2003 Home Server for Home Digital Service Environments

合集下载

原版WindowsServer2003DatacenterEdition(数据中心版)(英文版中文版)

原版WindowsServer2003DatacenterEdition(数据中心版)(英文版中文版)

原版Windows Server 2003 Datacenter Edition(数据中心版)(英文版+中文版)Windows Server 2003 SP1 Datacenter Edition EN(数据中心版英文版)Windows Server 2003 SP1 Datacenter Edition CN(数据中心版中文版)微软针对要求最高级别的可扩展性、实用性和可K性的企业而设计的Windows Server 2003 数据中心版使您可以为数据库、企业资源规划软件、大容量实时事务处理以及服务器合并提供使命关键的解决方案。

数据中心版可在最新硬件上使用,它同时有32 位版本和64 位版本,从而保证了最佳的灵活性和可扩展性各组织机构可从优化了的高效结构中获益,这种优化是为了运行要求极为严格的应用程序和服务而进行的。

Windows Server 2003 Datacenter Edition的独到之处与Windows Server 2003 企业版的主要区别:支持更强大的多处理方式和更大的内存。

另外,WindowsServer 2003数据中心版只通过Windows数据中心项目提供,该项目提供了来自Microsoft 和合格的服务器供应商(如原始制造商(OEM))的硬件、软件和服务集成。

在较高级别上,Windows Server 2003数据中心版提供以下支持:64位版本支持64 路对称多处理器(SMP) ;32位版本支持32路对称多处理器(SMP)支持8 节点集群32 位版本支持64 GB RAM,64 位版本支持512 GB RAMWindows Server 2003 Datacenter Edition的可K性依KMicrosoft迄今为止提供的最稳定的服务器开展业务如今各组织都期望技术能为其带来稳固的商业价值。

他们希望系统始终能够正常运行并始终可以响应,同时他们需要一定水平的安全性以迎接当今的挑战。

Windows_server_2003网络服务器配置技术

Windows_server_2003网络服务器配置技术

Windows server 2003网络服务器配置技术摘要:Windows Server2003内置了文件服务器、打印服务器、应用程序服务器、邮件服务器、终端服务器、远程访问/VPN服务器、域控制器、DNS服务器、DHCP服务器、流式媒体服务器、WINS服务器、文件服务器等服务器角色,几乎囊括了所有的服务器应用。

利用这些内置的服务器角色,只需简单的几步,即可完成相应服务器的配置。

它不仅改进了Windows 2000原有的服务,提高了这些服务的性能和扩充了许多功能,而且还增加了新的服务,如“邮件服务器”。

Windows Server 2003内置了IIS 6.0版,较Windows 2000中的IIS 5.0在可靠性、安全性、可管理性等方面有了长足进步,终使Windows Server 2003成为一个优秀的Web服务平台。

关键词:DHCP服务器DNS服务器IIS服务器邮件服务器一、Windows Server 2003安装1.安装过程1.用光盘启动系统:重新启动系统并把光驱设为第一启动盘,保存设置并重启。

将2003安装光盘放入光驱,重新启动电脑。

2.安装Windows Server 2003企业版光盘自启动后,如无意外即可见到安装界面。

全中文提示,要现在安装Windows,请按ENTER,按回车键。

许可协议,这里没有选择的余地,按“F8”。

这里用“向下或向上”方向键选择安装系统所用的分区,我这里使用的是虚拟机的虚拟磁盘,所以没有别的选择,只有一项,这里点回车向下进行。

这里,我用“上移”箭头键选择“用NTFS文件系统格式化磁盘分区”。

回车后出现格式化的警告。

格式化分区完成后,创建要复制的文件列表,跟接着开始复制系统文件。

文件复制完后,安装程序开始初始化Windows配置。

初始化Windows配置完成后,系统将在15秒后重新启动。

这部分安装程序已经完成,系统将会自动重新启动,将控制权从安装程序转移给系统。

win2003服务器配置(完全版)

win2003服务器配置(完全版)

更多教程
administrators 全部(该文件夹,子文件夹及文件) Power Users (该文件夹,子文件夹及文件) 读取和运行 列出文件夹目录 读取 SYSTEM 全部(该文件夹,子文件夹及文件) C:\Program Files administrators 全部(该文件夹,子文件夹及文件) CREATOR OWNER 全部(只有子文件来及文件) IIS_WPG (该文件夹,子文件夹及文件) 读取和运行 列出文件夹目录 读取 Power Users(该文件夹,子文件夹及文件) 修改权限 SYSTEM 全部(该文件夹,子文件夹及文件) TERMINAL SERVER USER (该文件夹,子文件夹及文件) 修改权限 2.网站及虚拟机权限设置(比如网站在 E 盘) 说明:我们假设网站全部在 E 盘 wwwsite 目录下,并且为每一个虚拟机创建了一 个 guest 用户,用户名为 vhost1...vhostn 并且创建了一个 webuser 组,把所有 的 vhost 用户全部加入这个 webuser 组里面方便管理。 E:\ Administrators 全部(该文件夹,子文件夹及文件) E:\wwwsite Administrators 全部(该文件夹,子文件夹及文件) system 全部(该文件夹,子文件夹及文件) service 全部(该文件夹,子文件夹及文件) E:\wwwsite\vhost1 Administrators 全部(该文件夹,子文件夹及文件) system 全部(该文件夹,子文件夹及文件) vhost1 全部(该文件夹,子文件夹及文件) 3.数据备份盘 数据备份盘最好只指定一个特定的用户对它有完全操作的权限。比如 F 盘为数据 备份盘,我们只指定一个管理员对它有完全操作的权限。 4.其它地方的权限设置 请找到 c 盘的这些文件,把安全性设置只有特定的管理员有完全操作权限。 下列这些文件只允许 administrators 访问 net.exe net1.exet cmd.exe tftp.exe netstat.exe regedit.exe

Windows Server 2003 資訊安全手冊

Windows Server 2003 資訊安全手冊

MMicrosoft 安全性解決方案Windows Server 2003資訊安全手冊目錄1. 簡介 Windows Server 2003 安全性手冊 (2)2. 設定網域基礎架構 (14)3. 建立成員伺服器基礎 (44)4. 補強網域控制站 (154)5. 補強基礎架構伺服器 (176)6. 補強檔案伺服器 (186)7. 補強列印伺服器 (193)8. 補強IIS伺服器 (201)9. 補強IAS伺服器 (224)10. 補強憑證服務伺服器 (229)11. 補強防禦主機 (243)12. 結論 (262)1. 簡介 Windows Server 2003 安全性手冊概觀歡迎閱讀這份 Microsoft Windows Server 2003 安全性手冊!這份手冊的設計,能提供給您最佳的資訊,以便您評估與了解在系統環境中 Microsoft® Windows Server TM 2003 所可能產生的安全性風險。

這份手冊中各章節都提供詳細的指引,並將重點放在在 Windows Server 2003 中各種可能的安全性設定組態與功能,使得您能夠處理在環境中所發現的安全性危機。

如果您是在 Windows Server 2003 環境中擔任顧問、設計師,或系統工程師,那麼本手冊可說是相當適合您。

這份指引的內容已經過 Microsoft 工程團隊、顧問、支援工程師,以及顧客和合作伙伴的檢閱與認可,因此它是:經證實的 – 以實戰經驗為基礎。

具權威性 – 提供可用的最佳意見。

具準確性 – 經過技術確認和測試。

可執行的 – 提供達到成功的步驟。

具相關性 – 提出真實世界的安全性考量。

與在各種不同的環境中導入Windows Server 2003、Windows® XP 和 Windows® 2000 的顧問及系統工程師一起工作,幫助我們能夠確立最新最佳的實施方針,來保護這些伺服器和用戶端的安全。

