NetGod - PowerPoint PPT Presentation

About This Presentation
Title:

NetGod

Description:

Title: NetGod Author: Kelly Chuang Last modified by: joseph Created Date: 10/9/2001 2:25:34 AM Document presentation format: Company – PowerPoint PPT presentation

Number of Views:38
Avg rating:3.0/5.0
Slides: 93
Provided by: Kelly218
Category:
Tags: netgod | tftp

less

Transcript and Presenter's Notes

Title: NetGod


1
NetGuru by NetSmooth Corporation
?? ????????????
PART I TCP/IP????????/?NetGuru??
??? UDP/TCP/ICMP?????Packet??
2
Overview
  • UDP????
  • TCP????
  • ICMP????
  • ????
  • ?? 4.1 ??IP checksum?TCP checksum
  • ?? 4.2 ??port number???
  • ?? 4.3 ??TCP????????

3
Transport Layer
4
Transport layer???
5
?????
6
UDP ????
7
UDP ????
  • ??? RFC 768(User Datagram Protocol)
  • ??????????????????????????????
  • ???????????????????????????????
  • ??????????????? (Data Loss) ?????? (Packet Loss)
    ??????? UDP ?????????? NetMeeting?VoIP?MSN ??????

????
8
??(Port Number)???(Multitasking)???
?? 4.2 ??port number???
9
???? ?? ??? IP ???????
????? (??????) ???,??????? ?????????????? (IP ??)
???????????????????????????????????
10
???? ? ????
11
UDP????
? Ethereal ????????
12
UDP????? ????
  • Source Port
  • ??????,??????
  • Destination Port
  • ???? Datagram ??????Port
  • UDP Length
  • ??????? Datagram ???,?????????
  • UDP Checksum
  • ? UDP ? Pseudo Header?UDP Header ?? UDP ?
    Data?????????,?????,?? 16 bit????,????????????
    0,?????????????

13
UDP Pseudo Header
14
UDP Pseudo Header ? ????
  • UDP Pseudo Header
  • ??? IP header ?UDP header???????header
  • UDP Datagram ?????
  • ??? 65535 20(IP header) 8(UDP header)
    65507 Bytes
  • ?? socket ?????????? (Buffer) ???8192 Bytes)
  • ??,?????? UDP??????? DNS?TFTP?SNMP ???? Datagram
    ????? 512 Bytes

15
TCP ????
16
TCP ????
  • ??? RFC 793 (Transmission Control Protocol )
  • ?? Connection Oriented (????) ???End-to-End
    (?????????) Process-to-Process (?????)?Reliable
    Data Delivery (????????)?
  • TCP??????????
  • Reliability??Packet Loss,???Data ??????Process
  • Multiplexing?????Port ?????IP Address
    ???????????,?FTP,Telnet,HTTP ?
  • Flow Control ? Congestion Avoidance and
    Control??????????,??????????

17
TCP ????
? Ethereal ????????
18
TCP flag
  • TCP ?????????,???????????(State),???? TCP Header
    ??? flag ?????

19
TCP ?????
  • ????( three-way handshaking)

20
SYN Flooding
  • SYN Flooding???TCP???????? DOS (Denial of
    Service) / DDOS (Distributed Denial of
    Service)????

21
TCP ?????
  • ?? TCP ????(Full-duplex)?????,????????????????
  • ??????????????Half-Close,? Half-Close ??????,TCP
    ???????????????

22
TCP ???????? Client ? Server???????????
Client
Server
FIN
ACK of FIN
FIN
ACK of FIN
Connection Terminated
23
??????????? TCP
?? 4.3 ??TCP????????
24
TCP Connection State Diagram
25
TCP Connection State Diagram ? Connection
Establish ??
26
TCP Connection Establishment??
27
TCP Connection State Diagram ? Disconnection
Establish ??
  • ?????
  • Established -gt FIN_WAIT_1 -gt FIN_WAIT_2 -gt
    Time_Wait -gt Closed
  • ??????
  • Established -gt CLOSE_WAIT -gt LAST_ACK -gt Closed
  • ??????
  • Established -gt FIN_WAIT_1 -gt Closing -gt Time_Wait
    -gt Closed

28
?????
29
??????
30
??????
31
TCP ????????
  • Checksum??Packet ??
  • Sequence Number????Packet ????
  • Positive Acknowledgment (ACK)Packet Loss????????
  • Window Size?????(Flow Control)

32
TCP ???????? ? Checksum
  • ??UDP,TCP ? Checksum ??? Pseudo Header?TCP
    Header?Data ??????
  • ??????????Checksum ??,?????TCP Packet ??????????

