section 6 more wireshark advanced ssh
play

Section 6: More Wireshark, advanced SSH CSE 461 Computer Networks - PowerPoint PPT Presentation

Oct 03, 2023 •343 likes •622 views

Section 6: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark https://courses.cs.washington.edu/courses/cse461/20au/section-data/461-demo.pcap Open this file in wireshark

  1. Section 6: More Wireshark, advanced SSH CSE 461 Computer Networks

  2. Wireshark ● https://courses.cs.washington.edu/courses/cse461/20au/section-data/461-demo.pcap ○ Open this file in wireshark ● https://courses.cs.washington.edu/courses/cse461/20au/section-data/pcap-demo.md

  3. Wireshark Filters ● ip ○ ip.addr == <address> ● icmp ● ipv6 ● icmpv6 ● tcp ○ tcp.port == 80 ● udp ● dns ○ dns.qry.name == website.com ● http ● tls (https) Combine filters with “&&”, “||”, “^^”, “!” Compare values with “==”, “<”, “>”, “matches”, “contains”, and more https://www.wireshark.org/docs/wsug_html_chunked/ChWorkBuildDisplayFilterSection.html

  4. (Not that) advanced SSH

  5. ssh user@server -p port

  6. SSH Keys

  7. SSH Encryption ● SSH uses symmetrical encryption The session key is negotiated securely under asymmetrical encryption, upon ● each connection ● SSH “keys” (or passwords) are used for key negotiation ● We will learn more about cryptography in lecture Take CSE 484 (Security) and CSE 490C (Cryptography) if you are interested ○ ● We will focus on the more practical side of SSH

  8. Why keys over passwords? ● More secure than passwords Keys have completely (?) random bits ○ ○ Passwords are vulnerable to dictionary attacks Easier to manage ● ○ Keys are kept locally and supplied automatically when you need them ○ Remembering passwords can be a pain ○ Keys can be revoked easily

  9. Generating an SSH key pair To generate a key pair (RSA, by default): ssh-keygen [-t type] ● We recommend using Ed25519 over RSA: ssh-keygen -t ed25519 ○ ○ Ed25519 is faster and more secure, but a lot of people are still using RSA You probably have these already if you have used the CSE Gitlab ○ ● By default, generates keys under ~/.ssh/ ○ Public key: id_{rsa|ed25519|...}.pub ○ Private key: id_{rsa|ed25519|...} ○ Keep your private keys private Optional passphrase to protect your private keys ● ○ Additional passphrase-based encryption, so adversaries can’t get your private keys even if your machine is compromised ○ Can be skipped by not typing in a password and pressing Enter

  10. Authenticating with your SSH key ● Before you can use your keys, you need to install them on the server i.e. Add your public key as a single line to ~/.ssh/authorized_keys on the server ○ ■ <protocol> <public key text> <annotation> ssh-ed25519 <text from ssh-ed25519.pub> starikov@desktop ● ○ You can edit the file manually by logging in with your password Or use ssh-copy-id [-i path/to/private/key] someserver (on macOS and Linux) ○ ● Use -i path/to/private/key to specify a key when SSHing ○ Your id_{rsa|ed25519|dsa|...} key under ~/.ssh/ is used by default ○ Or use the IdentityFile option in SSH config ● When you log in, the server looks up your public key in authorized_keys and lets you in if there is a match

  11. Server Verification (Known hosts) ● The client stores the key of every server it knows under ~/.ssh/known_hosts SSH stops you from connecting to a server if the server’s key doesn’t match ● the one in known_hosts ○ This is to prevent someone from impersonating the server you have previously used Will occur if you install a new OS at the same IP address ■ ■ Or if the ssh server keys are changed If you trust the new server identity, simply delete its key from known_hosts ○ ■ Can be done by deleting the appropriate line manually ssh-keygen -R "hostname" ■

