Documents
Resources
Learning Center
Upload
Plans & pricing Sign in
Sign Out

Partial Notes for Test 1 Review_1_

VIEWS: 4 PAGES: 16

  • pg 1
									Networking in UNIX
         Basic Networking Concepts: TCP/IP
TCP/IP stands for Transfer Control Protocol over Internet Protocol,
the language used for 2 computers communicating to each other

 – initially developed on and for the UNIX platform in 1983

 – message broken up into packets

 – each packet contains a packet sequence number, a checksum,
   plus a header that contains at least a sender address & one or
   more recipient addresses

 – no dedicated connections between sender and receiver

 – transferred through network via routers – intelligent devices
   that inspect each packet and decide what to do next (deliver
   packet locally or forward it to another router.)
  Basic Networking Concepts: Identifying Computers

Each computer in network has a host name and IP address

      • a host name may be simple, e.g., sodapop,or a Fully Qualified
        Domain Name (FQDN), e.g. sodapop.brookdalecc.edu

  • an IP address is a set of 4 dot delimited octets, e.g.
    127.212.109.37 Each octet has a maximum value of 255.

  •    only IP addresses are routable. FQDN’s must be converted to IP
       addresses for a router to evaluate.
    Mapping Domain Names to/from IP Addresses
• /etc/host file
   – good for small networks
   – holds name to address mappings in small networks.
   – each computer must maintain its copy and keep it in sync with
     the other computers on the network.
• DNS (Domain Name Service)
   – used in larger networks
   – distributed database that provides name to address mapping
     service
   – hostnames organized hierarchically
   – delegation of authority at individual levels in hierarchy
                         The DNS Hierarchy




Authority delegated to levels in hierarchy falls to organization’s network
administration. A zone is an organization’s level(s) of authority.
        The Client-Server Paradigm in UNIX
One entity makes a request, another party services the request

                        Request
          Client                          Server
                       Response

Server programs in UNIX are called daemons
   • Run in background. Listen for input from clients
   • Examples:
        – httpd – listens for requests for web pages
        – sendmail – handles email
        – inetd – handles ftp and telnet requests
                          Ports
• Communication on a computer is through a port
• Many ports are predefined including:
   Service        Client Program             server Port #
    FTP            ftp                             21
    SSH            ssh, scp, sftp, slogin          22
    TELNET         telnet                          23
    SMTP           mailx, netscape                 25
    HTTP           netscape, mozila,               80
                   firefox, opera, chrome
    POP3           fetchmail                      110
 A complete list ports that UNIX listens on found in /etc/services
                    Testing Connectivity: ping
• used to test if a machine is on a network. ping uses no daemon
• ping sends 56 byte packets to remote whose NIC card answers back
   $ ping sodapop
   PING sodapop: 56 data bytes
   64 bytes from sodapop.brookdalecc.edu (172.17.1.243):
      icmp_seq=0. time=0. ms
   64 bytes from sodapop.brookdalecc.edu (172.17.1.243):
      icmp_seq=. time=0. ms
   64 bytes from sodapop.brookdalecc.edu (172.17.1.243):
      icmp_seq=. time=0. ms
   64 bytes from sodapop.brookdalecc.edu (172.17.1.243):
      icmp_seq=. time=0. ms
   ^C
   --- sodapop PING statistics ---
   4 packets transmitted, 4 packets received, 0% packet loss
      round trip (ms) min/avg/max/stddev = 0.010/0.031/0.006
                          Remote Login: telnet

    log in to a remote machine over an IP network using: telnet ip address
          $ telnet 127.0.0.1
          Trying 127.0.0.1...                or        telnet
          Connected to localhost.                      o 127.0.0.1
          Escape character is '^]'.
          User (rbournique):

    telnet is not secure. User ID and password are transmitted in clear text

    local machine acts like a dumb terminal: Echoes to terminal what is sent
    and what is received
\
                     Transferring Files: ftp
• ftp lets a user log into a remote machine over an IP network to
  transfer files. Users may log into remote machine as:
   • an authorized remote user (user has own id and password)
   • an anonymous user (user id= anonymous, pwd=user’s e-mail
     address)

• transfers may be ASCII (text files) or BINARY (e..g. programs)

• whole set of commands to allow user to navigate to proper files on
  the remote machine and download them
         ftp Commands to Use on Remote System

!         cr       get    mdir    nlist    put      rmdir     tenex
$         debug    glob   mget    nmap     pwd      rstatus   throttle
account   delete   hash mkdir     ntrans quit       runique   trace
append    dir      help   mls     open     quote    send      type
ascii     disconnect      idle    mlsd     page     rate      sendport
          umask
bell      edit     image mlst     passive rcvbuf    set       unset
binary    epsv4    lcd    mode    pdir     recv     site      usage
bye       exit     less   modtime pls      reget    size      user
case      features lpage more     pmlsd remopts     sndbuf    verbose
cd        fget     lpwd mput      preserve rename   status    xferbuf
cdup      form     ls     mreget progress reset     struct    ?
chmod     ftp      macdef msend prompt restart      sunique
close     gate     mdelete        newer proxy       rhelp     system
                     Secure Remote Login: ssh

• ssh lets a user securely log in to a remote machine over an IP network
• developed to replace telnet
• encryption/decryption provides data confidentiality and data integrity
  over an insecure network
• data is encrypted by sender, and decrypted by recipient using a key
• uses public key (asymmetric) cryptographic algorithms to generate a
  mathematically related public-private key pair
• key pair is used to
   — establish trust, i.e., authenticate user and host
   — encrypt/decrypt the user’s passwords & data
       Asymmetric Cryptography




 Advantage: key management
 Disadvantage: Complex mathematical algorithm
            Diagnosing Network Problems: netstat
• netstat is used to help diagnose a network problem. For example,

$ netstat -i
Name Mtu   Network        Address             Ipkts     Opkts      Odrop
eg1 1500 204.89.162       dxi4.dxi.com        2275517   3783974    0
eg0 1500 38.254.211       dxifour.dxi.com     4716968   2862227    0
loop 1536 loopback-net    localhost           0         0          0
#
 Name =     the name of the interface. It identifies a particular Ethernet board
 Mtu =      the maximum transfer unit or maximum packet size for this interface
 Network=   the network to which this interface is connected
 Address=   the address of this interface on Internet
 Ipkts=     # of input packets received by this interface since system was booted
 Opkts=     # of output packets sent by this interface since system was booted
 Odrop=     # of packets that were dropped without reaching destination
                     More netstat Examples
netstat
  Displays generic net statistics of the host you are currently connected to

netstat –an
  Shows all connections to the server including the source and destination
  ips and ports if you have proper permissions

netstat -an |grep :80 |wc –l
  Display a count of the amount of active connections on port 80

netstat –natp
  Displays active Internet connections
           The X Window System on a Network
• X Window uses a reverse client-server paradigm:
   – the application runs on the client
   – the display is handled by the server
• To run a client on a remote machine and still have the display show
  up on the local machine:
   – on the local machine, run xhost +<remote machine name>
      which tells the local machine it’s OK to run X Window
      applications from another remote machine
   – on the remote machine, run
            export DISPLAY=<local machine name>:0.0
      which directs the remote machine output to the local machine

								
To top