UNIX Networking

advertisement
UNIX Tools
G22.2245-001, Fall 2000
Danielle S. Lahmani
email: lahmani@cs.nyu.edu
Lecture 10
2000 Copyrights, Danielle S.
Lahmani
UNIX Networking
• UNIS was one of the first OS to provide
access to widely distributed local
networks as well as Internet networks.
• 1990's: huge explosion in the use of
UNIX networks, because of UNIX
networking capabilities using a clientserver paradigm.
2000 Copyrights, Danielle S.
Lahmani
UNIX Networking
• Designed to allow different computers to
communicate easily.
• provided ranges of communication and
networking capabilities:
–
–
–
–
–
electronic mail
file transfer
logging in on remote system
remote execution of cmds
file sharing
2000 Copyrights, Danielle S.
Lahmani
Networking Terminology
• A computer network is a
communication system for connecting
end-systems.
• A host is a name used to refer to an
end-system:
– can range in size
– dedicated such as a file or print servers
– or general purpose time-sharing systems
2000 Copyrights, Danielle S.
Lahmani
Types of networks
• LAN: Local Area Network connects computer
systems that are close together (singlebuilding or a few kilometers apart)
• WAN: Wide Area Network connects
computers in different cities or countries
(referred sometimes as Long Haul Network)
Internet or Internetworking is the
connection of two or more networks so that
computers on one network are able to
communicate with computers on another
network.
2000 Copyrights, Danielle S.
Lahmani
Local Area Networks
• popular technologies: token ring or Ethernet
– Ethernet standard: sending a message using
a broadcast mechanism with possibility of
a collision.
• LANs operate at high speeds:
– 10Mbps (million bits per second) using
Ethernet
– 100 Mbps using FDDI (Fiber Distributed
Data Interface)
2000 Copyrights, Danielle S.
Lahmani
Network Definition
• Different entities in an internet must
agree on:
– Protocols to communicate, (e.g., TCP/IP
protocol suite.)
– Addressing scheme
– Naming scheme
– Routine scheme
2000 Copyrights, Danielle S.
Lahmani
OSI Model
• protocols are often complex and are designed
in layers
• The OSI Reference Model:
– Application
– Presentation
– Session
– Transport
– Network
– Data Link
– Physical
2000 Copyrights, Danielle S.
Lahmani
UNIX UUCP
• serial-line based or dial-up networking
• older than TCP/IP
• point to point communication: store and
forward type networking
• for many years, primary means of
networking in UNIX
• provides basic networking utilities
2000 Copyrights, Danielle S.
Lahmani
UUCP Usage Today
• viewed as second class alternative to the
Internet:batch mode usage
• not adequate for high-speed networking
• UUCP connections are non-interactive
• not available on many OS:
– therefore, cannot be used in
heterogeneous environment
2000 Copyrights, Danielle S.
Lahmani
Unix TCP/IP Internet Package
• is ethernet-based, supports high-speed
connections
• bundled with BSD UNIX since 1982
• TCP is the Transmission Control Protocol
and IP is the Internet Protocol
2000 Copyrights, Danielle S.
Lahmani
TCP/IP Protocol Suite
• IP networks are packet-switched
• high-speed IP networking offers interactive
connections between remote hosts
• implemented on different platforms and OS:
used in heterogenous environments
• networking based on TCP/IP is the basis for
the Internet
2000 Copyrights, Danielle S.
Lahmani
TCP/IP
• TCP is a connection-oriented protocol that
provides a reliable, full-duplexed byte-stream
for a user process.
• IP is the internet protocol that provides the
packet delivery service for TCP, UDP or
ICMP. It provides a connection-less and
unreliable delivery system.
• IP datagrams contain source and destination
addresses. Each can be routed and delivered
independently.
2000 Copyrights, Danielle S.
Lahmani
Internet Addresses using IP
• 32 bits IP addresses encode the network ID
and the Host ID. The Host ID is relative to
the Network ID.
• Every host on a network must have a unique
ID assigned by a central authority
• internet addresses are written as four
decimal numbers, separated by decimal
points
– example: spunky
128.122.80.31
– These addresses are being extended to
128 bits quantities in IPv6 standard.
2000 Copyrights, Danielle S.
Lahmani
IP Naming
• correlation can be assigned between a
host name and an IP address.
• Mapping is kept in a file called
/etc/hosts on local host.
2000 Copyrights, Danielle S.
Lahmani
UNIX TCP/IP Internet Package
• establishes TCP/IP networking
• provides set of user-level commands for
networking tasks
– DARPA commands
– Berkeley Remote commands (aka as r*
commands)
• Unix System to Unix System commands
2000 Copyrights, Danielle S.
Lahmani
The r* commands
• rcp :remote copy: allows you to copy files
between your local UNIX host and another
remote UNIX host
• scp: secure remote copy
• rlogin: allows you to login on a remote UNIX
host
• rsh: allows you to execute a command on a
remote UNIX host. Security issue
• ssh: secure shell client (remote login program)
– provides secure encrypted communications
between two untrusted hosts over an insecure
network.
2000 Copyrights, Danielle S.
Lahmani
Security Issues with r* commands
• host equivalence: based on the idea that if
the user has been authenticated on one
trusted computer (host), then there is no
reason to reauthenticate the user on a
second computer.
• host equivalence: extended through use of
.rhost, .netrc and /etc/hosts.equiv files.
– host level security: /etc/host.equiv
– user level security: .rhosts file
2000 Copyrights, Danielle S.
Lahmani
Security Pitfalls of the r* cmds
• An ordinary user can create a file .rhost in
her $HOME directory and extend host
equivalence to herself when accessing the
computer without any intervention from a
system administrator.
• In Sun systems, the r* commands have been
modified to run on top of ssh (secure shell)
which requires a password and ignores
.rhosts equivalence.
2000 Copyrights, Danielle S.
Lahmani
DARPA commands
• ftp: (file transfer protocol) allows you to
copy files between your local UNIX host
and any other host (possibly non-UNIX)
that support the ftp protocol.
• telnet: allows you to execute on any
remote host that has a telnet server.
2000 Copyrights, Danielle S.
Lahmani
Obtaining Information about
other users and hosts
• rwho :
• finger: get information on a particular user
on any machine in your network
• ruptime: to get status of all machines on
the network
• ping: to check if remote machine is up
2000 Copyrights, Danielle S.
Lahmani
The Client/Server Model
• Server is a process that is waiting to be
contacted by a client process so that
server can do something for the client.
– Server is started, sleeps waiting for a
service request from a client
– Client processes started on same system
or another system within a network.
– Client process sends a request across the
network to the server requesting service of
some form.
2000 Copyrights, Danielle S.
Lahmani
Unix Client/Server Model
• Implemented using sockets.
• One process, a server, creates a socket
whose name is known by other client
processes
• Client first creates an unnamed socket and
then requests that it be connected to the
server's named socket.
• Successful connection returns one file
descriptor to the client and another one to the
server, both of which may be used for reading
and writing.
2000 Copyrights, Danielle S.
Lahmani
Download