  12. ssh-agent ● Like a password manager for SSH keys if [ -z "$SSH_AUTH_SOCK" ] ; then eval `ssh-agent -s` eval `ssh-agent` ● ssh-add fi ○ Starts ssh agent ○ To automatically start, place this in .bashrc: ssh-add [path/to/private/key] to add key to ssh-agent ● ○ By default adds your id_{rsa|ed25519|dsa|...} The passphrase is remembered for the entire session ● The ssh agent can be forwarded over SSH ● ○ ssh -A SSH config file: ○ ■ ForwardAgent yes AddKeysToAgent yes ■

  13. SSH Config File

  14. SSH Config File ● Per user config at ~/.ssh/config (create if doesn’t exist) Allows you to define hosts aliases with configurations ● Host attu attu? recycle bicycle tricycle Hostname %h.cs.washington.edu Port 22 User starikov IdentityFile ~/.ssh/id_ed25519

  15. Simple host configs Host attu Host mininet Hostname attu.cs.washington.edu Hostname localhost Port 22 Port 2222 User starikov User mininet IdentityFile ~/.ssh/id_ed25519 With the config above, I can just run ssh attu to connect to attu. Equivalent to ssh starikov@attu.cs.washington.edu -p 22 -i ~/.ssh/id_ed25519 `Hostname` also works with IP addresses

  16. A slightly more complicated config Host attu attu? recycle bicycle tricycle Hostname %h.cs.washington.edu Port 22 User starikov IdentityFile ~/.ssh/id_ed25519 This config defines many hosts at the same time, including a wildcard ( attu? ). Note that %h will be replaced by the actual value of “Host.” With this config, I can do ssh attu8 to connect to attu8.cs.washington.edu.

  17. SSH Port Forwarding/Tunneling

  18. Local Forwarding ( -L ) ● Opens a local port that forwards to a remote port Syntax: -L port:host:hostport ● Use case ● ○ I have a service running on the server but it’s bound to localhost only on the remote server ssh -L 8888:localhost:8888 server ■ ○ Service is on a private network that the server can reach, but my local computer cannot ■ I can ssh into the server and connect to a service running on privateServer ssh -L 8888:privateServer:8888 server ■ ● SSH Config: LocalForward 8888 privateServer:8888 ○ ● VSCode’s Remote SSH extension provides this feature ○ Ctrl+Shift+P and search for “Forward a Port”

  19. Remote Forwarding ( -R ) ● Opens a port on remote that forwards to a local port Syntax: -R port:host:hostport ● Requires “ GatewayPorts yes ” to be enabled on SSH server (sshd_config) ● ● Use case ○ Access desktop ssh (localhost:22) from publicserver.com:2222 ■ ssh -R 2222:localhost:22 publicserver.com ○ Access local mininet VM from publicserver.com:2222 ■ ssh -R 2222:192.168.56.101:22 publicserver.com ● Port Forwarded Mininet: ssh -R 2222:localhost:2222 publicserver.com SSH Config: ● ○ RemoteForward 2222 192.168.56.101:22

  20. Dynamic Forwarding ( -D ) ● Uses SSH as a SOCKS proxy Syntax: -D port ● ● Use case ○ Use as a proxy server for accessing hosts from the SSH server’s connection ■ Can be used to access multiple hosts that are on an internal network ■ Can also be used to access websites from the IP address of the SSH server ● Libraries allow access without a paywall/login when using a UW IP address ● Firefox allows you to connect to a SOCKS proxy ssh -D 1080 attu ○ ■ Sets up a SOCKS proxy on localhost:1080 that proxies connections through attu ○ SSH Config: ■ DynamicForward localhost:1080

  21. SSH Jump Host

  22. Jump Host ( -J ) ● Jump through intermediate hosts to the final SSH destination Syntax: -J jumphost ● Use case ● ○ You want to connect to a host over SSH behind a LAN externally, but only have SSH access to another server in that network ssh -J attu1 attu2 ○ Equivalent to: ■ 1. ssh -L 2200:attu2:22 attu1 2. ssh -p 2200 localhost ssh -J attu1,attu2,attu3,attu4 attu5 ○ Jumps from attu1 to attu2 to attu3 to attu4 and finally attu5. ■

