Socket Program Training

10/24/2011

Introduction

• Video Streaming Server– Darwin

• VoIP– Asterisk

• Socket Program– Ex: FTP

• Backdoor Program

2

Darwin Streaming Server

– The open source version of Apple’s QuickTime Streaming Server technology

– Updated Version v6.0.3• http://dss.macosforge.org/

– Previous Version• v5.5.5

3

Installation

• tar zxf DarwinStreamingSrvr5.5.5-Linux.tar.gz• cd DarwinStreamingSrvrlinux-Linux• ./Install

• Please enter a new administrator user name: user_name

• Please enter a new administrator Password: your_password

4

Starting

• sudo /usr/local/sbin/DarwinStreamingServer

• sudo /usr/local/sbin/streamingadminserver.pl

• http://darwin.streaming.server:1220/

5

Asterisk

• Asterisk is software that turns an ordinary computer into a communications server.

• The Latest Version 10.0.0-beta1– http://www.asterisk.org/downloads

• V1.8.7.1

6

Installation (1/7)

• Run "./configure"

7

Installation (2/7)

• Run "make menuselect" [optional]

8

Installation (3/7)

• Run "make"

9

Installation (4/7)

• Run "make install"

10

Installation (5/7)

• Finally, you can launch Asterisk with:– # asterisk –vvvc

11

Installation (6/7)

• You can type "core show help" at any time to get help with the system.

12

Installation (7/7)

13

What is a Socket ?

• An interface between an application process and transport layer (TCP or UDP).

14

15

TCP Client

Socket ( )

Connect ( )

send ( )

Close ( )

send ( )

Read ( )

Accept ( )

recv ( )

Listen ( )

Bind ( )

Socket ( )

recv ( )

Close ( )

Waiting for the requests from clientBuild a connection

Data (request)

Data (reply)

Deal with the request

TCP Server

Notify the end of the file

EX: FTP Server (1/2)

16

EX: FTP Server (2/2)

17

EX: FTP Client (1/2)

18

EX: FTP Client (2/2)

19

20

Compile

• gcc -o filename filename.c– # gcc -o server server.c– # gcc -o client client.c

• Execute the filename– # ./filename– # ./filename server_IP number_of_file file1

file2 file3

Backdoor program

/usr/src/kernels/fedora/include/linux/skbuff.h

21

Defined as a function in: net/ipv4/ip_input.c, line 379 Defined as a function prototype in: include/net/ip.h, line 93 Referenced (in 3 files total) in: include/net/ip.h, line 93 net/ipv4/af_inet.c, line 1560 net/ipv4/ip_input.c, line 379

Defined as a function in: net/ipv4/ip_input.c, line 379 Defined as a function prototype in: include/net/ip.h, line 93 Referenced (in 3 files total) in: include/net/ip.h, line 93 net/ipv4/af_inet.c, line 1560 net/ipv4/ip_input.c, line 379

IP Layer

int count(struct sk_buff* skb){

struct iphdr *iph;

struct udphdr *udph;

struct timeval tv;

static int total_packet = 0;

static int last_timestamp = 0;

23

IP Layer

iph = skb->nh.iph;

printk("=================IP=================\n");

//IP Header

printk("Version = %d\n",iph-> version);

printk("IHL = %d\n",iph-> ihl*4);

printk("Type of Service = %d\n",iph-> tos);

printk("Total Length = %d\n",ntohs(iph-> tot_len));

printk("Identification = %d\n",iph-> id);

printk("Fragmentation Offset = %d\n",iph-> frag_off);

printk("Time to live = %d\n",iph-> ttl);

printk("Protocol = %d\n",iph-> protocol);

24

IP Layer

printk("Header Checksum = 0x%x\n",iph-> check);

printk("Source Address = %d.%d.%d.%d\n",*(skb->nh.raw+12),*(skb->nh.raw+13),*(skb->nh.raw+14),*(skb->nh.raw+15));

printk("Distination Address = %d.%d.%d.%d\n",*(skb->nh.raw+16),*(skb->nh.raw+17),*(skb->nh.raw+18),*(skb->nh.raw+19));

25

TCP Layer

if(iph-> protocol == IPPROTO_UDP) {//UDP Header

printk("================UDP=================\n");

udph = (struct udphdr *)(skb->nh.raw + iph->ihl*4);

printk("Source Port = %d\n",ntohs(udph->source));

printk("Distination Address = %d\n",ntohs(udph-> dest));

printk("Segment Length = %d\n",ntohs(udph-> len));

printk("Checksum = 0x%x\n",udph-> check);

26

Q&A

27