Upload
madison-price
View
213
Download
0
Embed Size (px)
Citation preview
2
TCP/IP and OSI ModelsTCP/IP and OSI Models (OSI-Model, n.d.) and (Tomsho, 2007)
TCP/IP Layers
PDU OSI Layers Function Devices - Apps Standards
7 Application Network process to application, Initiates or accepts a request to transfer data
Browsers, servers, Gateways
HTTP, SNMP, FTP, Telnet
6 Presentation Adds formatting, display, and encryption of information
Gateways ASCII, MPEG, SSH, SSL
Application Data
5 Session Adds communication session control information, Login/Logout
DNS, Gateways
NetBIOS
Transport Segments 4 Transport Adds End-to-end connections and reliability, re-sequencing, flow control
Gateways TCP, UDP
Network Packets 3 Network Path determination and logical addressing (IP), translates MAC address to logical address
Routers IP, ICMP, ARP, NetBEUI, IPSec
LLC Frames 2 Data Link
MAC
Adds error checking and physical addressing (MAC & LLC)
Switches, Bridges, NICs
802.3, 802.11, FDDI
Link
Bits 1 Physical Media, signal and binary transmission, sends data as a bit stream
Hubs, Repeaters
10Base-T, T1, E1
3
Origins of Unix• In the early 1960's, MIT experimented with
Time sharing systems: CTSS and MAC.• This developed into the Multics project.
– Funded by ARPA (ARPA also funded the creation of the Internet, originally known as ARPANET).
– Project included MIT, GE and Bell Labs (Included Dennis Ritchie and Ken Thompson from Bell Labs).
– Bell Labs withdrew in 1969.
4
Origins of Unix
• Ken Thompson wrote a game called 'Space Travel' but it was expensive to run on a Mainframe.
• Thompson found an old PDP-7 with inadequate OS.
• Thompson and Ritchie wrote the precursor to UNIX in assembly language.
5
Origins of Unix
• Thompson and Ritchie wanted a portable OS for programmers.
• Ritchie developed the language C as mid-level language to implement UNIX. This was very important because:– It allowed UNIX to be portable.– It made it much easier to maintain/modify
UNIX• Portability allowed UNIX to spread to other
platforms very quickly.
6
Origins of Unix
• Bell Labs was part of AT&T. AT&T was a legal telecommunications monopoly and was not allowed to sell computers or software.
• AT&T licensed UNIX source to Universities which made their own modifications and variations (specifically Berkley).
• After divestiture of AT&T in 1984, AT&T commercializes UNIX.
• Many commercial variants exist, including SUN Solaris, HP-UX, IBM AIX, Compaq TRUE64, etc. Source NOT available.
7
Where did GNU and Linux Come From?
• In the mid 80's, Richard Stallman, a researcher at MIT, felt it was morally wrong that companies would not share source code.
• Stallman created the Free Software Foundation (FSF) with the goal a creating a free OS, called GNU (GNU stands for 'GNU is Not Unix').– see: http://www.gnu.org/
• In the late 1980's, Stallman wins the McArthur Genious Award ($300K) and uses the money to support the GNU effort.
8
Where did GNU and Linux Come From?
• GNU project decided to work on OS tools first (gcc, gdb, gnu make, gzip, etc) and the Kernel last.
• In the early 1990's, Linus Torvalds wants source to Minix and is turned away. Torvalds creates a UNIX compliant Kernel and encourages other over the internet to help him.
• In the mid 1990s complete, free, UNIX compliant OS's were created by merging GNU tools with Linux. This is what Redhat, Fedora, Knoppix, Debian, Mandrake, Suse, Knoppix, etc. have done.
• GNU still working on its own Kernel (GNU HURD)
9
Where did GNU and Linux Come From?
• In a strict sense, Linux refers to the kernel.• The kernel is a single executable file.• In Fedora Core 6.0, the kernel is:
– located at /boot/vmlinuz– based on version 2.4– approximately 1.7 Mbytes in size (small)
10
What is the IP Address of My Machine?
• ifconfig command• ifconfig displays the status of the currently active network
interfaces.1. > ifconfig2. eth0 Link encap:Ethernet HWaddr 00:A0:CC:3B:0E:533. inet addr:192.168.1.20 Bcast:192.168.1.255 Mask:255.255.255.04. inet6 addr: fe80::2a0:ccff:fe3b:e53/64 Scope:Link5. UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:16. RX packets:136 errors:1 dropped:0 overruns:0 frame:07. TX packets:171 errors:0 dropped:0 overruns:0 carrier:08. collisions:0 txqueuelen:10009. RX bytes:14102 (13.7 KiB) TX bytes:18945 (18.5 KiB)10. Interrupt:5 Base address:0xef00
11
What is the IP Address of a Remote Machine?
