introduction to information security networking. transmission control protocol (aka tcp) most widely...
TRANSCRIPT
![Page 1: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/1.jpg)
Introduction to Information
SecurityNetworking
![Page 2: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/2.jpg)
Transmission Control Protocol (aka TCP)
• Most widely used protocol• A ‘reliable’ (but not secure!) protocol• A TCP Connection is defined by the 4-tuple –
o Source IPo Destination IPo Source porto Destination port
• Also important –o Source byte countero Destination byte counter
![Page 3: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/3.jpg)
TCP/IP Continued• In order to establish a TCP connection, a 3-
way handshake occurs –o Client -> Server: SYNo Server -> Client: SYN + ACKo Client -> Server: ACK
• Once the handshake is established and the connection is up and running TCP ensures –o Delivery of ALL the data in both directionso Delivery in ordero Delivery with no errors
![Page 4: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/4.jpg)
Server Implementation
• The server listens on a specific port (aka the destination port)
• Once a connection is established, the server can accept more connections while handling the first connection
• Establish multi processing of connections can be gained by:o Fork() – Multi process solutiono Multi-Threaded solutionso Select() – Single process solutionso Other OS specific solutions
![Page 5: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/5.jpg)
Client implementation• Usually handles only one connection at a time.
(extreme contrary example: uTorrent)• Source port is randomized by operating system
(unless application requires otherwise)
![Page 6: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/6.jpg)
Python client#!usr/bin/python
from socket import *
PORT = 1948
def main():sock = socket(AF_INET, SOCK_STREAM)sock.connect(("127.0.0.1", PORT))res = sock.recv(1000) # 1000 = Maximum number of bytes to #
receive, however, it may return with less bytes # than expected
print ressock.close()
if __name__ == '__main__':main()
![Page 7: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/7.jpg)
Python server example#!usr/bin/python
from socket import *
PORT = 1948
def main():sock = socket(AF_INET, SOCK_STREAM)sock.bind(("0.0.0.0", PORT))sock.listen(10) # set backlogwhile 1:
(client_sock, peer_info) = sock.accept()print "Got incoming connection from %s:%d " %(peer_info)res = client_sock.send("Hello, World!")client_sock.close()
sock.close()
if __name__ == '__main__':main()
![Page 8: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/8.jpg)
C programming reference
• Most popular guide ever released for network programming is beej’s guide which is a very good starter referenceo http://beej.us/guide/bgnet/output/html/singlepage/bgnet.html
![Page 9: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/9.jpg)
Server implementation in C (taken from beej) - includes/*** server.c - a stream socket server demo*/#include <stdio.h>#include <stdlib.h>#include <unistd.h>#include <errno.h>#include <string.h>#include <sys/types.h>#include <sys/socket.h>#include <netinet/in.h>#include <arpa/inet.h>#include <sys/wait.h>#include <signal.h>
![Page 10: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/10.jpg)
C-Server Cleanup and defines
#define MYPORT 1948 // the port users will be connecting to#define BACKLOG 10 // how many pending connections queue will hold
//Cleaning up dead child processes:void sigchld_handler(int s){ while(waitpid(-1, NULL, WNOHANG) > 0);}
![Page 11: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/11.jpg)
C-Server mainint main(void){
int sockfd, new_fd; // listen on sock_fd, new connection on new_fdstruct sockaddr_in my_addr; // my address informationstruct sockaddr_in their_addr; // connector’s address informationsocklen_t sin_size;struct sigaction sa;int yes=1;if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {
perror("socket");exit(1);
