UNIX operacinės sistemos V. TCP/IP įrankiai. SSH naudojimas Simonas Kareiva 2014 m. rudens semestras
Paskaita #5 – I dalis Įvadas į TCP/IP bei OSI. IP adresas IP ir MAC adresai Darbas su UNIX OS tinkle Komandos ping ir traceroute Komandos arp, ifconfig ir route
TCP/IP Duomenų perdavimo protokolų rinkinys (HTTP / FTP / DNS / …) Sukurta , įdiegta 1983 Abstrakcijos lygiai (žr. toliau) Enkapsuliacija OSI modelis
Teoriškai Kompiuteris 2 Maršruti -zatorius Kompiuteris 1
Praktiškai Kompiuteris 2 Maršruti -zatorius Kompiuteris 1 Maršruti -zatorius
Kaip vyksta komunikacija? Ethernet Palydovi nis ryšys / optika / etc. WiFi Aplikacija Transportas Tinklas Sujungimas Aplikacija Transportas Tinklas Sujungimas Tinklas Sujungimas Tinklas Sujungimas
IP adresas ir kaukė / ? ?
Užduotis IP adresas yra /19 Klausimai: Kokia yra tinklo kaukės išraiška pilnu formatu? Kiek daugiausiai kompiuterių galima sujungti į tokį tinklą? Kokios tai klasės IP adresas?
Atsakymas - ipcalc > ipcalc /19 Address: Netmask: = Wildcard: => Network: / HostMin: HostMax: Broadcast: Hosts/Net: 8190 Class A, Private Internet
dar vienas IP užrašymo būdas (sh) #!/bin/sh IPTONUM () { IP=$1; IPNUM=0 for (( i=0 ; i<4 ; ++i )); do ((IPNUM+=${IP%.*}*$((256**$((3-${i})))))) IP=${IP#*.} done echo $IPNUM } NUMTOIP () { echo -n $(($(($(($((${1}/256))/256))/256))%256)). echo -n $(($(($((${1}/256))/256))%256)). echo -n $(($((${1}/256))%256)). echo $((${1}%256)) }
Adresų klasės KlasėPirmas oktetas dvejetainėje sistemoje Pirmas oktetas nuo-iki Tinklą identifikuoja Tinklų skaičius A0XXXXXXX a.2 7 = 128 B10XXXXXX a.b.2 14 = 16,384 C110XXXXX a.b.c.2 21 = 2,097,152
MAC adresas 08:00:20:d1:b0:0a – Sun Microsystems Inc. d1b00a – unikalus gaminio ID MAC / IP ryšys DHCP Statinis DHCP Dinaminis DHCP
Darbas tinkle su UNIX OS talk lynx echo paskambink | mail –s svarbu ping ifconfig
> ifconfig eth0 Link encap:Ethernet HWaddr 00:22:15:88:9c:93 inet addr: Bcast: Mask: inet6 addr: fe80::222:15ff:fe88:9c93/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets: errors:0 dropped:0 overruns:0 frame:0 TX packets: errors:0 dropped:0 overruns:0 carrier:1 collisions:0 txqueuelen:1000 RX bytes: (592.3 MB) TX bytes: (3.4 GB) lo Link encap:Local Loopback inet addr: Mask: inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets: errors:0 dropped:0 overruns:0 frame:0 TX packets: errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes: (2.2 GB) TX bytes: (2.2 GB)
ping > ping PING ( ): 56 data bytes 64 bytes from : icmp_seq=0 ttl=240 time= ms 64 bytes from : icmp_seq=1 ttl=240 time= ms 64 bytes from : icmp_seq=2 ttl=240 time= ms ping: sendto: Network is down ^C ping statistics packets transmitted, 3 packets received, 50% packet loss round-trip min/avg/max/stddev = / / / ms
traceroute > traceroute cisco.netacad.net traceroute to cisco.netacad.net ( ), 30 hops max, 40 byte packets 1 gw.ep.lt ( ) ms ms ms static.telecom.lt ( ) ms ms ms telecom.lt ( ) ms ms ms 4 war-b3-link.telia.net ( ) ms ms ms 5 hbg-bb2-link.telia.net ( ) ms ms ms 6 ldn-bb2-link.telia.net ( ) ms ldn-bb2-link.telia.net ( ) ms ldn-bb2-link.telia.net ( ) ms 7 ash-bb1-link.telia.net ( ) ms ms ash-bb1-link.telia.net ( ) ms ( ) ms ms * 9 cr1.wswdc.ip.att.net ( ) ms ms ms 10 cr2.phlpa.ip.att.net ( ) ms ms ms 11 cr2.cl2oh.ip.att.net ( ) ms ms ms 12 cr1.cl2oh.ip.att.net ( ) ms ms ms 13 cr1.cgcil.ip.att.net ( ) ms ms ms 14 cr1.sffca.ip.att.net ( ) ms ms ms 15 gar1.sj2ca.ip.att.net ( ) ms ms ms ( ) ms ms ms 17 sjck-dmzbb-gw1.cisco.com ( ) ms ms ms 18 sjc12-dmzbb-gw1-g1-37.cisco.com ( ) ms ms ms 19 sjc12-dmzdc-gw1-gig5-2.cisco.com ( ) ms ms ms 20 * * * 21 * * * 22 * * *
