsstandards based UNIX Mukesh Patel School of Technology Management & Engineering API). Sam HOD MBATech hul mant.

processes. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 31 . Regardless of the underlying resource type. synchronization objects. Sam HOD MBATech hul mant. you use kernel objects to manage and manipulate resources such as files. and pipes.Syste Architecture & Programm em ming Cont… Cont • Obj t and handles Objects d h dl • As a Windows developer using the Win32 API. the procedure for manipulating kernel objects is as follows: Prof. you must obtain a handle to the kernel objec by ca g the us ob a a d e o e e e object calling e appropriate Win32 API. Kernel objects are data structures maintained b th operating system k i t i d by the ti t kernel. Rah M. threads. T i t l To interact t with a kernel object (and its associated resource).

Syste Architecture & Programm em ming Cont… Cont • Obt i a kernel object handle. • Manipulate the resource by using the kernel object h dl bj t handle. Obtain k l bj t h dl • For example. f ti l i the handle t • Close the handle when your work is complete. Sam HOD MBATech hul mant. M . supplying th h dl as a parameter. call the ReadFile and WriteFile functions. Rah M. • Call the CloseHandle function. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 32 Prof. irrespective of the handle type. call the CreateFile function to open a fil and obtain a fil k file d bt i file kernel object h dl l bj t handle. • For example.

M . Cont… Cont The subsystems run in separate processes and do not share virtual memory. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 33 Prof. which p g . Therefore. All messages p pass through the executive. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming Cont… Cont • Wi d Windows subsystems b t • A subsystem is a portion of the Windows operating system that provides some service t ti t th t id i to application programs through a callable API. performs a security check to guarantee that the subsystems do not interfere with one another. Rah M. a subsystem must send messages to another subsystem to communicate with it.

and the I/O manager. it b t d the i t l Other subsystems include the object manager. f ti t i biliti and functions to control all user input and output. GUI capabilities. Rah M.Syste Architecture & Programm em ming Cont… Cont • S b t Subsystems come i t in two varieties. Sam HOD MBATech hul mant. • Integral subsystems perform key operating system functions and execute as part of the executive or kernel. The best known of the integral subsystems are the security subsystem and th virtual memory manager. The best known environment subsystem is Win32. M . 11/12/2010 Mukesh Patel School of Technology Management & Engineering 34 Prof. d i ti depending on where di h the request is finally handled: • Environment subsystems execute in user mode and provide functions through a published API. which provides an API for operating system services. the process manager.

such as security synchronization virtual memory security. Win32 has a vast collection of functions including the capabilities functions. By using the Win32 API. synchronization. management.Syste Architecture & Programm em ming Cont… Cont • Th Win32 subsystem The Wi 32 b t • The Win32 subsystem allows applications to benefit f b fit from the full power of the Windows f il th f ll f th Wi d family of operating systems. Sam HOD MBATech hul mant.y pp versions of Windows while taking advantage of capabilities that exist only on later versions. required for advanced operating systems. M . you can write applications that run on all . Rah M. and threads. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 35 Prof.

Process management and synchronization functions start and coordinate th operation of multiple applications or d di t the ti f lti l li ti multiple threads within a single application. an application uses memory example management functions to allocate and free memory. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 36 Prof.Syste Architecture & Programm em ming Cont… Cont • Th Win32 API i grouped i t six categories: The Wi 32 is d into i t i • Base services • Base services are functions that let applications use the features of the operating system. such as memory management. Rah M. and threads. work For example. M . p g y processes. devices. Sam HOD MBATech hul mant. An application uses these functions to manage and monitor the resources that it needs to complete its work. file systems.

Sam HOD MBATech hul mant. to complex.Syste Architecture & Programm em ming Cont… Cont • Common control library y p • A common control library implements a set of common controls shown as windows. Rah M. Applications use these controls to maintain consistency with the Windows shell and to maintain the distinctive Windows behavior and appearance. Common controls range from fairly simple. such as calendar and tree view controls. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 37 Prof. such as combo box and status bar controls. M .

and other devices. Rah M. when o control s b e attributes. and closed fi d l d figures and t d to manipulate text and images. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 38 . GDI enables applications to draw geometric shapes. GDI allows the application to co o visible a bu es. printers. curves.Syste Architecture & Programm em ming Cont… Cont • G Graphics Device Interface hi D i I t f • The Graphics Device Interface (GDI) provides functions and data structures that applications use to generate graphical output for displays. such as li h lines. such color and style. Applications can direct output to a physical device or to a logical device such as memory or a metafile. metafile Prof. e drawing shapes and text. suc as co o a d s y e. Sam HOD MBATech hul mant.

network printers. These functions are independent of any network provider or physical network implementation.Syste Architecture & Programm em ming Cont… Cont • N t Network services k i • Network services provide functions for network management and Windows networking (WNet) Network (WNet). M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 39 . Sam HOD MBATech hul mant. management lets a systems administrator or network manager create and manage shared resources. Rah M. Wi d di t i t k i t d Windows networking functions enable applications to query and co o e o connections and o e e e o a o control network co ec o s a d to retrieve information about the current network configuration. such as directories. implementation Prof. and users.

prompt for user input. these functions to create and use windows to display output. and interact with the user. M . Sam HOD MBATech hul mant.Syste Architecture & Programm em ming Cont… Cont • U User i t f interface • User interface functions give applications the means to create and manage a user interface Applications use interface. do class defines default characteristics. such as whether the window processes mouse button clicks or has a menu. The corresponding window procedure contains code that defines the behavior of the window in response to events and user input. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 40 Prof. Rah M. The behavior d Th b h i and appearance of windows th t an f i d that application creates are controlled by window classes and co espo d g corresponding window p ocedu es A window c ass do procedures.

you must use special techniques when linking different subsystems. The default icon displayed is the same for all files with the same extension. The system displays a shortcut menu when the user clicks an object with the right mouse button. Rah M. mixed A file opened in the POSIX subsystem is not compatible with the API in the Win32 subsystem. An icon handler can override the default and display a different icon for some files. The y p p y system uses icons to represent files. A context menu handler is a shell extension that modifies the contents of a shortcut menu. Most shortcut menus contain a p p properties command that displays the p p y sheet for the selected p y property object.Syste Architecture & Programm em ming Cont… Cont • • Windows shell Windows shell functions enable applications to use the shell interfaces and to enhance various aspects of the Windows shell. For this reason. Prof. Note The APIs provided by different environment subsystems cannot be mixed. Sam HOD MBATech hul mant. A property sheet contains information about the object in a set of overlapping or tabbed windows called pages. M • 11/12/2010 Mukesh Patel School of Technology Management & Engineering 41 . A property sheet handler is a shell extension that adds pages to the system-defined property sheet. The shortcut menu contains commands that apply specifically to the object that was clicked.

It provides all of the features of a traditional UNIX operating system. and UNIX graphical support through the X Window System (also called X ) Windows). not all UNIX applications are POSIX compliant. symbolic links. Mukesh Patel School of Technology Management & Engineering 42 • Prof.1 and POSIX. Windows provides the I t i subsystem. Interix conforms to the POSIX. UNIX networking. written for the POSIX environment on any other operating systems should perform in exactly the same manner on Windows. hard links.2 standards. including system pipes. To add more comprehensive support for UNIX programs. Rah M. I t i i a multiuser UNIX id th Interix b t Interix is lti environment for a Windows-based computer. g y p provides Although the POSIX subsystem is standards compliant and p the majority of the system calls found in UNIX implementations. M • • 11/12/2010 . Windows 2000.Syste Architecture & Programm em ming Cont… Cont • • The POSIX subsystem and Interix Windows NT. and Windows XP provide a fully standards-compliant subsystem that supports programs written for the POSIX portable operating system environment Programs environment. Sam HOD MBATech hul mant.

2 utilities run under Interix. Sam HOD MBATech hul mant. awk. such as KornShell. C Shell. b t d When you install Interix. and more than 300 UNIX commands and utilities. it is a native environment subsystem that integrates with the Windows kernel. scripts see the "Shells and Scripting" section later in this chapter ) Shells Scripting chapter.) • Prof. you install a new extended subsystem that replaces the POSIX subsystem provided with Windows and that provides true UNIX functionality functionality. (For more information about shell scripts. compilation tools. Shell scripts and other scripted applications that use UNIX and POSIX.Syste Architecture & Programm em ming Cont… Cont • It also includes case-sensitive file names job control tools case sensitive names. just as the Win32 subsystem does. it is not an emulation. tools. See Chapter 10 for further information about Interix features and commands. and vi. M • • 11/12/2010 Mukesh Patel School of Technology Management & Engineering 43 . Because the Interix subsystem is layered on top of the Windows kernel. Rah M.

Syste Architecture & Programm em ming

Cont… Cont
• • • • These behaviors of the Interix environment are different from open systems: Interix has no superuser. Interix has different user authentication authentication. User and group information is stored in the Windows Security Access database. While the database stores both users and groups, group names and user names must be unique; that is no group can is, have a user's name and vice versa. (This database replaces the /etc/passwd and /etc/groups files or Network Information Service [NIS] map files in UNIX.) Users can belong to many groups. Interix supports user name mapping. Interix uses user name mapping to associate Windows users with user identifiers (UIDs) and group identifiers (GIDs). Mapping allows the t l th actual user and group names t appear as th fil owner and fil d to the file d file group when a long directory listing is requested.

Prof. Rah M. Sam HOD MBATech hul mant, M

• •

11/12/2010

Mukesh Patel School of Technology Management & Engineering

44

Syste Architecture & Programm em ming

2. Hardware Drivers
• Th Windows D i The Wi d Driver M d l provides a platform f Model id l tf for developing drivers for industry-standard hardware devices attached to a Windows-based system. The keys y y to developing a good driver package are to provide good setup and installation procedures and to provide interactive GUI tools for configuring devices after installation. In addition, hardware must be compatible with Windows Plug and Play technology to ensure a user-friendly hardware installation. If hardware manufacturers meet these and other requirements, they can display the "Designed for Windows" logo on their Designed Windows packaging and documentation.
11/12/2010 Mukesh Patel School of Technology Management & Engineering 45

Prof. Rah M. Sam HOD MBATech hul mant, M

Syste Architecture & Programm em ming

Cont… Cont
• In some versions of Windows, the user must reboot the computer after installing new hardware, drivers, and peripherals. Windows XP, however, has features that eliminate the need to reboot if drivers are signed with a digital certificate. This certificate indicates that a driver has passed the Windows Hardware Compatibility Tests, which ensure that the driver functions correctly with the Windows operating system.
11/12/2010 Mukesh Patel School of Technology Management & Engineering 46

Prof. Rah M. Sam HOD MBATech hul mant, M

Syste Architecture & Programm em ming

Cont… Cont
• In UNIX, there are several different ways g to manage drivers. Some UNIX implementations allow for dynamic loading and unloading of drivers whereas other drivers, implementations do not. The UNIX vendor usually provides drivers On Intel drivers. platforms, the range of supported hardware for UNIX is typically smaller than that for Windows.
11/12/2010 Mukesh Patel School of Technology Management & Engineering 47

Prof. Rah M. Sam HOD MBATech hul mant, M

11/12/2010 Mukesh Patel School of Technology Management & Engineering 48 Prof. each process has one or more threads running on its behalf. Sam HOD MBATech hul mant. p y and state. The Windows and UNIX operating systems both provide process and threads. • Each process has its own code. files. • Threads are a part of a process. a thread has resources and a state associated with it.Process 3 Process Management • Multitasking operating systems—such as Windows and UNIX must UNIX—must manage and control many processes at once. data. system resources. • Like a process. Resources include virtual address space. and synchronization objects.Syste Architecture & Programm em ming 3. M . Rah M.

( thread is a co s uc eads s ead o p ocesses (A ead s construct that enables parallel processing within a single process. hi h MS DOS® which did not support preemptive t t ti multitasking. Sam HOD MBATech hul mant. At any point in time. Windows relies heavily on threads instead of processes.Syste Architecture & Programm em ming 4. UNIX is very g q y. multiuser d to be lti i lti system. Consequently. y efficient at creating processes. Rah M. • Windows has evolved from its beginnings on Microsoft MS-DOS®. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 49 . Multitasking • UNIX was d i designed t b a multiprocessing.) Creating a new process in Windows is a relatively expensive operation operation. a user may have many p processes running on UNIX. As a result. Prof.

especially with many users and large applications. when a user logs on. M . Rah M. The UNIX operating system keeps track of users and their processes and prevents processes from interfering with one another Because all the another.Syste Architecture & Programm em ming 5. Sam HOD MBATech hul mant. the resource demands on the computer can grow quite large. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 50 Prof. • On UNIX. a shell process is started to service the user's commands. Multiple users • O key difference b t One k diff between UNIX and Windows d Wi d is the implementation of multiple users on one computer. processes run on the server.

Rah M. operate in a server-centric mode similar to UNIX. if a user uses Terminal Services or Citrix Windows can Citrix. place Only a particular instance of the logged on user logged-on has access to the desktop. Sam HOD MBATech hul mant. th ti l the Win32 subsystem's Graphical Identification and Authentication dynamic-link library (GINA) creates the y y( ) initial process for that user. However.Syste Architecture & Programm em ming Cont… Cont • O Windows. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 51 Prof. known as the user desktop. This desktop is where all user interaction or activity takes place. M . This allows the user to control the computing environment (sometimes known as the shell). when a user l On Wi d h logs on i t interactively. Other users are not intended to be able to log on to that computer at the same time.

