1 / 25

Comprehensive Overview of TCP/IP Networking: Configuration, Testing, and Security

This overview provides a detailed guide to TCP/IP networking, covering fundamentals such as configuration, testing methods, and security protocols including DHCP and VPN. It explains how to assign hostnames and IP addresses, configure hardware settings, and manage domain name services (DNS). Learn about the different layers of the TCP/IP stack, addressing schemes, subnetting, and essential network testing tools. This resource is invaluable for anyone looking to deepen their understanding of network setup, troubleshooting, and security practices.

nedra
Télécharger la présentation

Comprehensive Overview of TCP/IP Networking: Configuration, Testing, and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. UNIX Networking

  2. Section Overview • TCP/IP Basics • TCP/IP Configuration • TCP/IP Network Testing • Dynamic Host Config Protocol (DHCP) • Wireless Networking

  3. TCP/IP Protocol Stack Application (FTP, HTTP, DNS) Transport Layer (TCP,UDP) Network Layer (IP) Link Layer (Device Drivers) Physical Layer (media)

  4. TCP/IP Packet Encapsulation Service Data TCP/UDP T/U Data IP IP T/U Data Ethernet/PPP E IP T/U Data E UTP/PSTN

  5. Connecting to a Network • Hostname and IP Address assignment • Configuration of hardware • Default route (gateway) assignment • Name Service Configuration • Testing and troubleshooting

  6. Hostnames • Uniquely identifies each system • Fully Qualified Domain Name • hostname.site.domain[.country] • Country: 2 letter identifier for country • Domain: Type of site (edu, com, org) • Site: Unique name of organization • Hostname: Unique name of system • hostname: Display or set system name

  7. IP Addresses • Unique for each connection (interface) • Consists of 4 octets (#.#.#.#) • Network portion • Host portion • Special Addresses • Network Address • Broadcast Address

  8. IP Address Classes

  9. Subnet Masks • Splits networks into subnetworks • Separates address into 2 parts • 1’s – Network Portion • 0’s – Host Portion • Example: Class C Network • Address: N.N.N.H • Mask: 255.255.255.0 (255 = 11111111) • CIDR Notation: N.N.N.H/24

  10. Interface Configuration • Hardware to connect to network • Common interfaces • Ethernet • Modem • Loopback (lo) Interface • ifconfig – View/Configure interface

  11. Ethernet Addressing • Assigned by manufacturer (hardware) • Must be absolutely unique • Address format • 6 octets in hex (#:#:#:#:#:#) • First 3 octets: Manufacturer Identifier • Last 3 octets: Card serial number • Used for local network communication

  12. Address Resolution Protocol Translates IP addresses to Ethernet (MAC) addresses • Translates IP addresses to Ethernet (MAC) addresses Who is 10.0.0.3? I am (1:2:3:7:8:9) 10.0.0.1 10.0.0.2 10.0.0.3 10.0.0.4 arp –a: View the cache

  13. Default Gateways • Connects Networks together • If destination not on local network, packets sent through gateway route: Display/configure routing

  14. RedHat Network Files • /etc/sysconfig/network HOSTNAME • /etc/sysconfig/network-scripts/ ifcfg-[interface] BOOTPROTO ONBOOT IPADDR GATEWAY USERCTL NETMASK NETWORK BROADCAST • ifup/ifdown [interface]

  15. Name Services • /etc/hosts • Local configuration • Localhost – 127.0.0.1 • /etc/resolv.conf • Domain Name Service (DNS) lookup • search: domains to search if not FQDN • nameserver (3): Nameservers to consult • /etc/nsswitch.conf

  16. DNS Name Resolution Root Server Non-Recursive 2 3 1 4 5 Recursive 8 7 6 host.domain.com dns.domain.com dns.iupui.edu dns.cs.iupui.edu

  17. Network Testing • Localhost reachability • Hostname reachability • Local network reachability • Internet network reachability • DNS resolution

  18. Network tools • ping – Reachability test • traceroute – Routing performance • netstat – Network performance stats • tcpdump – Packet sniffing • nslookup/dig – DNS Queries • Configuration tools (already discussed)

  19. Dynamic Host Config Protocol • Client broadcasts a request for an IP address and network information • Server leases address to client • Lease must be renewed periodically • Easy to make global network changes • Linux: BOOTPROTO=dhcp

  20. Wireless Networks • Extend the network • Included in many devices now • Laptops • PDAs • DSL/Cable Modems • Bandwidth (YMMV!) • 802.11b – 11 Mbps • 802.11g – 54 Mbps • Set Service Identifier (SSID) • Shared “key” between clients and Access Point (AP) • Automatically detected vs. assigned

  21. Wireless Security Issues • Sniffing / War Driving • Bandwidth stealing • Access to private resources • Security Measures • Non-broadcasting SSIDs • MAC Access Control Lists (ACLs) • WEP?

  22. RedHat ifcfg- Additions • TYPE=Wireless • ESSID=[ssid name] • CHANNEL=[1-11] • MODE=[Auto|Managed|Ad-hoc] Can set manually with /sbin/iwconfig

  23. Virtual Private Networks VPN Server Internet Application Server Virtual Private Network

  24. Point to Point Tunneling Protocol • Based on • Point to Point Protocol (PPP) • Generic Routing Encapsulation (GRE) IP Hdr Encrypted GRE Body GRE Hdr PPP Data IP TCP • Weaknesses • Poor Encryption • Session handshaking done in clear

  25. IPSec • Part of IPv6 Spec • Authentication Header (AH) IPv4 Hdr TCP/UDP Hdr & Data Auth Hdr • Encapsulating Security Payload (ESP) IPv4 Hdr Encrypted Payload ESP Hdr ESP Auth Data TCP Hdr ESP Tlr • Modes: Transport and Tunnel

More Related