最新2003服务器系统安全配置汇总

最新2003服务器系统安全配置汇总

2003服务器系统安全配置2003服务器系统安全配置-中级安全配置[作者:墨鱼来源:互联网时间:2008-6-14QQ书签搜藏]【大中小】2003服务器系统安全配置-中级安全配置!做好此教程的设置可防御一般入侵,需要高级服务器安全维护,请联系我。

我们一起交流一下!做为一个网管,应该在处理WEB服务器或者其他服务器的时候配合程序本身或者代码本身去防止其他入侵,例如跨站等等!前提,系统包括软件服务等的密码一定要强壮!服务器安全设置1.系统盘和站点放置盘必须设置为NTFS格式,方便设置权限.2.系统盘和站点放置盘除administrators 和system的用户权限全部去除.3.启用windows自带防火墙,只保留有用的端口,比如远程和Web,Ftp(3389,80,21)等等,有邮件服务器的还要打开25和130端口.4.安装好SQL后进入目录搜索 xplog70 然后将找到的三个文件改名或者删除.5.更改sa密码为你都不知道的超长密码,在任何情况下都不要用sa这个帐户.6.改名系统默认帐户名并新建一个Administrator帐户作为陷阱帐户,设置超长密码,并去掉所有用户组.(就是在用户组那里设置为空即可.让这个帐号不属于任何用户组)同样改名禁用掉Guest用户.7.配置帐户锁定策略(在运行中输入gpedit.msc回车,打开组策略编辑器,选择计算机配置-Windows设置-安全设置-账户策略-账户锁定策略,将账户设为“三次登陆无效”,“锁定时间30分钟”,“复位锁定计数设为30分钟”。

)8.在安全设置里本地策略-安全选项将网络访问:可匿名访问的共享 ;网络访问:可匿名访问的命名管道 ;网络访问:可远程访问的注册表路径 ;网络访问:可远程访问的注册表路径和子路径 ;以上四项清空.9.在安全设置里本地策略-安全选项通过终端服务拒绝登陆加入ASPNETGuestIUSR_*****IWAM_*****NETWORK SERVICESQLDebugger(****表示你的机器名,具体查找可以点击添加用户或组选高级选立即查找在底下列出的用户列表里选择. 注意不要添加进user组和administrators组添加进去以后就没有办法远程登陆了.)10.去掉默认共享,将以下文件存为reg后缀,然后执行导入即可.Windows Registry Editor Version 5.00[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lanmanserver\pa rameters]"AutoShareServer"=dword:00000000"AutoSharewks"=dword:0000000011. 禁用不需要的和危险的服务,以下列出服务都需要禁用.Alerter 发送管理警报和通知Computer Browser:维护网络计算机更新Distributed File System: 局域网管理共享文件Distributed linktracking client 用于局域网更新连接信息Error reporting service 发送错误报告Remote Procedure Call (RPC) Locator RpcNs*远程过程调用 (RPC) Remote Registry 远程修改注册表Removable storage 管理可移动媒体、驱动程序和库Remote Desktop Help Session Manager 远程协助Routing and Remote Access 在局域网以及广域网环境中为企业提供路由服务Messenger 消息文件传输服务Net Logon 域控制器通道管理NTLMSecuritysupportprovide telnet服务和Microsoft Serch用的PrintSpooler 打印服务telnet telnet服务Workstation 泄漏系统用户名列表12.更改本地安全策略的审核策略账户管理成功失败登录事件成功失败对象访问失败策略更改成功失败特权使用失败系统事件成功失败目录服务访问失败账户登录事件成功失败13.更改有可能会被提权利用的文件运行权限,找到以下文件,将其安全设置里除administrators用户组全部删除,重要的是连system也不要留.net.exenet1.execmd.exetftp.exenetstat.exeregedit.exeat.exeattrib.execacls.exec.exe 特殊文件有可能在你的计算机上找不到此文件.在搜索框里输入"net.exe","net1.exe","cmd.exe","tftp.exe","netstat.exe","regedit.exe","at.exe","attrib.e xe","cacls.exe","","c.exe" 点击搜索然后全选右键属性安全以上这点是最最重要的一点了,也是最最方便减少被提权和被破坏的可能的防御方法了.14.后备工作,将当前服务器的进程抓图或记录下来,将其保存,方便以后对照查看是否有不明的程序。

Windows Home Server

Windows Home Server

来源Windows8论坛: Windows Home ServerWindows Home Server 是基于Windows Server 2003改编的操作系统Windows Home Server 特性一瞥●将你最重要的信息集中起来进行管理●每日自动备份家中PC的数据●能够完整恢复整台受损PC的数据●家庭网络中的任意一台PC可以直接访问位于Windows Home Server中的共享内容●通过独一无二的个人地址分享您的照片及视频●简单、快速的安装过程●着眼于未来的可扩充存储空间●崭新的第三方应用程序保护Windows Home Server每天自动备份家中每台PC的数据,这样存储于其中的文件就可以被轻易恢复。

更重要的是,PC状态监视器可以让你获得家中基于Windo ws Vista的PC的更多的监测数据。

连接家中的每个成员都可以通过家庭网络中的任一PC访问位于Home Server中他们需要的内容。

你甚至可以与相隔甚远的的亲密朋友及家人分享信息,或者远程访问Home Server中的相关信息。

组织您的家庭相册、视频、音乐一集其他重要文档将被集中管理,基于科目或主题的目录结构能够有效将内容组织起来并保持最新。

扩展随着存储需求的增长,您可以轻松的将硬盘连接至Windows Home Server。

开发者们为家庭自动化设计了很多具有创新意义的插件,家用网络摄像机以及安全解决方案,Windows Home Server将会成为您家中的一员,精巧设计的服务器十分美观,让您心动Windows Home Server 的安装非常简单,使用也很容易,并且提供了可靠的、熟悉的方法供家人连接,不管他们是在隔壁房间还是在穿越村间的小路上。

Windows Home Server Power Pack 1来源Windows8论坛:Windows Home Server Power Pack 1 发布文档Microsoft Corporation发布日期:2008 年 1 月版本: 1摘要本发布文档包含帮助您安装和运行Windows Home Server Power Pack 1 的最新信息。

最详细的windows 2003 server安全配置

最详细的windows 2003 server安全配置

图解配置]最详细的windows 2003 server安全配置狂人采集器——全自动采集,发贴,回贴,顶贴,让你论坛千人在线,日采集发帖上万,用内容留住访客网上流传的很多关于windows server 2003系统的安全配置,但是仔细分析下发现很多都不全面,并且很多仍然配置的不够合理,并且有很大的安全隐患,今天我决定仔细做下极端BT的2003服务器的安全配置,让更多的网管朋友高枕无忧。

我们配置的服务器需要提供支持的组件如下:(ASP、ASPX、CGI、PHP、FSO、JMAIL、MySql、SMTP、POP3、FTP、3389终端服务、远程桌面Web连接管理服务等),这里前提是已经安装好了系统,IIS,包括FTP服务器,邮件服务器等,这些具体配置方法的就不再重复了,现在我们着重主要阐述下关于安全方面的配置。

硬盘目录权限设置先说关于系统的NTFS磁盘权限设置,大家可能看得都多了,但是2003服务器有些细节地方需要注意的,我看很多文章都没写完全。

C盘只给administrators 和system权限,其他的权限不给,其他的盘也可以这样设置,这里给的system权限也不一定需要给,只是由于某些第三方应用程序是以服务形式启动的,需要加上这个用户,否则造成启动不了。

