introduction to information security networking. transmission control protocol (aka tcp) most widely...
TRANSCRIPT
Introduction to Information
SecurityNetworking
Transmission Control Protocol (aka TCP)
• Most widely used protocol• A ‘reliable’ (but not secure!) protocol• A TCP Connection is defined by the 4-tuple –
o Source IPo Destination IPo Source porto Destination port
• Also important –o Source byte countero Destination byte counter
TCP/IP Continued• In order to establish a TCP connection, a 3-
way handshake occurs –o Client -> Server: SYNo Server -> Client: SYN + ACKo Client -> Server: ACK
• Once the handshake is established and the connection is up and running TCP ensures –o Delivery of ALL the data in both directionso Delivery in ordero Delivery with no errors
Server Implementation
• The server listens on a specific port (aka the destination port)
• Once a connection is established, the server can accept more connections while handling the first connection
• Establish multi processing of connections can be gained by:o Fork() – Multi process solutiono Multi-Threaded solutionso Select() – Single process solutionso Other OS specific solutions
Client implementation• Usually handles only one connection at a time.
(extreme contrary example: uTorrent)• Source port is randomized by operating system
(unless application requires otherwise)
Python client#!usr/bin/python
from socket import *
PORT = 1948
def main():sock = socket(AF_INET, SOCK_STREAM)sock.connect(("127.0.0.1", PORT))res = sock.recv(1000) # 1000 = Maximum number of bytes to #
receive, however, it may return with less bytes # than expected
print ressock.close()
if __name__ == '__main__':main()
Python server example#!usr/bin/python
from socket import *
PORT = 1948
def main():sock = socket(AF_INET, SOCK_STREAM)sock.bind(("0.0.0.0", PORT))sock.listen(10) # set backlogwhile 1:
(client_sock, peer_info) = sock.accept()print "Got incoming connection from %s:%d " %(peer_info)res = client_sock.send("Hello, World!")client_sock.close()
sock.close()
if __name__ == '__main__':main()
C programming reference
• Most popular guide ever released for network programming is beej’s guide which is a very good starter referenceo http://beej.us/guide/bgnet/output/html/singlepage/bgnet.html
Server implementation in C (taken from beej) - includes/*** server.c - a stream socket server demo*/#include <stdio.h>#include <stdlib.h>#include <unistd.h>#include <errno.h>#include <string.h>#include <sys/types.h>#include <sys/socket.h>#include <netinet/in.h>#include <arpa/inet.h>#include <sys/wait.h>#include <signal.h>
C-Server Cleanup and defines
#define MYPORT 1948 // the port users will be connecting to#define BACKLOG 10 // how many pending connections queue will hold
//Cleaning up dead child processes:void sigchld_handler(int s){ while(waitpid(-1, NULL, WNOHANG) > 0);}
C-Server mainint main(void){
int sockfd, new_fd; // listen on sock_fd, new connection on new_fdstruct sockaddr_in my_addr; // my address informationstruct sockaddr_in their_addr; // connector’s address informationsocklen_t sin_size;struct sigaction sa;int yes=1;if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
perror("socket");exit(1);
}if (setsockopt(sockfd,SOL_SOCKET,SO_REUSEADDR,&yes,sizeof(int)) == -1) {
perror("setsockopt");exit(1);
}my_addr.sin_family = AF_INET; // host byte ordermy_addr.sin_port = htons(MYPORT); // short, network byte ordermy_addr.sin_addr.s_addr = INADDR_ANY; // automatically fill with my IPmemset(&(my_addr.sin_zero), '\0', 8); // zero the rest of the struct
C-Server continuedif (bind(sockfd, (struct sockaddr *)&my_addr, sizeof(struct sockaddr))== -1) {
perror("bind");exit(1);}
if (listen(sockfd, BACKLOG) == -1) {perror("listen");exit(1);
}sa.sa_handler = sigchld_handler; // reap all dead processessigemptyset(&sa.sa_mask);sa.sa_flags = SA_RESTART;if (sigaction(SIGCHLD, &sa, NULL) == -1) {
perror("sigaction");exit(1);
}
C-Server continuedwhile(1) { // main accept() loop
sin_size = sizeof(struct sockaddr_in);if ((new_fd = accept(sockfd, (struct sockaddr *)&their_addr, &sin_size))
== -1) {perror("accept");continue;
}printf("server: got connection from %s\n", inet_ntoa(their_addr.sin_addr));if (!fork()) { // this is the child process
close(sockfd); // child doesn't need the listenerif (send(new_fd, "Hello, world!\n", 14, 0) == -1)
perror("send");close(new_fd);exit(0);
}close(new_fd); // parent doesn't need this
}return 0;
}
C-Client - includes/*** client.c - a stream socket client demo*/#include <stdio.h>#include <stdlib.h>#include <unistd.h>#include <errno.h>#include <string.h>#include <netdb.h>#include <sys/types.h>#include <netinet/in.h>#include <sys/socket.h>
#define PORT 1948 // the port client will be connecting to#define MAXDATASIZE 100 // max number of bytes we can get at once
C-Client main• int main(int argc, char *argv[])• {• int sockfd, numbytes;• char buf[MAXDATASIZE];• struct hostent *he;• struct sockaddr_in their_addr; // connector's address information• if (argc != 2) {• fprintf(stderr,"usage: client hostname\n");• exit(1);• }• if ((he=gethostbyname(argv[1])) == NULL) { // get the host info• perror("gethostbyname");• exit(1);• }• if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {• perror("socket");• exit(1);• }
C-Client main continued
• their_addr.sin_family = AF_INET; // host byte order• their_addr.sin_port = htons(PORT); // short, network byte order• their_addr.sin_addr = *((struct in_addr *)he->h_addr);• memset(&(their_addr.sin_zero), 8); // zero the rest of the struct• if (connect(sockfd, (struct sockaddr *)&their_addr, sizeof(struct
sockaddr)) == -1) {• perror("connect");• exit(1);• }• if ((numbytes=recv(sockfd, buf, MAXDATASIZE-1, 0)) == -1) {• perror("recv");• exit(1);• }•
• buf[numbytes] = '\0';• printf("Received: %s",buf);• close(sockfd);• return 0;• }
File descriptors• Serially assigned to process and can be
shared between father and child processes• Reference based (file closes when the last
descriptor closes)• Popular descriptors:
o 0 – stdino 1 – stdouto 2 – stderro 3 – graphics
• Can be dup()licated using dup() and dup2()
dup2()• dup2() can be used to easily connect process
inputs and outputs to an existing (connected) TCP socket!
• Assuming sockfd is an already created and connected file descriptor we call:
dup2(sockfd, 0); // dup standard inputdup2(sockfd,1); // dup standard outputdup2(sockfd,2); // dup standard error output• Now we can run:execv(“someprocess”, NULL)