DNS, DHCP, SNMP Network Security

0
0
1936 days ago, 805 views
PowerPoint PPT Presentation
Address 12. Server-Client Model. Server - A system in a remote or nearby machine - Executed first and latently holds up association from customers - Accepts ask for from customer and answer to the customer Client - A project in a neighborhood machine - Executed later and effectively starts association with server - Sends solicitation to server and acknowledges answer from server Multiple servers on one PC Multiple

Presentation Transcript

Slide 1

Address 12 DNS, DHCP, SNMP & Network Security Server-Client Model DNS Hierarchy and Syntax DNS Server Architecture and IP Address Resolution DHCP (Dynamic Host Configuration Protocol) NAT (Network Address Translation) Network Management Software and Model SNMP (Simple Network Management Protocol) - MIB Object Identifier and Data Representation - SNMP Operations and Message Format Network Security - Network Attack and Security Policy - Data Encryption Standards - Packet Filter and Internet Firewall

Slide 2

Lecture 12 Server-Client Model Server - A program in a remote or neighborhood machine - Executed first and latently holds up association from customers - Accepts ask for from customer and answer to the customer Client - A program in a nearby machine - Executed later and effectively starts association with server - Sends ask for to server and acknowledges answer from server Multiple servers on one PC Multiple customers on one PC Server chain: a server interfaces with another server b server c TCP/UDP server an IP Phy. Interface customer 2 customer 3 customer 1 TCP/UDP IP TCP/UDP TCP/UDP Phy. Interface IP Phy. Interface Phy. Interface Internet

Slide 3

Lecture 12 Address Resolution User Symbolic Address (www.hosei.ac.jp) Application 1 Application k (program) DNS Domain Name System 80 ports UDP/TCP/IP Address (133.25.252.22) RARP Reverse ARP Address Resolution Protocol Physical Network Hardware Address (00-30-96-b0-advertisement 20) Hardware address utilized as a part of physical system IP address utilized as a part of the Internet Symbolic address (space name) utilized as a part of utilization or by clients Address determination - interpretation between various address plans ARP/RARP : interpretation between IP address and equipment address DNS : interpretation between typical address (area name) and IP address

Slide 4

Lecture 12 DNS Hierarchy and Syntax TLD Top-Level Domain . . . com edu organization au jp foobar air conditioning Label cleanser treat hosei u-aizu almond shelled nut walnut i k mt tama Host Name judy cis judy.peanut.candy.foobar.com cis.k.hosei.ac.jp Each association enrolls its extraordinary name like foobar, hosei et cetera, with focal specialist under one TLD, for example, com, edu, organization, au, jp, … Name subdivision, level, name and host name are controlled locally by association http://en.wikipedia.org/wiki/Domain_Name_System

Slide 5

Lecture 12 DNS Server Hierarchy root NS DN : Domain Name NS : Name Server . . . au NS jp NS com NS edu NS organization NS foobar NS air conditioning NS cleanser treat NS u-aizu hosei NS almond shelled nut walnut i Kaganei NS k mt Ichgaya NS tama NS judy www cis.k.hosei.ac.jp 133.25.90.34 judy.peanut.candy.foobar.com 173.156.23.96 Root NS is expected to interconnect distinctive TLD Choosing DNS server design - Small associations can utilize a solitary name server - Large associations frequently utilize numerous name servers as per division/area Each NS keeps a table of DN-IPAddr sets of neighborhood has and knows up/low NS

Slide 6

Lecture 12 IP Address Resolution root NS: Name Server com NS jp NS foobar NS air conditioning NS Step 2 www.hosei.ac.jp Step 1 133.25.252.22 sweet NS hosei NS DNS DB www.hosei.ac.jp 133.25.252.22 … . www.hosei.ac.jp Step 3 133.25.252.22 Cache table: www.hosei.ac.jp 133.25.252.22 www R www.hosei.ac.jp 133.25.252.22 judy http://www.hosei.ac.jp http://133.25.252.22:80 DNS ask for is sent to root server, which indicates at next server utilize Eventually, legitimate server is found and IP address is returned DNS server progressive system traversal is called iterative determination Servers and hosts utilize storing to decrease the quantity of DNS asks for Each area may keep numerous NS duplicates to speedup address determination more than 13 root servers disseminated all around the globe DNS Types: A, NS, MX (Mail Exchange), SOA (Start OF Authority), CNAME (Canonical Name) nslookup utility: > domain_name or IP address , > set querytype=NS, A, … A Video demo at http://www.youtube.com/watch?v=2ZUxoi7YNgs

Slide 7

Lecture 12 Computer Booting and Configuration Booting or Bootstrapping - Software framework/organize instatement handle when PC turned on Protocol programming needs particular data for operation Software utilizes parameters for operation on a particular equipment and system Configuration Process of providing parameters to convention programming IP address - relies on upon system, must be one of a kind on system Default switch address - where to send parcels went for remote system Subnet cover - to determine if subnet tending to is utilized and what the subnet is DNS server address - for DNS inquiries Other Server addresses – printer Static (no change) and element (change each time) parameters Manual design - sets and spares parameters in neighborhood circle Automated setup - Gets parameters from another PC associated a similar system - Previous strategy is BOOTP (Bootstrap Protocol) - Current method is DHCP (Dynamic Host Configuration Protocol) - Uses UDP for parameter exchange. How to exchange when unconscious parameters?