?? 4.1 ??IP checksum?TCP checksum
33
TCP ???????? ? Sequence Number ????ACK
34
TCP ???????? ? Window Size ????
TCP ????
35
ICMP ????
36
ICMP ????
  • ??? RFC 792 (Internet Control Message Protocol)
  • ????????????????,??????????????
  • ???????????????????
  • ICMP ??????? Datagram ???????,??????????????,ICMP
    ?????????????????????
  • ??????? Fragmentation ?,ICMP ????????
    Fragmentation ?????

37
ICMP ??
  • ???????????????,????
  • TOS ??? 0,Protocol ???? 1
  • ICMP ??????
  • Type ICMP ?????
  • Code ?????????????????
  • Checksum ???????? IP Checksum ??

?? http//www.iana.org/assignments/icmp-parameters
? Ethereal ????????
38
ICMP ??? ping
  • ??ICMP ???? Type 0 ? 8( Echo Reply/Request )
  • ??????????????????,????????????? ping ???

39
Type 0/8Echo Reply/Request
  • Echo Reply ????? Identifier ? Sequence Number
    ???? Echo Request ??? ?

40
???ping????
41
ICMP ??? traceroute
  • ?? IP Packet ? TTL ????????? Packet ??????
  • router ?? IP Packet ? TTL??? 0 ???,?? ICMP Type
    11 Time-to-Live Exceed ?????
  • ?????????
  • ? UDP ???? TTL 0 ??????
  • ? ICMP Echo Request ???? TTL 0 ?????

42
traceroute??
traceroute 168.95.1.1 traceroute to 168.95.1.1 (168.95.1.1), 30 hops max, 38 byte packets 1 61-218-177-193.HINET-IP.hinet.net (61.218.177.193) 0.917 ms 0.885 ms 0.844 ms 2 10.218.177.254 (10.218.177.254) 32.017 ms 34.033 ms 33.376 ms 3 tc-c6r1.router.hinet.net (168.95.144.202) 31.748 ms 32.338 ms 31.771 ms 4 tc-b-c12r1.router.hinet.net (168.95.254.129) 31.740 ms 32.338 ms 32.927 ms 5 210.65.2.22 (210.65.2.22) 36.282 ms 35.720 ms 35.018 ms 6 tp-s2-c6r9.router.hinet.net (211.22.35.1) 33.380 ms 34.851 ms 35.006 ms 7 tp-b-c6r2.router.hinet.net (168.95.1.61) 33.369 ms 33.940 ms 33.387 ms
43
???,???????
  • ??? Packet ? TTL ?? 1,????
  • ??? Router ? 61.218.177.193,??? Packet ?? TTL ? 1
    ?(?? 0)
  • ?? 61.218.177.193 ??? ICMP Time Exceed Packet ?
    61.218.177.202

44
traceroute?packet ???
  • ?? Packet ? TTL ???,???? 168.95.1.1

45
??????
46
?????(Connection-less oriented)
??
47
UDP Header
??
48
TCP Header
??
49
TCP ??????
  • ?????? (Stop-and-Wait)
  • ???? (Window Size)
  • ????? (Sliding Window)

50
TCP ???? - Stop-and-Wait
51
TCP ???? Window Size
52
Sliding Window????
?????
Close
Open
Shrink
1 2 3 4 5 6 7 8 9
???
???ACK??
??????ACK???
????????
?????
Close
Open
Shrink
1 2 3 4 5 6 7 8 9
???
???ACK???
???????
????????
53
TCP ???? - Sliding Window
???
???
1 2 3 4 5 6 7 8 9
1 2 3 4 5 6 7 8 9
2
3
4
5
6
5
2
3
4
??
6
??????
?
4
3
ACK
NACK
1 2 3 4 5 6 7 8 9
1 2 3 4 5 6 7 8 9
7
8
?
??
Timeout ???
4
5
6
54
ICMP Header
55
????
  • ?? 4.1 IP checksum?TCP checksum
  • ?? 4.2 ??port number???
  • ?? 4.3 ??TCP????????

56
?? 4.1 IP checksum?TCP checksum
  • ????
  • ??IP checksum
  • ??TCP checksum
  • ??IP checksum?TCP checksum

57
?????
58
Step 1 ??TCP??
  • Host B
  • ?? Ethereal ,interface?eth0,??????????
  • ??browser,??????192.168.0.1 (?NetGuru???Host???Web
    server)
  • ???????????IP checksum?TCP checksum

59
Step 2 ??IP checksum
  • ???????Internet Protocol???

60
IP checksum????
  • IP header ???,??checksum ?????,?16 bits ?????,???
  • 4500003c335940004006c0a80002c0a80001279e
    e
  • ???2??79ee?,279ee79f0,??????0111 1001 1111
    0000, ??1s??1000 0110 0000 1111,??16???
    860f(??checksum)

61
????????????
62
Step 3 ??TCP checksum
  • ???????Transmission Control Protocol???