  23. SSH Config for Jump Host Proxy ### First jumphost. Directly reachable Host alphajump HostName jumphost1.example.org ### Second jumphost. Only reachable via jumphost1.example.org Host betajump HostName jumphost2.example.org ProxyJump alphajump ### Host only reachable via alphajump and betajump Host behindalphabeta HostName behindalphabeta.example.org ProxyJump betajump

  24. X11 Forwarding

  25. X11 Forwarding ( -X ) ● Lets you run GUI apps over SSH Syntax: -X ● Needs “ X11Forwarding yes ” enabled on server (sshd_config) ● ● You might need to install an “X server” on the client if you are on Windows or macOS XQuartz for macOS (and add XAuthLocation /usr/X11/bin/xauth to your SSH config) ○ ○ Xming or vcxsrv for Windows ssh -X attu ● SSH Config: ● ForwardX11 yes ○

  26. Other useful SSH tricks ● VS Code Remote SSH ○ A lot of you have been using it ○ Super useful for debugging code on remote machine ● tmux Keep sessions running even if you disconnect ○ ■ tmux attach will reopen a running tmux session Split the terminal into smaller panels and create multiple windows ○ ○ Very configurable: customizable hotkeys, mouse mode, and more! See man ssh or tldr ssh to learn more about advanced SSH features! ●

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Section ?: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark (Not that) advanced

Section ?: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark (Not that) advanced

Section ?: More Wireshark, advanced SSH CSE 461 Computer Networks Wireshark (Not that) advanced SSH ssh user@server -p port SSH Keys SSH Encryption SSH uses symmetrical encryption The session key is negotiated securely under

530 views • 25 slides
Network concepts introduction &amp; wireshark workshop @ KirilsSolovjovs wireshark +4fd9

Network concepts introduction &amp; wireshark workshop @ KirilsSolovjovs wireshark +4fd9

Network concepts introduction &amp; wireshark workshop @ KirilsSolovjovs wireshark +4fd9 ISO/OSI+DoD model wireshark +4fd9 T opics for our workshop Network layer models Ethernet, WiFi Layer3: ARP, ICMP, IPv4, IPv6 Layer4:

812 views • 44 slides
Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What?

Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What?

Wireshark network analyzing tool 19/03/2018 1 Wireshark network analyzing tool What? One of the best open source packet analyzers available today Captures network packets and tries to display content as detailed as possible

338 views • 5 slides
Wireshark Drinking straight from the network hose Wireshark Drinking straight from the network

Wireshark Drinking straight from the network hose Wireshark Drinking straight from the network

Wireshark Drinking straight from the network hose Wireshark Drinking straight from the network hose Md. Abdul Awal TEIN Application Workshop 2017 BdREN University of Dhaka awal@bdren.net.bd December 11, 2017 These materials are licensed

612 views • 31 slides
Wireshark Tutorial Chris Neasbitt UGA Dept. of Computer Science Contents Introduction

Wireshark Tutorial Chris Neasbitt UGA Dept. of Computer Science Contents Introduction

Wireshark Tutorial Chris Neasbitt UGA Dept. of Computer Science Contents Introduction What is a network trace? What is Wireshark? Basic UI Some of the most useful parts of the UI. Packet Capture How do we capture

1.05k views • 27 slides
Advanced Section #1: Linear Algebra and Hypothesis Testing Will Claybaugh CS109A Introduction to

Advanced Section #1: Linear Algebra and Hypothesis Testing Will Claybaugh CS109A Introduction to

Advanced Section #1: Linear Algebra and Hypothesis Testing Will Claybaugh CS109A Introduction to Data Science Pavlos Protopapas and Kevin Rader 1 Advanced Section 1 WARNING This deck uses animations to focus attention and break apart complex

1.2k views • 60 slides
CSE 484 / CSE M 584 Computer Security: SQL, Wireshark, and Policy TA: Thomas Crosley

CSE 484 / CSE M 584 Computer Security: SQL, Wireshark, and Policy TA: Thomas Crosley