• nslookup command (also in Windows)– A program to query Internet domain name
servers
• Example:> nslookup einstein.franklin.edu1. Server: 65.24.7.32. Address: 65.24.7.3#53
3. Non-authoritative answer:4. Name: einstein.franklin.edu5. Address: 66.77.177.143
12
Is the Remote Machine Alive?
• Example of ping command: (also in Windows)1. > ping 65.24.7.32. PING 65.24.7.3 (65.24.7.3) 56(84) bytes of data.3. 64 bytes from 65.24.7.3: icmp_seq=1 ttl=248 time=16.5 ms4. 64 bytes from 65.24.7.3: icmp_seq=2 ttl=248 time=13.0 ms5. 64 bytes from 65.24.7.3: icmp_seq=3 ttl=248 time=11.7 ms6. 64 bytes from 65.24.7.3: icmp_seq=4 ttl=248 time=14.9 ms7. 64 bytes from 65.24.7.3: icmp_seq=5 ttl=248 time=12.2 ms
8. --- 65.24.7.3 ping statistics ---9. 5 packets transmitted, 5 received, 0% packet loss, time
4000ms10. rtt min/avg/max/mdev = 11.710/13.687/16.518/1.794 ms
13
/etc/hosts
• /etc/host file:– Text file that associates IP addresses with
hostnames (aliases).
• /etc/hosts on Einstein1. # Do not remove the following line, or various programs
2. # that require network functionality will fail.
3. 127.0.0.1 localhost.localdomain localhost
4. 10.0.2.12 qwprlx17 qwprlx17.students.qw.franklin.edu
5. 10.0.2.118 qwprwi04
14
/etc/protocols
• A text file that maps protocol names with protocol numbers used as IDs in the IP layer.
• Example from Einstein (very small subset):1. ip 0 IP # internet protocol, pseudo protocol number2. icmp 1 ICMP # internet control message protocol3. tcp 6 TCP # transmission control protocol4. udp 17 UDP # user datagram protocol5. gre 47 GRE # Generic Routing Encapsulation6. ipv6-crypt 50 IPv6-Crypt # Encryption Header for IPv67. ipv6-icmp 58 IPv6-ICMP # ICMP for IPv6
15
/etc/services• A text file providing that maps the following:
– Human friendly textual names for internet services– Assigned port numbers– Protocol types
• Port assignments made by IANA– See http://www.iana.org/assignments/port-numbers
• Example from Einstein:1. # service-name port/protocol [aliases ...] [# comment]2. tcpmux 1/tcp # TCP port service multiplexer3. rje 5/tcp # Remote Job Entry4. echo 7/tcp5. systat 11/tcp users6. daytime 13/tcp7. ftp 21/tcp8. ssh 22/tcp # SSH Remote Login Protocol9. telnet 23/tcp
16
inetd
• Historically, each network service is supported by its own daemon process or processes.
• A telnet daemon would support the telnet service, the ftp daemon would support the ftp process, etc.
• Many daemons are running, often not being used.
• Each service had to worry about security from the point of connection
17
inetd
• inetd (precursor to xinetd) was created to address the issue of the abundance of network service daemons.
• inetd was designed to listen on ports for network service requests.
• when a request arrived at a port, inetd would fork the appropriate process (ftp, telnet, etc) to service the request.
• Therefore services like ftp, telnet, etc were no longer daemons - they are now transient processes.
• Inetd is sometimes referred to as a ‘Super Server’.
18
/etc/inetd.conf(inetd, n.d.)
• File format:service type protocol wait user server cmdline
• service– Gives the service name. – The service name has to be translated to a port
number by looking it up in the /etc/services file.
• type– Specifies a socket type
• stream (for connection-oriented protocols) • dgram (for datagram protocols).
19
/etc/inetd.conf(inetd, n.d.)
• protocol– Names the transport protocol used by the service. – Must be a valid protocol name found in the
/etc/protocols
• wait– This option applies only to dgram sockets. – It can be either wait or nowait. – If wait is specified, inetd executes only one server for
the specified port at any time. – Otherwise, it immediately continues to listen on the
port after executing the server.