图片1Windows目录要加上给users的默认权限,删除everyone即可。

否则ASP和ASPX等应用程序就无法运行。

另外在c:/Documents and Settings/这里相当重要,后面的目录里的权限根本不会继承从前的设置,如果仅仅只是设置了C盘给a dministrators权限,而在All Users/Application Data目录下会出现everyone用户有完全控制权限,这样入侵这可以跳转到这个目录,写入脚本或只文件,再结合其他漏洞来提升权限;譬如利用serv-u的本地溢出提升权限,或系统遗漏有补丁,数据库的弱点,甚至社会工程学等等N多方法,从前不是有牛人发飑说:“只要给我一个webshell,我就能拿到system",这也的确是有可能的。

win2003服务器配置_绝版攻略

win2003服务器配置_绝版攻略

Windows 2003 绝版攻略Windows Server可以被配置为多种角色,Windows Server 2003 可以被配置为域控制器、成员服务器、基础设施服务器、文件服务器、打印服务器、IIS服务器、IAS服务器、终端服务器等等。

而且服务器可以被配置为几种角色的综合。

铁通数据中心机房存在多台不同角色的服务器,例如:备份服务器,终端服务器,Web服务器等,大部分是集各种角色于一身的服务器,所以有必要制作一份完整的安全方案文档以供参考,综合了部分虚拟主机公司的方案以及网络整理的资料和个人的一些经验,制作此方案。

总的来说,做为一个集各种角色为一身的服务器,主要是从以下几个方面进行安全加固设置:组件安全、端口安全、Windows常见自带程序的安全设置、远程终端安全、第三方软件的安全设置、木马病毒的防范设置、系统服务设置、帐号安全问题、日志安全设置、MSSQL安全设置、常见危险协议的删除、日常服务器安全检测、目录权限设置、DDOS攻击的设置、MYSQL安全设置、php安全设置。

注意:下面的策略是本着安全最大化的目的来执行的,实际操作中,要本着服务器正常应用与安全尽量化两者同时兼并的标准来进行。

组件安全:一、禁止使用FileSystemObject组件FileSystemObject可以对文件进行常规操作以及进行各种存在安全隐患的操作,可以通过修改注册表,将此组件改名,来防止利用FSO组件的ASP木马的危害。

步骤1:HKEY_CLASSES_ROOT\Scripting.FileSystemObject\ 名为其它的名字,如:改为 FileSystemObject_ChangeName,如果ASP程序必须使用这个组件,那么在代码中改相应的名称步骤2:将clsid值也改一下,HKEY_CLASSES_ROOT\Scripting.FileSystemObject\CLSID\项目的值,也可以将其删除,来防止此类木马的危害。

Windows2003-Server-设置大全

Windows2003-Server-设置大全

Windows2003 Server 设置大全一、windows server 2003 3790版本识别RTM=release to manufacture (公开发行批量生产)是给硬件制造商的版本!是送去压盘的,不是拿去卖的。

OEM=Original Equipment Manufacturer只能全新安装,和RTM差不多,只是称呼不同而已。

RTL=retail(零售)正式零售版,可以升级或者全新安装。

VLK=Volume License大量授权版,又称为企业版。

无需激活。

(网上所谓的简体中文VLK 版实际是普通简体中文版加英文VLK版中的8个文件而已)二、Windows Server 2003的不同版本Windows Server 2003 Web版:为快速开发、部署Web服务与应用程序,提供Web托管与服务平台。

支持2路SMP(对称多处理)系统、2GB内存。

Windows Server 2003标准版:面向中小型企业和部门级应用。

支持4路SMP、4GB内存。

Windows Server 2003企业版:适合中心与大型组织使用,有32位和64位两个版本。

支持8节点集群、NUMA;支持8路SMP,其中32位版支持32GB内存,64位版支持64GB内存。

Windows Server 2003数据中心版:面向要求强伸缩性和高可用性的企业,有32位和64位两个版本。

32位版支持32路SMP、64GB内存;64位版支持64路SMP、512GB内存;两个版本均支持8节点集群、NUMA三、windows server 2003 3790版的激活在正式版算号器没有出来之前,现在流行的激活方式有以下几种:(1)Reset5.02,在安全模式下运行即可激活,把时间调整为2008年都没有问题,一切使用正常。

可以升级。

缺点:激活程序被彻底屏蔽,表现为运行msoobe /a没有任何显示,并且在服务中有一项reset5,开机会自动运行此服务,C:\WINDOWS\system32\srvany.exe,此程序应该是reset5添加入系统的。

server2003 基本服务配置

server2003 基本服务配置

网络操作系统课程论文(自然科学)题 目:关于Windows Server2003配置与管理 院(系、部): 数学与信息科技学院学 生 姓 名:指 导 教 师: 张广斌 职 称 副教授2013年06月17日河北科技师范学院教务处制Hebei Normal University of Science & Technology摘要关于Windows Server2003配置与管理摘要Windows Server 2003起初的名称是 Server2003,大量继承WindowsXP的友好操作性和Windows 2003 Server的网络特性,是一个适合服务器使用的网络操作系统。

Windows Server2003内置有许多网络服务,只需进行简单设置即可实现主流的网络应用。

Windows Server 2003的高安全性、高可靠性、高可用性和高可伸缩性几乎可以满足现代企业所需的全部功能,其优点主要体现在以下几个方面。

●便于部署、管理和使用。

向导简化了特定服务器角色的安装和日常服务器管理任务,系统管理新增和改进的功能设计,让部署Active Directory(活动目录)更为容易。

●安全的基础结构。

Windows Server 2003 是部署公钥结构(PKI)的最佳选择,而且其自动注册结构。

Windows Server 2003是部署智能卡和证书非常容易。

●企业级可靠性、可用性、可伸缩性和性能●增强和采用最新技术,降低了拥有总成本(TCO)●便于创建动态Intranet和Internet Web站点●便于查找、共享和重新利用XML Web服务。

●稳定的管理工具。

●降低支持成本,增强用户功能。

关键词:Windows Server 2003 ,Active Directory,服务器1 引言Windows server 2003 是功能强大的网络操作系统,它内置了基本的网络协议,无须用户特意安装既可使用包括网络负平衡、Microsoft 网络的客服端等几种网络管理中常用的协协议(TCP/IP)和Microsoft网络和几种常用的协议。

用WindowsServer2003搭建安全服务器服务器教程-电脑资料

用WindowsServer2003搭建安全服务器服务器教程-电脑资料

用WindowsServer2003搭建安全服务器服务器教程-电脑资料启用并配置文件服务Windows Server 2003的管理工具中有一项功能叫做“管理您的服务器”,启动该工具之后,可以看到当前服务器上启用的所有服务,并可对这些服务进行管理,。

点击该界面上的“添加或删除角色”链接,将启动一个配置服务器的向导。

点击“下一步”进入到“服务器角色”步骤,在Windows Server 2003支持的角色列表中选择文件服务器并点击“下一步”,开始启用和配置文件服务的过程。

根据系统提示进行配额设置,磁盘配额功能可以限制用户对磁盘空间的使用,方便进行磁盘空间管理。

将磁盘空间限制设置为300MB,将警告设置为260MB,并勾选“拒绝将磁盘空间给超过配额限制的用户”这一选项,电脑资料《用Windows Server 2003搭建安全服务器服务器教程》(https://www.)。

这种情况下用户将无法使用超过300MB以上的硬盘空间,并且当用户使用的空间达到设置的260MB的警戒线时记录一个系统事件。

完成配额设置后点击“下一步”进入索引服务设置界面,默认的选项是不启用索引服务。

虽然索引服务可以加快文件检索的速度,但是由于它要消耗不少的服务器资源,所以如果不需要很频繁检索文件的话,建议保留默认的设置。

在确认以上设置之后,安装向导会弹出一个用于建立共享文件夹的向导。

首先需要选择共享文件夹的路径,例如C:/Inetpub/home。

之后进入维护共享名和关于该共享描述的界面,通常情况下维持默认设置即可。

点击下一步开始为共享设置权限,基本的权限包括了完全访问和读写权限。

选择“使用自定义共享和文件夹权限”,点击自定义按钮之后弹出自定义权限设置界面。

在这里可以根据需要对不同用户设置不同的权限,例如可以对Administrators用户组设置完全控制以赋予所有管理员对该共享文件夹的全部管理权限,为Guest用户设置读取权限,使匿名用户可以下载该文件夹中的文件,同时删除原有的Everyone这项,屏蔽所有其他用户权限。

windows2003系统家用的最佳优化方案

windows2003系统家用的最佳优化方案

WINDOWS2003系统家用的最佳优化方案采编:李大鹏这是一篇windows2003系统家用优化方案,它主要讲述了优化方式,下面就让我们一起来了解一下吧。

windows2003系统比xp系统要快一些,而且最近微软对针对xp盗版的打击力度明显加强。

所以建议社区的朋友放弃盗版的xp,转向使用windows2003。

但windows2003是服务器系统,直接当家用系统使用很麻烦,开如:机时需要按ctrl+alt+delete才能登陆,关机还需回答问题,上网老是跳出安全设置提示,音频等多媒体功能还有限制......如果能解决这些问题,windows2003小驴跑的还是相当舒服的,据说使用受限账户能把99%的木马病毒阻挡在门外(瞎吹吧呵呵)。

