networks
play

Networks Xavier Martorell-Bofill 1 Ren Serral-Graci 1 Universitat - PowerPoint PPT Presentation

Jul 29, 2023 •492 likes •1.09k views

Networks Xavier Martorell-Bofill 1 Ren Serral-Graci 1 Universitat Politcnica de Catalunya (UPC) May 26, 2014 Introduction Servers Services Lectures System administration introduction 1 Operating System installation 2 User management

  1. Networks Xavier Martorell-Bofill 1 René Serral-Gracià 1 Universitat Politècnica de Catalunya (UPC) May 26, 2014

  2. Introduction Servers Services Lectures System administration introduction 1 Operating System installation 2 User management 3 Application management 4 System monitoring 5 Filesystem Maintenance 6 Local services 7 Network services 8 Security and Protection 9 10 Virtualization R. Serral-Gracià, et. al Networks 2

  3. Introduction Servers Services Outline Introduction 1 Goals Previous Considerations Network Address Translation Firewall Servers 2 Services 3 R. Serral-Gracià, et. al Networks 3

  4. Introduction Servers Services Goals Knowledge Main services and networking protocols Superserver, portmapper, DNS, FTP , WWW, e-mail Abilities Service configurations Superserver DNS FTP WWW E-Mail R. Serral-Gracià, et. al Networks 4

  5. Introduction Servers Services Network admin considerations (I) Security measures Never execute services with superuser privileges Expose only necessary services – firewalls Configure carefully all the offered services Never leave default configurations Disable/Remove unused services Monitor the service’s logs Check for security issues – be up to date R. Serral-Gracià, et. al Networks 5

  6. Introduction Servers Services Network admin considerations (and II) Port classification Privileged ports: 0 - 1023 Controlled and assigned by IANA Only privileged users ( root ) mai install services to those ports Registered ports: 1024 - 49151 Not controlled but registered by IANA Registry about services using those ports – /etc/services Dynamic ports: 49152 - 65535 Used for temporary connections R. Serral-Gracià, et. al Networks 6

  7. Introduction Servers Services /etc/services Relates services with corresponding port number various applications use it ( netstat , . . . ) servicename port/protocol alias list echo 7/tcp echo 7/udp systat 11/tcp users systat 11/udp users ftp-data 20/tcp ftp-data 20/udp # 21 is registered to ftp, but also used by fsp ftp 21/tcp ftp 21/udp fsp fspd ssh 22/tcp ssh 22/udp telnet 23/tcp telnet 23/udp # 24 - private mail system smtp 25/tcp mail smtp 25/udp mail domain 53/tcp domain 53/udp http 80/tcp www www-http http 80/udp www www-http R. Serral-Gracià, et. al Networks 7

  8. Introduction Servers Services Network Address Translation – NAT Router translates internal addresses by one (or various) of its own Allows using a reserved IP (pool) and keep connectivity to the outside The router remembers the output connections to identify its answers Output connection: 192.168.1.25 (port 1085) → 212.106.192.142 (11086) Reply connection: 212.106.192.142 (11086) → 192.168.1.25 (1085) Tools: iptables (SNAT), dnsmasq R. Serral-Gracià, et. al Networks 8

  9. Introduction Servers Services NAT collateral effects Private addresses are not visible from the outside Attacks may only fall to the router – except over ongoing connections Network security depednds on router security Internal machines cannot offer services to the outside Ecxept when using Port Address Translation (PAT) Important performance penalty for the network All external connections go through a single router Each packet requires some CPU time for processing Some services do not behave properly when using NAT Those establishing connections to the inside FTP , IRC, Netmeeting, . . . R. Serral-Gracià, et. al Networks 9

  10. Introduction Servers Services Port Address Translation (PAT) Indicate to the NAT router it must forward some input connections to a particular machine Map router ports to some internal machine .2 Port 22 Port 22, 25, 80 .3 147.83.159.200 192.168.12.1/24 .4 Port 25, 80 .5 Eines: iptables (DNAT) R. Serral-Gracià, et. al Networks 10

  11. Introduction Servers Services Firewall Server that determines which connections may be established between two networks It typically works at network and transport layers In general application details are not known It can keep connection status (Connection Tracking) It allows related connections: “replies“ R. Serral-Gracià, et. al Networks 11

  12. Introduction Servers Services Firewall == Security? A firewall is another piece of the overall security of a system Its use can potentially offer a false security feeling Other aspects cannot be neglected Correct application configuration Perform regular security updates on installed software Limit concurrent connections Other security tools in the private network and servers are still necessary R. Serral-Gracià, et. al Networks 12