}if (setsockopt(sockfd,SOL_SOCKET,SO_REUSEADDR,&yes,sizeof(int)) == -1) {
perror("setsockopt");exit(1);
}my_addr.sin_family = AF_INET; // host byte ordermy_addr.sin_port = htons(MYPORT); // short, network byte ordermy_addr.sin_addr.s_addr = INADDR_ANY; // automatically fill with my IPmemset(&(my_addr.sin_zero), '\0', 8); // zero the rest of the struct
![Page 12: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/12.jpg)
C-Server continuedif (bind(sockfd, (struct sockaddr *)&my_addr, sizeof(struct sockaddr))== -1) {
perror("bind");exit(1);}
if (listen(sockfd, BACKLOG) == -1) {perror("listen");exit(1);
}sa.sa_handler = sigchld_handler; // reap all dead processessigemptyset(&sa.sa_mask);sa.sa_flags = SA_RESTART;if (sigaction(SIGCHLD, &sa, NULL) == -1) {
perror("sigaction");exit(1);
}
![Page 13: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/13.jpg)
C-Server continuedwhile(1) { // main accept() loop
sin_size = sizeof(struct sockaddr_in);if ((new_fd = accept(sockfd, (struct sockaddr *)&their_addr, &sin_size))
== -1) {perror("accept");continue;
}printf("server: got connection from %s\n", inet_ntoa(their_addr.sin_addr));if (!fork()) { // this is the child process
close(sockfd); // child doesn't need the listenerif (send(new_fd, "Hello, world!\n", 14, 0) == -1)
perror("send");close(new_fd);exit(0);
}close(new_fd); // parent doesn't need this
}return 0;
}
![Page 14: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/14.jpg)
C-Client - includes/*** client.c - a stream socket client demo*/#include <stdio.h>#include <stdlib.h>#include <unistd.h>#include <errno.h>#include <string.h>#include <netdb.h>#include <sys/types.h>#include <netinet/in.h>#include <sys/socket.h>
#define PORT 1948 // the port client will be connecting to#define MAXDATASIZE 100 // max number of bytes we can get at once
![Page 15: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/15.jpg)
C-Client main• int main(int argc, char *argv[])• {• int sockfd, numbytes;• char buf[MAXDATASIZE];• struct hostent *he;• struct sockaddr_in their_addr; // connector's address information• if (argc != 2) {• fprintf(stderr,"usage: client hostname\n");• exit(1);• }• if ((he=gethostbyname(argv[1])) == NULL) { // get the host info• perror("gethostbyname");• exit(1);• }• if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) == -1) {• perror("socket");• exit(1);• }
![Page 16: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/16.jpg)
C-Client main continued
• their_addr.sin_family = AF_INET; // host byte order• their_addr.sin_port = htons(PORT); // short, network byte order• their_addr.sin_addr = *((struct in_addr *)he->h_addr);• memset(&(their_addr.sin_zero), 8); // zero the rest of the struct• if (connect(sockfd, (struct sockaddr *)&their_addr, sizeof(struct
sockaddr)) == -1) {• perror("connect");• exit(1);• }• if ((numbytes=recv(sockfd, buf, MAXDATASIZE-1, 0)) == -1) {• perror("recv");• exit(1);• }•
• buf[numbytes] = '\0';• printf("Received: %s",buf);• close(sockfd);• return 0;• }
![Page 17: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/17.jpg)
File descriptors• Serially assigned to process and can be
shared between father and child processes• Reference based (file closes when the last
descriptor closes)• Popular descriptors:
o 0 – stdino 1 – stdouto 2 – stderro 3 – graphics
• Can be dup()licated using dup() and dup2()
![Page 18: Introduction to Information Security Networking. Transmission Control Protocol (aka TCP) Most widely used protocol A ‘reliable’ (but not secure!) protocol](https://reader035.vdocuments.us/reader035/viewer/2022071710/56649dd15503460f94ac743d/html5/thumbnails/18.jpg)
dup2()• dup2() can be used to easily connect process
inputs and outputs to an existing (connected) TCP socket!
• Assuming sockfd is an already created and connected file descriptor we call:
dup2(sockfd, 0); // dup standard inputdup2(sockfd,1); // dup standard outputdup2(sockfd,2); // dup standard error output• Now we can run:execv(“someprocess”, NULL)