下边我们开始设置一下,让它像xp一样招人喜欢。

一、禁用开机CTRL+ALT+DEL在"运行"“secpol.msc”"本地策略"->"安全选项"->"交互式登录":在"不需要按ctrl+alt+del",改成“已启用”就OK 了!二、实现自动登陆在Windows中单击“开始→运行”,输入“rundll32 netplwiz.dll,UsersRunDll”(注意大小写及空格),把“要使用本机,用户必须输入用户名及密码”前边的小钩钩去掉,在接下来弹出的对话框中,输入想让电脑每次自动登录的账户名及其密码即可。

三、取消windows server 2003关机提示单击“开始→运行”,在弹出的运行对话框中输入“gpedit.msc”,打开组策略窗口,选中“计算机配置→管理模板→系统”,双击“显示关机事件跟踪”,在弹出的窗口中选择“已禁用”,最后再单击“应用→确定”按钮即可。

WIN2003服务器配置指南

WIN2003服务器配置指南

WIN2003服务器配置指南!装sql、serv-U、McAfee ,打补丁基本设置1.禁用的4个服务:Help and Support、Print Spooler、Server、Workstation。

2.删除所有盘符的默认共享、清除除administrators和SYSTEM组外的所有用户。

3.删除下列文件夹的除administrators和SYSTEM组外的所有用户权限:Documents and SettingsAll UsersProgram FilesWINDOWS4.增加system32目录:IIS_WPG和IWAM_TA 的读取和列出权限temp目录:users用户组的修改权限5.删除下列文件的除administrators组外的所有用户权限:at attrib cacls cmd command ftp net netstat net1 regedit telnet6.删掉系统盘\inetpub目录7.本地安全策略:帐户策略-〉帐户锁定策略-〉帐户锁定阀值本地策略-〉审核策略-〉*本地策略-〉安全选项-〉网络访问:不允许SAM帐户和共享的匿名枚举[启用]本地策略-〉安全选项-〉网络访问:可匿名访问的共享本地策略-〉安全选项-〉网络访问:可匿名访问的命名管道本地策略-〉安全选项-〉网络访问:可匿名访问的注册表路径本地策略-〉安全选项-〉网络访问:可匿名访问的注册表路径和子路径8.安装IIS,启用ASP和。

9.建立servu独立账户及servu设置密码.组件安全1.wshom.ocx 和shell32.dll ,可以列出服务器的环境变量regsvr32/u C:\WINDOWS\System32\wshom.ocxdel C:\WINDOWS\System32\wshom.ocxregsvr32/u C:\WINDOWS\system32\shell32.dlldel C:\WINDOWS\system32\shell32.dllSQL SERVERuse mastergorevoke execute on [sp_MSSetServerProperties] to [public]gorevoke execute on [sp_MSsetalertinfo] to [public]gosp_dropextendedproc 'xp_cmdshell'gosp_dropextendedproc 'xp_regaddmultistring'gosp_dropextendedproc 'xp_regdeletekey'gosp_dropextendedproc 'xp_regdeletevalue'gosp_dropextendedproc 'xp_regenumvalues'gosp_dropextendedproc 'xp_regremovemultistring'goPHP + MySql1.解压PHP.zip到d:\php,把PHP.ini拷贝到windows目录并设置好路径。

2003域控制器教程之图文并茂

2003域控制器教程之图文并茂

域控制服务器教程把一台成员服务器提升为域控制器(一)目前很多公司的网络中的PC数量均超过10台:按照微软的说法,一般网络中的PC数目低于10台,则建议建议采对等网的工作模式,而如果超过10台,则建议采用域的管理模式,因为域可以提供一种集中式的管理,这相比于对等网的分散管理有非常多的好处,那么如何把一台成员服务器提升为域控?今天就来说说吧`如有不对的地方希望大家说出来一起进步:服务器采用Windows2003Server为例,客户端以XP为例(专业版,home版的不支持)。

域控制器名字:serverIP:192.168.88.119子网掩码:255.255.255.0网关:192.168.88.159(当然,这些可以根据具体需要设置)DNS:192.168.88.119(因为我要把这台机器配置成DNS服务器,升级成DC以后首选DNS 变成127.0.0.1不用怕`这是正常的)由于Windows Server 2003在默认的安装过程中DNS是不被安装的,所以我们需要手动去添加,添加方法如下:“开始—设置—控制面板—添加删除程序”,然后再点击“添加/删除Windows组件”,则可以看到如下画面:向下拖动右边的滚动条,找到“网络服务”,选中:默认情况下所有的网络服务都会被添加,可以点击下面的“详细信息”进行自定义安装,由于在这里只需要DNS,所以把其它的全都去掉了,以后需要的时候再安装:然后就是点“确定”,一直点“下一步”就可以完成整个DNS的安装。

在整个安装过程中请保证Windows Server 2003安装光盘位于光驱中,否则会出现找不到文件的提示,那就需要手动定位了。

安装完DNS以后,就可以进行提升操作了,先点击“开始—运行”,输入“Dcpromo”,然后回车就可以看到“Active Directory安装向导”直接下一步就可以了`这里是一个兼容性的要求,Windows 95及NT 4 SP3以前的版本无法登陆运行到Windows Server 2003的域控制器,我建议大家尽量采用Windows 2000及以上的操作系统来做为客户端。

Windows 2003 服务详解

Windows 2003 服务详解

Windows 2003 服务详解简介系统服务的处理不同于其他设置,因为所有服务的漏洞、对策及潜在影响在本质上都一样。

第一次安装Microsoft Windows Server 2003 时,系统将在启动时创建并配置默认服务。

有些服务在组织环境中并不需要,但仍在Windows Server 2003 中被启用来确保应用程序或客户端兼容或辅助进行系统管理。

服务概述服务仅在登录到某一帐户的情况下才能访问操作系统中的资源和对象。

大多数的服务都不更改默认的登录帐户。

更改默认帐户可能导致服务失败。

如果选定帐户没有登录服务的权限,Microsoft 管理控制台(MMC) 的服务管理单元将自动为该帐户授予登录所管理计算机中服务的用户权限。

但这并不保证启动服务。

Windows Server 2003 包括三个内置的本地帐户,分别用作各系统服务的登录帐户:•本地系统帐户:本地系统帐户功能强大,它可对系统进行完全访问,并作为网络中的计算机工作。

如果某服务登录到域控制器的“本地系统”帐户,则该服务可访问整个域。

有些服务的默认配置是登录到“本地系统”帐户。

不要更改默认服务设置。

帐户名称是LocalSystem。

该帐户没有密码。

•本地服务帐户:本地服务帐户是一种特殊的内置帐户,类似于经身份验证的用户帐户。

就访问的资源的对象而言,“本地服务”帐户与“Users”(用户)组成员权限等同。

这种限制性访问有助于在个别服务或进程受损时保障系统安全。

以“本地服务”帐户运行的服务使用有匿名凭据的空会话来访问网络资源。

帐户名称是NT AUTHORITY\LocalService。

该帐户没有密码。

•网络服务帐户:网络服务帐户也是一种特殊的内置帐户,类似于经身份验证的用户帐户。

就访问的资源的对象而言,“网络服务”帐户与“Users”(用户)组成员权限等同。

这种限制性访问有助于在个别服务或进程受损时保障系统安全。

以“网络服务”帐户运行的服务可使用计算机帐户的凭据来访问网络资源。

CISP考试(习题卷11)