  13. Introduction Servers Services Outline Introduction 1 Servers 2 Server types Services 3 R. Serral-Gracià, et. al Networks 13

  14. Introduction Servers Services Server types Connection oriented The server keeps status about the different sessions Better performance Less error resilience Connectionless There is no status about the client connections There are no sessions Requests must be self contained Client request must contain all the required information Better failure resilience and recovery R. Serral-Gracià, et. al Networks 14

  15. Introduction Servers Services Server types – Depending authority Primary They keep a copy of all the information If there is mismatch in the stored information the primary takes precedence There is one per service Secondary Keep copies of the information Performing periodic updates with the primary There can be more than one per service Load balancing Are an implicit backup of the primary Cache (and/or proxies) Keep –partial– copies of the most used information More than one per service Better performance They can add security checks, filtering, log, . . . R. Serral-Gracià, et. al Networks 15

  16. Introduction Servers Services Outline Introduction 1 Servers 2 Services 3 Remote Procedure Calls (RPC) Domain Name System (DNS) Dynamic Host Configuration Protocol (DHCP) Hypertext Transfer Protocol (HTTP) File Transfer Protocol (FTP) Simple Mail Transfer Protocol (SMTP) E-mail reception Secure Shell Network File System (NFS) Samba (SMB) Lightweight Directory Access Protocol (LDAP) R. Serral-Gracià, et. al Networks 16

  17. Introduction Servers Services Superserver A service even when idle uses resources Many services are requested only from time to time: telnet , ftp , ssh , . . . Superserver listens to all the ports and activates the service only when needed It detects the request Initiates the service Passes the message Limitations Between connections it is not possible to keep information in memory Overhead caused by process creation Implementations: inetd , xinetd R. Serral-Gracià, et. al Networks 17

  18. Introduction Servers Services /etc/xinetd.conf , /etc/xinetd.d Indicates the services offered by the superserver Service, Protocol, User/group, Server, Parameters $ cat /etc/xined.conf includedir /etc/xinetd.d $ cat /etc/xined.d/ftp service ftp { socket_type = stream wait = no user = root server = /usr/sbin/vsftpd log_on_success += HOST DURATION log_on_failure += HOST disable = no } R. Serral-Gracià, et. al Networks 18

  19. Introduction Servers Services Remote Procedure Calls (RPC) Remote subroutine invokation Identified by a service number ID RPC Servers They implement a set of remote connections Listen in a dynamic port Portmapper Registers the RPC servers Maps the port with the subroutines Needed by other services NFS, . . . Stub Implementation int read(int fd, ... int read(int fd, ... ... b = read(8, ... ... R. Serral-Gracià, et. al Networks 19

  20. Introduction Servers Services Portmapper All the status is kept on memory If the process fails, is not enough restarting it All RPC servers must be restarted All services must be registered upon portmapper start Portmapper 2 d e m a n a r s e r p v e o i r Registrar servei t 1 Crida RPC Client Resultat 3 Server R. Serral-Gracià, et. al Networks 20

  21. Introduction Servers Services Domain Name System (DNS) Name resolution service Hostname → IP address IP Address → hostname Issues Large amount of machines Large number of changes Solution Hierarchical distribution of the information (domains) Authority delegation R. Serral-Gracià, et. al Networks 21

  22. Introduction Servers Services DNS Internals Authority delegation Each domain administers its own server Everybody knows the higher servers in the hierarchy (root) Everybody knows the server for their domain Name resolution is iterative a.root-server b.root-server internic.net www.google.com? ... .com .com www.google.com www.google? iana.org alldomains.com google /etc/resolv.conf: Servidor DNS www? search ac.upc.edu Local www nameserver 147.83.33.45 NS3.google.com google.com DNS: RFCs 1034/1035 R. Serral-Gracià, et. al Networks 22

  23. Introduction Servers Services Service performance Using ”caches“ is convenient High temporal locality Avoids repeating the same query High spacial locality Avoids going up to the root servers too often Avoids some steps of the iterative search DNS can be used for load balancing We can have several IPs for the same name Each query returns different values: Round Robin or ”geographical“ criteria $ nslookup www.google.com Name: www.google.com Address: 212.106.221.23 Name: www.google.com Address: 212.106.221.27 Name: www.google.com Address: 212.106.221.25 ... R. Serral-Gracià, et. al Networks 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Information Visualization networks without networks, couldn't have any of these: Dataset

Information Visualization networks without networks, couldn't have any of these: Dataset

Network data Applications of networks Information Visualization networks without networks, couldn't have any of these: Dataset Types model relationships Networks & Trees 1/2 between things Tables Networks Fields (Continuous)

263 views • 4 slides
Types of networks (social networks, computer networks, entity- relationship networks, )