Syste Architecture & Programm em ming 6. In fact. UNIX did not expose threads to programmers. Windows applications are able to use threads to take advantage of SMP computers and to maintain interactive d t f t dt i t i i t ti capabilities when some threads take a long time to execute. POSIX does have userprogrammable threads. Rah M. M . However. creating a new thread is very efficient. depending on the POSIX version. 6 Multithreading • Most new UNIX kernels are multithreaded to take advantage of symmetric multiprocessing (SMP) computers. Sam HOD MBATech hul mant. Initially. e so • In Windows. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 52 Prof. POSIX h t bl th d I f t has two diff different t implementations of threads.

Prof. • Fibers are usually used in applications that service a large number of users. Rah M. called fib has th it f ti ll d fibers.Syste Architecture & Programm em ming Fibers • Wi d Windows h another unit of execution. which UNIX does not have. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 53 . • Fibers are sometimes referred to as lightweight threads threads. such as database systems. Fibers must be manually scheduled by a thread. • Fibers do not provide much improvement in speed over threaded applications. but they do provide a good technique for p q porting applications that are designed to g pp g schedule their own threads. Sam HOD MBATech hul mant. and they run in the context of that thread.

and there are p y p . Th creating process receives hi hi l l ti hi The ti i the process handle and ID of the process it created so a hierarchical relationship ca be maintained/simulated if e a c ca e a o s p can a a ed/s u a ed the application requires it to do so. the operating system treats all processes as belonging to the same generation. However. Windows processes do not share a hierarchical relationship. generation • Note Both Windows and UNIX processes (by default) inherit the security settings of the creating process. This process hierarchy is often important. th When li ti t the new process becomes a child of the creating process. system calls for manipulating child processes. • Unlike UNIX. Rah M. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 54 Prof.Syste Architecture & Programm em ming Process hierarchy • Wh a UNIX application creates a new process. M . Sam HOD MBATech hul mant.

Rah M. M • • 11/12/2010 Mukesh Patel School of Technology Management & Engineering 55 . and abnormal conditions such as floating point exceptions.Syste Architecture & Programm em ming Signals. simple interprocess communication. An exception mechanism handles non-standard events. these g . Windows has two separate mechanisms. exceptions. mechanisms are called signals and are used for normal events. Windows uses a facility named Structured Exception g (SEH) to handle these exceptions. these events are signaled by a form of software interrupts. generate exceptions such as invalid memory access and math errors. as follows: An A events mechanism h dl expected events. and events • UNIX and Windows have mechanisms by which processes can indicate an event or error. In UNIX. ) p Handling ( Prof. Sam HOD MBATech hul mant. such as t h i handles t d t h communications between two processes. In both operating systems. such as the termination of a process by the user Computer hardware may user.

11/12/2010 Mukesh Patel School of Technology Management & Engineering 56 Prof. A welldesigned UNIX p g g program g gets its input from the standard p input stream and writes its results to standard output. Pipes give users the ability to link these filter programs together so that the output of one program is fed into the input of another. that is running is. analogous to a water filter or a filter in engineering The filter has one input engineering. and one output and performs an operation on information passing through it.Syste Architecture & Programm em ming Filters and pipes • UNIX i t d introduced a philosophy of computing th t d hil h f ti that incorporates features known as filters and pipes. M . one program that generates some desired output and piping the output into the sort utility for viewing. Rah M. A typical use of this capability is sorting. This makes the program a filter. Sam HOD MBATech hul mant.

Services may start when the system boots and they continue running across logon sessions Services are controlled by sessions. Typically. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 57 . the Service Control Manager (SCM). • Prof. pp g. a service is a long-running Windows application that does not interact with users and consequently does not include a user interface. Rah M. Sam HOD MBATech hul mant. g the SCM to handle starting. it is a p process that p provides one or more facilities to client p processes. A Windows service is the equivalent of a UNIX daemon. and one of the few requirements for writing a service is that it must communicate with g.Syste Architecture & Programm em ming Daemons and services • In UNIX a daemon is a process that the system starts to provide a UNIX. Typically. and installing. service to other applications. the daemon does not interact with users. stopping. UNIX daemons are started at boot time from init or rc p scripts.

Syste Architecture & Programm em ming Cont… Cont • B Because it runs i a separate process. This account has elevated access rights on the local computer but has no privileges on the network domain If domain. Sam HOD MBATech hul mant. Prof. a daemon runs with an appropriate user name for the service that it provides or as the special user named nobody nobody. The security context of that user determines the capabilities of the p service. a service runs i in t i in user mode with a specific user identity. it must run as a domain user with enough privileges to perform the required tasks. Rah M. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 58 . a service needs to access network resources. Most services run as the Local System account. On UNIX.

Sam HOD MBATech hul mant. M Threads Fibers Performance Process hierarchy Security inherited 11/12/2010 Mukesh Patel School of Technology Management & Engineering 59 . but different implementations No Very good at creating processes Yes Yes (except setuid) UNIX Prof. Rah M.Syste Architecture & Programm em ming Cont… Cont Feature Primary mechanism Processes Threads Yes Yes Yes Very good at creating threads No Yes Windows Processes Yes Yes.

Virtual memory uses a number of techniques to: • Inform the application that additional memory is available. virtual memory is handled by an executive service service. Rah M. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 60 Prof. In UNIX. M . • Transparently enhance system performance (and therefore application performance) by reading for disk as efficiently as possible. Sam HOD MBATech hul mant. virtual memory is handled by the kernel.Syste Architecture & Programm em ming Virtual Memory Management • B th UNIX and Windows use virtual memory t Both d Wi d it l to extend the memory available to an application beyond the actual physical memory installed on the computer. in Windows.

Sam HOD MBATech hul mant. M . there should be no need to consider virtual memory during the g process. Rah M. Because virtual memory is managed by the operating system and is transparent to pp applications.Syste Architecture & Programm em ming Cont… Cont • Vi t l memory uses areas on di k t Virtual disk to extend real memory. the virtual memory manager moves program and data files from the hard disk into physical memory only when the files are needed. In addition. migration p 11/12/2010 Mukesh Patel School of Technology Management & Engineering 61 Prof.

D) Yes \ No N No No Yes SMB No No ACLs Yes. /dev/fs/C) Yes / Yes Y Yes Yes No UNIX Hierarchal. with exceptions (for example. Feature F t Overall structure Drive names Mounting partitions Path separator Case-sensitive names C iti Windows Wi d Hierarchal. under /dev/fs (for example. example /dev/mem) Yes Mapping between bit pe ss o s and C s permissions a d ACLs Windows/Interix Wi d /I t i Hierarchal. multiple trees Yes (C. M Hard links Symbolic links Shortcuts Network file system Device files Set user ID Security 11/12/2010 Mukesh Patel School of Technology Management & Engineering 62 . single tree No Yes / Yes Y Yes Yes No NFS Yes Yes Simple bit permissions Prof.Syste Architecture & Programm em ming File systems differences differences. Sam HOD MBATech hul mant. Rah M. single tree Yes.

Winsock conforms well to the Berkeley implementation. Prof. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 63 . Berkeley. Sockets were created for UNIX at the University of California. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming Networking • Th primary networking protocol for UNIX and Windows The i t ki t lf d Wi d is TCP/IP. Rah M. bidirectional stream between systems across a network. Most of the functions are the same. Sockets provide an easy-to-use. The standard programming API for TCP/IP is called sockets. The Windows implementation of network sockets is formally known as Windows Sockets but is usually called Winsock. but slight differences in parameter lists and return values do exist exist. even at the API level.

Syste Architecture & Programm em ming User Interfaces • Th UNIX user interface was originally b The i t f i i ll based on d a character-oriented command line. This difference is a result of the background of the two operating systems. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 64 Prof. both UNIX and Windows now support a mixture of character and graphical interfaces. Windows was (as the name suggests) designed to take advantage of advances in the graphics capabilities of computers. UNIX originated at a time when graphic terminals were not available. Rah M. Sam HOD MBATech hul mant. whereas the Windows user interface was originally based on a GUI. M . However.

Shared memory and message queues are suitable for communicating among unrelated processes. Message Queues section later in this chapter. Pipes are the mechanism usually chosen for communicating with a child process through standard input and output. Shared memory. M • 11/12/2010 Mukesh Patel School of Technology Management & Engineering 65 . and message queues are all suitable for processes g g p y g running on a single computer. (For more information about message queues refer to the "Message Queues" queues.UNIX interprocess communication • UNIX has several IPC mechanisms that have different characteristics and are appropriate for different situations. is s usually a straightforward process involving few changes to the code. sockets are usually the chosen technique Migration from UNIX sockets to Windows sockets technique. Sam HOD MBATech hul mant. pipes. Rah M.) For communication across the network. Syste Architecture & Programm em ming Prof.

some of which have no counterpart in UNIX. Windows has shared memory. because certain forms of shared memory can be used across the network. M . and events (equivalent to signals). pipes. These are appropriate for processes local to a computer. As with UNIX. Sam HOD MBATech hul mant. Rah M.Windows interprocess communication • Windows has many IPC mechanisms. The shared memory implementation is based on file mapping. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 66 Syste Architecture & Programm em ming Prof. Named pipes can also be used for network communications.

Rah M. are mostly used for local communications. Windows sockets and Message Queuing (also known as MSMQ) g are good choices for cross-network tasks. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 67 Prof. Component Object Model (COM). but DDE and COM both have network capabilities. and send message These (COM) message. M .Syste Architecture & Programm em ming Cont… Cont • Other IPC mechanisms supported by p y Windows are the clipboard/Dynamic Data Exchange (DDE). Sam HOD MBATech hul mant.

11/12/2010 Mukesh Patel School of Technology Management & Engineering 68 Prof. Sam HOD MBATech hul mant. M . RPC is designed for use by client/server applications and is most appropriate for C and C++ programs.Syste Architecture & Programm em ming Cont… Cont • Two additional IPC mechanisms for Windows are remote procedure call (RPC) and mailslots. Mailslots have a fairly small maximum size. Mailslots are memory-based files that a program can access by using standard file functions. Usage is often similar to named pipes except that mailslots are effective for broadcasting small messages. Rah M.

Both UNIX and Windows also use mutex objects to control mutually exclusive access to a resource. Rah M. Both operating systems use semaphores. Sam HOD MBATech hul mant. which are synchronization primitives used to control access to a resource that can support a limited number of users.Syste Architecture & Programm em ming Synchronization • B th UNIX and Wi d Both d Windows h have an extensive set of process and thread synchronization techniques. M . 11/12/2010 Mukesh Patel School of Technology Management & Engineering 69 Prof.

M . 11/12/2010 Mukesh Patel School of Technology Management & Engineering 70 Prof. Rah M. Critical sections are similar to mutexes but mutexes. but the order is not guaranteed. process This makes them appropriate for controlling access to a shared resource.Syste Architecture & Programm em ming Cont… Cont • For lightweight control of multithread . access to a section of code. Windows offers critical section objects. access is limited to the threads of a single process. Sam HOD MBATech hul mant. Threads can access the critical section in y g any order.

The queues are memory based and are very fast as a result However the result. Message q g queues were introduced in AT&T System V UNIX. One application sends messages to the queue. However. many versions of UNIX that are based on BSD may not have them. Rah M. Because of this. another application reads messages from the queue. POSIX has message queues but the API is not exactly the same as in System V. M . messages will disappear if the system fails. a message queue is an IPC In UNIX i mechanism.Syste Architecture & Programm em ming Message queues • I UNIX. Sam HOD MBATech hul mant. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 71 Prof.

however. The API. Rah M. essence. is completely different 11/12/2010 Mukesh Patel School of Technology Management & Engineering 72 Prof. security. but there is no specific g p guarantee about exactly y when it will be received. Sam HOD MBATech hul mant. The operation is the same as on UNIX—one application writes to the queue and another reads from it. messaging In essence a Message Queuing message is guaranteed to be delivered.Syste Architecture & Programm em ming Cont… Cont • Wi d Windows provides a reliable messaging system id li bl i t called Message Queuing (MSMQ). Message Queuing provides guaranteed message delivery delivery. efficient routing. M . and priority-based messaging.

The result is the ability to reuse code across applications. Both allow application developers to link together object files from different compilations and to specify which symbols will be exported from the library for use by external programs. The Windows operating system and most Windows programs use many DLLs 11/12/2010 Mukesh Patel School of Technology Management & Engineering 73 Prof.Syste Architecture & Programm em ming DLLs and Shared Libraries • Wi d Windows and UNIX both have a facility th t d b th h f ilit that allows the application developer to put common functionality in a separate code module. M . Windows calls this feature a dynamic-link library (DLL). UNIX calls this feature a shared library. Sam HOD MBATech hul mant. Rah M.

As with shell scripts. p g y languages. Programs written through the programming features of a shell are called shell scripts. Rah M. M • 11/12/2010 Mukesh Patel School of Technology Management & Engineering 74 . th h ll there are also l l languages specifically d i ifi ll designed f writing d for iti scripts. The use of scripting languages leads to rapid development (often with relaxed syntax checking) but slower performance. some of which are common to both operating systems. In addition to executing programs. shells usually support advanced features. these scripting languages are interpreted. Sam HOD MBATech hul mant. • Prof. Windows and UNIX support a number of shells and scripting g g . In addition to scripts written through the use of shells. such y p g as the ability to recall recent commands and a built-in scripting language for writing programs.Syste Architecture & Programm em ming Shells and Scripting • A shell is a command line interpreter that accepts typed commands command-line from a user and executes the resulting request.