CISP考试(习题卷11)

CISP考试(习题卷11)第1部分:单项选择题,共94题,每题只有一个正确答案,多选或少选均不得分。

1.[单选题]小红和小明在讨论有关于现在世界上的 IP 地址数量有限的问题,小红说他看到有新闻说在 2011 年 2 月3 日,全球互联网 IP 地址相关管理组织宜布现有的互联网 IP 地址已于当天划分给所有的区域互联网注册管理机构,IP 地址总库已经枯竭,小明吓了一跳觉得以后上网会成问题,小红安慰道,不用担心,现在IPv6 已经被试用它有好多优点呢,以下小红说的优点中错误的是()A)网络地址空间的得到极大扩展B)IPv6 对多播进行了改进,使得具有更大的多播地址空间C)繁杂报头格式D)良好的扩展性答案:C解析:2.[单选题]基于网络的入侵检测系统的信息源是_______。

A)系统的审计日志B)事件分析器C)应用程序的事务日志文件D)网络中的数据包答案:D解析:3.[单选题]数位物件识别号(Digital 0bject Identifier,简称 DOI)是一套识别数位资源的机制,涵括的对象有视频、报告或书籍等等。

它既有一套为资源命名的机制,也有一套将识别号解析为具体位址的协定。

DOI 码由前缀和后缀两部分组成,之间用“/” 分开,并且前级以“.”再分为两部分。

以下是一个典型的 DOI 识别号,10.1006/jmbi.1998.2354,下列选项错误的是()A)“10.1006”是前级,由国际数位物件识别号基金会确定B)“10”为 DOI 目前唯的特定代码,用以将 DOI 与其他采用同样技术的系统区分开C)“1006 是注册代理机构的代码,或出版社代码,用于区分不同的注册机构D)后缀部分为:jmbi.1998.2354,由资源发行者自行指定,用于区分一个单独的数字资料,不具有唯一性答案:D解析:4.[单选题]在加固数据库时, 以下哪个是数据库加固最需要考虑的?A)修改默认配置B)规范数据库所有的表空间C)存储数据被加密D)修改数据库服务的服务端口答案:A解析:5.[单选题]以下哪一项是用于CC的评估级别?A)EAL1,EAL2,EAL3,EAL4,EAL5,EAL6,EAL7B)A1,B1,B2,B3,C2,C1,D6.[单选题]在正常情况下,应急响应计划培训应该至少多久一次A)1 年B)2 年C)半年D)5 年答案:A解析:7.[单选题]我国卫星导航系统的名字叫( )。

Windows Server 2003版本说明

Windows Server 2003版本说明

Windows Server 2003版本说明Windows Server 2003 家族包括以下产品:Windows Server 2003 Standard EditionWindows Server 2003 Standard Edition 采用最好的 Windows 2000 Server 技术,使部署、管理和使用更加容易。

结果是产生高效的操作系统,更加安全可靠、可用性和可伸缩性更高。

在较高的级别,Windows Server 2003 Standard Edition 提供下列支持:•高级联网功能,例如 Internet 身份验证服务 (IAS)、网桥功能和 Internet 连接共享 (ICS)。

•四路对称多重处理 (SMP)。

•4 GB 内存。

如果客户需要最高的可用性和可伸缩性,应考虑使用 Windows Server 2003 Enterprise Edition 或 Windows Server 2003 Datacenter Edition。

可靠性设计在 Microsoft 发布过的最稳定的服务器操作系统上运营您的业务当今的公司希望利用技术不断地创造商业价值。

他们希望系统始终正常运行并且始终及时响应,还希望安全级别可以应对当今面临的挑战。

Windows Server 2003 Standard Edition 中的新功能和改进功能使其成为 Microsoft 发布过的最稳定的小公司和部门级服务器操作系统。

Windows Server 2003 Standard Edition 对 Windows 2000 Server 中引入的许多技术进行了改进,例如智能卡支持、带宽限制和即插即用支持。

公共语言运行时等新技术提高了安全性,可以防止网络受到恶意代码或设计较差的代码的影响。

此外,通过对 Internet Information Services (IIS) 6.0、公钥基础结构(PKI) 和 Kerberos 的改进,更容易保证 Windows Server 2003 的安全。

远程全自动系统安装及远程GHOST系统

远程全自动系统安装及远程GHOST系统

远程全自动安装系统及远程ghost系统需要工具与软件:1.Windows 2003 server 用作远程安装服务器.2.需要安装的操作系统windows2000\windows xp\windows2003及序列号3.Norton.Ghost.v8.2.Corporate.Edition用于ghost系统安装4.Ghost .v11.及Ghostsrv.exe最新版本(Noton.ghost.V8.2 Corporate.Edition自带的版本太旧,不能用于恢复最新的ghost文件.低版本的ghost.exe 如8.3版,在恢复的时候会将客户端所有分区合并,造成数据丢失.最新版的Ghostsrv.exe可以恢复windows7.5.远程安装自动应答软件Setupmgr,用于制作RIS全自动安装的应答文件实施步骤:服务器端:1.首先安装window 2003 server2.配置windows 2003 server 的Active Dircetory域及DHCP服务.开始-管理工具-配置你的服务器向导之后都采用默认地,下一步下一步就行了.再到要求重启电脑此时Active Dircetory域及DHCP服务配置完成.3.安装RIS(Remote Installation Service)组件开始-控制面板-添加或删除程序添加/删除windows组件勾选windows布署服务,下一步,这个过程可能需要用到安装光盘,直到提示重启服务器.然后重启服务器.4.运行RIS并做相关的设置开始-管理工具-windows部署(旧版)注意新版不支持gho文件.这一步需要将中文去掉,不然会报错.等几分钟文件复制完,提示成功,远程安装服务器就配置完成了.此时还不能进行远程GHOST 系统.要实现远程GHOST系统还需要安装Norton.Ghost.v8.2.Corporate.Edition5安装Norton.Ghost.v8.2.Corporate.Edition第一步:安装Norton.Ghost.v8.2.Corporate.Edition,安装过程很简单,采用默认安装即可第二步:配置Symantec Ghost Boot这个地方一定要去选择最新版的ghost.exe,不然客户端会报映像文件不支持的错.第三步:配置Symantce GhostCast Server客户端:首先客户端的机器需要能支持网络启动,可喜的是现在的机器一般都支持.启动按F12从网络启动.看到启动成功的提示后再按F12进入如下界面:回车输入服务器的用户名在这里选择你要安装的系统:安装系统就会开始安装了.****************************************如果安装的过程中出现如下报错,是因为安装文件没有导完整,需要将光盘中的i386下的所有文件拷到RIS的i386目录下覆盖其文件.注意不是用i386去替换i386.如果是选择是ghost的系统,就会出现如下界面.这个地方输入session name 与刚才Symantec GhostCast Server中的session name相同等文件传输完成,选择重启电脑最开始ghost安装系统.细节与优化:整个过程已经能实现远程安装系统及远程ghost系统,但还不是全自动的.还需要手动去输入用户名,序列号,时区之类的繁琐操作,更重要的事是系统会重新分区,造成所有数据丢失,所以必须修改RIS的应答文件,接下来就是进行如何修改RIS的应答文件以实现全自动安装.RIS的应答文件在\RemoteInstall\Setup\Chinese\Images\WINDOWS\I386\templates下的ristndrd.sif我们可以用记事本打开,直接在里面修改也可以使用工具软件来修改好后直接去覆盖掉ristndrd.sif也可以.修改应答文件步骤:下一步默认随后几步都默认即可:完成之后把它存在一个地方:用记事本打开:找到如下字符它的意思是将硬盘重新分区,这里将yes改为no. 同时如果不想将电脑加入到域可以修改:保存文件,然后将文件重命名为:ristndrd.rif.将其拷到\RemoteInstall\Setup\Chinese\Images\WINDOWS\I386\templates覆盖它原来的ristndrd.rif文件即可.呵呵,整个全自动安装系统之旅经结束.。