CSE 484 / CSE M 584 Computer Security: SQL, Wireshark, and Policy TA: Thomas Crosley tcrosley@cs SQL Review Structured Query Language (SQL) used to communicate with databases Standard SQL commands SELECT, INSERT, UPDATE, DELETE, DROP

771 views • 12 slides
Section 9 Section 9 Advanced Instructions a 9-1 1 Instruction Set Overview Instruction Set

Section 9 Section 9 Advanced Instructions a 9-1 1 Instruction Set Overview Instruction Set

Section 9 Section 9 Advanced Instructions a 9-1 1 Instruction Set Overview Instruction Set Overview Program Flow Control Load/Store Move Stack Control Control Code Bit Management Logical Operations Bit Operations Shift/Rotate

808 views • 47 slides
CSE 484 / CSE M 584 Computer Security: iOS, Wireless Security &amp; Wireshark TA: Adrian Sham

CSE 484 / CSE M 584 Computer Security: iOS, Wireless Security &amp; Wireshark TA: Adrian Sham

CSE 484 / CSE M 584 Computer Security: iOS, Wireless Security &amp; Wireshark TA: Adrian Sham adrsham@cs With material from Franzi and Bens slides Logistics / Reminders Tomorrow Ian will introduce more tools you will need for Lab #3

318 views • 11 slides
UC.yber; Meeting 24 Meet New Leadership and Wireshark If Youre New! Join our Slack

UC.yber; Meeting 24 Meet New Leadership and Wireshark If Youre New! Join our Slack

UC.yber; Meeting 24 Meet New Leadership and Wireshark If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one of

502 views • 19 slides
Cyber@UC Meeting 34 Wireshark, Packets, PCAPs, and Pings If Youre New! Join our Slack

Cyber@UC Meeting 34 Wireshark, Packets, PCAPs, and Pings If Youre New! Join our Slack

Cyber@UC Meeting 34 Wireshark, Packets, PCAPs, and Pings If Youre New! Join our Slack ucyber.slack.com Follow us on Twitter @UCyb3r and Facebook UC.yber; University of Cincinnati OWASP Chapter Feel free to get involved with one

464 views • 9 slides
Advanced Section #5: Visualization of convolutional networks and neural style transfer AC 209B:

Advanced Section #5: Visualization of convolutional networks and neural style transfer AC 209B:

Advanced Section #5: Visualization of convolutional networks and neural style transfer AC 209B: Advanced Topics in Data Science Javier Zazo Pavlos Protopapas Neural style transfer Artistic generation of high perceptual quality images that

710 views • 44 slides
Cyber@UC Meeting 55 Wireshark Demo If Youre New! Join our Slack: ucyber.slack.com SIGN

Cyber@UC Meeting 55 Wireshark Demo If Youre New! Join our Slack: ucyber.slack.com SIGN

Cyber@UC Meeting 55 Wireshark Demo If Youre New! Join our Slack: ucyber.slack.com SIGN IN! (Slackbot will post the link in #general) Feel free to get involved with one of our committees: Content Finance Public Affairs Outreach

261 views • 14 slides
IPv6/6LoWPAN with Wireshark March 2016 ICTP Alvaro Vives (alvaro.vives@nodo6.com) NODO6

IPv6/6LoWPAN with Wireshark March 2016 ICTP Alvaro Vives (alvaro.vives@nodo6.com) NODO6

IPv6/6LoWPAN with Wireshark March 2016 ICTP Alvaro Vives (alvaro.vives@nodo6.com) NODO6 (www.nodo6.com) Content 1 Introduction to Wireshark 2 Capturing IPv6 Traffic 3 Capturing 6Lowpan Traffic 2 Workshop on New Frontiers in IoT -

379 views • 17 slides
Mininet 3+4 and Wireshark Running GUI Apps through Mininet VM Can you SSH into your VM?

Mininet 3+4 and Wireshark Running GUI Apps through Mininet VM Can you SSH into your VM?

