VPN Lab 2 Zutao Zhu 04/02/2010. Outline How a packet traverse in VPN How to write socket program Certificate.

Slides:

Advertisements

Similar presentations

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.

Advertisements

Encrypting Wireless Data with VPN Techniques

CIS 193A – Lesson9 Network Infrastructure. CIS 193A – Lesson9 Focus Question What are three high level subnets a corporate intranet will want to support?

VPN Lab Zutao Zhu 03/26/2010. Outline VPN VPN Setup in VMWare VPN tasks OpenSSL How to Write Socket Programs using OpenSSL APIs.

Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)

Spring 2003CS 4611 Introduction, Continued COS 461.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 18 Host Configuration: DHCP.

Circuit & Application Level Gateways CS-431 Dick Steflik.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

Mastering Windows Network Forensics and Investigation Chapter 11: Text Based Logs.

CS3212 計算機網路概論 Winsock Tutorial

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 7 Connect the SUSE Linux Enterprise Server to the Network.

Socket programming in C. Socket programming Socket API introduced in BSD4.1 UNIX, 1981 explicitly created, used, released by apps client/server paradigm.

1 Networking (Stack and Sockets API). 2 Topic Overview Introduction –Protocol Models –Linux Kernel Support TCP/IP Sockets –Usage –Attributes –Example.

Network Programming Tutorial #9 CPSC 261. A socket is one end of a virtual communication channel Provides network connectivity to any other socket anywhere.

SOCKS Group: Challenger Member: Lichun Zhan. Agenda Introduction SOCKS v4 SOCKS v5 Summary Conclusion References Questions.

CS345 Operating Systems Φροντιστήριο Άσκησης 2. Inter-process communication Exchange data among processes Methods –Signal –Pipe –Sockets.

Web Server Administration Chapter 10 Securing the Web Environment.

Computer Network Sritrusta Sukaridhoto. Computer Network – Sritrusta Sukaridhoto Why Computer Network ??? Stand alone Computer …. FOR WHAT ???

NECP: the Network Element Control Protocol IETF WREC Working Group November 11, 1999.

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Page 1 NAT & VPN Lecture 8 Hassan Shuja 05/02/2006.

1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

1 Routing. 2 Routing is the act of deciding how each individual datagram finds its way through the multiple different paths to its destination. Routing.

Wireless Networks and the NetSentron By: Darren Critchley.

Links and LANs Link between two computers via cross cable The most simple way to connect two hosts is to link the two hosts with a cross cable.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 OSI Transport Layer Network Fundamentals – Chapter 4.

Lab #1: Network Programming using Sockets By J. H. Wang Nov. 28, 2011.

Module 5: Configuring Access for Remote Clients and Networks.

1 實驗九：建置網路安全閘道器教師：助教：. 2 Outline  Background  Proxy – Squid  Firewall – IPTables  VPN – OpenVPN  Experiment  Internet gateway  Firewall  VPN.

1 TCP/IP Networking. 2 TCP/IP TCP/IP is the networking protocol suite most commonly used with UNIX, Windows, NT and most other OS’s. TCP/IP defines a.

Network Programming Eddie Aronovich mail:

Hands On Networking IPv4 Routing Veena S (MCA Dept) Shruti Kadam, MCA Dept Arpita Kulkarni, MCA Dept June 28, 2012.

1 COP 4343 Unix System Administration Unit 11: Networking – basic concepts: IP, TCP, UDP, DHCP – devices: setup, status.

TCP/IP Protocol Suite 1 Chapter 16 Upon completion you will be able to: Host Configuration: BOOTP and DHCP Know the types of information required by a.

CPSC 441 TUTORIAL – FEB 13, 2012 TA: RUITNG ZHOU UDP REVIEW.

Unit - III. Providing a Caching Proxy Server (1) A caching proxy server is software that stores (caches) frequently requested internet objects such as.

Network Infrastructure Microsoft Windows 2003 Network Infrastructure MCSE Study Guide for Exam

ICMP Spoofing Attacks Dr. Neminath Hubballi IIT Indore © Neminath Hubballi.

Basic Linux Router I Router, a device that... Working on OSI Layer 3 (Network Layer) Connected to more than one networks Finding.