  1. 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
  2. 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
  3. 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。

Contributed PaperManuscript received July 14, 2003 0098 3063/00 $10.00 © 2003 IEEEHome Server for Home Digital Service EnvironmentsChangseok Bae, Jinho Yoo, Kyuchang Kang, Yoonsik Choe, and Jeunwoo LeeAbstract — This paper proposes a new scheme of the home server platform for providing home digital services by connecting home networks and the Internet. The proposed scheme is an integrated form of a home multimedia server, a home control server, and a home information server. The proposed system has an interface between access networks and home networks, various kinds of wired and wireless home networks devices, and multimedia processing modules. As examples of home digital services, the system provides a digital TV service, a remote multimedia service, and an instant message service based on the open service gateway initiative (OSGi) framework. We have implemented the proposed home server scheme, and verify that the system can be a core device of the home digital service environments 1. Index Terms — Home server, home networks, multimedia, OSGi, home digital service.I. I NTRODUCTIONIn home digital service environments, a home server can be considered as a core device for connecting and managing all of the information appliances within a home [1-3]. According to widespread use of high-speed networks such as the asymmetric digital subscriber line (ADSL), construction of access networks to connect the Internet from a home is entering into a complete stage. Recently, very high data rate digital subscriber line (VDSL) for supporting 20-50 Mbps begins to be serviced in Korea.Together with the construction of access networks, lots of standards for wired and wireless home networks are proposed and developed. Contrary to the access networks, a few kinds of home networks can already support very high data rates up to a few hundreds Mbps, and are going to support a number of Gbps in a few years. According to the rapid progress of home networks technologies, the fiber to the home (FTTH) plan for constructing fiber networks as access networks is promoted. These high-speed access networks and home networks are connected to each other and many kinds of Internet services can be available based on this environment.The first step of this effort starts with the appearance of digital information appliances like Internet refrigerators and1This work was supported in part by Korea Ministry of Information and Communication under Grant No. 02MC1510.C. Bae, J. Yoo, K. Kang, and J. W. Lee are with the Embedded Software Technology Center, Electronics and Telecommunications Research Institute, Daejeon, Korea (e-mail: {csbae, yoojh, k2kang, ljwoo}@ etri.re.kr).Y. Choe is with the Department of Electrical and Electronic Engineering, Yonsei University, Seoul, Korea (e-mail: yschoe@yonsei.ac.kr). microwave ovens. Consequently, attempts to develop a homeserver for connecting and managing these appliances are continued naturally. However, these attempts are just in the beginning stage, and consensus for the configurations and functions of the system is under establishing now. Thus, the schemes and services of the home servers according to the advantage of companies proposing their own home server have different forms [1-6]. This paper considers three kinds of companies like communication companies, game companies, and consumer electronics companies.First, communication companies are mainly interested in networks functions of the home server. Erricson, one of the largest communication companies in Europe, developed a home server called E-Box [7]. The system employs open service gateway initiative (OSGi) [8] framework for providing home informatization and Internet services using home networks. It presents monitoring and controlling services for home automation devices, Internet sharing and firewall, and MP3 audio service through the Internet. Second, game companies are trying to develop a home entertainment server based on their game consoles. Sony considers PlayStation2, its world famous game console, as a next generation home entertainment server by adding network functions. Microsoft also developed X-Box as a network game server using its Ethernet port. Finally, consumer electronics companies, such as Matsushita, NEC, Hitachi, and LG also propose their own architecture of the home server adding PC functions to the consumer electronics products such as refrigerators.This paper proposes new architecture of the home server that can serve as a home multimedia server, a home control server, and a home information server, in a box. The proposed system integrates various kinds of home networks devices such as the Ethernet, the HomePNA, the IEEE1394, the power line communications (PLC), the WirelessLAN, and the Bluetooth. As a home multimedia server, the home server provides lots of multimedia services, for example watching a digital TV (D-TV) program and a DVD title. The home server, as a home control server, connects and controls all of information appliances within a home using its home networks devices. In addition, the home server can be a home information server by storing lots of home information in a storage device attached on it. The proposed system also equips an open service framework and many service bundles for easy management of various services available in the system. Therefore, users can enjoy lots of Internet services in their home by connecting the high-speed home networks and Internet using the home server. Furthermore, users can access, communicate, and control all ofinformation devices within their home through the Internet and home networks wherever they are.This paper consists as follows: Section 2 describes the concept of the digital home environments, and Section 3 explains architecture of the home server proposed in this paper. Section 4 presents implementation results of the proposed system, and finally, conclusions and future works are discussed in Section 5.II. D IGITAL H OME E NVIRONMENTSThe concept of home digital service environments with the home server is shown in Fig. 1. The home server connects all of information appliances within a home using home networks, and it interfaces home networks with access networks. Home networks devices are categorized into wired devices and wireless devices. Wired home networks devices include the Ethernet, the HomePNA, the IEEE1394, and the PLC. Generally, the Ethernet and the HomePNA are used to connect information devices such as computers, printers, and facsimiles. The IEEE1394 connects audio and video (AV) devices such as digital camcorders, digital VCRs, and digital audios. The PLC is used to connect white appliances like refrigerators, microwave ovens, and washing machines. Wireless home networks devices include the WirelessLAN and the Bluetooth, which can connect wireless devices like a personal display assistant (PDA) and a web pad.PLCIEEE 1394Bluetooth DTVDigital AudioGameWeb PADLightSecurityElectricity PDAWeb PADFig. 1. Concept of home server and home digital service environmentsThe home server, the core device of home digital services, is equipped with a large capacity of the storage device, and is responsible for control, management, and connection of all information appliances within a home. In addition, the system provides a method for communicating home information between family members.III. Architecture of Home ServerThe architecture of the home server is illustrated in Fig. 2, which can be divided into three groups: hardware devices, software modules, and contents and services. First, hardware devices in the home server consist of wired and wireless home networks devices for communicating among home information appliances, a digital TV receiver for watching HDTV programs, a multimedia codec for providing multimedia services, and a storage device for storing information and contents. Second, the software modules are categorized into system software and middleware. The system software includes a real time operating system (RTOS) for the home server, Java Virtual Machine (JVM), and open service gateway initiative (OSGi) framework. The middleware consists of the agent software, OSGi service bundles, and the control/multimedia middleware [9]. Finally, contents and services such as D-TV, remote medical, remote education, and cyber home services are available on this basis.H/WHomeServer H/W PlatformHome NetworksD-TV ReceiverMultimedia CodecS/WContents and ServicesStorage DeviceFig. 