1 / 11

Precept 3

Precept 3. Host Configuration. Peng Sun. What TCP conn. running?. Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat) Demo iperf: TCP-based throughput test tool. Demo. node0. node1. node2. 10.1.1.2. 10.1.2.3. 10.1.2.2. 10.1.1.3. node0:~>

koto
Télécharger la présentation

Precept 3

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Precept 3 Host Configuration Peng Sun

  2. What TCP conn. running? • Commands • netstat [-n] [-p] [-c] (Linux) • lsof -i -P (Mac) • ss (newer version of netstat) • Demo • iperf: TCP-based throughput test tool

  3. Demo node0 node1 node2 10.1.1.2 10.1.2.3 10.1.2.2 10.1.1.3 node0:~> netstat -npc node1:~> netstat -npc node0:~> iperf –c 10.1.1.3 node1:~> iperf -s

  4. Play with IP Layer • ifconfig • show all the network interfaces • configure IP • configure MAC (!) • route • show local IP routing table • set routes: add/del

  5. Demo node0 node1 node2 10.1.1.2 10.1.2.3 10.1.2.2 10.1.1.3 ? node0:~> ping 10.1.2.2 connected node0:~> route add -net 10.1.2.0 netmask 255.255.255.0 gw 10.1.1.3 node2:~> route add -net 10.1.1.0 netmask 255.255.255.0 gw 10.1.2.3

  6. traceroute • Why we need traceroute? • No global information • Want to know the forwarding path • Based on ICMP • Internet Control Message Protocol • Used to signal error • Adjust Time-To-Live for each hop • When timeout, ICMP returns the IP where TTL expires.

  7. traceroute Server Router 2 Router 1 User ICMP TTL=1 Timeout at Rt. 1 ICMP TTL=2 Timeout at Rt. 2 ICMP TTL=3 Reply from Server

  8. If outside world: 6. Send to Gateway If same subnet (e.g. OG1): 3. Broadcast ARP request 4. OG1 Reply ARP 5. NG caches OG1’s MAC • I want an IP • Return IP & Gateway IP DHCP 1 New Guy 2 Internet 4 3 6 6 3 3 Gateway 4 Old Guy 1 Old Guy 2

  9. ARP • ARP table (cache) • 1. Look up local ARP table • 2. If not, broadcast to ask • 3. LAN switch caches ARP to port

  10. ARP Spoofing • No protection from ARP itself • Rely on other mechanism • Static ARP entry (perfect security. High cost of maintenance) • Spoofing detection software • Legitimate usage • Hotel • Redundancy of service (takeover of bad server)

  11. Wireshark • http://www.wireshark.org/ • Packet Capture & Analysis • Live capture • Critical for Debug in Assign. 2 • Filter • e.g., ip / (not) arp / tcp / etc.

More Related