11/12/2010 Mukesh Patel School of Technology Management & Engineering 75 Prof. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming Conclusion • Wi d Windows provides all th f t id ll the features th t make it th right that k the i ht choice for organizations that want to run all their applications on a single desktop. User productivity will increase and frustration will decrease by having a single user environment to learn and use. Rah M. users do not need to switch environments. line-of-business and office productivity applications can run side by side and exchange data seamlessly. or they can use Interix or other migration environments to run the applications with minimum modification. M . seamlessly Earlier UNIX applications can be ported to run under Windows. In either case. On the Windows pp g p platform.

which is implemented by the Win32 subsystem. • The Interix subsystem implements POSIX APIs.exe).exe) and Calculator (Calc. from the Interix shell prompt. and POSIX run in their own environmental subsystems. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 76 . Rah M.x. Programs written for MS-DOS. you ca s run Win32 programs. all of which interact extensively with the Win32 subsystem to implement their functionality functionality. Even s depe de ce. Microsoft Windows g . such as Notepad (Notepad. can still u 3 with this independence.Syste Architecture & Programm em ming Cont… Cont • F example. OS/2. Prof. Wi d For l Windows applications use th Wi 32 API li ti the Win32 API. . version 3. Sam HOD MBATech hul mant.

System Architecture & Programm e ming Windows RegistryIntroduction Prof. Rah M. Sam HOD MBATech hul mant. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 77 .

Syste Architecture & Programm em ming Warning !!! • You have to be doubly careful when g g y. as there is no confirmation prompt or a click OK to save prompt. Sam HOD MBATech hul mant. Changes made are prompt directly incorporated. Rah M. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 78 . working with the Registry. Prof.

Syste Architecture & Programm em ming Registry: A Wealth of Information Information that can be recovered include: I f ti th t b di l d – – – – – – – – System Configuration Devices on th S t D i the System User Names Personal Settings and Browser Preferences Web Browsing Activity Files Opened Programs Executed Passwords Prof. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 79 . Rah M. Sam HOD MBATech hul mant.

Syste Architecture & Programm em ming Registry History • B f Before the Windows R i t (DOS th Wi d Registry: (DOS.INI – This file controlled all the hardware on the computer system.x) – INI files Prof. • Individual applications also utilized their own INI files that are linked to the WIN INI WIN. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 80 . Windows 3. • WIN.INI.INI – This file controlled all the desktop and applications on the computer system system. Sam HOD MBATech hul mant. M • SYSTEM. Rah M.

Syste Architecture & Programm em ming Registry History: INI File Problems • Proliferation of INI files. • Other problems Size limitations Prof. Rah M. Sam HOD MBATech hul mant. M • • • • Slow access No standards Fragmented Lack of network support 11/12/2010 Mukesh Patel School of Technology Management & Engineering 81 .

Syste Architecture & Programm em ming Registry History • The Windows 3.DAT was utilized to store information about Object Link Embedding (OLE) objects. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 82 . Prof.DAT. Sam HOD MBATech hul mant. • The REG. Rah M.x OS also contained a file called REG.

types (Win Me only) Prof.5 Operating S t 9 /NT 3 5 O ti System i composed of th is d f the following files: – System. (Win 9x/NT) – User.dat – One profile for each use with unique settings specific to the user.dao (Win 95) – Rbxxx. These files are identified as: – System.dat – Utilized for program associations.dat – Utilized for system settings.Syste Architecture & Programm em ming Registry History • The Wi d Th Windows 9x/NT 3. Rah M. M • To provide redundancy. a back-up of the registry was made after each boot of the computer system. Sam HOD MBATech hul mant. (Win 9x/NT) – Classes.dao (Win 95) – User.cab (Windows 98/Me) 11/12/2010 Mukesh Patel School of Technology Management & Engineering 83 . context menus and file types.

the th t t th following issues arise: – The User.dat profiles. Prof. – On Windows 9. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 84 .x systems.Syste Architecture & Programm em ming Registry History • If there are numerous users on a computer system. Sam HOD MBATech hul mant. – If all users on the computer system utilize the same profile. Rah M. the information will all be mingled in the User.dat and will be difficult User dat if not impossible to segregate the data.dat file for each individual will be different as to the content.dat file for the default user is utilized to create the User dat files for all new profiles User. the User.

– The registry contains information that Windows continually references during operation. what hardware exists on the y ports that are being sued. such as profiles for each user. property sheet settings for folders and application icons. g system and the p Prof.Syste Architecture & Programm em ming Registry Definition • Th Microsoft Computer Dictionary d fi The Mi ft C t Di ti defines th registry the i t as: – A central hierarchical database used in the Microsoft Windows family of Operating Systems to store information necessary to configure the system for one or more users. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 85 . the applications installed on the computer and the types of documents that each can crate. applications and hardware devices. Rah M. Sam HOD MBATech hul mant.

Rah M.DAT files. Sam HOD MBATech hul mant. pp y p – User Specific Information – This is data about an individual configuration. • Th registry i composed of t The i t is d f two pieces of i f information: Prof.Syste Architecture & Programm em ming Registry Definition • Th registry was developed to overcome the The i t d l dt th restrictions of the INI and REG. M –S t System-Wide I f Wid Information – Thi i d t about ti This is data b t software and hardware settings. This information tends to be apply to all users of the computer. ’ fil 11/12/2010 Mukesh Patel School of Technology Management & Engineering 86 . This information is specific to a user’s profile.

Syste Architecture & Programm em ming Registry Organization • The Windows registry contains the g following: Prof. M – Hives are utilized by the registry to store data on itself itself. Rah M. – Hives are stored in a variety of files that are dependent on the Windows Operating System that is being utilized. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 87 . Sam HOD MBATech hul mant.

int).System Architecture & Programm e ming Windows Registry Cont. Below are a few Example NT API’s available for managing the Windows Registry: NtEnumerateValueKey(KHANDLE. M . NtQueryValueKey(KHANDLE. VarName). NtLoadKey(KHANDLE. … more found in Advapi32 dll Advapi32. Rah M. Sam HOD MBATech hul mant.dll Prof. NtLoadKey(KHANDLE HiveFileName).

each user has an individual i di id l user.Syste Architecture & Programm em ming Windows 9x Registry Filename system.dat d t If there are multiple user profiles. Sam HOD MBATech hul mant. M user.dat Location C:\Windows Content Protected storage area for all users All installed programs and their settings System settings Most R M t Recently tl Used (MRU) files User preference p settings Prof. Rah M.dat fil i d t file in C:\Windows C \Wi d windows\profiles\user account 11/12/2010 Mukesh Patel School of Technology Management & Engineering 89 .

Windows XP Registry g y Filename e a e ntuser.dat If there are multiple user profiles. Rah M. each user has an individual user.dat file in Syste Architecture & Programm em ming Location ocat o \Documents and Settings\user account Co te t Content Protected storage area for user Most Recently Used (MRU) files User preference settings System settings User account management and security settings windows\profiles\user account Default \Windows\system32\config \Windows\system32\config Prof. M SAM Security Software S ft \Windows\system32\config \Windows\system32\config \Wi d \ t 32\ fi Security settings All i t ll d programs and th i installed d their settings System settings 90 System 11/12/2010 \Windows\system32\config Mukesh Patel School of Technology Management & Engineering . Sam HOD MBATech hul mant.

Sam HOD MBATech hul mant. M – HKEY LOCAL MACHINE (HKLM) HKEY_LOCAL_MACHINE • Contains system-wide hardware settings and configuration information. – HKEY USERS (HKU) HKEY_USERS • Contains the root of all user profiles that exist on the system. – HKEY_CURRENT_CONFIG (HKCC) • Contains information about the hardware profile used by the computer during start up. • Sub Keys – These are essentially sub directories that exist under the Root Keys Keys.Syste Architecture & Programm em ming Registry Organization • Root Keys – HKEY_CLASSES_ROOT (HKCR) • Contains information in order that the correct program opens when executing a file with Windows Explorer Explorer. etc) about the user that is logged in. Prof. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 91 . Rah M. – HKEY_CURRENT_USER (HKCU) • Contains the profile (settings.

Rah M.Prof. M System Architecture & Programming e m . Sam HOD MBATech hul mant.

Rah M. if failed: . key/value Prof.System Architecture & Programm e ming Registry: Loading the Hive Loaded at boot time by Boot Loader (NTLDR) and the kernel (ntoskrnl.Logical integrity check. Read Primary header and verify checksums. walk the tree check every key/value. M .exe) (ntoskrnl exe) Explicitly loaded by calling NtLoadKey/RegLoad Key s equ es esto e secu ty p eges .Physical integrity check. Sam HOD MBATech hul mant. Files are opened in “exclusive” mode. walk entire Hive and check each individual cell .This requires ‘Restore’ security privileges. and kept open by the kernel.

Syste Architecture & Programming em m Registry Organization Prof. Rah M. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 94 . Sam HOD MBATech hul mant.

Syste Architecture & Programm em ming The Registry . like say. M • • • 11/12/2010 Mukesh Patel School of Technology Management & Engineering 95 . Prof. Rah M. a 32-bit numeric value and can hold any number from 0 to 232. %SystemRoot%. 0's & 1's.data types • • • REG_SZ REG SZ : The SZ indicates zero-terminated string. Sam HOD MBATech hul mant. REG_BINARY : It contains binary data. It is. _ y REG_DWORD : This data type is a Double Word. REG_MULTI_SZ This data type contains a group of zero-terminated REG MULTI SZ : Thi d i f i d strings assigned to a single value. This is a variable-length zero terminated string variable length string that can contain Unicode as well as ANSI characters. It is a 64-bit numeric value. REG_EXPAND_SZ REG EXPAND SZ : This data type is a zero terminated string containing zero-terminated an unexpanded reference to an environment variable. REG_QWORD : This data type is a Quadruple Word.

Sam HOD MBATech hul mant. • The SID appears as: – S 1 5 21 927890586 3685698554 67682326 1005 S-1-5-21-927890586-3685698554-67682326-1005 Prof.Syste Architecture & Programm em ming Windows Security and Relative ID • Th Windows Registry utilizes a alphanumeric The Wi d R i t tili l h i combination to uniquely identify a security principal or security group group. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 96 . • The Security ID (SID) is used to identify the computer system. system • The Relative ID (RID) is used to identity the specific user on the computer system system. Rah M.

– SID: S-1-1 S11 Name: World Authority Description: An identifier authority. Sam HOD MBATech hul mant. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 97 Prof.Syste Architecture & Programm em ming SID Examples SID: S-1-0 Name: Null Authority Description: An identifier authority authority. – SID: S-1-2 Name: Local Authority Description: An identifier authority. Rah M. Membership is controlled by the operating system. – SID: S-1-1-0 Name: Everyone Description: A group that includes all users. M . even anonymous users and guests. – SID: S-1-0-0 Name: Nobody Description: No security principal. – SID: S-1-3 Name: Creator Authority Description: An identifier authority.

Rah M. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming SID • S Security ID it – NT/2000/XP/2003 • HKLM>SAM>Domains>Accounts>Aliases>Members – This key will provide information on the computer identifier • HKLM>SAM>Domains>Users – This key will p y provide information in hexadecimal Prof.514 11/12/2010 Mukesh Patel School of Technology Management & Engineering 98 . M • User ID – Administrator – 500 – Guest – 501 • Global Groups ID – Administrators – 512 – Users – 513 – Guest .

Recent – Windows NT/2000 • Ntuser. LRU.Syste Architecture & Programm em ming MRU • To identify the Most Recently Used (MRU) files on a suspect computer system: – Windows 9x/Me • User dat User. Rah M.dat – Search should be made for MRU.dat Prof. Sam HOD MBATech hul mant. Recent – Windows XP/2003 • HKU>UserSID>Software>Microsoft>Windows> CurrentVersion>Explorer>RecentDoc • Select file extension and select item 11/12/2010 Mukesh Patel School of Technology Management & Engineering 99 . M – Search should be made for MRU. LRU.

Syste Architecture & Programm em ming Registry • System – Recent documents – Recent commands entered in Windows run box – Programs that run automatically • St t software Startup ft • Good place to look for Trojans Prof. Rah M. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 100 . Sam HOD MBATech hul mant.

Syste Architecture & Programm em ming Registry • User Application Data – – – – – – – Adobe products IM contacts Search terms in google Kazaa data Windows media player data Word recent docs and user info Access. Rah M. Excel. Sam HOD MBATech hul mant. Outlook. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 101 . Powerpoint recent files Prof.

Sam HOD MBATech hul mant. M • Need to set filter • Or enable Regmon’s log boot record – Captures registry activity in a regmon file • Do it yourself: Windows API – RegNotifyChangeKeyValue • Many commercial products y p – DiamondCS RegProt • Intercepts changes to the registry 11/12/2010 Mukesh Patel School of Technology Management & Engineering 102 . Rah M.Syste Architecture & Programm em ming Registry Research • Use REGMON (MS Sysinternals) to monitor changes to the registry – Registry is accessed constantly Prof.

Syste Architecture & Programm em ming Registry Investigation • Software Key – Installed Software • Registry keys are usually created with installation • But not deleted when program is uninstalled • Find them Prof. Sam HOD MBATech hul mant. M – Root of the software key » Beware of bogus names – HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVer sion\App Paths – HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVer sion\Uninstall • If suspicious. use information from the registry to find the actual code • Registry time stamps will confirm the file MAC data or show them to be altered 11/12/2010 Mukesh Patel School of Technology Management & Engineering 103 . Rah M.

the log is typically at %SystemRoot%/pfirewall. Rah M. Sam HOD MBATech hul mant.log 11/12/2010 Mukesh Patel School of Technology Management & Engineering 104 .Syste Architecture & Programm em ming Registry Investigation • Software Key – Last Logon • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon Prof. M – Logon Banner Text / Legal Notice • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon – Security Center Settings • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Shar edAccess\Parameters\FirewallPolicy – If firewall logging is enabled.

