introduction to information security networking. transmission control protocol (aka tcp) most widely...

18
Introduction to Information Security Networking

Upload: brendan-sims

Post on 24-Dec-2015

215 views

Category:

Documents


1 download

TRANSCRIPT

Page 1: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

Introduction to Information

SecurityNetworking

Page 2: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

Transmission Control Protocol (aka TCP)

• Most widely used protocol• A ‘reliable’ (but not secure!) protocol• A TCP Connection is defined by the 4-tuple –

o Source IPo Destination IPo Source porto Destination port

• Also important –o Source byte countero Destination byte counter

Page 3: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

TCP/IP Continued• In order to establish a TCP connection, a 3-

way handshake occurs –o Client -> Server: SYNo Server -> Client: SYN + ACKo Client -> Server: ACK

• Once the handshake is established and the connection is up and running TCP ensures –o Delivery of ALL the data in both directionso Delivery in ordero Delivery with no errors

Page 4: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

Server Implementation

• The server listens on a specific port (aka the destination port)

• Once a connection is established, the server can accept more connections while handling the first connection

• Establish multi processing of connections can be gained by:o Fork() – Multi process solutiono Multi-Threaded solutionso Select() – Single process solutionso Other OS specific solutions

Page 5: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

Client implementation• Usually handles only one connection at a time.

(extreme contrary example: uTorrent)• Source port is randomized by operating system

(unless application requires otherwise)

Page 6: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

Python client#!usr/bin/python

from socket import *

PORT = 1948

def main():sock = socket(AF_INET, SOCK_STREAM)sock.connect(("127.0.0.1", PORT))res = sock.recv(1000) # 1000 = Maximum number of bytes to #

receive, however, it may return with less bytes # than expected

print ressock.close()

if __name__ == '__main__':main()

Page 7: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

Python server example#!usr/bin/python

from socket import *

PORT = 1948

def main():sock = socket(AF_INET, SOCK_STREAM)sock.bind(("0.0.0.0", PORT))sock.listen(10) # set backlogwhile 1:

(client_sock, peer_info) = sock.accept()print "Got incoming connection from %s:%d " %(peer_info)res = client_sock.send("Hello, World!")client_sock.close()

sock.close()

if __name__ == '__main__':main()

Page 8: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

C programming reference

• Most popular guide ever released for network programming is beej’s guide which is a very good starter referenceo http://beej.us/guide/bgnet/output/html/singlepage/bgnet.html

Page 9: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

Server implementation in C (taken from beej) - includes/*** server.c - a stream socket server demo*/#include <stdio.h>#include <stdlib.h>#include <unistd.h>#include <errno.h>#include <string.h>#include <sys/types.h>#include <sys/socket.h>#include <netinet/in.h>#include <arpa/inet.h>#include <sys/wait.h>#include <signal.h>

Page 10: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

C-Server Cleanup and defines

#define MYPORT 1948 // the port users will be connecting to#define BACKLOG 10 // how many pending connections queue will hold

//Cleaning up dead child processes:void sigchld_handler(int s){ while(waitpid(-1, NULL, WNOHANG) > 0);}

Page 11: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

C-Server mainint main(void){

int sockfd, new_fd; // listen on sock_fd, new connection on new_fdstruct sockaddr_in my_addr; // my address informationstruct sockaddr_in their_addr; // connector’s address informationsocklen_t sin_size;struct sigaction sa;int yes=1;if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {

perror("socket");exit(1);

}if (setsockopt(sockfd,SOL_SOCKET,SO_REUSEADDR,&yes,sizeof(int)) == -1) {

perror("setsockopt");exit(1);

}my_addr.sin_family = AF_INET; // host byte ordermy_addr.sin_port = htons(MYPORT); // short, network byte ordermy_addr.sin_addr.s_addr = INADDR_ANY; // automatically fill with my IPmemset(&(my_addr.sin_zero), '\0', 8); // zero the rest of the struct

Page 12: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

C-Server continuedif (bind(sockfd, (struct sockaddr *)&my_addr, sizeof(struct sockaddr))== -1) {

perror("bind");exit(1);}

if (listen(sockfd, BACKLOG) == -1) {perror("listen");exit(1);

}sa.sa_handler = sigchld_handler; // reap all dead processessigemptyset(&sa.sa_mask);sa.sa_flags = SA_RESTART;if (sigaction(SIGCHLD, &sa, NULL) == -1) {

perror("sigaction");exit(1);

}

Page 13: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

C-Server continuedwhile(1) { // main accept() loop

sin_size = sizeof(struct sockaddr_in);if ((new_fd = accept(sockfd, (struct sockaddr *)&their_addr, &sin_size))

== -1) {perror("accept");continue;

}printf("server: got connection from %s\n", inet_ntoa(their_addr.sin_addr));if (!fork()) { // this is the child process

close(sockfd); // child doesn't need the listenerif (send(new_fd, "Hello, world!\n", 14, 0) == -1)

perror("send");close(new_fd);exit(0);

}close(new_fd); // parent doesn't need this

}return 0;

}

Page 14: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

C-Client - includes/*** client.c - a stream socket client demo*/#include <stdio.h>#include <stdlib.h>#include <unistd.h>#include <errno.h>#include <string.h>#include <netdb.h>#include <sys/types.h>#include <netinet/in.h>#include <sys/socket.h>

#define PORT 1948 // the port client will be connecting to#define MAXDATASIZE 100 // max number of bytes we can get at once

Page 15: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

C-Client main• int main(int argc, char *argv[])• {• int sockfd, numbytes;• char buf[MAXDATASIZE];• struct hostent *he;• struct sockaddr_in their_addr; // connector's address information• if (argc != 2) {• fprintf(stderr,"usage: client hostname\n");• exit(1);• }• if ((he=gethostbyname(argv[1])) == NULL) { // get the host info• perror("gethostbyname");• exit(1);• }• if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {• perror("socket");• exit(1);• }

Page 16: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

C-Client main continued

• their_addr.sin_family = AF_INET; // host byte order• their_addr.sin_port = htons(PORT); // short, network byte order• their_addr.sin_addr = *((struct in_addr *)he->h_addr);• memset(&(their_addr.sin_zero), 8); // zero the rest of the struct• if (connect(sockfd, (struct sockaddr *)&their_addr, sizeof(struct

sockaddr)) == -1) {• perror("connect");• exit(1);• }• if ((numbytes=recv(sockfd, buf, MAXDATASIZE-1, 0)) == -1) {• perror("recv");• exit(1);• }•

• buf[numbytes] = '\0';• printf("Received: %s",buf);• close(sockfd);• return 0;• }

Page 17: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

File descriptors• Serially assigned to process and can be

shared between father and child processes• Reference based (file closes when the last

descriptor closes)• Popular descriptors:

o 0 – stdino 1 – stdouto 2 – stderro 3 – graphics

• Can be dup()licated using dup() and dup2()

Page 18: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol

dup2()• dup2() can be used to easily connect process

inputs and outputs to an existing (connected) TCP socket!

• Assuming sockfd is an already created and connected file descriptor we call:

dup2(sockfd, 0); // dup standard inputdup2(sockfd,1); // dup standard outputdup2(sockfd,2); // dup standard error output• Now we can run:execv(“someprocess”, NULL)