Slide 8

Lecture 12 E B A DHCP: Dynamic Host Configuration Protocol Goal: permit host to progressively acquire its IP address from system server when each of us conveys a portable PC and need to utilize it in W103 Can reestablish its rent on address being used Allows reuse of locations (just hold address while associated an "on") Support for versatile clients who need to join organize (all the more in a matter of seconds) 223.1.2.1 DHCP 223.1.1.1 server 223.1.1.2 223.1.2.9 223.1.1.4 223.1.2.2 arriving DHCP customer needs address in this system 223.1.1.3 223.1.3.27 223.1.3.2 223.1.3.1

Slide 9

Lecture 12 DHCP find src : 0.0.0.0 , 68 dest.: 255.255.255.255 , 67 yiaddr: 0.0.0.0 exchange ID: 654 DHCP Messages for Getting IP Address arriving customer DHCP server: 223.1.2.5 DHCP offer src: 223.1.2.5 , 67 dest: 255.255.255.255, 68 yiaddrr: 223.1.2.4 exchange ID: 654 Lifetime: 3600 secs DHCP ask for src: 0.0.0.0, 68 dest:: 255.255.255.255, 67 yiaddrr: 223.1.2.4 exchange ID: 655 Lifetime: 3600 secs time DHCP ACK src: 223.1.2.5, 67 dest: 255.255.255.255, 68 yiaddrr: 223.1.2.4 exchange ID: 655 Lifetime: 3600 secs

Slide 10

DHCP UDP IP Eth Phy DHCP UDP IP Eth Phy DHCP Messaging Example interfacing tablet needs its IP address, addr of first-bounce switch, addr of DNS server: utilize DHCP ask for message typified in UDP, exemplified in IP, epitomized in 802.1 Ethernet 168.1.1.1 Ethernet outline communicate (dest: FFFFFFFFFFFF ) on LAN, got at switch running DHCP server switch (runs DHCP) Ethernet demux'ed to IP demux'ed, UDP demux'ed to DHCP

Slide 11

DHCP UDP IP Eth Phy DHCP UDP IP Eth Phy DHCP Messaging Example DCP server figures DHCP ACK containing customer's IP address, IP address of first-jump switch for customer, name & IP address of DNS server embodiment of DHCP server, outline sent to customer, demux'ing up to DHCP at customer now knows its IP address, name and IP address of DSN server, IP address of its first-bounce switch (runs DHCP)

Slide 12

Lecture 12 DHCP Server And Client DHCP customer in booting PC speaks with DHCP server DHCP Discover (parameter ask for) DHCP Client DHCP Server 68 DHCP Message H 67 68 H 11… 1 00… 0 67 UDP header IP header 11… 1 – communicate 00… 0 – this PC DHCP Offer (parameter answer) DHCP Client DHCP Server 68 S_IPA 11… 1 H 67 68 H DHCP Message 67 IP header UDP header DHCP Request (recharge/discharge) DHCP Client DHCP Server 68 DHCP Message H 67 68 H S_IPA C_IPA 67 UDP header IP header Efficient utilization of IP Addresses Suppose have leaves subnet? Address no longer being used; server ought to reassign ! Address is allocated with a rent (1 hour default) - Client can't utilize the doled out address after rent lapses without recharge ask for - Client can naturally request augmentation preceding termination (half rent time) Host can get IP address utilizing DHCP, however can't get space name  D-DHCP

Slide 13

Lecture 12 DHCP Message Format Operation code : 1-ask for; 2-answer, Hardware sort : physical system, 1-Ethernet Hardware length : length of physical address, 6-Ethernet Hop check : the greatest number of jumps the bundle can travel Transaction ID : set by customer and used to coordinate an answer Client IP address : set 0 by customer first and foremost Your IP address : customer IP address filled by Server IP address : filled by server Router/passage IP address : filled by server Client equipment address : provided by customer Server name (discretionary 64-byte field): string Boot document name (discretionary 128-byte field): full way of the booting record. The customer can utilize this way to recover booting data by means of TFTP Options : subnet cover, DNS server, printer server, rent time, and so forth http://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol

Slide 14

Lecture 12 NAT - Network Address Translation Problem : In your home you have a few PCs, portable PCs, cell phones, arranged amusement young men, X-Boxes, tablets, even an organized fridge. Consider the possibility that you have just a single IP address from an ISP. Arrangement  NAT (Network Address Translation) Use the single IP address from ISP for all gadgets Can get and change locations of gadgets in nearby system Can change ISP without changing locations of neighborhood gadgets Local gadgets not expressly addressable, obvious by outside world https://en.wikipedia.org/wiki/Network_address_translation

Slide 15

Lecture 12 NAT Working Mechanism rest of Internet nearby system (e.g., home system) 10.0.0/24 10.0.0.1 10.0.0.4 10.0.0.2 138.76.29.7 10.0.0.3 All datagrams leaving neighborhood organize have same single source NAT IP address: 138.76.29.7, diverse source port numbers (NAT frequently called a switch does not look l

SPONSORS