Syste Architecture & Programm em ming Registry Investigation • Analyze Restore Point Settings – Restore points developed for Win ME / XP – Restore point settings at • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore Prof. Sam HOD MBATech hul mant. M – Restore points created every RPGlobalInterval value seconds (~every 24h) – Retention period is RPLifeInterval seconds (default 90 days) – Restore point taking in ON by default – Restore points in System Volume Information\restore Information\restore… 11/12/2010 Mukesh Patel School of Technology Management & Engineering 105 . Rah M.

Sam HOD MBATech hul mant. Rah M. including administrator – Administrator can add her/himself to the access list of the system volume directory • Turn off “Use simple file sharing” in Control Panel Folder Options F ld O ti • Click on “Properties” of the directory in Explorer and Prof.Syste Architecture & Programm em ming Registry Investigation • A id H Aside: How t access restore points to t i t – Restore points are protected from user. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 106 .

log file g p g g Prof. Sam HOD MBATech hul mant. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 107 . Rah M. M • Registry data – in Snapshot folder – Names have changed but predictably so changed.Syste Architecture & Programm em ming Registry Investigation • R t Restore point i t – makes copies of important system and program files that were added since the last restore points • Files – – – – Stored in root of RP### folder Names have changed File extension is unchanged Name changes kept in change.

Syste Architecture & Programm em ming Registry Investigation • SID (security identifier) – Well-known SIDs • SID: S-1-0 • SID: S 1 5 2 S-1-5-2 • • • • Name: Null Authority Name: Network – S-1-5-21-2553256115-2633344321-4076599324-1006 S string is SID 1 revision number 5 authority level (from 0 to 5) 21-2553256115-2633344321-4076599324 identifier • 1006 RID – Relative identifier Prof. Rah M. Sam HOD MBATech hul mant. M domain or local computer • Local SAM resolves SID for locally authenticated users (not domain users) – Use recycle bin to check for owners y 11/12/2010 Mukesh Patel School of Technology Management & Engineering 108 .

M Resolving local SIDs through the Recycle Bin 11/12/2010 Mukesh Patel School of Technology Management & Engineering (life view) 109 .Syste Architecture & Programming em m Registry Investigation Prof. Sam HOD MBATech hul mant. Rah M.

Rah M. M – ROT-13 encoding of data used to populate the User Assist Area of the start button • Contains most recently used programs 11/12/2010 Mukesh Patel School of Technology Management & Engineering 110 . Sam HOD MBATech hul mant.Syste Architecture & Programm em ming Registry Investigation • HKEY_CURRENT_USER\SOFTWARE\Microsof t\Windows\CurrentVersion\Exlorer\UserAssist\{** *******}\Count Prof.

nt Windir\system32\autochk.exe Windir\wininit.nt Windir\system\config. Rah M. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 111 .bat \ Windir\win. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming Registry Investigation • AutoRun Programs – Long list of locations in registry – Long list of locations outside the registry • • • • • • • • • • SystemDrive\autoexec.bat SystemDrive\config.exe Windir\system32\autochk exe Prof.bat Wi di \d t tb t Windir\system\autoexec.ini Windir\dosstart.ini Windir\system.ini Windir\winstart.

Sam HOD MBATech hul mant. M 2009 Updates 11/12/2010 Mukesh Patel School of Technology Management & Engineering 112 .System Architecture & Programm e ming Prof. Rah M.

and hence unlike XP. However. that applications are prevented from writing to System Folders in Vista or Windows 7 s file 7's system and ALSO to the 'machine wide keys' in the registry.Syste Architecture & Programm em ming Vista s Vista's Registry Virtualization • I Windows Vista. continued in Windows 7. prevent standard user accounts from installing or running applications. does not tend to suffer from bloat The same has been bloat. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 113 Prof. M . Sam HOD MBATech hul mant. this does not g y . • Virtualization basically means that. Rah M. the Registry has b In Wi d Vi t th R i t h been Virtualized.

to redirect attempts to write to subkeys of HKEY_LOCAL_MACHINE\SoftwareWhen an application attempts to write to this hive Vista hive. instead. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 114 Prof. HKEY_CLASSES_ROOT\VirtualStore\Machine\ Software y g • This is done discreetly. No one gets to know that this is happening ! This is. Rah M. in short Registry Virtualization. M . the UAC utilizes the Registry In Vi t / 7 th tili th R i t Virtualization Feature.System Architecture & Programm e ming … • I Vista/ 7. writes it. Sam HOD MBATech hul mant. to a per-user location. and it is a useful Security feature.

But it’s not implemented in Registry Editor. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 115 Prof. which enables Transactional Registry. this feature is g y p designed for use by developers who need to create robust applications using p g transactional processing. This feature enables a sort of a registry rollback. Instead. M . Rah M. ti t l be d f another new technology underlying Vista : The Kernel Transaction Manager.Syste Architecture & Programm em ming Kernel Transaction Manager • I id t ll mention must also b made of Incidentally. Sam HOD MBATech hul mant.

Rah M. as there is no confirmation prompt or a g y. M . th t it b k i maintained. which you can that its backup is i t i d hi h restore when necessary.Syste Architecture & Programm em ming How To Edit The Registry • . The primary tool in Windows Vista / 7 for working directly with the registry is Registry Editor. To access it. • Mention must specifically be made of • HKEY_LOCAL_MACHINE\System\CurrentControlSethiv e as the keys in this particular are so essential for Vista to t t t start-up. simply by booting in Safe Mode and selecting 11/12/2010 Mukesh Patel School of Technology Management & Engineering 116 Prof. p p click OK to save prompt. simply type regedit in Vista's Start Menu Search Bar and hit E t ! Enter • You have to be doubly careful when working with the Registry. Changes made are directly incorporated. Sam HOD MBATech hul mant.

Samant • Dept Head. Rahul M. Rah M. MBATech 11/12/2010 Mukesh Patel School of Technology Management & Engineering 117 . M • Prof. Sam HOD MBATech hul mant.System Architecture & Programm e ming Windows API programming Wi d i Prof.

Syste Architecture & Programm em ming

Windows Programming
• Central to the workings of Windows is a concept known as "dynamic linking." • Windows provides a wealth of function calls that an p application can take advantage of, mostly to implement its user interface and display text and graphics on the video display. p y • These functions are implemented in dynamic-link libraries, or DLLs. • These are files with the extension .DLL or sometimes DLL .EXE, and they are mostly located in the \WINDOWS\SYSTEM subdirectory under Windows 98 and th \WINNT\SYSTEM and \WINNT\SYSTEM32 d the d subdirectories under Windows NT.
11/12/2010 Mukesh Patel School of Technology Management & Engineering 118

Prof. Rah M. Sam HOD MBATech hul mant, M

System Architecture & Programm e ming

Prof. Rah M. Sam HOD MBATech hul mant, M

• In the early days, the great bulk of Windows was implemented in just three dynamic-link libraries. • These represented the three main subsystems of Windows, which were referred to as Kernel, User, and GDI. • While the number of subsystems has proliferated in recent versions of Windows, most function calls that a typical Windows program makes will still fall in one of these three modules.
11/12/2010 Mukesh Patel School of Technology Management & Engineering 119

System Architecture & Programm e ming

• Kernel (which is currently implemented by the 16 bit 16-bit KRNL386.EXE and the 32-bit KERNEL32.DLL) handles all the stuff that an operating system kernel traditionally handles—memory management, file I/O and tasking. h dl t fil I/O, d t ki • Prof. Rah M. Sam HOD MBATech hul mant, M User (implemented in the 16-bit USER.EXE and the 3216 bit USER EXE 32 bit USER32.DLL) refers to the user interface, and implements all the windowing logic.

• GDI (implemented in the 16-bit GDI.EXE and the 32-bit GDI32.DLL) is the Graphics Device Interface, which ) p allows a program to display text and graphics on the screen and printer.
11/12/2010 Mukesh Patel School of Technology Management & Engineering 120

System Architecture & Programm e ming

Prof. Rah M. Sam HOD MBATech hul mant, M

• In your Windows program, you use the g y Windows function calls in generally the same way you use C library functions such as strlen strlen. • The primary difference is that the machine code f C library f for functions is linked into y your p g program code, whereas the code for Windows functions is located outside of your program in the DLLs.
11/12/2010 Mukesh Patel School of Technology Management & Engineering 121

• When a Windows program is loaded into memory. Sam HOD MBATech hul mant.System Architecture & Programm e ming Prof. are also loaded into memory if not already there. the calls in the program are resolved to point to the entries of the DLL functions which functions. Rah M. it i t f When Wi d interfaces to Windows through a process called "dynamic linking. linking " • A Windows . 11/12/2010 Mukesh Patel School of Technology Management & Engineering 122 .EXE file contains references to the various dynamic link libraries it uses and the dynamic-link functions therein. M • Wh you run a Windows program.

you must link with special "import libraries" provided with your import libraries programming environment.System Architecture & Programm e ming Prof. • These import libraries contain the dynamic link dynamic-link library names and reference information for all the Windows function calls calls. • The linker uses this information to construct the table in the . Rah M. M • Wh you link a Wi d When li k Windows program t produce to d an executable file.EXE file that Windows uses to EXE resolve calls to Windows functions when loading the program p g 11/12/2010 Mukesh Patel School of Technology Management & Engineering 123 . Sam HOD MBATech hul mant.

Generally the Windows API has remained quite consistent since Windows 1. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 124 Prof. Rah M. system as well as definitions of associated data types and structures structures. an operating system is defined by its API. • In Windows. Sam HOD MBATech hul mant. the API also implies a particular program architecture . An d fi d b it API A API encompasses all ll the function calls that an application program can make of an operating system. M .0.Generally.Syste Architecture & Programm em ming Windows programming options • API and Memory Models APIs d M M d l • To a programmer.

System Architecture & Programm e ming Prof.0 supported fewer than 450 function pp calls. • One way the API has changed has been in enhancements. today there are thousands. Windows 1 0 1. M • A Windows programmer with Wi d ih experience in Windows 98 would find p the source code for a Windows 1. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 125 .0 program very familiar familiar. Sam HOD MBATech hul mant. Rah M.

Versions 1. and 286 microprocessors. 8088. a mode pp p y that was also supported for compatibility purposes in the 32-bit Intel p g g microprocessors beginning with the 386.System Architecture & Programm e ming Prof. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 126 . Sam HOD MBATech hul mant.0 through 3. Rah M. M • Th biggest change i th Wi d The bi t h in the Windows API and its syntax came about during the switch from a 16-bit architecture to a 32-bit architecture.1 of Windows used the so-called segmented memory mode of the 16-bit Intel 8086.

mode was 16 bits. Rah M. M • The microprocessor register size in this . addresses were formed from two components—a 16-bit components a 16 bit segment pointer and a 16-bit offset pointer. In the segmented memory model memory model. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 127 .System Architecture & Programm e ming Prof. and hence the C int data type was also 16 bits wide. Sam HOD MBATech hul mant.

and Pentium processors. Windows suppo ed 32-bit a e o y ode using e 32-bit supported a 3 b flat memory model us g the 3 b modes of the Intel 386. or near. pointers (which involved an offset address with an assumed segment address). Sam HOD MBATech hul mant. address) • Beginning in Windows NT and Windows 95. or far. Rah M. M • F From the programmer's perspective. p pointers ( (which involved both a segment address and an g offset address) and short. Programs written for 32 bit versions of Windows use 32-bit simple 32-bit pointer values that address a flat linear address space 11/12/2010 Mukesh Patel School of Technology Management & Engineering 128 . this was quite th ' ti thi it messy and involved differentiating between long.System Architecture & Programm e ming Prof. 486. The C int data type was promoted to a 32-bit value.

• Many function calls remained the same in the transition from Win16 to Win32. and all versions of Windows NT) is now known as Win32. Windows 98.0 through Windows 3. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 129 . The API for the 32bit versions of Windows (Windows 95.System Architecture & Programm e ming Prof. M • Th API for the 16-bit versions of Windows The f th 16 bit i f Wi d (Windows 1. but some needed to be enhanced. Sam HOD MBATech hul mant.1) is now known as Win16. Rah M.

Also. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 130 .System Architecture & Programm e ming Prof. Sam HOD MBATech hul mant. This was not possible in Win32 so new Win32. some Win16 function calls returned a two-dimensional two dimensional coordinate point packed in a 32-bit integer. Rah M. graphics coordinate points g changed from 16-bit values in Win16 to 32-bit values in Win32. function calls were added that worked in a different way. M • For example.

System Architecture & Programm e ming Prof. • In Windows 95 and Windows 98. Win16 function calls go through a translation layer and are converted to Win32 function calls that are then processed by the operating system. M • All 32 bit versions of Windows support both the Win16 32-bit i f Wi d t b th th Wi 16 API to ensure compatibility with old applications and the Win32 API to run new applications. Rah M. this works differently in Windows NT than in Windows 95 and Windows 98. the process is opposite that: Win32 function calls go through a translation layer and are converted to Win16 function calls to be processed by the operating system. Sam HOD MBATech hul mant. In Windows NT. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 131 . pp gy g . Interestingly enough.

1. Win32s ("s" for "subset") was an API that allowed programmers to write 32-bit applications that ran under Windows 3. Also. Rah M. Sam HOD MBATech hul mant. This API supported only 32-bit versions of functions already supported by Win16. but this term has been abandoned. the Windows 95 API was once called Win32c ("c" for "compatibility"). 11/12/2010 Mukesh Patel School of Technology Management & Engineering 132 .System Architecture & Programm e ming Prof. th there were two other Windows t th Wi d API sets (at least in name). M • At one ti time.