SOCKS By BITSnBYTES (Bhargavi, Maya, Priya, Rajini and Shruti)

S OCKET P ROGRAMMING IN C Professor: Dr. Shu-Ching Chen TA: HsinYu Ha.

IPSec VPN Chapter 13 of Malik. 2 Outline Types of IPsec VPNs IKE (or Internet Key Exchange) protocol.

Intro to Socket Programming CS 360. Page 2 CS 360, WSU Vancouver Two views: Server vs. Client Servers LISTEN for a connection and respond when one is.

S OCKET P ROGRAMMING IN C Professor: Dr. Shu-Ching Chen TA: Hsin-Yu Ha.

Computer Communication: An example What happens when I click on

CSCI 330 UNIX and Network Programming Unit XIV: User Datagram Protocol.

1 Spring Semester 2008, Dept. of Computer Science, Technion Internet Networking recitation #7 Socket Programming.

CS 447 Networks and Data Communication Server-Process Organization IP address and SockAddr_In Data Structure Department of Computer Science Southern Illinois.

Socket programming in C. Socket programming with TCP Client must contact server server process must first be running server must have created socket (door)

UDP. User Datagram Protocol (UDP)  Unreliable and unordered datagram service  Adds multiplexing  No flow control  Endpoints identified by ports 

Team: Unison Richard Bhuleskar Atul Patil Vinit Mahedia Virendra Kucherriya Vasanthnag Vasili.

Managing and Directing Network Traffic with Linux

Sockets and Beginning Network Programming

Host Configuration: BOOTP and DHCP

Chapter 6 – Routing.

Socket Programming in C

CHAPTER 8 ELEMENTARY UDP SOCKETS

Host Configuration: BOOTP and DHCP

* Essential Network Security Book Slides.

Setting Up Firewall using Netfilter and Iptables

Firewalls By conventional definition, a firewall is a partition made

دیواره ی آتش.

Chapter 06. UDP Server/Client.

Internet Networking recitation #8

WireGuard zswu.

Virtual Private Network

Presentation transcript:

VPN Lab 2 Zutao Zhu 04/02/2010

Outline How a packet traverse in VPN How to write socket program Certificate

Packet Flow

VMware Port Forwarding How it works?

Routing Table Add route to host –# route add -host dev eth0:0 –# route add -host gw Add route to network –# route add -net netmask eth0 # route add -net netmask gw # route add -net /24 eth1 Add default route –# route add default gw

Routing Table Flags Flags Possible flags include U (route is up) H (target is a host) G (use gateway) R (reinstate route for dynamic routing) D (dynamically installed by daemon or redirect) M (modified from routing daemon or redirect) A (installed by addrconf) C (cache entry) ! (reject route)

IP Forwarding One machine has more than one network adapter # sysctl -w net.ipv4.ip_forward=1 # sysctl net.ipv4.ip_forward # vi /etc/sysctl.conf net.ipv4.ip_forward = 1

Make sure You understand how the packets flow You need to change the IP address in the appropriate point When debugging, print out the values of src_ip, src_port, dst_ip, dst_port in the key points

Socket Programming UDP server –sock = socket(AF_INET, SOCK_DGRAM, 0) –Set struct sockaddr_in server_addr (which port you want to use), client_addr –Bind socket to server_addr –Enter infinite loop, recvfrom(sock,recv_data,1024,0, (struct sockaddr *)&client_addr, &addr_len)

Socket Programming UDP client –sock = socket(AF_INET, SOCK_DGRAM, 0) –Set struct sockaddr_in server_addr (which port you want to use), client_addr –Enter infinite loop, sendto(sock, send_data, strlen(send_data), 0, (struct sockaddr *)&server_addr, sizeof(struct sockaddr))

Certificate Create the configuration file You need to create your own certificates when demo You can define your VPN server’s authenticate policy (for the clients) Design your small protocol to do the key exchange

Control and data channels Control one : TCP Data one : UDP

Key Exchange Use TCP channel Client changes the session key/IV/etc. Client use the new session key to encrypt the data When server is notified, server also changes the session key for this communication Server can decrypt client’s encrypted data

Reference et-programming-tutorial.htmlhttp:// et-programming-tutorial.html