tcpip - Day 3

Goals

• learn how services run as daemons or from inetd
• reconfigure your local network
• walk through PPP setup on unix
• learn the major tcp/udp protocols

POST

1. what are some common web clients?
2. what are some common web servers?
3. what port is used for web service?
4. what are some reasons for subnetting a network?
5. On solaris, what does ping report when a host is reachable?
6. What is a switch you can use to display numerical/statistical information (solaris only)?
7. How many hops are there between your workstation and www.ebay.com ?
8. Can you extract any information from the hostnames (if any) listed in the traceroute output?

inetd v. daemons

• Services loaded on demand are called by inetd, the internet services daemon. Sometimes a wrapper (frequently tcpd) is called which "wraps" the actual service, providing an additional layer of security.
• Standalone services are daemons, which run 24/7. They are invoked at boot time.

boot time

• the machine could remember nothing between boots if the info were not kept in files.
• Runlevels: single user (maintenance) mode, multiuser mode, shutdown mode, proprietary modes.
• The first process to start is the initd initialization daemon. It traditionally has a pid of 1 and starts all the other processes.
• the master copy of startup scripts may reside in an init.d or other directory.
• scripts for each runlevel (or symlinks to each master script) may exist in a directory named after that runlevel: rc0, rc1, etc. p.228.
• scripts may be name with a numerical preface that indicates startup order.
• you can grep the files to find out which ones are pertinent to the service you are tuning.
• you can read the script to find out which files to change to make your edits permanent (ie, persist after reboot).

configure your own network

• take down the interface
• add the interface back in on another (new) network. (see example on 129)
• automate this process with a shell script
• verify the machines can see each other
• reboot the machines

using dialup tcp/ip

• SLIP Serial Line IP deprecated. p137.
• PPP Point to Point Protocol. pp138-39. Preferred.
  • dedicated phone line p.141
  • shared line (dynamic IP)
    • dip (Dialup IP) p 142
    • scripting the dialup connection: 143-43
    • Note: the 0.0.0.0 does not mean default route in this case; see p143.
    • Security: note that your user/pass is in the script! Use correct permissions.

common tcp/udp services

• http p.405
  • clients, servers, ports
  • general operation: client and server sides
  • security concerns
• email, chapter 10,
  • clients (mail, pine), servers (sendmail, qmail, smail) ports
  • pipes
  • general operation: client and server sides
  • security concerns
  • diagnostics: mqueue, -v, etc
• mailing lists
  • clients, (leverage existing), MLMs
  • general operation
  • security concerns
• ftp p.411
  • clients, servers, ports
  • general operation: client and server sides
  • security concerns
• rlogin
  • clients, servers, ports
  • general operation: client and server sides
  • security concerns
• telnet
  • clients, servers, ports
  • general operation: client and server sides
  • security concerns
• ssh
  • clients, servers, ports
  • general operation: client and server sides
  • security concerns
• news
  • clients, servers, ports
  • general operation: client and server sides
  • security concerns
• IRC
  • clients, servers, ports
  • general operation: client and server sides
  • security concerns
• DNS
  • clients (built in), servers, ports
  • general operation: client and server sides
  • security concerns
• minor services: talk, wall,

Homework

• read the newsgroups
• consider the threat model for your unix network

Remember, your login is based on your machine's hostname, not on any other number.
~/[initials] refers to the subdirectory under your homedir, named after your initials. Everything except for .dotfiles will be stored in your ~/[initials] directory.