Wi d Windows NT and Wi d d Windows 98 are both considered to support the Win32 API. it's widely assumed that the two y products will be merged at some time in ( ) the future. (its done!!!) 11/12/2010 Mukesh Patel School of Technology Management & Engineering 133 . Also. M • At this ti thi time. Rah M. each operating system supports some features not supported by the other.System Architecture & Programm e ming Prof. Sam HOD MBATech hul mant. Still. it's possible to write programs that run under both systems. because the overlap is considerable. However.

dll on 32-bit Windows. These functions reside in advapi32. and error handling. Included are things like file systems. processes and threads. krnl286. Sam HOD MBATech hul mant. M • Advanced Services – Provide access to functionality that is an addition on the kernel.dll on 32-bit Windows.exe or krnl386. These functions reside Th f ti id in kernel. Included are things like the Windows registry.exe files on 16-bit Windows. abort). shutdown/restart the system (or abort) start/stop/create a Windows service. devices. Rah M.Syste Architecture & Programm em ming 8 -Categories Categories • The functionality provided by the Windows API can be grouped into eight categories: • Base Services – Provide access to the fundamental resources available to a Windows system. service manage user accounts. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 134 .exe. Prof. and kernel32.

and user32. Sam HOD MBATech hul mant. This functional unit resides in user.sys which communicates directly with the graphics driver. such controls as buttons and scrollbars.dll 32-bit user-mode. Rah M. receive mouse and keyboard input. i the basic controls reside in comctl32. gdi32. Si Since Wi d Windows XP versions. and other functionality associated with the GUI part of Windows.exe 16-bit Windows. Prof. It resides in gdi exe on 16 bit Windows and gdi32 dll on 32 bit Windows in gdi. printers and other output devices. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 135 . Kernel-mode GDI support is provided by win32k.dll on 32 bit Wi d d 32 dll 32-bit Windows.System Architecture & Programm e ming • Graphics Device Interface – Provides functionality for outputting graphical content to monitors.exe on 16-bit Windows. M • User Interface – Provides the functionality to create and manage screen windows and most basic controls.dll. together with the common controls (Common Control Library).

System Architecture & Programm e ming

• C Common Di l B Lib Dialog Box Library
– Provides applications the standard dialog boxes for opening and saving files, choosing color and font, etc. The library resides in a file called commdlg.dll on 16-bit Windows, andcomdlg32.dll on 32-bit Windows. It is grouped under the User Interface category of the API. Prof. Rah M. Sam HOD MBATech hul mant, M

• Common Control Library
– Gives applications access to some advanced controls pp provided by the operating system. These include things like status bars, progress bars, toolbars and tabs. The library resides in aDLL file , y called commctrl.dll on 16-bit Windows, and comctl32.dll on 32-bit Windows. It is grouped under the User Interface category of the API.
11/12/2010 Mukesh Patel School of Technology Management & Engineering 136

System Architecture & Programm e ming

• Wi d Windows Shell Sh ll
– Component of the Windows API allows applications to access the functionality provided by the operating system shell, as well as change and enhance it. The component resides inshell.dll on 16-bit Windows, and shell32.dll on 32-bit Windows. The Shell 32 bit Lightweight Utility Functions are in shlwapi.dll. It is grouped under the User Interface category of the API.

Prof. Rah M. Sam HOD MBATech hul mant, M

• Network Services
– Give access to the various networking capabilities of p g y p the operating system. Its sub-components include NetBIOS, Winsock, NetDDE, RPC and many others.
11/12/2010 Mukesh Patel School of Technology Management & Engineering 137

Syste Architecture & Programm em ming

From Petzold book
#include <windows.h> int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, PSTR szCmdLine, int iCmdShow) {
MessageBox (NULL TEXT ("Hello Windows 98!") TEXT ( HelloMsg ), (NULL, ( Hello, 98! ), ("HelloMsg")

Prof. Rah M. Sam HOD MBATech hul mant, M

; return 0 ; }
0)
11/12/2010 Mukesh Patel School of Technology Management & Engineering 138

System Architecture & Programm e ming

Prof. Rah M. Sam HOD MBATech hul mant, M

• #i l d <windows.h> WINDOWS H i a master i l d #include i d h WINDOWS.H is t include file that includes other Windows header files, some of which also include other header files. The most important and most basic of these header files are: • WINDEF.H Basic type definitions. • WINNT.H Type definitions for Unicode support. • WINBASE.H Kernel functions. • WINUSER H U WINUSER.H User i interface f f functions. i • WINGDI.H Graphics device interface functions. • Th These header files define all th Wi d h d fil d fi ll the Windows d t t data types, function calls, data structures, and constant identifiers. y p part They are an important p of Windows documentation
11/12/2010 Mukesh Patel School of Technology Management & Engineering 139

11/12/2010 Mukesh Patel School of Technology Management & Engineering 140 . which always appears like this: y pp • int WINAPI WinMain (HINSTANCE hInstance. LPSTR lpCmdLine. Rah M. M • J t as the entry point to a C program is the function Just th t i tt i th f ti main. int nShowCmd ). • It is declared in WINBASE. Sam HOD MBATech hul mant.H like so (line breaks and all): • int WINAPI WinMain( HINSTANCE hInstance.System Architecture & Programm e ming Prof. int iCmdShow) • This entry point is documented in /Platform SDK/User Interface Services/Windowing/Windows/Window Reference/Window Functions Functions. the entry point to a Windows program is WinMain. HINSTANCE hPrevInstance. HINSTANCE hPrevInstance. PSTR szCmdLine.

In this case. created multiple instances of that program. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 141 . you a e same program concurrently o e a once. • All instances of the same application shared code and read-only memory ( d l (usually resources such as menu and ll h d dialog box templates)." In Windows programming. when you ran the sa e p og a co cu e y more than o ce. In early versions of Windows. a handle is simply a number that an application uses to identify py pp y something.System Architecture & Programm e ming Prof. • It is required as an argument t some other Windows i i d t to th Wi d function calls. M • Th fi t parameter t Wi M i i something called an The first t to WinMain is thi ll d "instance handle. the handle uniquely identifies the program. Rah M. Sam HOD MBATech hul mant.

Rah M.System Architecture & Programm e ming Prof. M • A program could determine if other instances of itself were running by checking the hPrevInstance parameter. • In the 32-bit versions of Windows. Sam HOD MBATech hul mant. this concept has been abandoned. The second parameter to WinMain is always NULL (defined as 0). It could then skip certain chores and move some data from the previous instance into its own data area. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 142 .

11/12/2010 Mukesh Patel School of Technology Management & Engineering 143 . M • The third parameter to WinMain is the command line used to run the program. Sam HOD MBATech hul mant. • The fourth parameter to WinMain indicates how the program should be initially displayed—either normally or maximized to fill the window.System Architecture & Programm e ming Prof. Some Windows applications use this to load a file into memory when the program is started. Rah M. or minimized to be displayed in the task list bar.

p p ( ) 11/12/2010 Mukesh Patel School of Technology Management & Engineering 144 . Rah M. The previous solutions involving code pages and DBCS have proven insufficient and awkward. we have experience with problems of this sort If there are too many sort. What's the real solution? • As programmers. (Duh. things to be represented by 8-bit values. Sam HOD MBATech hul mant. perhaps 16-bit values. we try wider values.System Architecture & Programm e ming Prof.) . M • U i d to the Rescue Unicode t th R • The basic problem we have here is that the world's written l ld' itt languages simply cannot b i l t be represented by 256 8-bit codes.

including a bunch of math.536 characters. symbol. thus allowing the representation of 65. Sam HOD MBATech hul mant. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 145 . and dingbat collections. M • And that's the ridiculously simple concept behind Unicode. Rather than the confusion of multiple 256-character code mappings or double-byte character sets that have some 1-byte codes and some 2-byte codes. Rah M. This is sufficient for all the characters and ideographs in all the written languages of the world.System Architecture & Programm e ming Prof. Unicode is a uniform 16-bit system.

M • U d t di th diff Understanding the difference b t between U i d Unicode and DBCS is essential. contrast. and some bytes indicate that another byte is necessary to completely define a character character. Sam HOD MBATech hul mant. Eight-bit Eight bit values have no meaning in Unicode In Unicode. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 146 . Rah M. • . in a double-byte character set we're still dealing with 8bit values." Each character in Unicode is 16 bits wide rather than 8 bits wide. Unicode is said to use (particularly in the context of the C programming language) "wide characters. Some bytes define characters by themselves.System Architecture & Programm e ming Prof.

working with Unicode text is much like working with regular text text. Rah M.System Architecture & Programm e ming Prof. M • Wh Whereas working with DBCS strings is quite ki ith ti i it messy. • You'll probably be pleased to learn that the first 128 Unicode characters (16 bit codes 0x0000 (16-bit through 0x007F) are ASCII. y g 11/12/2010 Mukesh Patel School of Technology Management & Engineering 147 . • Various blocks of characters within Unicode are similarly based on existing standards. while the second 128 Unicode characters (codex 0x0080 through 0x00FF) are the ISO 8859-1 extensions to ASCII. Sam HOD MBATech hul mant.

and Korean (referred to collectively as CJK) occupy codes 0x3000 through 0x9FFF. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 148 . M • This is to ease conversion. Sam HOD MBATech hul mant. Japanese. The Greek alphabet uses codes 0x0370 through 0x03FF. and Hebrew uses codes 0x0590 through 0x05FF.System Architecture & Programm e ming Prof. • The ideographs of Chinese. Cyrillic uses codes 0x0400 through 0x04FF. Armenian uses codes 0x0530 through 0x058F. Rah M.

Sam HOD MBATech hul mant. The essential reference for Unicode is The Unicode Standard. 1996). There's simply no ambiguity.System Architecture & Programm e ming Prof. Unicode came about through the cooperation of virtually every important company in the personal computer industry and is code-for-code code for code identical with the ISO 10646-1 standard. M • Th best thing about U i d i th t th ' only The b t thi b t Unicode is that there's l one character set.0 (Addison-Wesley. Rah M. Version 2. an extraordinary book that reveals the richness and diversity of the world's written languages in a way that few other documents have. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 149 .

System Architecture & Programm e ming Prof. Rah M.) But perhaps the worst drawback is that Unicode remains relatively unused just yet. (File compression helps a lot to reduce the disk space differential. M • In addition. Unicode character strings occupy twice as much g y memory as ASCII strings. we have our work cut out for us. As programmers. Sam HOD MBATech hul mant. however. the book provides the rationale and details behind the development of Unicode. • Are there any drawbacks to Unicode? Sure. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 150 .

szCmdLine int iCmdShow) 11/12/2010 Mukesh Patel School of Technology Management & Engineering 151 . . Rah M. M • #include <windows. int WINAPI WinMain (HINSTANCE hInstance hInstance. HINSTANCE hPrevInstance. UINT.h> LRESULT ( .System Architecture & Programm e ming Prof. CALLBACK WndProc (HWND. PSTR szCmdLine. Sam HOD MBATech hul mant. LPARAM) . WPARAM.

Sam HOD MBATech hul mant.hCursor = LoadCursor (NULL. t ti A N [] ("H ll Wi ") HWND hwnd . Rah M. wndclass. wndclass hIcon = wndclass.hIcon LoadIcon (NULL. wndclass. wndclass.hInstance wndclass hInstance = hInstance . wndclass.cbWndExtra = 0 .lpfnWndProc = WndProc . wndclass. y wndclass.System Architecture & Programm e ming Prof. IDI_APPLICATION) . M • static TCHAR szAppName[] = TEXT ("HelloWin") . wndclass. IDC_ARROW) .hbrBackground = (HBRUSH) GetStockObject (WHITE_BRUSH) .lpszMenuName = NULL . 11/12/2010 Mukesh Patel School of Technology Management & Engineering 152 . MSG msg .cbClsExtra = 0 . wndclass. wndclass.style = CS_HREDRAW | CS_VREDRAW . WNDCLASS wndclass .lpszClassName wndclass lpszClassName = szAppName .

} 11/12/2010 Mukesh Patel School of Technology Management & Engineering 153 . Sam HOD MBATech hul mant. ("This program p g MessageBox (NULL. Rah M. TEXT ( requires Windows NT!").System Architecture & Programm e ming Prof. szAppName. MB_ICONERROR) MB ICONERROR) . return 0 . M • if (!RegisterClass (&wndclass)) { g ( .

// initial y position CW_USEDEFAULT. Sam HOD MBATech hul mant. // window style CW_USEDEFAULT. M • hwnd = CreateWindow (szAppName. // program instance handle NULL) . // window menu handle hInstance. // creation parameters 11/12/2010 Mukesh Patel School of Technology Management & Engineering 154 . Rah M.System Architecture & Programm e ming Prof. // window caption WS_OVERLAPPEDWINDOW. // parent window handle NULL. // initial y size NULL. // window class name TEXT ("The Hello Program"). // initial x position CW_USEDEFAULT. // initial x size CW_USEDEFAULT.

p (hwnd) .System Architecture & Programm e ming Prof. NULL. 0)) { TranslateMessage (&msg) . DispatchMessage (&msg) . } return msg. iCmdShow) . M • ShowWindow (hwnd. Rah M. while ) UpdateWindow ( (GetMessage (&msg. Sam HOD MBATech hul mant. } 11/12/2010 Mukesh Patel School of Technology Management & Engineering 155 .wParam msg wParam . 0.