arp > arp -an ? ( ) at 00:c0:02:2a:4e:6d [ether] on eth0 ? ( ) at 00:15:60:57:06:cd [ether] on eth0 ? ( ) at 00:0e:0c:4e:62:f8 [ether] on eth0 ? ( ) at 00:06:29:39:63:c3 [ether] on eth0 ? ( ) at 00:80:a3:8c:0d:72 [ether] on eth0 ? ( ) at 00:11:d8:94:a9:4a [ether] on eth0 ? ( ) at 00:18:f3:87:31:17 [ether] on eth0 ? ( ) at 00:0e:a6:34:37:a1 [ether] on eth0 ? ( ) at 00:0c:f1:ed:c8:56 [ether] on eth0 ? ( ) at 00:10:5a:5a:06:f1 [ether] on eth0 ? ( ) at 00:30:48:88:d9:1e [ether] on eth0 ? ( ) at 00:08:02:ef:fa:a4 [ether] on eth0
route > route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface UGH eth UGH eth U eth UG eth0
Maršrutizavimas Kompiuteris /28 Router 3 Router 1 Kompiuteris /24 Router 2 Kompiuteris /24 Internetas
II dalis - kas yra SSH? SSH - Secure SHell Nuotolinių komandų vykdymas SSL šifravimas Prievadų nukreipimas X aplinkos prievadų nukreipimas (X-forwarding)
SSH – Secure SHell ssh uosis.mif.vu.lt ssh ssh –l user1234 uosis.mif.vu.lt ssh –l user1234 uosis.mif.vu.lt –p 222 ssh –l user1234 uosis.mif.vu.lt –p 222 who ssh –X –l user1234 uosis.mif.vu.lt –p 222 xterm
SCP – secure copy scp /local/file scp /local/file scp scp *
Privatūs ir vieši raktai Siuntėjas Gavėjo viešas raktas LABAS :) Gavėjo privatus raktas LABAS :) (&#!#^&$
ssh-keygen # ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): id_rsa1 Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in id_rsa1. Your public key has been saved in id_rsa1.pub. The key fingerprint is: 79:29:18:f5:6b:35:85:cb:98:6b:be:86:00:04:c4:0c Kaip elgtis toliau? Pvz: # ssh b13.vu.lt Enter passphrase for key '/root/.ssh/id_rsa':
man sshd AUTHORIZED_KEYS FILE FORMAT AuthorizedKeysFile specifies the file containing public keys for public key authentication; if none is specified, the default is ~/.ssh/authorized_keys. Each line of the file contains one key (empty lines and lines starting with a ‘#’ are ignored as comments).
Known hosts # ssh The authenticity of host 'b13.vu.lt ( )' can't be established. RSA key fingerprint is a2:f9:5e:50:17:ca:86:b1:97:58:96:31:f2:d2:8a:93. Are you sure you want to continue connecting (yes/no)? no Host key verification failed. # # ssh The authenticity of host 'b13.vu.lt ( )' can't be established. RSA key fingerprint is a2:f9:5e:50:17:ca:86:b1:97:58:96:31:f2:d2:8a:93. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'b13.vu.lt, ' (RSA) to the list of known hosts. Password:
Kai pasikeičia host key… # ssh @ WARNING: REMOTE HOST IDENTIFICATION HAS IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 3f:1b:f4:bd:c5:aa:c1:1f:bf:4e:2e:cf:53:fa:d8:59. Please contact your system administrator. Add correct host key in /home/user/.ssh/known_hosts to get rid of this message. Offending key in /home/user/.ssh/known_hosts:3 RSA host key for b13.vu.lt has changed and you have requested strict checking. Host key verification failed. #
Prievadų nukreipimas ssh –R [bind_address:]port:host:hostport ssh -L [bind_address:]port:host:hostport
Saugumas anti-sec:~/pwn/xpl#./0pen0wn -h xx.yy p 22 [+] 0wn0wn – anti-sec group [+] Target: xx.yy [+] SSH Port: 22 [~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~>] sh-3.2# export HISTFILE=/dev/null sh-3.2# id uid=0(root) gid=0(root) groups=0(root),1(bin),2(daemon),3(sys),4(adm),6(disk),10(wheel) sh-3.2# uname -a Linux xx.yy.net grsec-hostnoc x86_64-libata #1 SMP Mon Aug 25 15:56:12 EDT 2008 x86_64 x86_64 x86_64 GNU/Linux