2. Architecture of the home server platformA. Hardware ModulesB. Home Networks Devices Wired Home Networks DevicesThe proposed home server has wired home networks devices such as the Ethernet, the IEEE1394, and the HomePNA. First, the Ethernet is the most basic wired homenetworks device. The system supports high-speed data communication using the chipset that can automatically detect either 10 or 100 Mbps Ethernet communication.Second, the IEEE1394 communication module consists of a physical IEEE1394 interface, a device driver forcommunication, and application program supporting play, record, and communication control functions of DV and MPEG-2 TS stream. The home server supports communication of DV data and MPEG-2 TS data between the devices connected to IEEE1394 devices. DV data communication usesDV1394 device driver that supports IEEE1394 isochronous transfer protocol and IEC61883 digital interface protocol. Instead of DV1394 device driver, MPEG1394 device driver is used to communicate MPEG-2 TS data. This module can reduce overheads for implementing multimedia data communication, because the device driver between IEEE1394 link layer and application program operates communication function transparently.Finally, the HomePNA uses a general phone line as a physical interface. The HomePNA can be easily configured because it has free topology and can use the existing network lines. Besides, the PLC for connecting white appliances such as refrigerators, microwave ovens and electrical washing machines is installed using power line serial lontalk adaptor (PL-SLTA).a) Wireless Home Networks DevicesThe proposed home server has dual PCMCIA slots for wireless home networks devices such as the WirelessLAN and the Bluetooth. The system has the WirelessLAN consisting of ad-hoc mode for playing the role of an access point. The Bluetooth also constructs an ad-hoc network in a home. The system employs the Casira bluetooth module and the OpenBT bluetooth protocol stack.b) Protocol StacksThe home server is the only device in a house that has a permanent IP address. It has the policy for assigning dynamic IP addresses for the information appliances within a home. The home server uses dynamic host configuration protocol (DHCP) for assigning IP addresses automatically to the home information devices. The home information devices confirm the existences of themselves using these dynamic IP addresses. The home server sets and performs firewall using a filtering style. The firewall to restrict the access of the data packets from unauthorized IP addresses is installed to guarantee the security of home networks. Users can set and modify the permission for access from specific addresses.Other information appliances except for the home server have dynamic IP addresses managed by the home server. All devices connected to the home networks communicate with outer devices using one representative IP address. The outer devices respond to the internal devices using the port number occupied by the internal device.2) D-TV ReceiverThe block diagram of a D-TV receiver module for the home server platform is shown in Fig. 3. The D-TV receiver module decodes the received D-TV broadcast signal using a tuner, an IF demodulator, an ADC, a VSB demodulator, and an MPEG decoder. HD size video data can be displayed on an HDTV through the video mux, which is employed to multiplex decoded video data and VGA (RGB) signal from the graphics module in the home server main board. Simultaneously, the D-TV receiver module can transmit VGA size video data to the multimedia codec module using the VIP port. Besides, the D-TV receiver can process additionally transmitted data broadcast as well as high definition video. In order to handle the electronic program guide (EPG), the D-TV receiver supports ATSC A/65 program and system information protocol (PSIP) standard [10, 11]. Therefore, users can utilize user-friendly information such as registered recording. Multimedia Codec ModuleThe multimedia codec module receives video data from a video in port. While video data is encoded to an H.263 [12, 13] stream, an error resilient scheme is implemented to reduceCodecTo HDTVFig. 3. Block diagram of D-TV receiver moduleThe multimedia codec module performs down sampling of input video using bilinear interpolation. VGA size input images are converted into CIF size images. In order to support remote multimedia service, the multimedia codec for a home sever should process at least 15 frames for CIF size video. The home server has to support various application services for multiple users as well as multimedia data processing. Thus, it is difficult to expect adequate quality of service (QoS), if the main processor of the home server is responsible for all of the multimedia codec functions.The proposed multimedia codec module shown in Fig. 4 makes use of a hardware module using a DSP and a field programmable gate array (FPGA) so as to reduce the load on the main processor and to support the required codec performance continually. While most parts of the codec algorithm are implemented in a DSP, motion estimation (ME) and motion compensation (MC) parts that require lots of computing time operate in a FPGA.Fig. 4. Block diagram of multimedia codec moduleC. S oftware ModulesThe proposed system employs Qplus [14], an embedded Linux developed by ETRI, as its realtime operating system. Qplus consists of reconfigurable embedded Linux kernel, system libraries, graphic window system, and target builder. The target builder is a tool for configuring Qplus, and this tool provides the functionality to configure all components of Qplus including kernel, system libraries, and applications. The system libraries are optimized to fit for embedded systems.Regardless of their location, users can check the states of the information appliances within a home under home digital service environments. In addition, whenever the predefined events occur in a home, it is necessary to notify the situation to the users using instant message service. Users generally require service provider to provide various service solutions operated in the home server. In the home digital service environments, many service providers located remotely support various services requested by users through the Internet. If all of the services make users purchase and install for themselves, it will be very inconvenient to apply the home server. For the users’ convenience, a dynamic service platform that can manage application services by remote service providers should be very useful. In the dynamic service platform, the remote service providers can install and remove services operated in a user’s home server by the user’s request. The OSGi service platform is a dynamic service platform, which satisfies this requirement. The platform consists of various service bundles and a framework that can easily install and operate service bundles at a remote site. Using OSGi, services are distributed as a bundle format, which will be installed, upgraded, operated, and removed without rebooting or restarting of the service platform. The system provides the OSGi service framework release 2.0 and its core bundles, and an instant message service as an example of service bundle. Fig. 5 shows the architecture of OSGi service platform. OSGi framework is implemented on the JVM, and core bundles, application bundles, and library bundles are implemented on this framework [15, 16].Core BundlesLibrary BundlesApplication BundleFig. 5. Architecture of open service platformIn addition, the system has control and multimedia middleware such as HAVi, Jini, and UpnP. Further, it also provides FiPA agent framework. D. C ontents and ServicesService applications using the home server include watching D-TV, remote medical services, remote education, and cyber home. Service provider can develop lots of services to implement digital home environment with the home server. At the remote side, service provider can enable or disable services in the user’s home using the OSGi framework.III. I MPLEMENTATION R ESULTSThe appearance of the proposed home server platform is shown in Fig. 6. The home server is developed using an x86-based processor, and integrates a few kinds of home network devices, an audio codec, and a graphics module on a board. The home server main board has an Ethernet port for uplink, 3 IEEE1394 ports, 4 USB ports, an AC97 audio codec, a VGA graphics module, and 3 PCI slots. A D-TV receiver, a multimedia codec, and a network add-on board are attached to PCI slots on the home server main board. The network add-on board has two PCMCIA slots for wireless home networks devices, an Ethernet port for downlink, and a phone line jack for the VoIP service.(a)(b)Fig. 6. Outside (a) and inside (b) of the home server platformAn example of D-TV broadcast reception is shown in Fig. 7. The D-TV receiver supports ATSC display formats such as 720p and 1080i. Besides, it can process program and system information protocol (PSIP) standard for electronic program guide (EPG). D-TV contents can be encoded into a low bit rate stream such as H.263 using a multimedia codec module.(a)(b)Fig. 7. D-TV receiving result. (a) Received D-TV picture and (b) EPG browsing resultAs an example of OSGi service bundle, an instant message service bundle is implemented. Because both SMS and VMS are considered as an instant message method, the service provider needs a CDMA module and a voice module to send a message to communication networks. If the predefined event is occurred in a home, the home server can send a message to the predefined user’s phone.Methods for the instant message service consider a voice message service (VMS) and a short message service (SMS) [16]. Fig. 8 shows the architecture of instant message service. The VMS requires a voice board for connecting PSTN, and the SMS requires a wireless modem for connecting CDMA. Considering the business model in OSGi structure, a service provider presents a service platform and service bundles in the home server, and manages the platform.Fig. 9 represents relations between required bundles and service platform in the home server. The instant message service requires a SMS service bundle, a VMS service bundle, and a transmission bundle for constructing message and for sending it to the service provider. In addition, device bundle is required to interface physical devices in a home.Service Provider Mobile & PSTN Fig. 8. Architecture of instant message serviceFig. 