LPARAM lParam) { HDC hdc . Sam HOD MBATech hul mant. PAINTSTRUCT ps . WPARAM wParam. M • LRESULT CALLBACK WndProc (HWND . g . RECT rect . . Rah M. UINT message. hwnd.System Architecture & Programm e ming Prof. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 156 .

11/12/2010 Mukesh Patel School of Technology Management & Engineering 157 . ). GetClientRect (hwnd. NULL. &rect) . &ps) . DT_SINGLELINE | DT_CENTER | DT_VCENTER) . case WM PAINT: hdc = BeginPaint WM_PAINT: (hwnd. . 98!"). return 0 . PlaySound ( SND_FILENAME | SND_ASYNC) . Sam HOD MBATech hul mant. -1.wav"). M • switch (message) { case WM_CREATE: y (TEXT ( ("hellowin.System Architecture & Programm e ming Prof. DrawText (hdc TEXT ("Hello Windows (hdc. ("Hello. Rah M. &rect.

return 0 . } return DefWindowProc (hwnd. message wParam lParam) . return 0 . M • EndPaint (hwnd.System Architecture & Programm e ming Prof. &ps) . wParam. message. case g (0) WM_DESTROY: PostQuitMessage ( ) . Sam HOD MBATech hul mant. } 11/12/2010 Mukesh Patel School of Technology Management & Engineering 158 . Rah M.

System Architecture & Programm e ming Prof. M • HELLOWIN makes calls t no f k ll to fewer th 18 Windows than Wi d functions. Rah M. In the order they occur. • MessageBox Displays a message box box. these functions (with a brief description) are: p ) • LoadIcon Loads an icon for use by a program. in this case a brush used for painting the window's background. y p g • GetStockObject Obtains a graphic object. • LoadCursor Loads a mouse cursor for use by a program. Sam HOD MBATech hul mant. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 159 . • R i RegisterClass R i Cl Registers a window class f the i d l for h program's window.

• Sh Wi d ShowWindow Sh Shows the window on the screen. Sam HOD MBATech hul mant. • DispatchMessage Sends a message to a window procedure. • GetMessage Obtains a message from the message queue. th i d th • UpdateWindow Directs the window to paint itself. M • C t Wi d CreateWindow C t a window b Creates i d based on a d window class.System Architecture & Programm e ming Prof. • TranslateMessage Translates some keyboard messages. Rah M. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 160 .

• GetClientRect Obtains the dimensions of the window's window s client area. Sam HOD MBATech hul mant. Rah M.H. and they are declared in various header files. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 161 . • DrawText Displays a text string.System Architecture & Programm e ming Prof. mostly in WINUSER. M • PlaySound Plays a sound file file. • Th These functions are described i th Pl tf f ti d ib d in the Platform SDK documentation. EndPaint Ends i d i ti • PostQuitMessage Inserts a "quit" message into the message queue essage queue. • E dP i t E d window painting. • BeginPaint Initiates the beginning of window painting. • DefWindowProc Performs default processing of messages.

For example. Sam HOD MBATech hul mant. specifically to the window procedure we have called WndProc. C programmers use the fopen function to open a file The fopen file. Rah M. • But Windows is different. problem. makes calls to your program. Although Windows has a couple thousand function calls Windows also calls. M . p 11/12/2010 Mukesh Patel School of Technology Management & Engineering 162 Syste Architecture & Programm em ming Prof. I'll Call You Don't C ll M C ll Y • Programmers are well acquainted with the idea of calling on th operating system t d f lli the ti t to do something.The Windows Programming Hurdles • D 't Call Me. function is implemented with a call to the operating system to open a file No problem file.

• A window that is created based on this window class uses this window procedure o processing all essages the for p ocess g a messages to t e window. M • Th window procedure i associated with The i d d is i t d ith a window class that the program registers by calling RegisterClass.System Architecture & Programm e ming Prof. Rah M. Sam HOD MBATech hul mant. • Windows sends a message to the window by calling the window procedure. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 163 .

Sam HOD MBATech hul mant. Windows calls WndProc when a user clicks on the window with the mouse. • 11/12/2010 Mukesh Patel School of Technology Management & Engineering 164 . Windows calls WndProc when the window is eventually destroyed.System Architecture & Programm e ming Prof. M • Windows calls WndProc when a window is first created. Rah M. • Windows calls WndProc when the window has been resized or moved or minimized.

Sam HOD MBATech hul mant.System Architecture & Programm e ming Prof. M • Windows calls WndProc when characters yp y are typed from the keyboard. Rah M. Windows calls WndProc when an item has been selected from a menu menu. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 165 . Windows calls WndProc to tell it when it must repaint its client area. • Windows calls WndProc when a scroll bar is manipulated or clicked with the mouse.

Sam HOD MBATech hul mant.System Architecture & Programm e ming Prof. . In most Windows p g the bulk of the program is dedicated to handling these messages.H header file. The messages messages that Windows can send to a program are generally identified with names that begin with the letters WM and are defined in the WINUSER. M • All these calls to WndProc are in the form g programs. Rah M. of messages. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 166 .

Rah M.System Architecture & Programm e ming Prof. Old system programs written for MS-DOS often trapped hardware interrupts. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 167 . M • Actually. C can trap a Ctrl-C break or other interrupts from the operating system. Sam HOD MBATech hul mant. the idea of a routine within a p g program that is called from outside the program is not unheard of in charactermode programming The signal function in programming.

Everything that happens to a window is relayed to the window procedure in the form of a message. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 168 . Sam HOD MBATech hul mant.System Architecture & Programm e ming Prof. Rah M. • The window p ocedu e t e responds to e do procedure then espo ds this message in some way or passes the message to DefWindowProc for default processing. M • B t i Wi d But in Windows thi concept i extended this t is t d d to cover everything.

Sam HOD MBATech hul mant. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 169 . The meaning of the p is message-dependent. DefWindowProc • These parameters give the window procedure additional information about the f g g parameters message. M • The wParam and lParam parameters to p the window procedure are not used in HELLOWIN except as parameters to DefWindowProc. Rah M.System Architecture & Programm e ming Prof.

Rah M. M • Let's look at an example. Windows calls that window's window procedure. client area of a window changes in size. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 170 . procedure • The hwnd parameter to the window procedure is the handle of the window f g g changing in size. Whenever the g .System Architecture & Programm e ming Prof. Sam HOD MBATech hul mant.

Sam HOD MBATech hul mant.System Architecture & Programm e ming Prof. Rah M. M • (Remember that one window procedure g g p could be handling messages for multiple windows that were created based on the same window class The hwnd parameter class.) 11/12/2010 Mukesh Patel School of Technology Management & Engineering 171 . lets the window procedure know which window is receiving the message ) message.

or SIZE_MAXHIDE (defined in the WINUSER. The wParam parameter for a WM_SIZE message is the value SIZE_RESTORED. SIZE_MAXIMIZED. SIZE_MAXSHOW. Sam HOD MBATech hul mant. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 172 . SIZE_MINIMIZED. being minimized. Rah M.H header file as the numbers 0 through 4).System Architecture & Programm e ming Prof. the wParam parameter indicates whether the window is being changed to a nonminimized or nonmaximized size. or being hidden. That is. M • The message parameter is WM_SIZE. being maximized.

Rah M. We'll do this in the next chapter. The new width (a 16bit value) and the new height (a 16-bit value) are stuck together in the 32-bit 32 bit lParam. M • The lParam parameter contains the new ( size of the window. The WINDEF.H header file defines some handy macros that help you extract these two values from lParam.System Architecture & Programm e ming Prof. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 173 . Sam HOD MBATech hul mant.

or suppose you select Close from the system menu using either the keyboard or the mouse. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 174 . it sends a WM_SYSCOMMAND message to the window procedure. M • S Sometimes messages generate other messages ti t th as a result of DefWindowProc processing. When it detects that you have selected the Close option. For example. Rah M. example suppose you run HELLOWIN and you eventually click the Close button.System Architecture & Programm e ming Prof. DefWindowProc processes this keyboard or p y mouse input. Sam HOD MBATech hul mant.

This message causes the message loop in WinMain to terminate and the program to end.System Architecture & Programm e ming Prof. WndProc again g passes this message to DefWindowProc. Sam HOD MBATech hul mant. M • W dP WndProc passes thi message t D fWi d P this to DefWindowProc. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 175 . DefWindowProc responds by sending a WM_CLOSE message to the window p g procedure. DefWindowProc responds to the WM_CLOSE message by calling DestroyWindow DestroyWindow causes DestroyWindow. Rah M. Windows to send a WM_DESTROY message to the window procedure. WndProc finally responds to this message by calling PostQuitMessage to put a WM_QUIT message in the message queue.

both. But a Windows program also has a message loop that retrieves messages from a message queue by calling G tM lli GetMessage and di d dispatches th t h these messages t to the window procedure by calling DispatchMessage. like a character-mode program polling for keyboard input) and then route these messages to some location? Or d O does it receive messages di tl f i directly from outside th t id the program? Well. • So does a Windows program poll for messages (much So. M • Q Queued and Nonqueued Messages d dN dM • I've talked about Windows sending messages to a window. window which means that Windows calls the window procedure. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 176 . Sam HOD MBATech hul mant.System Architecture & Programm e ming Prof. Rah M.

System Architecture & Programm e ming Prof. M • M Messages can b either " be ith "queued" or " d" "nonqueued. In the p g y program's message loop. Sam HOD MBATech hul mant. In any case. window procedure is "message central" for the window. the messages are retrieved and dispatched to the window procedure. It is said that queued messages are "posted" to a message queue and that nonqueued messages are "sent" to the window procedure. Rah M." Th d " The queued messages are those that are placed in a p g program's message q g queue by Windows. the window procedure gets all the messages— both queued and nonqueued for the window The nonqueued—for window. The nonqueued messages are the results of calls by Windows directly to the window procedure. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 177 .

mouse movement (WM_MOUSEMOVE).System Architecture & Programm e ming Prof. and the quit message (WM_QUIT). Rah M. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 178 . the repaint message (WM_PAINT). Sam HOD MBATech hul mant. characters that result from keystrokes (WM_CHAR). and mouse-button clicks (WM_LBUTTONDOWN). M • The queued messages are primarily those that result from user input in the form of keystrokes (such as the WM_KEYDOWN and WM_KEYUP messages). Queued messages also include the timer message (WM_TIMER).

System Architecture & Programm e ming Prof. Sam HOD MBATech hul mant. M • Th nonqueued messages are everything else. WM_CREATE message • When WinMain calls ShowWindow. Windows creates the window and in the process sends the window procedure a WM CREATE message. Rah M. Windows sends the window procedure a WM_PAINT message. When WinMain calls UpdateWindow. • 11/12/2010 Mukesh Patel School of Technology Management & Engineering 179 . Windows sends the window procedure WM SIZE and WM_SIZE WM_SHOWWINDOW messages. when WinMain calls CreateWindow. The d thi l Nonqueued messages often result from calling certain Windows functions. For example.

when you select a menu p . y item with the keyboard or mouse. M • Q Queued messages signaling k b d or d i li keyboard mouse input can also result in nonqueued messages. Rah M.System Architecture & Programm e ming Prof. the eyboa d or ouse essage s keyboard o mouse message is queued but the eventual WM_COMMAND message indicating that a menu item has been selected is nonqueued. Sam HOD MBATech hul mant. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 180 . • For example.

11/12/2010 Mukesh Patel School of Technology Management & Engineering 181 . Sam HOD MBATech hul mant. program's From the perspective of the window procedure.System Architecture & Programm e ming Prof. M • This process is obviously complex. Rah M. but y p y fortunately most of the complexity is Windows' problem rather than our program s. these messages come through in an orderly and synchronized manner. The window procedure can do something with these messages or ignore them.

Sam HOD MBATech hul mant.System Architecture & Programm e ming Prof. In other words. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 182 . Rah M. the message loop and the window procedure do not run concurrently. g g • Although Windows programs can have multiple threads of execution. each thread's message queue handles messages for only the windows whose window procedures are executed in that thread. the program will not be suddenly interrupted by another message. M • While processing one message in a window procedure.

System Architecture & Programm e ming Prof. Sam HOD MBATech hul mant. DispatchMessage does not return until the window procedure has returned control back to Windows. M • When a message loop retrieves a g g queue and message from its message q calls DispatchMessage to send the message off to the window procedure procedure. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 183 . Rah M.

in which case the window procedure must finish processing the second message before the function call returns. Rah M. M • H However. at which time the window procedure proceeds with the g g original message. • 11/12/2010 Mukesh Patel School of Technology Management & Engineering 184 . th window procedure could call the i d d ld ll a function that sends the window procedure another message.System Architecture & Programm e ming Prof. Sam HOD MBATech hul mant.

when a window procedure p . calls UpdateWindow. Sam HOD MBATech hul mant. Rah M. M • For example.System Architecture & Programm e ming Prof. message • When the window procedure finishes processing the WM_PAINT message. the p UpdateWindow call will return controls back to the window procedure. Windows calls the window procedure with a WM_PAINT message. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 185 .

Rah M. this doesn't cause problems. Sam HOD MBATech hul mant. that Technology Management & Engineering 11/12/2010 Mukesh Patel 186 . suppose h ld be f it.System Architecture & Programm e ming Prof. t t • In most cases. assured that the variable is still the same? Not necessarily not necessarily—not if the particular Windows function you call generated another message and the window procedure changes the variable p g while processing School ofsecond message. For l you set a static variable in the window procedure while processing a message and then you call a Windows function. M • This means that window procedures must be reentrant. • Upon return from that function can you be function. but you should b aware of it F example.

