7/28/2019 IT250_Unit7 inux

1/19

Unit 7

Network Services

1Copyright 2010, ITT ESI

7/28/2019 IT250_Unit7 inux

2/19

Most modern networks rely on two basicelements to get information to its destination

IP Addresses

Numeric address to an individual computer

Example: 127.0.0.1

Host Names

A human readable name of a machine Computers need a DNS Server to translate a Host Name

into an IP Address for this to be useful

Copyright 2010, ITT ESI 2

7/28/2019 IT250_Unit7 inux

3/19

IPv4 Current standard in the US

Uses 4 octets for the address

Example:

192.168.20.1

Problems: No Built-in security

Limited number of addresses Around 4 Billion addresses

Currently IPv4 uses NAT to fake extra addresses

Copyright 2010, ITT ESI 3

7/28/2019 IT250_Unit7 inux

4/19

IPv6 Next major version of IP

Built-in security

A very large amount of addresses

IPv4 uses 32 bits for addresses IPv6 uses 128 bits for addresses

Written in hexadecimal form with 8 sets of 4 digits

Example: 2001:cdba:af34:bbac:3979:3b12:3257:9652

Copyright 2010, ITT ESI 4

7/28/2019 IT250_Unit7 inux

5/19

IPv4 vs IPv6 Number of addresses

IPv4

4,294,967,296 (4 billion)

IPv6

340,282,366,920,938,463,463,374,607,431,768,211,456 (340 trillion, trillion, trillion)

To use up every single IPv6 addresses we would needto stack ten billion computers on top of each otherover the entire world including the sea.

Copyright 2010, ITT ESI 5

7/28/2019 IT250_Unit7 inux

6/19

We are worried about 3 things in our network

Availability

Speed

Security

Copyright 2010, ITT ESI 6

7/28/2019 IT250_Unit7 inux

7/19

Network Speed and Availability can beaffected by many factors

Quality of Equipment

Service Provider Distance between two points

Failures of Devices

Software Hardware

Configurations

Copyright 2010, ITT ESI 7

7/28/2019 IT250_Unit7 inux

8/19

Ping Used to test if a network resource is available

Sends a small ICMP packet to the destination They respond back with an acknowledgment

No reply could mean many things:

Resource is down Network Connection Issues

Destination computer is set up to ignore ICMP packets

Copyright 2010, ITT ESI 8

7/28/2019 IT250_Unit7 inux

9/19

Traceroute Determines how many hops it takes to get to a

destination

Finds information about the hops

Latency Name

IP Address

Useful for determining the location of a problem

Traceroute uses increasingtime-to-livesettings inthe IP packets to get this information

Copyright 2010, ITT ESI 9

7/28/2019 IT250_Unit7 inux

10/19

Linux has some extra tools used forgathering network information

Host

Dig Jwhois

Copyright 2010, ITT ESI 10

7/28/2019 IT250_Unit7 inux

11/19

Host can be used for DNS lookups Given a hostname, it will fetch the IP Address

Given an IP Address, it will fetch the hostname

Dig queries the DNS Server for domaininformation Aliases of the target machine

Which DNS servers hold information about it

How many names the target has

Copyright 2010, ITT ESI 11

7/28/2019 IT250_Unit7 inux

12/19

This command looks up information aboutthe owner of a website Uses the online whois database servers

Retrieves all available information

Owner

Last Updated the whois database

Server names

Physical addresses of the machines

Useful when tracking where information iscoming from (spam)

Copyright 2010, ITT ESI 12

7/28/2019 IT250_Unit7 inux

13/19

There are many reasons to have externalconnections to a machine

File Sharing

Gain Access to non-network devices

Use specialized software

Utilize the power of another machine to complete atask your current machine cannot

Copyright 2010, ITT ESI 13

7/28/2019 IT250_Unit7 inux

14/19

There are many linux programs that will allowyou to connect to machines remotely

ssh

ftp sftp

rsh

scp

Copyright 2010, ITT ESI 14

7/28/2019 IT250_Unit7 inux

15/19

ssh is a open source Secure Shell program

This Provides a background framework for otherapplications to connect securely

Provided at no cost

The cost and security makes them popular

Copyright 2010, ITT ESI 15

7/28/2019 IT250_Unit7 inux

16/19

File Transfer Protocol Build to be an easy to use file transport tool

Built with very little security in mind

Username/Password transmitted in plain text

Easy to hijack a session

In general, normal ftp should only be used forpublicly available uploads/downloads

Files that are available to the public anyways

Options like sftp can offer better security

Copyright 2010, ITT ESI 16

7/28/2019 IT250_Unit7 inux

17/19

Secure File Transfer Protocol

Works much like ftp, except it uses a SSHconnection

All interactions are encrypted end-to-end

Copyright 2010, ITT ESI 17

7/28/2019 IT250_Unit7 inux

18/19

Remote Shell Allows you to run programs on a remote machine

through your terminal window

You can only connect to machines that trust you Each machine needs to be added to trusted list

manually

Eliminates the possibility of hackers easily taking overa machine

Copyright 2010, ITT ESI 18

7/28/2019 IT250_Unit7 inux

19/19

Secure cp

Creates a ssh connection

Allows you to copy a file over an encrypted

connection More secure that ftp

One command can copy the file

Example: To copy the local .bashrc file to the server:

scp ~/.bashrc IT250User@DestinationMachine

Copyright 2010, ITT ESI 19