Cosc 4750 Networking. The basics Machine A and Machine B have a connection to a network When Machine A wants to “talk” to machine B, it creates a packet.

Slides:



Advertisements
Similar presentations
Static Routing Exercise AFNOG 2003/ Track 2 # 1 Static Routing Exercise u Unix network interface configuration u Cisco network interface configuration.
Advertisements

Static Routing Exercise. What will the exercise involve?  Unix network interface configuration  Cisco network interface configuration  Static routes.
Ipchains and Iptables Linux operating system natively supports packet-filtering rules: Kernel versions 2.2 and earlier support the ipchains command. Kernel.
6 UNIX Network Utilities Mauro Jaskelioff. Introduction Overview of computer networks Network related utilities –Accessing a remote computer –Transferring.
SYSTEM ADMINISTRATION Chapter 19
1 Linux Networking and Security Chapter 2. 2 Configuring Basic Networking Describe how networking devices differ from other Linux devices Configure Linux.
Packet Analyzers, a Threat to Network Security. Agenda Introduction The background of packet analyzers LAN technologies & network protocols Communication.
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Linux Networking TCP/IP stack kernel controls the TCP/IP protocol Ethernet adapter is hooked to the kernel in with the ipconfig command ifconfig sets the.
Securing Network using Linux. Lesson Outline Setting up a secure system TCP Wrapper configuration Firewalls in Linux Authentication Systems –NIS –Kerberos.
Basic TCP/IP Networking
Network Debugging Organizational Communications and Technologies Prithvi Rao H. John Heinz III School of Public Policy and Management Carnegie Mellon University.
Common network diagnostic and configuration utilities A ‘toolkit’ for network users and managers when ‘troubleshooting’ is needed on your network.
Chapter 23: ARP, ICMP, DHCP IS333 Spring 2015.
COEN 252: Computer Forensics Router Investigation.
CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control Non e0e1 s server.
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Click to edit Master subtitle style Chapter 17: Troubleshooting Tools Instructor:
Network Security1 – Chapter 3 – Device Security (B) Security of major devices: How to protect the device against attacks aimed at compromising the device.
Linux Networking Commands
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 7 Connect the SUSE Linux Enterprise Server to the Network.
TCP/IP Networking sections 13.2,3,4,5 Road map: TCP, provide connection-oriented service IP, route data packets from one machine to another (RFC 791) ICMP,
Day15 IP Space/Setup. IP Suite of protocols –TCP –UDP –ICMP –GRE… Gives us many benefits –Routing of packets over internet –Fragmentation/Reassembly of.
1 Figure 5-4: Drivers of Performance Requirements: Traffic Volume and Complexity of Filtering Performance Requirements Traffic Volume (Packets per Second)
Module 7: Configuring TCP/IP Addressing and Name Resolution.
Hands-on Networking Fundamentals
NetFilter – IPtables Firewall –Series of rules to govern what Kind of access to allow on your system –Packet filtering –Drop or Accept packets NAT –Network.
07/11/ L10/1/63 COM342 Networks and Data Communications Ian McCrumRoom 5B18 Tel: voice.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
Cybersecurity Computer Science Innovations, LLC. Fingerprinting So, we have a file at the top level of a Web site. It is called robots.txt It specifies.