System Architecture & Programm e ming Prof. programs 11/12/2010 Mukesh Patel School of Technology Management & Engineering 187 . Sam HOD MBATech hul mant. M • This is one of the reasons why certain p p forms of compiler optimization must be turned off when compiling Windows programs. Rah M.

11/12/2010 Mukesh Patel School of Technology Management & Engineering 188 .System Architecture & Programm e ming Prof. or saved in global variables. the window procedure must retain information it obtains in one message and use it while processing another message. Rah M. you'll get a much better feel for all of this in later chapters as the window procedures are expanded to process more messages. Sam HOD MBATech hul mant. This information must be saved in variables defined as static in the window procedure. • Of course. M • In many cases.

Rah M. • This is a good thing. and it is one advantage of the current versions of Windows over the older 16-bit versions. pp your p g program spends a minute or p two processing a particular message. • For example. the user can switch to another program. M . • However. But the user cannot do anything with your program program. Windows can allow the user to switch control to another program. suppose y p . this preemptive multitasking does not always work the way you might like. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 189 Prof. Sam HOD MBATech hul mant. Yes. Thi means that as one l i ki i This h program is doing a lengthy job. because of the way that Windows is structured.Syste Architecture & Programm em ming Get In and Out Fast • Windows 98 and Windows NT are preemptive multitasking environments.

Rah M. Sam HOD MBATech hul mant. performs its own moving and sizing operations.System Architecture & Programm e ming Prof. The t ' i d resize it. • That's part of the job of DefWindowProc. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 190 . nothing. close it. • Oh it may not seem like the window procedure Oh. That's because your window procedure is busy doing a lengthy job. M • Th user cannot move your program's window. but it does does. minimize it. which must be considered as part of your window procedure.

there are ways to do so politely . 11/12/2010 Mukesh Patel School of Technology Management & Engineering 191 . g • Even with preemptive multitasking. • It annoys users.System Architecture & Programm e ming Prof. Rah M. Give the user a break. M • If your program needs to perform lengthy jobs while processing particular messages. Sam HOD MBATech hul mant. it's not a good idea to leave your window sitting inert on the screen. It annoys users just as much as bugs. and return quickly from all messages. nonstandard behavior. and incomplete help files.

Sam HOD MBATech hul mant. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 192 .System Architecture & Programming e m Network File System (NFS) Prof. Rah M.

I t Inc. Sam HOD MBATech hul mant. Rah M. known as NFS. defined a remote d fi d t file access mechanism that has become widely accepted throughout the computer industry. • The mechanism allows a computer to run a se e t at makes so e o a o its files server that a es some or all of ts es available for remote access. and allow applications on other computers to access those files. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 193 Prof. M .Syste Architecture & Programm em ming Introduction • S Mi Sun Microsystems.

instead. • Unlike a file transfer. the program’s operating system invokes client software that contacts a file server on the remote machine and performs the requested operations on the file. the application’s system does not retrieve or store an entire file at once. it requests transfer of one small block of data at a time. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming Remote File Access Vs Transfer • When an application accesses a file that resides on a remote machine. Rah M. M . 11/12/2010 Mukesh Patel School of Technology Management & Engineering 194 Prof.

authenticates requests. • Th files access software must accommodate The fil ft t d t differences and writing files. and translate information among the presentations used on various computers. Rah M.File Access Among Heterogeneous Computers Prof. Sam HOD MBATech hul mant. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 195 Syste Architecture & Programm em ming . honor in the semantics interpretation of file operations operations. it must handle differences in the way the client and server systems name fil li t d t files. • Because a remote file access service connects two machines. directories. a file access service must provide ways to create and destroy files peruse files. d denote paths t th through directories. M • In addition to the basic mechanisms for reading file g protections. and store information about files.

Syste Architecture & Programm em ming Stateless Servers • Th NFS d i stores state information at the client The design t t t i f ti t th li t site. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 196 . • A client will be able to continue file access after a stateless server crashes and reboots. a stateless design can scale to g handle more clients than a stateful design. Sam HOD MBATech hul mant. disruption in service will stateless not affect client operation. allowing servers to remain stateless. • Because a stateless server does not need to allocate resources for each client. • Because the server is stateless. Rah M. Prof. can remain unaware of the server reboot reboot. which runs on the client system. the application program.

Sam HOD MBATech hul mant. • It honors the same open-read-write-close paradigm as UNIX and offers most of the same UNIX. system. M . • Understanding the UNIX file system is essential to understanding NFS because NFS uses the g UNIX file systems terminologies and semantics. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 197 Prof. It considers the file hierarchy to be composed of directories and files. Rah M. services.Syste Architecture & Programm em ming NFS and UNIX File Semantics • Th NFS designers adopted UNIX file system The d i d t d fil t semantics when defining the meaning of individual operations. • Like UNIX NFS assumes a hierarchical naming UNIX.

Sam HOD MBATech hul mant. M . /* character-oriented device */ NFLNK = 5 /* symbolic link */ / / }.Syste Architecture & Programm em ming NFS File Types • enum ft ftype { NFNON = 0. Rah M. p gy • NFS has adopted UNIX’s terminology that divides I/O devices into block-oriented (a disk device) and character-oriented (a terminal device) devices. / / NFCHR = 4. /* directory */ NFBLK = 3 /* block-oriented device */ 3. /*specified name is not a file */ NFREG = 1 /* regular file */ 1. NFDIR = 2. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 198 Prof.

. it does not permit remote device access (e.Syste Architecture & Programm em ming NFS File Modes • NFS assumes th t fil or di t that file directory h a has mode that specifies its type and access protection. • Although NFS defines file types for devices. Sam HOD MBATech hul mant. M .g. Rah M. • The definitions and meaning of bits in the g NFS mode integer is very similar to that of U UNIX. a client may not read or write a remote device) 11/12/2010 Mukesh Patel School of Technology Management & Engineering 199 Prof.

M . the system uses the computer’s standard file system software to access the p y file. • An NFS client runs on an arbitrary machine and access the files on machines that run NFS servers. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 200 Prof. Sam HOD MBATech hul mant. • When an application p g pp program calls open to obtain p access to a file. Rah M. the system uses NFS client software to access the remote file. the OS uses the syntax of the path name to choose between local and remote file access procedures. procedures • If the path refers to a local file.Syste Architecture & Programm em ming NFS Client and Server • A NFS fil server runs on a machine ( hi h h l An file hi (which has large disks) that has a local file system. If the path refers to a remote file.

• The chief advantage of using the mount mechanism is consistency: all file names have the same form. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 201 . Sam HOD MBATech hul mant. y • An application program cannot tell whether a file is local or remote from the name syntax alone alone.Syste Architecture & Programm em ming NFS Client and UNIX Prof. • UNIX implementation of NFS client code use an extended version of the mount mechanism to integrate remote file systems into the naming hierarchy along with local file systems. Rah M. unified naming hi ifi d i hierarchy f h from i di id l fil systems individual file t on multiple disks. the mount mechanism construct a single. M • In UNIX.

else. • Whenever an application performs an operation on a file descriptor. it receive an integer descriptor for the file exactly as it would for a local file. Rah M. M • When an application opens a remote file.Prof. the system checks to see whether the descriptor refers to a local or a remote file. the OS calls NFS usual else client translates the operation into an equivalent NFS operation and places a RPC 11/12/2010 Mukesh Patel School 202 call to the server. If local. Sam HOD MBATech hul mant. of Technology Management & Engineering Syste Architecture & Programm em ming . • Internal information associated with the descriptor specifies that the file is a remote file accessible through NFS. the OS handles the operation as usual.

M . e. Rah M. • F example. while NFS server code on UNIX ( h t ) hil d (uses slash (/) l h as a separator character). l k up path name / /b/ on a server. • A client traces a path through the server’s hierarchy by server s sending the server one component at a time and receiving information about the file or directory it names. NFS client code on Windows 95 (uses blackslash (\) as a separator character). then look up name b i th t di t in that directory a. th l k up name c i b then look in b. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 203 Prof.g. then look up name a in that directory. • To keep applications on client machines independent of p pp p file locations and server computer systems.Syste Architecture & Programm em ming NFS Client Operation • The path name syntax used by the remote file system may differ from that of the client machine. NFS requires that only clients interpret full path names. Sam HOD MBATech hul mant. it For l look th /a/b/c begins by obtaining information about the server’s root directory.

• Having the server provide handles for directories as well as files permits a client to trace a path through the 11/12/2010 Mukesh Patel 204 server’s hierarchy. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming File Handle Prof. the client must obtain a handle that it can use to reference the file file. NFS requires that the client perform all path name interpretation. M • In order to isolate clients from the server’s path name syntax and to allow heterogeneous machines to access hierarchical files. a client can not use a full p name to specify a file when requesting an operation on that file. • Instead. q . Rah M. School of Technology Management & Engineering . path • As a consequence.

the th t t ti • It looks up each component in a directory and finds the next directory to search ne t director search. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 205 Prof. M . they use the file system mount facility to y y y integrate remote directories into UNIX’s hierarchical directory system. Rah M. and then mounts an NFS remote file system on it. • The manager creates an empty directory in the existing system. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming An NFS Client in UNIX • When managers install NFS client code in UNIX. Whenever an application program calls open. the system parses th path name one component at a time.

• The NFS client finishes opening the file by g y continuing to parse and look up components of the path. • Because the remaining directories in the path reside on a remote machine.Prof. Sam HOD MBATech hul mant. M • If the path specified in a call to open includes an NFS mounted directory. Rah M. the NFS client id t hi th li t code look up each component by contacting the appropriate NFS server and obtain handle for t e e ote e o subsequent ead a d the remote file for subseque t read and write te 11/12/2010 206 operations. the system will NFS-mounted directory eventually encounter the remote mount point and pass control to the NFS client code code. Mukesh Patel School of Technology Management & Engineering Syste Architecture & Programm em ming .

Rah M. ith the t 11/12/2010 Mukesh Patel School of Technology Management & Engineering 207 System Architecture & Programm e ming . • Any subsequent access operation extracts the file position from the table and sends it to the server along with th access request. the client stores all file position information and each request sent to the server must specify the file position to use.File Positioning with A Stateless Server Prof. NFS uses the local file table to store the position for a remote file just as UNIX uses it to store position in a local file. M • Because NFS uses a stateless server design. • If the client calls lseek. • In UNIX implementation. Sam HOD MBATech hul mant. the system records the new file position in the table without sending a message to the server.

Syste Architecture & Programm em ming Reading a Directory Statelessly Prof. Sam HOD MBATech hul mant. the server cannot keep a record of each client’s position in y the directory. • To overcome this limitation. Rah M. NFS server returns a position identifier when it answers a request 11/12/2010 208 for an entryMukesh Patela directory. requests • Because NFS servers are stateless. reading the contents of a directory may require multiple requests. M • Because directories can be arbitrarily large and communication networks impose a fixed limit on g g . from School of Technology Management & Engineering . g the size of a single message.

e. i. it steps through the directory by making repeated that each specify the position identifier returned in the previous request. Sam HOD MBATech hul mant. M • The client use the position identifier in the next request to specify which entries it has already received and which it still needs. 209 been supplied by School of Technology Management & Engineering Syste Architecture & Programming em m . implying that the client does not interpret the identifier. • Only a server can create a magic cookie and a c e t can only client ca o y use a magic coo e t at has ag c cookie that as 11/12/2010 Mukesh Patel a server.Prof. Rah M. • NFS calls its directory position identifier a magic cookie. nor can it fabricate an identifier identifier itself.

M • Th client uses th root handle obtained f The li t the t h dl bt i d from th the mount protocol when making NFS calls. – It returns a file handle for the root directory of the hierarchy a client specifies. h – It authenticates each client’s request and validates the client s client’s permission to access the requested hierarchy. access through NFS. Prof. Rah M. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 210 .e.Syste Architecture & Programm em ming The Mount Protocol • The mount protocol p p provides four basic services that clients need before they can use NFS: – It allows the client to obtain a list of the directory hierarchies (i e the file systems) that the client can (i. Sam HOD MBATech hul mant. – It accepts full path names That allow the client to identify a particular di t ti l directory hi hierarchy.

Syste Architecture & Programm em ming Summary Prof. • NFS adopted the open read write close open-read-write-close paradigm used in UNIX. • To accommodate heterogeneity. t d file t ti d 11/12/2010 Mukesh Patel School of Technology Management & Engineering 211 . M • To allow many clients to access a server and to y keep the servers isolated from client crashes. Sam HOD MBATech hul mant. along with basic file types and fil protection modes. NFS requires the li t to th client t parse path names and l k up th d look each component individually and the server returns a 32-bytes handle. NFS uses stateless servers servers. Rah M.

Rah M.System Architecture & Programm e ming Prof. Sam HOD MBATech hul mant. M File system Unix commands 11/12/2010 Mukesh Patel School of Technology Management & Engineering 212 .

hierarchy. The mount command serves to attach the file system found on some device to the big file tree. and as long as this file system remains mounted. is – mount -t type device dir • Prof. These files can be spread out over several devices. and just – mount [ l] [-t t t [-l] [ t type] ] lists all mounted file systems (of type type). i t help – mount -V prints a version string.Three forms of invocation do not actually mount anything: – mount -h • • • prints a h l message. The previous contents (if any) and owner and mode of dir become invisible. The standard form of the mount command. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 213 . Sam HOD MBATech hul mant. ext3 and XFS) labels in this listing. Rah M. M This tells the kernel to attach the file system found on device (which is of type type) at the directory dir. rooted at /. the p g y pathname dir refers to the root of the file system on device. The option -l adds the (ext2.Syste Architecture & Programm em ming mount • All files accessible in a Unix system are arranged in one big tree the file hierarchy tree.