Types of networks (social networks, computer networks, entity- relationship networks, )

Networks Types of networks (social networks, computer networks, entity- relationship networks, ) Node-link diagrams Layered Internet architecture (encapsulation) The Internet Structure of the Internet core

556 views • 16 slides
Social and Technological Networks: Review Rik Sarkar Networks Networks/graphs are

Social and Technological Networks: Review Rik Sarkar Networks Networks/graphs are

Social and Technological Networks: Review Rik Sarkar Networks Networks/graphs are fundamental in computer science And becoming more important As systems, people, computation become more interconnected Why study networks We

223 views • 21 slides
1 Hardware architectures Point-to-point networks Many different types of networks: One

1 Hardware architectures Point-to-point networks Many different types of networks: One

Networks in embedded systems Networking for Embedded Systems Why we use networks. Network abstractions. Example networks. initial processing more processing Properties of wireless networks. PE sensor PE PE actuator PEs

573 views • 7 slides
Current Network Structure for Pediatrics Hospital Networks Country, state, regional, Academic

Current Network Structure for Pediatrics Hospital Networks Country, state, regional, Academic

Current Network Structure for Pediatrics Hospital Networks Country, state, regional, Academic networks networks Sub-specialty NIH networks networks Foundation networks Trial recruitment networks Disease specific networks Networks for

361 views • 6 slides
Computer Networks I Computer Networks I Networks A networks connection structure is known as

Computer Networks I Computer Networks I Networks A networks connection structure is known as

Computer Networks I Computer Networks I Networks A networks connection structure is known as its network topology . Host nodes source and destination of messages Communication nodes where messages pass through; can be

304 views • 26 slides
NETWORKS Networks There are many types of networks and network effects Physical:

NETWORKS Networks There are many types of networks and network effects Physical:

NETWORKS Networks There are many types of networks and network effects Physical: computers, railways Social: online, family Network externalities: value depends on # users Different fields, different (overlapping) refs, focus

589 views • 36 slides
Topics ! Use of networks ! Network structure ! Implementation of networks Computer Networks

Topics ! Use of networks ! Network structure ! Implementation of networks Computer Networks

Topics ! Use of networks ! Network structure ! Implementation of networks Computer Networks Introduction Lets Get Started! Computer Networks: Our Definition ! Networking today: Where are they? An interconnected collection of

439 views • 8 slides
Routing in Ad-hoc networks P R E S E N T E D B Y - L E W I S T S E N G R A C H I T A G A R W A

Routing in Ad-hoc networks P R E S E N T E D B Y - L E W I S T S E N G R A C H I T A G A R W A

Routing in Ad-hoc networks P R E S E N T E D B Y - L E W I S T S E N G R A C H I T A G A R W A L Ad-hoc networks Infrastructure-less networks No fixed routers (potentially) mobile nodes Dynamically and arbitrarily located

1.15k views • 94 slides
Types of Biological Networks Many important biological networks are defined on molecules such as

Types of Biological Networks Many important biological networks are defined on molecules such as

Marinka Zitnik CS 224W: Biological Networks November 28, 2017 The study of biological networks, their analysis and modeling are important tasks in life sciences today. Most biological networks are still far from being complete and they are often

223 views • 9 slides
Mobility and cellular networks Mobility and cellular networks Cellular radio and PCS networks

Mobility and cellular networks Mobility and cellular networks Cellular radio and PCS networks

Wireless WANs Mobility and cellular networks Mobility and cellular networks Cellular radio and PCS networks Wireless data networks Satellite links and networks Mobility, etc.- 2 Basic concepts and directions in telecommunications

289 views • 7 slides
Networks in economics Lecture 1 - Measuring networks and finance What are networks and why study

Networks in economics Lecture 1 - Measuring networks and finance What are networks and why study

Networks in economics Lecture 1 - Measuring networks and finance What are networks and why study them? A network is a set of items (nodes) connected by edges or links. Units (nodes) Interaction Individuals Friendship Firms Trade Banks

486 views • 29 slides
CONVOLUTIONAL AND RECURRENT NEURAL NETWORKS Neural networks Fully connected networks

CONVOLUTIONAL AND RECURRENT NEURAL NETWORKS Neural networks Fully connected networks

CONVOLUTIONAL AND RECURRENT NEURAL NETWORKS Neural networks Fully connected networks Neuron Non-linearity Softmax layer DNN training Loss function and regularization SGD and backprop Learning rate Overfitting

1.8k views • 86 slides
Branching Networks Introduction River Networks Complex Networks, Course 295A, Spring, 2008

Branching Networks Introduction River Networks Complex Networks, Course 295A, Spring, 2008