20
/etc/inetd.conf(inetd, n.d.)
• user– This is the login ID of the user who will own the
process when it is executing.
• server– Gives the full pathname of the server program to be
executed.
• cmdline– This is the command line to be passed to the server. – This field is empty for internal services.
21
/etc/inetd.conf(inetd, n.d.)
• Sample File (Subset)1. # 2. # inetd services3. #4. ftp stream tcp nowait root /usr/sbin/ftpd 5. login stream tcp nowait root /usr/sbin/rlogind6. #7. # inetd internal services8. #9. time stream tcp nowait root internal10. time dgram udp nowait root internal11. echo stream tcp nowait root internal12. echo dgram udp nowait root internal
22
xinetd
• xinetd stands for eXtended InterNET services Daemon.• Created by Panos Tsirigotis at the University of
Colorado.• More secure than inetd - designed to prevent Denial of
Service attacks.• Can control access by:
– address of remote host– time of access– name of remote host– domain of remote host
• xinetd is sometimes referred to as the “super-server”.
23
xinetd.conf0001: #0002: # Simple configuration file for xinetd0003: #0004: # Some defaults, and include
/etc/xinetd.d/0005:0006: defaults0007: {0008: instances = 600009: log_type = SYSLOG authpriv0010: log_on_success = HOST PID0011: log_on_failure = HOST0012: cps = 25 300013: }0014:0015: includedir /etc/xinetd.d0016:
• xinetd is the name of the daemon process.
• xinetd config file: /etc/xinetd.conf
• instances: max number of simultaneous servers for a given service
• cps:– first number is max
connections per second– second number is number
of seconds to wait before re-enabling service after cps has been exceeded.
24
xinetd.d
• In addition to having a config file for the xinetd daemon itself, each supported service (ftp, telnet, etc) has its own config file in /etc/xinetd.d
[root@localhost xinetd.d]# lsamanda cups-lpd eklogin ipop3 pop3s services timeamandaidx daytime finger klogin rexec sgi_fam time-udpamidxtape daytime-udp gssftp krb5-telnet rlogin swatchargen dbskkd-cdb imap kshell rsh talkchargen-udp echo imaps ktalk rsync telnetcomsat echo-udp ipop2 ntalk servers tftp
25
xinetd.d
• Example: What follows is the configuration file for telnet:0001: # default: on0002: # description: The telnet server serves telnet sessions; it uses \0003: # unencrypted username/password pairs for authentication.0004: service telnet0005: {0006: flags = REUSE0007: socket_type = stream0008: wait = no0009: user = root0010: server = /usr/sbin/in.telnetd0011: log_on_failure += USERID0012: disable = no0013: }0014:
26
SSHD
• SSHD - OpenSSH SSH daemon
• replaces rsh and rlogin
• forks a new sshd daemon for each new connection
• communication is encrypted
• used on einstein and can comes configured on RedHat 9.0
27
SSHD
• SSHD supports:– ssh
• similar to telnet• client uses tool like putty (Windows), ssh
(Linux/Unix)
– secure ftp• similar to ftp• client uses tool like winscp2 (Windows), sftp
(Linux, Unix)
28
Samba
• Open Source application that runs on Linux, Unix, etc.
• It allows Linux machine to appear like a Windows file server to Windows client machines
• It also allows Windows clients to make use of printing services on a Linux machine.
• Supports Server Message Block (SMB) Protocol.• Windows client machines can mount Unix
directories to their PCs (as added drives)• Included in most Linux distributions.
29
NFS(NFS, n.d.)
• Network File System
• A protocol developed by SUN in 1984
• Allows a remote filesystem to be mounted on a local computer.
• Originally implemented on top of UDP
• Newer versions implement NFS protocol on top of TCP for better WAN support.
30
References
• http://www.perldoc.com/perl5.6.1/lib/CGI.html• http://www.xinetd.org/faq.html• http://www.linuxfocus.org/English/November2000/article175.shtml• http://www.macsecurity.org/resources/xinetd/tutorial.shtml• http://www.bgw.org/tutorials/operating_systems/linux/inetd_tour.php
3• Inetd, n.d. The inetd Super Server. Retrieved on 02/20/2007
http://www.faqs.org/docs/linux_network/x-087-2-appl.inetd.html• NFS, n.d. Network File System (Sun). Retrieved on 02/20/2007
http://en.wikipedia.org/wiki/Network_File_System_%28Sun%29