Mininet 3+4 and Wireshark Running GUI Apps through Mininet VM Can you SSH into your VM? Yes, I can SSH into my Mininet VM Install and run X11 Server Mac users: XQuartz: https://www.xquartz.org/ Windows users: Use

560 views • 15 slides
Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber

Lab 1: Packet Sniffing and Wireshark Fengwei Zhang Wayne State University Course: Cyber Security Practice 1 Packet Sniffer Packet sniffer is a basic tool for observing network packet exchanges in a computer Capturing (sniffs)

593 views • 14 slides
Dynamic Environments Mathias Pacher and Uwe Brinkschulte ISORC 2019, Valencia May 9, 2019 1.

Dynamic Environments Mathias Pacher and Uwe Brinkschulte ISORC 2019, Valencia May 9, 2019 1.

Towards an Artificial DNA for the Use in Dynamic Environments Mathias Pacher and Uwe Brinkschulte ISORC 2019, Valencia May 9, 2019 1. Motivation Current ICT systems : Increasingly complex Distributed Interconnected Dynamic

334 views • 16 slides
e-Handout EMSE MIT A Focus on Student Buy-In: Why It Matters and What To Do About It September

e-Handout EMSE MIT A Focus on Student Buy-In: Why It Matters and What To Do About It September

e-Handout EMSE MIT A Focus on Student Buy-In: Why It Matters and What To Do About It September 2019 Stan Yoshinobu, Cal Poly San Luis Obispo, Mathematics Department, Director of the Academy of Inquiry Based Learning , Email :

177 views • 4 slides
Brazils Operation Car Wash Recent Developments and Repercussions in Latin America

Brazils Operation Car Wash Recent Developments and Repercussions in Latin America

Brazils Operation Car Wash Recent Developments and Repercussions in Latin America Doug Doetsch Salim Jorge Saud Neto Partner Partner +55 21 2127 4210 +1 312 701 7973 sjsaud@mayerbrown.com ddoetsch@mayerbrown.com Kelly B.

427 views • 19 slides
Debate for Civic Learning Assessment &amp; Research Debate for Civic Learning Institute

Debate for Civic Learning Assessment &amp; Research Debate for Civic Learning Institute

9/25/19 Debate for Civic Learning Assessment &amp; Research Debate for Civic Learning Institute September 20, 2019 Paul E. Mabrey III, Ph.D. Assessment vs Assessment L. Dee Finks Creating Significant Learning Experiences Learning

385 views • 7 slides
How to write a paper Lejla Batina and Peter Schwabe Radboud University Nijmegen, The Netherlands

How to write a paper Lejla Batina and Peter Schwabe Radboud University Nijmegen, The Netherlands

How to write a paper Lejla Batina and Peter Schwabe Radboud University Nijmegen, The Netherlands November 13, 2013 Lecture Research A Requirements for the course Deadlines Submission of the full paper (first version): December 10, 2013

1.03k views • 65 slides
Imagination &amp; Equity A group of students learning 14th Century Roz Picard Creative Learning

Imagination &amp; Equity A group of students learning 14th Century Roz Picard Creative Learning

Imagination &amp; Equity A group of students learning 14th Century Roz Picard Creative Learning Projects Passion Peers Play Open as a way to imagine more equitable higher education Open = Participation Barriers to participation legal -

814 views • 42 slides
A high -quality physics Q&amp;A site and o pen peer - review system 5th Offtopicarium

A high -quality physics Q&amp;A site and o pen peer - review system 5th Offtopicarium

A high -quality physics Q&amp;A site and o pen peer - review system 5th Offtopicarium (25-29.09.2014, Wgierska Grka , Poland ) A high-quality physics Q&amp;A site and open public peer-review system Outline Introductory remarks The

346 views • 23 slides
Building RDF- and Schema-Based Peer-to-Peer Systems / University of Hannover Wolfgang Nej dl

Building RDF- and Schema-Based Peer-to-Peer Systems / University of Hannover Wolfgang Nej dl

Building RDF- and Schema-Based Peer-to-Peer Systems / University of Hannover Wolfgang Nej dl Germany L3S Overview Relevant L3S Proj ect Background Motivation Proj ect Background - PADLR, Edutella, et al S chema-Based Peer-to-Peer

666 views • 28 slides

More recommend