ITS CSS Desktop Support Introduction to networking concepts Last updated: 9/30/2008 by pxahelp.
1 IP: putting it all together Part 2 G53ACC Chris Greenhalgh.
Karlstad University Introduction to Vulnerability Assessment Labs Ge Zhang Dvg-C03.
Lab How to Use WANem Last Update Copyright 2011 Kenneth M. Chipps Ph.D. 1.
Objectives Configure routing in Windows Server 2008 Configure Network Address Translation 1.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Application Layer Functionality and Protocols.
SCSC 455 Computer Security Network Security. Control access to system Access control mechanisms in specific network programs  e.g. 1, wu-FTP server support.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.
IP Forwarding.
Linux+ Guide to Linux Certification Chapter Fifteen Linux Networking.
Saeed Darvish Pazoki – MCSE, CCNA Abstracted From: Cisco Press – ICND 1 – Chapter 9 Ethernet Switch Configuration 1.
Networking Colin Alworth May 26, Quick Review IP address: four octets Broadcast addresses –IP addresses use all 1’s for the host bits, and whatever.
Day 14 Introduction to Networking. Unix Networking Unix is very frequently used as a server. –Server is a machine which “serves” some function Web Server.
Hour 7 The Application Layer 1. What Is the Application Layer? The Application layer is the top layer in TCP/IP's protocol suite Some of the components.
Linux Networking and Security
Firewalling With Netfilter/Iptables. What Is Netfilter/Iptables? Improved successor to ipchains available in linux kernel 2.4/2.6. Netfilter is a set.
1 TCP/IP, Addressing and Services S. Hussain Ali M.S. (Computer Engineering) Department of Computer Engineering King Fahd University of Petroleum and Minerals.
Computer Networking From LANs to WANs: Hardware, Software, and Security Chapter 13 FTP and Telnet.
CSN09101 Networked Services Week 6 : Firewalls + Security Module Leader: Dr Gordon Russell Lecturers: G. Russell.
2010 paro, bhutan IP Basics IP/ISP Services Workshop July, 2010 Paro, Bhutan.
Networking in Linux. ♦ Introduction A computer network is defined as a number of systems that are connected to each other and exchange information across.
1 TCP/IP Networking Yue Cui 06/13/02. 2 Presentation Outline Introduction Packets and Encapsulation IP Addresses, Routing ARP, DHCP and PPP Security Issue.
Sniffer, tcpdump, Ethereal, ntop
1 Kyung Hee University Chapter 6 Delivery Forwarding, and Routing of IP Packets.
1 Bus topology network. 2 Data is sent to all computers, but only the destination computer accepts 02608c
Firewalls A brief introduction to firewalls. What does a Firewall do? Firewalls are essential tools in managing and controlling network traffic Firewalls.
CCNA4 Perrine / Brierley Page 12/20/2016 Chapter 05 Access Control Non e0e1 s server.
Chapter 4: server services. The Complete Guide to Linux System Administration2 Objectives Configure network interfaces using command- line and graphical.
COMP1321 Digital Infrastructure Richard Henson March 2016.
Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.
Secure Communications ● Cleartext vs. encryption and encapsulation ● Protocols not to use ● SSH – scp/ftp – SSH tunnelling ● VPN.
Click to edit Master subtitle style
FIREWALL configuration in linux
The Linux Operating System
Access Control Lists CCNA 2 v3 – Module 11
Setting Up Firewall using Netfilter and Iptables
– Chapter 3 – Device Security (B)
CS580 Special Project: IOS Firewall Setup using CISCO 1600 router
Presentation transcript:

