Presentation is loading. Please wait.

Presentation is loading. Please wait.

VPN Lab 2 Zutao Zhu 04/02/2010. Outline How a packet traverse in VPN How to write socket program Certificate.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "VPN Lab 2 Zutao Zhu 04/02/2010. Outline How a packet traverse in VPN How to write socket program Certificate."— Presentation transcript:

1 VPN Lab 2 Zutao Zhu 04/02/2010

2 Outline How a packet traverse in VPN How to write socket program Certificate

3 Packet Flow

4

5 VMware Port Forwarding How it works?

6 Routing Table Add route to host –# route add -host 192.168.1.2 dev eth0:0 –# route add -host 10.20.30.148 gw 10.20.30.40 Add route to network –# route add -net 10.20.30.40 netmask 255.255.255.248 eth0 # route add -net 10.20.30.48 netmask 255.255.255.248 gw 10.20.30.41 # route add -net 192.168.1.0/24 eth1 Add default route –# route add default gw 192.168.1.1

7 Routing Table Flags Flags Possible flags include U (route is up) H (target is a host) G (use gateway) R (reinstate route for dynamic routing) D (dynamically installed by daemon or redirect) M (modified from routing daemon or redirect) A (installed by addrconf) C (cache entry) ! (reject route)

8 IP Forwarding One machine has more than one network adapter # sysctl -w net.ipv4.ip_forward=1 # sysctl net.ipv4.ip_forward # vi /etc/sysctl.conf net.ipv4.ip_forward = 1

9 Make sure You understand how the packets flow You need to change the IP address in the appropriate point When debugging, print out the values of src_ip, src_port, dst_ip, dst_port in the key points

10 Socket Programming UDP server –sock = socket(AF_INET, SOCK_DGRAM, 0) –Set struct sockaddr_in server_addr (which port you want to use), client_addr –Bind socket to server_addr –Enter infinite loop, recvfrom(sock,recv_data,1024,0, (struct sockaddr *)&client_addr, &addr_len)

11 Socket Programming UDP client –sock = socket(AF_INET, SOCK_DGRAM, 0) –Set struct sockaddr_in server_addr (which port you want to use), client_addr –Enter infinite loop, sendto(sock, send_data, strlen(send_data), 0, (struct sockaddr *)&server_addr, sizeof(struct sockaddr))

12 Certificate Create the configuration file You need to create your own certificates when demo You can define your VPN server’s authenticate policy (for the clients) Design your small protocol to do the key exchange

13 Control and data channels Control one : TCP Data one : UDP

14 Key Exchange Use TCP channel Client changes the session key/IV/etc. Client use the new session key to encrypt the data When server is notified, server also changes the session key for this communication Server can decrypt client’s encrypted data

15 Reference http://www.prasannatech.net/2008/07/sock et-programming-tutorial.htmlhttp://www.prasannatech.net/2008/07/sock et-programming-tutorial.html

Download ppt "VPN Lab 2 Zutao Zhu 04/02/2010. Outline How a packet traverse in VPN How to write socket program Certificate."

Similar presentations

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.
Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
CIS 193A – Lesson9 Network Infrastructure. CIS 193A – Lesson9 Focus Question What are three high level subnets a corporate intranet will want to support?

CIS 193A – Lesson9 Network Infrastructure. CIS 193A – Lesson9 Focus Question What are three high level subnets a corporate intranet will want to support?
VPN Lab Zutao Zhu 03/26/2010. Outline VPN VPN Setup in VMWare VPN tasks OpenSSL How to Write Socket Programs using OpenSSL APIs.

VPN Lab Zutao Zhu 03/26/2010. Outline VPN VPN Setup in VMWare VPN tasks OpenSSL How to Write Socket Programs using OpenSSL APIs.
Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)

Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Spring 2003CS 4611 Introduction, Continued COS 461.

Spring 2003CS 4611 Introduction, Continued COS 461.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 18 Host Configuration: DHCP.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 18 Host Configuration: DHCP.
Circuit & Application Level Gateways CS-431 Dick Steflik.

Circuit & Application Level Gateways CS-431 Dick Steflik.
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
Mastering Windows Network Forensics and Investigation Chapter 11: Text Based Logs.

Mastering Windows Network Forensics and Investigation Chapter 11: Text Based Logs.
CS3212 計算機網路概論 Winsock Tutorial

CS3212 計算機網路概論 Winsock Tutorial
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 7 Connect the SUSE Linux Enterprise Server to the Network.

SUSE Linux Enterprise Server Administration (Course 3037) Chapter 7 Connect the SUSE Linux Enterprise Server to the Network.
Socket programming in C. Socket programming Socket API introduced in BSD4.1 UNIX, 1981 explicitly created, used, released by apps client/server paradigm.

Socket programming in C. Socket programming Socket API introduced in BSD4.1 UNIX, 1981 explicitly created, used, released by apps client/server paradigm.
1 Networking (Stack and Sockets API). 2 Topic Overview Introduction –Protocol Models –Linux Kernel Support TCP/IP Sockets –Usage –Attributes –Example.

1 Networking (Stack and Sockets API). 2 Topic Overview Introduction –Protocol Models –Linux Kernel Support TCP/IP Sockets –Usage –Attributes –Example.
Network Programming Tutorial #9 CPSC 261. A socket is one end of a virtual communication channel Provides network connectivity to any other socket anywhere.

Network Programming Tutorial #9 CPSC 261. A socket is one end of a virtual communication channel Provides network connectivity to any other socket anywhere.
SOCKS Group: Challenger Member: Lichun Zhan. Agenda Introduction SOCKS v4 SOCKS v5 Summary Conclusion References Questions.

SOCKS Group: Challenger Member: Lichun Zhan. Agenda Introduction SOCKS v4 SOCKS v5 Summary Conclusion References Questions.
CS345 Operating Systems Φροντιστήριο Άσκησης 2. Inter-process communication Exchange data among processes Methods –Signal –Pipe –Sockets.

CS345 Operating Systems Φροντιστήριο Άσκησης 2. Inter-process communication Exchange data among processes Methods –Signal –Pipe –Sockets.
Web Server Administration Chapter 10 Securing the Web Environment.

Web Server Administration Chapter 10 Securing the Web Environment.

Similar presentations

Ads by Google