Branching Networks Branching Networks Introduction River Networks Complex Networks, Course 295A, Spring, 2008 Definitions Allometry Laws Stream Ordering Hortons Laws Prof. Peter Dodds Tokunagas Law Horton Tokunaga Reducing

1.57k views • 110 slides
Architecture Perceptron Highway Networks Highway Networks Allows training very deep

Architecture Perceptron Highway Networks Highway Networks Allows training very deep

Highway Networks for Visual Question Answering Aaditya Prakash PhD advisor: James Storer Brandeis University Architecture Perceptron Highway Networks Highway Networks Allows training very deep networks Srivastava et al trained

174 views • 16 slides
Networks Eric McCreath Networks A communication networks provides the means by which computers

Networks Eric McCreath Networks A communication networks provides the means by which computers

Networks Eric McCreath Networks A communication networks provides the means by which computers can transfer information to and from other computing devices. The Internet has become the most extensive network for computers to communicated

635 views • 6 slides
gLite Data Management Agenda gLite Data Management Introduction Examples Name

gLite Data Management Agenda gLite Data Management Introduction Examples Name

gLite Data Management Agenda gLite Data Management Introduction Examples Name Convention Storage Elements LCG File Catalog FTS Overview 2 Data Management System (DMS) Provides file manipulation services for users

339 views • 17 slides
CS654 Advanced Computer Architecture Lec 14 Directory Based Multiprocessors Peter Kemper

CS654 Advanced Computer Architecture Lec 14 Directory Based Multiprocessors Peter Kemper

CS654 Advanced Computer Architecture Lec 14 Directory Based Multiprocessors Peter Kemper Adapted from the slides of EECS 252 by Prof. David Patterson Electrical Engineering and Computer Sciences University of California, Berkeley Review

717 views • 50 slides
OpenLDAP Developer Conference 2011 PRESENTED BY: Jan Velk Red Hat Attribution-ShareAlike

OpenLDAP Developer Conference 2011 PRESENTED BY: Jan Velk Red Hat Attribution-ShareAlike

OpenLDAP Developer Conference 2011 PRESENTED BY: Jan Velk Red Hat Attribution-ShareAlike 3.0 Unported (CC BY-SA 3.0) http://creativecommons.org/licenses/by-sa/3.0/ topics what is LDAP database structure difference from other

381 views • 15 slides
Distributed File Systems Accessing files FTP, telnet Explicit access User-directed

Distributed File Systems Accessing files FTP, telnet Explicit access User-directed

Distributed File Systems Accessing files FTP, telnet Explicit access User-directed connection to access remote resources We want more transparency Allow user to access remote resources just as local ones Focus on file system for

1k views • 66 slides
Roadmap for Section A.1 General Concepts - Windows Networking Domains & Active Directory The

Roadmap for Section A.1 General Concepts - Windows Networking Domains & Active Directory The

Unit OS A: Windows Networking A.1. Networking Components in Windows Windows Operating System Internals - by David A. Solomon and Mark E. Russinovich with Andreas Polze Roadmap for Section A.1 General Concepts - Windows Networking Domains &

443 views • 28 slides
The Use of Prediction for The Use of Prediction for Accelerating Upgrade Misses in Accelerating

The Use of Prediction for The Use of Prediction for Accelerating Upgrade Misses in Accelerating

The Use of Prediction for The Use of Prediction for Accelerating Upgrade Misses in Accelerating Upgrade Misses in cc-NUMA Multiprocessors cc-NUMA Multiprocessors Manuel E. Acacio , Jos Gonzlez

671 views • 24 slides
The World Wide Web How the Web Works Publishing Web Pages Aaron Stevens (azs@bu.edu) 20

The World Wide Web How the Web Works Publishing Web Pages Aaron Stevens (azs@bu.edu) 20

9/13/12 CS101 Lecture 05: The World Wide Web How the Web Works Publishing Web Pages Aaron Stevens (azs@bu.edu) 20 September 2012 Computer Science What Youll Learn Today Computer Science How does the WWW work? What are web servers,

585 views • 14 slides
Security and Privacy in Vehicular Social Networks Hongyu Jin, Mohammad Khodaei, and Panos

Security and Privacy in Vehicular Social Networks Hongyu Jin, Mohammad Khodaei, and Panos

KTH ROYAL INSTITUTE OF TECHNOLOGY Security and Privacy in Vehicular Social Networks Hongyu Jin, Mohammad Khodaei, and Panos Papadimitratos Networked Systems Security Group (NSS) www.eecs.kth.se/nss Security and Privacy for Vehicular

385 views • 16 slides

More recommend