Cosc 4750 Networking

The basics Machine A and Machine B have a connection to a network When Machine A wants to “talk” to machine B, it creates a packet of information with a destination address of machine B, and sends it out into the network. Machine B receives the packets and responds if it needs to. In UNIX, Machine A can also send a message to itself. (localhost, IP )

TCP/IP and the Internet brief history –Not created by Microsoft or Vice President Gore –Established by DARPA in 1969 for the US Department of Defense, called ARPANET –By 1980’s it was used in research by Universities –1994: Internet went private

Who “manages” the Internet ICANN, The Internet Corporation for Assigned Names and Numbers: –can be said to be in charge of the internet IETF, the Internet Engineering Task Force –Oversee development and standardization. ISOC, the Internet Society –Membership organization that represents Internet users.

The IP address Crisis Class A IP, example 129.X.X.X Class B IP, example X.X Class C IP, example X Where never allocated “fairly”. US government holds half the the Class A IPs from X.X.X, many unused or badly allocated. for more information

Ethernet Uses CSMA/CD: –Carrier Sense: you can tell whether anyone is talking. –Multiple Access: everyone can talk –Collision Detection: you know when you interrupt someone else.

Evolution YearSpeedNamemedia 19733Mb/sXeroxcoax Mb/sEthernetcoax cat3 10Base2/10BaseT Mb/s100BaseCat5, fiber Gb/s1000Basefiber,Cat5e Tb/s??

Networking for your machine Static or manual –You set the network information the machine needs. DHCP –Your machine asks for the networking information from a Server. BOOTP –A server give you an IP number and gateway PPP –Dailup version of DHCP or could be static

DHCP and bootp –Each asks a server for networking information for your machine. It is based off a mac address a MAC address –a hard coded number that you network card has. –It is 6 segment Hex number –example: 08:00:20:79:4F:49

loopback interface lo (or lo0) is the loopback interface It has an IP address of and name of localhost. (Don’t EVER changed this). On a unix machine, it's active even the network card is not. Used for testing of networking applications and other things.

Using arp arp is a program that will display know mac addresses, IP number, and machine name. Each machine has a table of know machines, called an arp table arp –a xor.com ( ) at 08:00:20:77:5E:A0 earth.xor.com ( ) at 00:50:DA:12:4E: E5

Using ifconfig ifconfig allows you to configure your network and look at a specific network device ifconfig eth0 (network card) –displays flags, IP number, netmask, broadcast, mac address, and stat’s –netmask tells the computer which IP address class you have (A,B,C). Class C: –broadcast, has to do with IP class. Class C: (for computer Science).

PPP and IP forwarding When a machine makes a PPP (dial-up) connection to a server, the server then forwards on IP packets from the client into the network (internet). Also, the client’s IP is associated with the servers mac address. IP forwarding is for routing (dial-up and network). If your machine is not a dial-up server, it should be turned off.

routing Most machines a route table, where to send packets. netstat –rn will display the route table Kernel IP routing table Destination Gateway Genmask Flags M W irtt Iface UH eth U eth U lo UG eth is also called default

Adding routes The most common route to add to a machine is the default route. –This is the one that gets your network packets outside of IP domain Normally to a router. route add default –Since that is where our “router” is located.

Security Networking is one of the most vulnerable parts of a computer for attacks. firewalls and filters. Basically, UNIX firewalls and filters are weak (and Microsoft’s are far worse). firewalls allow you block network traffic to a machine (or set of machines) filtering allows you block a set of IPs or only allow a set of IPs into your machine.

For true hardware firewalls and filters, buy a dedicated router or switch ( probably from CISCO, current leader network hardware, 70% of the market, but there are other very good vendors [and cheaper] as well. ). Denial of Service and various other attacks can be blocked by routers/switches and IDSs, but not by a UNIX machine Why? The computer is spending time to deal with the problem, instead of normal work. –We will return to security later on.

Cosc 4750 Networking commands

More Networking commands hostname –allows you to determined the name of the machine nslookup Or nslookup IP number –Determine an IP for a given name or a name for a given IP number –More later with DNS

finger –check to see if they are logined finger –check to who is logged to the machine or –See who is logged in or if a given user is logged into a remote machine

tcpdump, must be run as root –prints out the packets received by an interface (network card) ping or ping –c # machine –Allows to check to see if a machine is alive –And check to see if your networking is working – -c is how many packets to send/receive before stopping

traceroute –Displays all immediate steps between your machine and a remote machine –Good way to find out where the network broken down between you and a remote machine –Also useful in tracking an IP address

telnet –connect to a remote machine, if port is left off, then the default is port 23, which is for telnet logins rlogin –login to a remote machine, with the current username (- l to specify another username) –normally some environment variables are “carried” to the remote machine. –Must use a password (unless.rhost file)

.rhosts file –a listing of machines that a user can rlogin (rcp and rsh) from with using a password. A security problem. –Example of the file meru.cs.uwyo.edu seker k2.cs.uwyo.edu seker asdf.cs.uwyo.edu bob

rcp (remote copy), normally need a.rhosts file for it work. –rcp –rcp test meru:/meru3/seker/. rsh (remote shell), will work without a.rhosts file. –rsh meru ls display the my directory on meru –rsh meru xterm –display k2.cs.uwyo.edu:0.0

xhost + –xhost is one way in which you allow a remote machine to display (access) “console” –For the preceeding rsh meru xterm command –xhost + meru is needed in order for meru to display an xterm window on my console (display). –xhost + (with a machine) allows any remote host to access your console. Very insecure.

