1 / 37

Applications

Applications. Host Names (DNS). Overview. Names versus Addresses names are variable length, mnemonic, easy for humans to remember addresses are fixed length, tied to routing, and easy for computers to process Name Space defines set of possible names flat versus hierarchical

bernadette
Télécharger la présentation

Applications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Applications

  2. Host Names (DNS)

  3. Overview • Names versus Addresses • names are variable length, mnemonic, easy for humans to remember • addresses are fixed length, tied to routing, and easy for computers to process • Name Space • defines set of possible names • flat versus hierarchical • consists of a set of name to value bindings

  4. Address Assignment • Network Information Center (NIC) used to maintain all name to address bindings • Limited scalability • Distributed name servers now used • ICANN now assigns names

  5. Domain Hierarchy • Example hierarchy • Example name: cheltenham.cs.arizona.edu

  6. Name Servers • Partition hierarchy into zones • Each zone implemented by two or more name servers

  7. Resource Records • Each name server maintains a collection of resource records • <Name, Value, Type, Class, TTL> • Name/Value: not necessarily host names to IP addresses • Type • NS: the Value field gives the domain name for a host running a name server that knows how to resolve names within the specified domain. • CNAME: the Value field gives the canonical name for a particular host; it is used to define aliases. • MX: the Value field gives the domain name for a host running a mail server that accepts messages for the specified domain. • Class: allow other entities to define types • TTL: how long the resource record is valid

  8. Example The edu Root server has a record for each second level server Name Value Type Class <arizona.edu, telcom.arizona.edu, NS, IN> <telcom.arizona.edu, 128.196.128.233, A, IN> <bellcore.com, thumper.bellcore.com, NS, IN> <thumper.bellcore.com, 128.96.32.20, A, IN>

  9. Arizona server: <cs.arizona.edu, optima.cs.arizona.edu, NS, IN> <optima.cs.arizona.edu, 192.12.69.5, A, IN> Third level name server <ece.arizona.edu, helios.ece.arizona.edu, NS, IN> <helios.ece.arizona.edu, 128.196.28.166, A, IN> Third level name server <jupiter.physics.arizona.edu, 128.196.4.1, A, IN> <saturn.physics.arizona.edu, 128.196.4.2, A, IN> <mars.physics.arizona.edu, 128.196.4.3, A, IN> <venus.physics.arizona.edu, 128.196.4.4, A, IN> Final address records

  10. CS server: <cs.arizona.edu, optima.cs.arizona.edu, MX, IN> Mail server for domain translation <cheltenham.cs.arizona.edu, 192.12.69.60, A, IN> <che.cs.arizona.edu, cheltenham.cs.arizona.edu, CNAME, IN> Alias definition <optima.cs.arizona.edu, 192.12.69.5, A, IN> <opt.cs.arizona.edu, optima.cs.arizona.edu, CNAME, IN> <baskerville.cs.arizona.edu, 192.12.69.35, A, IN> <bas.cs.arizona.edu, baskerville.cs.arizona.edu, CNAME, IN>

  11. Name Resolution

  12. Normal Machines star:~> dig pepperoni.cs.byu.edu ; <<>> DiG 9.2.1 <<>> pepperoni.cs.byu.edu ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22049 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;pepperoni.cs.byu.edu. IN A ;; ANSWER SECTION: pepperoni.cs.byu.edu. 1 IN A 128.187.175.30 ;; AUTHORITY SECTION: cs.byu.edu. 1 IN NS hell.cs.byu.edu. cs.byu.edu. 1 IN NS heaven.cs.byu.edu. ;; ADDITIONAL SECTION: hell.cs.byu.edu. 1 IN A 128.187.168.21 heaven.cs.byu.edu. 1 IN A 128.187.168.20 ;; Query time: 4 msec ;; SERVER: 128.187.173.16#53(128.187.173.16) ;; WHEN: Mon Dec 2 10:33:26 2002 ;; MSG SIZE rcvd: 126

