Download Time Server - WordPress.com

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
Document related concepts

Internet protocol suite wikipedia , lookup

Parallel port wikipedia , lookup

AppleTalk wikipedia , lookup

Net bias wikipedia , lookup

Deep packet inspection wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Spanning Tree Protocol wikipedia , lookup

Distributed firewall wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Lag wikipedia , lookup

Zero-configuration networking wikipedia , lookup

Remote Desktop Services wikipedia , lookup

Transcript 
Internet Services
WHAT IS AN INTERNET SERVICE?
 Basically, an Internet Service can be defined as any
service that can be accessed through TCP/IP based
networks, whether an internal network (Intranet) or
external network (Internet).
 Actually, TCP and IP are two of the protocols that
are included in a group of protocols sometimes
known as the Internet protocols. Common services
are Telnet, FTP, SMTP, HTTP, ICMP, ARP, DNS, ssh,
scp, sftp, and others.
Secure Services
 There are common services, such as telnet and ftp.
 These services send all of their traffic in plain text, including
passwords
 Plain text traffic is extremely easy to eavesdrop on by anyone
between the traffic’s source and destination. Since the Internet
has exploded in popularity, running insecure services such as
these is not a good idea. That’s why secure replacements have
been developed.
 These replacements provide stronger authentication controls
and encrypt all their traffic to keep your data safe. You should
always run secure services instead of insecure services.
ssh
 Secure Shell, also known as ssh, is a secure telnet
replacement that encrypts all traffic, including
passwords, using a public/private encryption key
exchange protocol.
 It provides the same functionality of telnet(insecure),
plus other useful functions, such as traffic tunneling.
 [root#]ssh [email protected]
 SSH asks if you want to accept and trust the host key
being sent to you. This is asked only once when you
log in into the machine for the very first time.
 After this first login whenever ssh is done, system
asks for password and a regular terminal in returned.
 SSH tunnels almost any protocol through it.
 This example creates tunnel for HTTP. This will
forward port 80 of your localhost to port 80 if
www.example.com
 [root#]ssh –f –N –q –L 80:localhost:80
[email protected]
scp
 Secure Copy, also known as scp, is part of the ssh
package.
 scp helps to copy files securely from any machine to
any other linux machine provided ssh daemon is
running.
 The syntax of scp :
 scp user@host:file1 user@host:file2
 For eg :
 [root#] scp user1@bscit:demofile
user2@bscit:newfile
 user1@bscit password :
 user2@bscit password :
sftp
 Secure File Transfer Program, also known as sftp, is an FTP
client that performs all its functions over ssh.
 The syntax for sftp :
 sftp user@host:file file
 For eg:
 [root#] sftp user1@bscit:tyitfile newfile
 Connecting to bscit..
 user1@bscit password :
Less secure services
 These are insecure services that should not be used,
since they trust that the network is absolutely secure.
Their secure equivalents should be used instead.
telnet
 telnet is a protocol and application that enables someone
to have access to a virtual terminal on a remote host. It
resembles text-based console access on a Unix machine.
 Telnet is an application that’s available almost everywhere.
 Because of this distribution, most beginning Unix users
use Telnet exclusively to communicate with other Unix
and NT machines.
 SSH works almost similar to telnet but with encrypted
traffic and passwords.
 [root#]telnet example.com
ftp
 ftp is a file transfer protocol that runs over ports 20 and 21.
 Once you have successfully logged on to an ftp server, you
can type help for a list of available commands.
 Two important commands to remember are put to move a
file from your machine to the remote machine, and get to
pull a file from the remote server to your machine.
 To send multiple files you can use mput, and to retrieve
multiple files you can use mget.





For eg:
ftp:> get file1
ftp:> put file2
ftp:> mget file1 file2 file3
ftp:> mput file1 file2 file3
rsync
 rsync is an unencrypted file transfer program . It
includes the feature of allowing to find the
differences between two sets of files on two
machines to be transferred across the network.
 It listens to port 873.
rlogin
 rlogin is a remote login program that connects your
terminal to a remote machine’s terminal.
 rlogin is an insecure protocol, because it sends all
information, including passwords, in plain-text.
 It also enables an mutual trust relationship to exist
between machines.
 Syntax :
 [root#]rlogin remotehostname
 Eg :
 [root#] rlogin redhat
rsh
 rsh is an unencrypted mechanism to execute
commands on remote hosts.
 rsh’s syntax is :
 [root#]rsh remotehostname remotecommand
 Eg :
 [root#] rsh redhathost shutdown
finger
 finger enables users on remote systems to look up
information about users on another system.
 finger displays information as user’s login name, real
name, terminal name, idle time, login time, home
directory, shell etc.
 finger should be disabled outside local network as
user information could be accessed easily.




finger daemon listens on port 79.
Syntax :
[root#] finger username@hostname
[root#] finger [email protected]
Talk and ntalk
 Talk and ntalk are real-time chat protocols. The talk
server runs on port 517 and the ntalk server runs on
port 518.
 To send someone else a talk request, type talk or
ntalk username@hostname.
 If their server is running a talk or ntalk daemon and
they are logged in, they will see a message inviting
them to chat with you.