All the r commands are considered insecure and should be avoided. –rsh, rlogin, rcp, etc. –Instead you want to use a secure problem

ssh (secure shell) is replace program for rlogin and rsh. Provides encrypted communication between two untrusted hosts over an insecure network. (from the man pages) –ssh meru Will create a secure connection between my machine and meru –see the man pages (man ssh) for more information

Use ssh instead of rsh –ssh command Use scp instead of rcp And sshd will accept secure ftp connections –use sftp instead of ftp

Why use the S programs? ssh creates a secure connections –passwords are not passed between machines in clear text, instead they are encrypted Since the connection is encrypted, packet sniffers and other similar devices can “see” what you are doing. Offers machine better security. –Xhost + for example, allows ANYONE to “view” your screen and could capture keystrokes.

More on netstat netstat –a displays all active TCP and UDP ports netstat –i displays each interface and stat’s netstat –i –c display continuing stat’s netstat –rn displays the route tables netstat –s displays stat’s for each section: IP, ICMP, TCP, and UDP

Packet Sniffers Listen to the traffic on the network, record and/or print packets with certain criteria –Changes the network card to "promiscuous mode", so that it can intercept all the network packets. –tcpdump is installed on most linux machines and is a packet sniffer, command line –Ethereal, use a GUI interface and allows a point and click see the man pages for use of these programs.

Packet Sniffers (2) There are a lot of packet sniffer packages available. –They should be used with caution, since you are bordering on hacking, as well as intercepting "private" information.

SNMP The Simple Network Management Protocol Can be used for gathering stat’s and managing network hardware Some applications that been created with SNMP protocol –mrtg, multi-router traffic grapher demo in class perl also has several modules for snmp.

Iptables How the firewall treats packets leaving, entering, or passing through your computer. There is a chain for each of these. –Any packet entering your computer goes through the INPUT chain. –Any packet that your computer sends out to the network goes through the OUTPUT chain. –Any packet that your computer picks up on one network and sends to another goes through the FORWARD chain. The chains are half of the logic behind iptables themselves.

Iptables (2) Iptables can be configured through the command iptables –And configured on startup from /etc/sysconfig/iptables The basics –You specify based on a number of different attributes whether a packet should be accepted or dropped for each chain. You can drop an incoming packet from one packet, but allow an outbound packet to it.

Iptables (3) Examples: Iptables –A INPUT -s j DROP –Drop any input bound packet from ip number –Still allows outbound packets to that ip.

Iptables (4) -p [protocol] –tcp, udp, icmp, icmp, or all -s IPaddress[/mask] –Source IP address or part with a mask, like /16 -d Ipaddress[/mask] –Destination IP addresss or part with mask. -i name network interface name packet received on -o name network interface name packet send out on --dport portnumber –used with –p and others to specify a port number.

Iptables (5) Other commands -A INPUT -m state –state RELATED, ESTABLISHED –j ACCEPT –Allows processes already talking to establish new connections iptables –P INPUT drop –The default is to drop packets on the input chain. There are many more.

iptables example *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] -A INPUT –I lo –j ACCEPT -A INPUT -s i eth0 -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT –s /16 -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A OUTPUT -o eth0 -j ACCEPT COMMIT

Iptables (6) Removing rules uses –D option iptables –D INPUT -s i eth0 -j ACCEPT –removes the rules accepting

iptables conclusion This covers only the basics of iptables –This should be enough to get you started with a good set of rules. You can create more chains and more rules. I didn’t cover all the options Find a good site or book that covers more detail and explanations.

Q A &

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.