  13. More than one IP address star:~> dig pizza.cs.byu.edu ; <<>> DiG 9.2.1 <<>> pizza.cs.byu.edu ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24739 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 26, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;pizza.cs.byu.edu. IN A ;; ANSWER SECTION: pizza.cs.byu.edu. 1 IN A 128.187.175.42 pizza.cs.byu.edu. 1 IN A 128.187.175.43 pizza.cs.byu.edu. 1 IN A 128.187.175.44 pizza.cs.byu.edu. 1 IN A 128.187.175.45 pizza.cs.byu.edu. 1 IN A 128.187.175.48 pizza.cs.byu.edu. 1 IN A 128.187.175.49 pizza.cs.byu.edu. 1 IN A 128.187.175.50 pizza.cs.byu.edu. 1 IN A 128.187.175.51 pizza.cs.byu.edu. 1 IN A 128.187.175.53 pizza.cs.byu.edu. 1 IN A 128.187.175.54 pizza.cs.byu.edu. 1 IN A 128.187.175.55 pizza.cs.byu.edu. 1 IN A 128.187.175.56 pizza.cs.byu.edu. 1 IN A 128.187.175.57 pizza.cs.byu.edu. 1 IN A 128.187.175.58 pizza.cs.byu.edu. 1 IN A 128.187.175.60 pizza.cs.byu.edu. 1 IN A 128.187.175.61 pizza.cs.byu.edu. 1 IN A 128.187.175.30 pizza.cs.byu.edu. 1 IN A 128.187.175.31 pizza.cs.byu.edu. 1 IN A 128.187.175.32

  14. Next Time star:~> dig pizza.cs.byu.edu ; <<>> DiG 9.2.1 <<>> pizza.cs.byu.edu ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24739 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 26, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;pizza.cs.byu.edu. IN A ;; ANSWER SECTION: pizza.cs.byu.edu. 1 IN A 128.187.175.43 pizza.cs.byu.edu. 1 IN A 128.187.175.44 pizza.cs.byu.edu. 1 IN A 128.187.175.45 pizza.cs.byu.edu. 1 IN A 128.187.175.48 pizza.cs.byu.edu. 1 IN A 128.187.175.49 pizza.cs.byu.edu. 1 IN A 128.187.175.50 pizza.cs.byu.edu. 1 IN A 128.187.175.51 pizza.cs.byu.edu. 1 IN A 128.187.175.53 pizza.cs.byu.edu. 1 IN A 128.187.175.54 pizza.cs.byu.edu. 1 IN A 128.187.175.55 pizza.cs.byu.edu. 1 IN A 128.187.175.56

  15. Names • Domain Name used by humans • Translated to IP number by name server • Aug 2000 • Total domains registered worldwide: 33,014,322 • Total .COM registered: 19,967,569 • IP number used to route in internet • Forwarding occurs until packet reaches physical network • ARP is used to translate into a physical address • Physical address is unique and will be used to direct the packet to the correct machine

  16. ‘Top Level’ Domains “Generic” Top Level Domains • .com commercial • .org organization • .net network ~ 240 ISO Top Level Domains • .af Afghanistan • .ca Canada • .dk Denmark • .fr France • .uk United Kingdom • .us USA • .zw Zimbabwe • “US-only” Top Level Domains • .gov government • .edu education • .mil military “Restricted” Top Level Domain .int treaty organizations

  17. ICANN • Internet Corporation for Assigned Names and Numbers (ICANN) • Created in October 1998 by a broad coalition of the Internet’s business, technical, academic, and user communities • Coordinates • Internet domain names • Internet Protocol address numbers • protocol parameter and port numbers • Elected officials worldwide

  18. New top level names • .aero – Societe Internationale de Telecommunications Aeronautiques SC, (SITA) • .biz – JVTeam, LLC • .coop – National Cooperative Business Association, (NCBA) • .info – Afilias, LLC • .museum – Museum Domain Management Association, (MDMA) • .name – Global Name Registry, LTD • .pro – RegistryPro, LTD

  19. Web Server Load Balancing • User Selection • DNS Round Robin

  20. The real solution? • Resolve name to an IP address that is closest in network distance to the client? • Cache content within the network? • Probe the network to determine best location for download? • What about international characters? Name registration?