63
Pseudo Header
  • Source IP address c0 a8 00 02
    (192.168.0.2)Destination IP address c0 a8 00
    01(192.168.0.1)Protocol 06 (TCP)TCP length
    28 (40 bytes)

64
TCP header?TCP data
Checksum???0000??
65
TCP checksum?????
  • ? TCP ? Pseudo Header?TCP Header?? Data???(TCP
    checksum???????),??????????,????????
  • ???,????????3fb58,????3??fb58???
    fb5b,??????1111 1011 0101 1011,????0000 0100 1010
    0100,???16?????04a4

66
????????????
  • ?????
  • ??IP checksum?TCP checksum?????????

67
?? 4.2 ??port number???
  • ????
  • ?????????port number
  • ??TCP??
  • ??UDP??
  • ??IP Fragment

68
?????
69
Step 1 ??/etc/services ???
  • ??NetGuru????
  • ??????????
  • more /etc/services
  • ???pop3d, ftpd, telnetd?port number???

70
Step 2 ??TCP??
  • Host B
  • ?? Ethereal ,interface?eth0
  • telnet 192.168.0.1 21
  • ??Host B
  • ???? Ethereal ,interface?eth0
  • telnet 192.168.0.1 ftp
  • ??????
  • ??????????????
  • ??telnet packet?source port???destination port???

71
Port number??
  • Port ???????????????????
  • Port ???? 16 bits,?????? 0 ? 65535
  • ??????,?????????? Port Number,??Port 21 ? FTP
    Port 23 ?Telnet
  • ?????Port Number???? Linux ?Unix ???
    /etc/services ?????
  • ????,0?1023??????????,? 1024 ? 65535??????????????
    ???

72
Step 3 ??udpsend?udpserver??UDP packets
  • Host B
  • ?? Ethereal ,interface?eth0,??????????
  • Host A
  • ??udpserver -p 9090
  • Host B
  • ??udpsend -d 192.168.0.1 -dport 9090 -m Hello
    (Host B??UDP Packet?Host A)

73
??UDP??
  • ??source port,destination port???
  • ?????
  • ??UDP???TCP?????????,????
  • ??udpserver????,?udpsend???UDP??,???????

74
??udpserver?udpsend
  • ?????NetGuru??????(?Linux????),??????????????????U
    DP,??????
  • udpserver
  • p????UDP Server ? Port
  • s????? ? ?????,????????? UDP
    Data?????????,???????(1024 bytes)
  • (????udpserver???????????)

75
  • udpsend
  • dport???? UDP Server ???? Port
    ?????????,???????(9090)
  • dUDP Server IP ????????
  • bUDP Client ?????? ???Data?UDP Server??
    udpsend b 4000 ,???? UDP Data ? 4000 bytes ,
    ????  
  • m UDP Client ??????Data?UDP Server??udpsend
    m bye ,???? UDP Data ??? bye 
  • (????udpsend???????????)

76
Step 4 ??IP fragment
  • Host B
  • ?? Ethereal ,interface?eth0,??????????
  • Host A
  • ??udpserver p 9090
  • Host B
  • ??udpsend -d 192.168.0.1 -dport 9090 -b 2000
    (Host B????data??2000 bytes?UDP Packet?Host A)
  • ??????
  • ?IP fragment????,?????????port???

77
IP fragment??
78
?? 4.3 ??TCP????????
  • ????
  • ??TCP????
  • ??TCP??????
  • ??netstat????

79
?????
80
Step 1 ??telnet??
  • Host B
  • ?? Ethereal ,interface?eth0,??????????
  • Host B
  • telnet 192.168.0.1
  • ??admin,??123456
  • exit
  • ??????
  • ?????????(??Flag???)
  • ????????????
  • ??exit???(??Flag???)

81
?????????
82
????????????
83
(No Transcript)
84
??exit???
85
Step 2 ??ftp??
  • Host B
  • ??Ethereal,interface?eth0,??????????
  • Host B
  • ncftp uadmin p123456 192.168.0.1
  • exit
  • ??????
  • ?????????(??Flag???)
  • ????????????
  • ??logout(exit)???(??Flag???)

86
?????????
87
????????????
  • ??telnet?ftp???????????????

88
??logout???
89
Step 3??netstat??,??TCP????
  • Host A
  • netstat l (?????LISTEN State??? Socket)
  • netstat tcp
  • Host B
  • ncftp uadmin p123456 192.168.0.1
  • Host A
  • Ctrl C??netstat,??????

90
netstat l
  • ?????LISTEN State??? Socket

91
netstat tcp
  • ??????

92
TCP Connection State Diagram
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "NetGod" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!