Syntax :
[root#]talk username@hostname
[root#]ntalk username@hostname
Eg:
[root#]talk [email protected]
[root#]ntalk [email protected]
Linux as Server
 Following protocols are used :
 1. http
 The most common Web server used on Linux is
Apache. Apache is easily configurable, and its
configuration files live in /etc/httpd/conf/.
 While Apache can be set to listen to many different
network ports, the most common port it listens on is
port 80.




To start httpd use command :
[root#] service httpd start
To enable it at boot :
[root#] chkconfig httpd ON
 2. sshd
 Its global system configuration files are in /etc/ssh,
and users’ ssh configuration files are in $HOME/.ssh/.
 The ssh server listens on port 22.
 If the port is blocked by firewall and not available
then ssh can be made to run on another port also.




To start sshd use command :
[root#] service sshd start
To enable it at boot :
[root#] chkconfig sshd ON
 3. ftpd
 The FTP daemon uses ports 20 and 21 to listen for and
initiate FTP requests.
 Its configuration files ftpaccess, ftpconversions,
ftpgroups, ftphosts, and ftpusers, are located in the
/etc directory.
 4. dns
 The Domain Name Service (DNS), which maps IP
addresses to hostnames.
 It runs on port 53.
 Its configuration file is named.conf in the /etc
directory.




To start dns use command :
[root#] service named start
To enable it at boot :
[root#] chkconfig named ON
Inetd Server
 inetd is called an Internet superserver. It is launched
at boot time, and listens for connections on network
sockets.
 When inetd starts up, it checks the inetd.conf file to
see what services should be running. It then reads
the /etc/services file to see what ports those services
should be running on.
Xinetd Server
 It is an extended version of inetd that adds more security
and features.
 In has new features for system administrators.
 It starts at boot time and listen for connections to come in
from different ports in its configuration file.
 Once xientd receives connection request, then xientd
spawns a new server and keeps listening for a new
connection on a different port.
 In xinetd anyone can start network service whereas in
inetd only root can start the network service.
 Xientd has inbuilt firewall capability as it provides
access control on all services based on various
criteria, such as remote host address, access time,
remote hostname etc.
 Xientd kills servers that are not in the configuration
file thereby preventing configuration’s access criteria.
 Xinetd also has log storage.
 Configuration file for xientd is /etc/xientd.conf
/etc/xientd.conf








defaults
{
instances=60
log_type=syslog
log_on_success=Host PID
log_on_failure = Host PID
}
includedir /etc/xientd.d




Start the service :
[root#] service xientd start
After Any changes in file :
[root#] service xientd restart
Xinetd started services







ntalk-chat server runs on port 518
rsync:remote ftp
telnet: telnet server
finger:user information lookup program
kshell:restricts user access to shell
rlogin:remote login trusted
rsh:remote shell to connect to remote host







talk:chat server runs on port 517
klogin:rlogin server over kerboros
chargen:generates random charater on TCP
time:gives u time
chargen-udp : generates random charater on UDP
time-upd : gives time on UDP
comsat : sends notification of new mail
Stand-Alone Services












sendmail : mail server
apache : web server
sshd : ssh server
qmail : mail server
postfix : mail server
named : DNS server
xfs : X font server
portmap : maps RPC services to port
rpc.quotad : serves quota information
rpc.mountd : NFS mount server
squid : web proxy server
oracle : database server
Linux Firewall
 Linux provides a few different mechanisms for system
security. One of these mechanisms is Linux’s firewall
packages.
 iptables is Fedora’s and Red Hat’s built-in firewall
administration tool.
 iptables also enables personal firewall on Linux
machine.






Commands to manage Iptables are :
[root#] service iptables start
[root#] service iptables stop
On Boot :
[root#] chkconfig iptables ON
[root#] chkconfig iptables OFF
Related documents
Slide 1
Slide 1
Packet switching
Packet switching
REMOTE LOGIN PROTOCOLS
REMOTE LOGIN PROTOCOLS
Introducing the Internet
Introducing the Internet
Session5-Group4-Networking
Session5-Group4-Networking
Nona*s Homemade * Marketing Project * C Block Marketing Class
Nona*s Homemade * Marketing Project * C Block Marketing Class
Strengths and Potential of Swiss SSH Research with regard to
Strengths and Potential of Swiss SSH Research with regard to
File Transfer Protocol (FTP)
File Transfer Protocol (FTP)
Chapter 1: Protocols and Layers
Chapter 1: Protocols and Layers
SSH
SSH
Introduction to Computer Science
Introduction to Computer Science
Release notes_1.3
Release notes_1.3
Internet Protocols
Internet Protocols
File Transfer Protocol
File Transfer Protocol
Preparing Your Astro (UNIX) Account To Host A
Preparing Your Astro (UNIX) Account To Host A
SSH - Information Services and Technology
SSH - Information Services and Technology
SLC 8000 Product Brief, Partners, A4
SLC 8000 Product Brief, Partners, A4
Document
Document
Getting the Most From SSH Brooks Davis <brooks@one-eyed
Getting the Most From SSH Brooks Davis <brooks@one-eyed
Lec9-telnet
Lec9-telnet