  21. Gnutella • Something Like Napster • No central server, just a protocol and client • Based on peer-to-peer connections • Every machine is a server and a client • You find other people in your “Horizon” through reflectors or IRC • It masks your IP address to keep people from tracing the source of content

  22. Power Line Networking • Cheap • Uses existing wiring • $50 for hardware to connect two machines • Connects to USB or serial devices • Slow? • 50Kbps-350Kbps • Intelogis 2Mbps and 10Mbps available next year • Range • ¼ mile • Encodes data on top of 60Hz AC power • Can’t go through a transformer, no 220V support

  23. Powerline Exchange (PLX) protocol • deterministic time slots • "Datagram Sensing Multiple Access" with a "Centralized Token-Passing" scheme, or DSMA/CTP • Quality of Service Provided

  24. TCP Vegas • Value of throughput with no congestion is compared to current throughput • If current difference is smaller, increase window size linearly • If current difference is larger, decrease window size linearly • The change in the Slow Start Mechanism consists of doubling the window every other RTT, rather than every RTT and of using a boundary in the difference between throughputs to exit the Slow Start phase, rather than a window size value.

  25. Network System Security Michael Torrie William Moyes

  26. Network System Security • Initial Installation and setup • IP Security • Intrusion Detection • When you are compromised

  27. Initial Installation and Setup • Assume NOS base installation is never secure • Change all default passwords • Remove unneeded services • If you don’t know what it does, you probably don’t need it (inetd, SYS V) • Download all security patches, service packs, and updated packages • Install security tools (firewalls, logging, monitoring software) • Audit and verify security • Establish remote logging server

  28. Firewalls – First Line of Defence • Does not guarantee security • Necessary band-aid solution • Effectiveness depends on application security • Deny all incoming traffic with exceptions for exported services (web, ssh, etc) • Common tools include ipchains, ZoneAlarm • Many DSL and cable routers have fire-walling capabilities built in. • If you are on broadband (ie resnet), you need a firewall. (Especially unix-based OS’s)

  29. Intrusion Detection Software • Network traffic analyzers • Portscanner detectors • File integrity checkers • Portscanners, such as nmap • Network analyzer Software • SAINT, SATAN • Anti-sniff • netstat –ap, pidport

  30. Intrusion Detection • Traffic patterns (high-bandwidth utilization) • Failed login attempts (ssh, ftp, telnet, etc) • Invalid URL requests (web server) • Watch the log files (/var/log) • Look for suspicious strings, errors, truncations • Portscanner detector logs • Behavior changes (performance, commands crashing, hidden or unknown processes) • Hidden files and directories (especially in /dev and /var) • ‘. ’ ‘.. ’ and other weird and invalid file names • Setuid executables (with root ownership)

  31. Continuing Education • Follow security web sites and current issues • http://www.securityfocus.com • User/admin education • Password strength • Ban Microsoft Outlook (never run anything attached to e-mail – turn off scripting always!!!) • Be familiar with your system (processes, setuid files, ports, services) • Social Engineering

  32. I’ve Been Hacked • Have a plan before hand • Remove from network immediately • Reinstall operating system (maybe on a new drive) • Nothing can be trusted on compromised system • Restore settings from backup • Do post-mortem analysis on compromised hard drive from clean system • Identify source of attack if possible • Seek professional assistance, and contact law-enforcement agencies if deemed necessary

  33. Application Security • CGI vulnerability • Buffer over-runs • Format string attacks • DoS • Input validity issues • chroot

More Related