9. Configuration of home server sideSoftware and hardware components in the service provider are shown in Fig. 10. In order to provide instant message service, the service provider requires a software component for receiving and analyzing message packet transferred from a network device and for transferring the message as VMS or SMS format. Besides, physical devices such as a voice board and a wireless modem are required.PSTN networkFig. 10. Configuration of service provider sideThe home server communicates with the service provider using TCP/IP. The message format between the home server and service provider is shown in Table 1, which consists of 4 fields such as callee, caller, flag, and body. A colon is used as a delimiter to parse the message. The first field is a callee number, which represents a mobile or PSTN phone number ofthe receiver. The second field is a caller number. In order to be recognized in the service provider, both callee and caller numbers should be numeric numbers. If these fields have an error, the service provider notifies the home server. The third field is a flag, which represents the type of the message. If this field is 0 or 2, the default short message or voice message is sent to the receiver. The message in the body field is sent to the receiver by SMS, if it is 1. On the other hand, if it is 3, the file written in the body field is sent to the receiver. The last field is a body field, which is empty if the flag field is 0 or 2. If the flag is 1, it represents a short message. For the flag of 3, it represents a file name of a voice message.Table 1. Message format between home server and service providerFields Bytes Type RemarksCalleeVariableStringCallee number (variable length)Delimiter 1 Char Delimiter as a colonCaller Variable String Caller number (variable length)Delimiter 1 Char Delimiter as a colon Flag 1 Byte0: Default message for SMS(Body length = 0)1: Body message for SMS 2: Default file for voice (Body length = 0) 3: Body file for voice Delimiter 1 Char Delimiter as a colon Body Variable StringA message to be sent (variable length) IV. C ONCLUSIONS AND F UTURE W ORKS This paper describes a new scheme of the home server platform for implementing home digital service environments. Lots of related companies and corporations have consensus for the necessities of a home server. However, they still havedifferences in the definite realization method and form. The disagreement of opinion is caused by lack of consensus for the importance of services and by incompleteness of servicesprovided by connecting Internet and home networks using a home server. Communications, games, and consumer electronics companies are developing their own home server based on new concept devices improving their main product by adding partial functions needed in the home server. However, the home server in the digital home implemented by homenetworks should satisfy functions for home multimedia server, home control server, and home information server. This paper proposes and implements a home server formultimedia services, information appliance control services, and information management services. The home server has home network devices for connecting and controlling variousinformation appliances effectively. In order to process large size of multimedia data, the system has multimedia devices such as a D-TV receiver and a multimedia codec module. Open service framework and service bundles are implemented to provide a convenient service management method. The service provider at a remote site can easily manage services requested by users without users’ intervention.The home server is expected to be a core device for constructing information infrastructure that can create new services in a home. Therefore, it can activate markets for information appliances and application services. In addition, it can accelerate the development of new complex information appliances that can be used on an integrated environments of data, communication, broadcast, and home automation.R EFERENCES[1] C. Bae, J. Lee, and C. Kim, “State of the art and the developmentdirection of home server technology ,” Korea Information Processing Society Review, vol. 8, no. 1, pp. 28-41, Jan. 2001. [2] J. Lee and C. Bae, “ Home server platform technology,” Korea Information Science Society Review , Apr. 2001.[3] C. Bae, J. Yoo, K. Kang, Y. Choe, and J. Lee, “Home server for home digital service environments, Digest of Technical Papers in International Conference on Consumer Electronics , pp. 382-383, June2003.[4] A. D. Roy, “Networks for Homes,” IEEE Spectrum , pp. 26-33, Dec. 1999.[5] Nikkei Electronics, Japan moves ahead on futuristic home server , Oct.20, 1997. [6] C. Bae, J. Seok, Y. Choe, and J. Lee, “Multimedia data processing elements for digital TV and multimedia services in home server platform,” IEEE Trans. Consumer Electron., vol. 49, no. 1, pp. 64-70,Feb. 2003.[7] T. Idermark, M. Lilliestråle, and J. Vasell, “Erricson’s E-Box system-Anelectronic service enabler,” Erricson Review , no. 1, pp. 38-44, 1999.[8] OSGi, OSGi Service Platform Release 2, , Oct. 2001.[9] T. Y. Ku, D. H. Park, and K. D. Moon, “A Java-based home networkmiddleware architecture supporting IEEE1394 and TCP/IP,” IEEETrans. Consumer Electron., vol. 48, no. 3, pp. 496-504, Aug. 2002.[10] J.Whitaker, Digital television fundamentals , McGraw-Hill, 2000.[11] Digital television requirements for receivers , AS4933.1-2000, DraftVer. 3, 2000.[12] ITU-T, Video coding for low bit rate communication, ITU-TRecommendation H.263, Mar. 1996. [13] K. R. Rao and J. J. Hwang, Techniques and standards for image, video,and audio coding , pp.338-351, Prentice Hall, 1996.[14] C. Lim, G. Kim, and Y. Kim, “Reducing communication overhead in anembedded application development toolset,” Proc. of IASTD AI 2001, Feb. 2001.[15] K. Chen and Ligong, Programming open service gateways with Java embedded server technology , Addison Wesley, 2001.[16] K. Kang, D. Kang, and J. Lee, “SMS and VMS for an instant messagingin the future home environment,” Proc. of the ICOCM , pp.256-269,Gwangju, Korea, 2002.Changseok Bae received his B.S. and M.S. degrees in electronic engineering from Kyungpook NationalUniversity, Korea, in 1987 and 1989 respectively. He also received his Ph.D. degree in electrical andelectronic engineering from Yonsei University, Korea, in 2003. From 1989 to 1996, he was a seniorresearcher at Systems Engineering Research Institute, where he worked on image processing and patternrecognition. From 1997 to 1999, he worked with Korea Ministry of Information and Communication, where he participated inestablishing national software research and development policy. Since 2000,he has been a principal research staff of Embedded System Architecture Research Team at Electronics and Telecommunications Research Institute, where he is developing multimedia functions in the home server. His researchinterests include image processing, multimedia codec, home serverarchitecture, and information embedding.Jinho Yooreceived his B.S. and M.S. degrees in computer science from Kwangwoon University, Korea in 1994 and from Sogang University, Korea in 1996, respectively. From 1996 to 1998, he was a researcherat Research Institute of LG Information and Communications. Since 1999, he is a senior researcher at Electronics and Telecommunications Research Institute (ETRI). He has been and is developing system software that includes device drivers and components of operating systems in the home server box as a member of Embedded System Architecture Research Team. His research interests include operating system, hardware abstraction layer, hardware architecture, and compiler building in GNU. Kyuchang Kang received his B.S. and M.S. degrees in electronic engineering from Kyungpook National University, Korea, in 1994 and 1997 respectively. From 1997 to 2000, he worked on test and evaluation center at Agency for Defense Development as a researcher of engineering staff, where he developed Doppler signal analyzer and measurement system. Since 2001, he isworking on Computer and Software lab. at Electronics and Telecommunications Research Institute, where he is developing open service platform for the home server. He is also interested in mobile applications, distributed computing and network security.Yoonsik Choe received his B.S. degree in electrical engineering from Yonsei University, Korea, in 1979. He also received his M.S.E.E degree in systems engineering, M.S. and Ph.D. degrees all in electrical engineering from Case Western Reserve University, Cleveland, OH, the Pennsylvania State University,University Park, PA, and the Purdue University, Western Lafayette, IN, in 1984, 1987, and 1990, respectively. From 1990 to 1993, he was a principal engineer at Hyundai Electronics Industries, Co. Ltd., where he developed high definition TV. Since 1993, he has been with the Department of Electrical and Electronic Engineering at Yonsei University, Seoul, Korea, where he is an associate professor. Since 1988, he has been a member of Eta Kappa Nu. Since 2000, he has been the president of Signal Processing Research Center at Yonsei University. His research interests include video coding, videocommunications, statistical signal processing, and digital image processing systems. Jeunwoo Lee received his B.S., M.S., and Ph.D.degrees in electronic engineering from Kyungpook National University, Korea, in 1983, 1985, and 1998 respectively. Since 1985, he has been working at Electronics and Telecommunications Research Institute, and now, he is a principal research staff and the head of Embedded System Architecture Research Team where he is developing a home server platform. His research interests include information appliances, home serverarchitecture, and home digital services.。

相关文档
最新文档