Print help message and exit. when there are open files on it.) Indicate that the actions should only be taken on file systems of the specified type. Indicate th t the ti I di t that th actions should only be taken on file systems with the specified options i / t /f t b M h ld l b t k fil t ith th ifi d ti in /etc/fstab. also free this loop device. Rah M. Detach the filesystem from the filesystem hierarchy now.4. Each option can be prefixed with no to specify options for which no action should be taken. The list of file system types can be prefixed with no to specify the file system types on which no action should be taken.) -h – -v – -n – Prof.116 or later.7 and later: the proc filesystem is not unmounted. try to remount read-only.) Lazy unmount. M • • • • • • • -r – -d – -a – – – -t vfstype -O options -f – -l – 11/12/2010 Mukesh Patel School of Technology Management & Engineering 214 . More than one type may be specified in a comma separated list. or when a swap file on it is in use. (With umount version 2. where it has been mounted. In case unmounting fails. mainly because it will fail in case this device was mounted on more than one directory. and libc in its turn may open for example locale files. Unmount without writing in /etc/mtab. The offending process could even be umount itself . or when some process has its working directory there. Sam HOD MBATech hul mant. More th one option type may be specified than ti t b ifi d in a comma separated list.Syste Architecture & Programm em ming umount • • • • • • The umount command detaches the file system(s) mentioned from the file hierarchy A file system is specified by giving the directory hierarchy. Options for the umount command: -V V – Print version and exit.11 later. In case the unmounted device was a loop device. Force unmount (in case of an unreachable NFS system). (Requires kernel 2. Giving the special device on which the file system lives may also work.it opens libc. and cleanup all references to the filesystem as soon as it is not busy anymore. but is obsolete. A lazy unmount avoids this problem. anymore (Requires kernel 2 4 11 or later ) 2. Verbose mode. All of the file systems described in /etc/mtab are unmounted.1.Note that a file system cannot be unmounted when it is `busy' .for example.

Rah M. M Networking commands in Windows 11/12/2010 Mukesh Patel School of Technology Management & Engineering 215 . Sam HOD MBATech hul mant.System Architecture & Programm e ming TCP/IP Administration Prof.

Rah M. Press CTRL+C to stop redisplaying statistics. UDP. UDP and IP. -e Displays Ethernet statistics. This may be combined with the -s option. netstat will print the current configuration information once. pausing interval seconds between each display. IP.exe • • • • • NETSTAT. -r Displays the routing table. NETSTAT [ a] [-e] [-n] [ s] [-p proto] [ r] [interval] [-a] [ e] [ n] [-s] [ p [-r] -a Displays all connections and listening ports. the -p option may be used to specify a subset of the default. If used with the -s option to display per-protocol statistics. M • • • • 11/12/2010 .exe NETSTAT exe TCP/IP Network Statistics Displays protocol statistics and current TCP/IP network connections. statistics are shown for p p y p y TCP.Syste Architecture & Programm em ming NETSTAT. Mukesh Patel School of Technology Management & Engineering 216 Prof. statistics proto may be TCP UDP or IP TCP. -s Displays per-protocol statistics. -n Displays addresses and port numbers in numerical form. interval Redisplays selected statistics. By default. If omitted. Sam HOD MBATech hul mant. -p proto Shows connections for the protocol specified by proto. proto may be TCP or UDP.

-r count Record route for count hops. w Timeout in milliseconds to wait for each reply. M . -i TTL Time To Live. Rah M. -j host-list Loose source route along host-list. -v TOS Type Of Service. -f Set send. -n count Number of echo requests to send -l size Send buffer size. Sam HOD MBATech hul mant. -s count Timestamp for count hops.exe Usage: ping [-t] [-a] [ count] [ l size] [-f] [-i U i [ t] [ ] [-n t] [-l i ] [ f] [ i TTL] [-v TOS] [-r count] [-s count] [[-j host-list] | [-k host-list]] [-w timeout] destination-list Options: -t ]] [ ] p Ping the specifed host until interrupted. 11/12/2010 Mukesh Patel School of Technology Management & Engineering 217 Prof. l size f "Don't Fragment" flag in packet. -a Resolve addresses to hostnames.Syste Architecture & Programm em ming PING • PING PING. -k hostlist Strict source route along host-list -w timeout host list.

Syste Architecture & Programm em ming

TRACERT.exe TRACERT exe
• TRACERT.exe Trace Route Usage: [ ][ p ][j tracert [-d] [-h maximum_hops] [-j hostlist] [-w timeout] target_name Options: d Do not resolve addresses to hostnames. -h maximum_hops Maximum number of hops to search for target. -j host-list Loose source route along host-list. -w timeout Wait timeout py milliseconds for each reply.
11/12/2010 Mukesh Patel School of Technology Management & Engineering 218

Prof. Rah M. Sam HOD MBATech hul mant, M

Syste Architecture & Programm em ming

NBTSTAT.exe NBTSTAT exe
• NBTSTAT.exe NBTSTAT exe Net Bios Stats Displays protocol statistics and current TCP/IP connections using NBT (NetBIOS over TCP/IP). NBTSTAT [-a RemoteName] [-A IP address] [-c] [-n] [-r] [-R] [-s] [ ] [interval] -a (adapter status) Lists the remote machine's [S] [ ] ( p ) name table given its name. -A (Adapter status) Lists the remote machine's name table given its IP address. -c (cache) Lists the remote name cache including the IP addresses. -n (names) Lists local NetBIOS names. -r (resolved) Lists names resolved names r by broadcast and via WINS -R (Reload) Purges and reloads the remote cache name table -S (Sessions) Lists sessions table ( ) with the destination IP addresses. -s (sessions) Lists sessions table converting destination IP addresses to host names via the hosts file. RemoteName Remote host machine name. IP address Dotted decimal representation of the IP address. interval Redisplays selected statistics pausing interval statistics, seconds between each display. Press Ctrl+C to stop redisplaying statistics.
Mukesh Patel School of Technology Management & Engineering 219

Prof. Rah M. Sam HOD MBATech hul mant, M

11/12/2010

Syste Architecture & Programm em ming

ROUTE.exe ROUTE exe
• ROUTE.exe ROUTE exe Manipulates network routing tables. ROUTE [-f] tables [ f] [command [destination] [MASK netmask] [gateway]] -f Clears the routing tables of all gateway entries. If this is used in j , conjunction with one of the commands, the tables are cleared prior to running the command. command Specifies one of four commands PRINT Prints a route ADD Adds a route DELETE Deletes a route CHANGE Modifies an existing route destination Specifies the host to send command MASK If the MASK command. keyword is present, the next parameter is interpreted as the netmask parameter. netmask If provided, specifies a sub-net y mask value to be associated with this route entry. If not specified, if defaults to 255.255.255.255. gateway Specifies gateway. All symbolic names used for destination or gateway are looked up in the network and host name database files NETWORKS and HOSTS, respectively. If the command is print HOSTS respectively or delete, wildcards may be used for the destination and gateway, or the gateway argument may be omitted.
Mukesh Patel School of Technology Management & Engineering 220

Prof. Rah M. Sam HOD MBATech hul mant, M

11/12/2010

Syste Architecture & Programm em ming

ARP.exe ARP exe
• ARP.exe ARP exe Address Resolution Protocol ARP -s inet addr s inet_addr eth_addr [if_addr] ARP -d inet_addr [if_addr] ARP -a [inet_addr] [-N if_addr] -a Displays current ARP entries by interrogating the p p , current protocol data. If inet_addr is specified, the IP and Physical addresses for only the specified computer are displayed. If more than one network interface uses ARP, entries for each ARP table are displayed. -g (Same as -a) inet_addr Specifies an internet address -N if addr Displays the ARP address. N if_addr entries for the network interface specified by if_addr. -d Deletes the host specified by inet_addr. -s Adds the host and y associates the Internet address inet_addr with the Physical address eth_addr. The Physical address is given as 6 hexadecimal bytes separated by hyphens. The entry is permanent. eth_addr Specifies a physical address. if_addr If present, present this specifies the Internet address of the interface whose address translation table should be modified. If not present, the first applicable interface will be used.
Mukesh Patel School of Technology Management & Engineering 221

Prof. Rah M. Sam HOD MBATech hul mant, M

11/12/2010

System Architecture & Programm e ming TCP/IP Administration Prof. M Networking commands in Unix 11/12/2010 Mukesh Patel School of Technology Management & Engineering 222 . Sam HOD MBATech hul mant. Rah M.

edu is alive 11/12/2010 Mukesh Patel School of Technology Management & Engineering 223 .baylor. Sam HOD MBATech hul mant.baylor.Syste Architecture & Programm em ming ping • ping <remote machine> Sends an IP q echo request to the <remote machine> Prof. M • % ping burro. Rah M.edu burro baylor edu burro.

edu name server Address: 129. Under UNIX.edu Server: ccis03. the default name server for a machine can be found in the /etc/resolv. Optionally.baylor.4 queried name server 11/12/2010 Prof.Syste Architecture & Programm em ming nslookup • nslookup <machine name> Q l k hi Query name server to map t names (e. y can ( ) p y. obvious places such as the networking control panel. • % nslookup burro. you specify the name server you want to use.g. Sam HOD MBATech hul mant.baylor. burro.conf file.62.16.edu) to IP address and IP addresses to names (the reverse). M <= Name of queried <= IP address of 224 Mukesh Patel School of Technology Management & Engineering .baylor. Under other OSs it is in more /etc/resolv conf file OSs. Rah M.

M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 225 .1 Bcast:127.255.255. Rah M.149.62.62.255 Mask:255.255 Mask:255.74 Bcast:129.0.149. Sam HOD MBATech hul mant.0.0.254.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:18935311 errors:12566 dropped:12566 overruns:0 frame:12566 TX packets:10342456 errors:30 dropped:0 overruns:0 carrier:249 coll:30864 Interrupt:10 Base address:0x300 • Prof.0.Syste Architecture & Programm em ming ifconfig • ifconfig Configure and display interface configuration % ifconfig -a lo Link encap:Local Loopback inet addr:127.0 UP BROADCAST LOOPBACK RUNNING MTU 3584 Metric 1 MTU:3584 Metric:1 RX packets:10714 errors:0 dropped:0 overruns:0 frame:0 TX packets:10714 errors:0 dropped:0 overruns:0 carrier:0 coll:0 eth0 Link encap:Ethernet HWaddr 00:60:8C:EA:03:C8 p inet addr:129.255.

Syste Architecture & Programm em ming traceroute • traceroute .yahoo. Sam HOD MBATech hul mant.Print the route packets take to network host Prof. M • % traceroute www.com www yahoo com 11/12/2010 Mukesh Patel School of Technology Management & Engineering 226 . Rah M.

Syste Architecture & Programm em ming telnet • telnet .Echo back h t type Prof. Sam HOD MBATech hul mant. M • 11/12/2010 Mukesh Patel School of Technology Management & Engineering 227 .Connect (TCP) to a specific p p y machine/port. Rah M. You can use it to play with services other than telnet (Look in /etc/services for list of services): – E h (P t 7) E h b k what you t Echo (Port 7).

Display and change ARP (Address ) Resolution Protocol) cache Prof. Rah M. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming arp • arp . M • molar:/etc% arp -a a 11/12/2010 Mukesh Patel School of Technology Management & Engineering 228 .

g . M – Network connections % netstat -a | more 11/12/2010 Mukesh Patel School of Technology Management & Engineering 229 . routing tables.Display network connections. Sam HOD MBATech hul mant. and interface statistics Prof. Rah M.Syste Architecture & Programm em ming netstat • netstat .

Rah M.Syste Architecture & Programm em ming route • route . M – Showing routing table % route 11/12/2010 Mukesh Patel School of Technology Management & Engineering 230 . Sam HOD MBATech hul mant.Show / manipulate the IP routing table Prof.

Rah M. Sam HOD MBATech hul mant.Syste Architecture & Programm em ming traceroute • traceroute • Traceroute displays the routers that are passed through to reach the destination. • t traceroute "IP address or domain name" t dd d i " • Prof. M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 231 .

setting up bogus interfaces and default routes with dip may disrupt routing on your network. An alternative. Rah M. write small wrapper p g p pp programs for each p p prospective SLIP server and have these wrappers invoke dip with the specific script that establishes the connection. dip provides an interpreter for a simple scripting language that can handle the modem for you. Even worse. To be able to configure the SLIP interface. It was written by Fred van Kempen and has been patched very heavily by a number of people. this action would give your users power to connect toany SLIP server and launch dangerous attacks on your network. dip means Dialup IP.. more flexible approach is to give trusted users root access to dip using a program. Mukesh Patel School of Technology Management & Engineering 232 • • Prof. and configure the network interface. This is what the dip command is for. enable the SLIP line discipline. Carefully written wrapper programs can then safely be made setuid to root. If you want to allow your users to fire up a SLIP connection. M • 11/12/2010 . interfaces. convert the line to SLIP mode and configure the interfaces The you mode. cause the modem to dial the provider. log in. It would now be tempting to make dip setuid to root so that all users can dial up some SLIP server without having to give them root access This is very dangerous though because access. dip requires root privilege. though. script language is powerful enough to suit most configurations. dangerous.Syste Architecture & Programm em ming DIP • It would be much better to have a simple command that performs all the steps necessary to open the serial device. Sam HOD MBATech hul mant.

M 11/12/2010 Mukesh Patel School of Technology Management & Engineering 233 . Sam HOD MBATech hul mant.com Prof.Syste Architecture & Programm em ming End • Thanks for your attention. • Feedback – samantsir@yahoo. Rah M.

Sign up to vote on this title
UsefulNot useful