cse 127 week 8 discussion · 2020-05-20 · 1. your laptop uses dhcp (dynamic host configuration...
TRANSCRIPT
CSE127Week8DiscussionArianaMirian
Zoom
PropstoDeian StefanforSlides
Thisisbeingrecorded
PA4duetomorrow!
OverviewofToday
• Overviewoflasttwolectures• Somenewinformation
• BriefoverviewofPA5• ToolsthatmightbehelpfulduringthePA
• Openofficehours(iftime)
OSI Layers(Open Systems Interconnection)
Application• End user layer• HTTP, FTP, Skype, SSH, SMTP, DNS
Presentation• Syntax, byte order, compression, encryption• SSL, SSH, MPEG, JPEG
Session• Connection establishment and maintenance• APIs, sockets
Transport• End-to-end connections between processes• TCP, UDP
Network• Addressing, routing between nodes• IP
Data Link• Link management, frames• Ethernet, WiFi
Physical• Physical wires• Photons, RF modulation
Basic Internet Archictecture “Hourglass”Narrow waist = interoperability
IP
Copper Fiber
TCP
FTPHTTPSMTPDNSNTP
IP
Cellular
Radio
WiFi Ethernet
UDP
Application layer
Transport layer
Network layer
Link layer
Physical layer
Workingexample
Youconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
Workingexample
Youconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
1. YourlaptopusesDHCP(DynamicHostConfigurationProtocol)tobootstrapitselfonthelocalnetwork.
Workingexample
Youconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
1. YourlaptopusesDHCP(DynamicHostConfigurationProtocol)tobootstrapitselfonthelocalnetwork.A. Newhostdoesn’thaveanIPaddress,doesn’tknowwhotoask
Workingexample
Youconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
1. YourlaptopusesDHCP(DynamicHostConfigurationProtocol)tobootstrapitselfonthelocalnetwork.A. Newhostdoesn’thaveanIPaddress,doesn’tknowwhotoaskB. BroadcastsDHCPDISCOVERto255.255.255.255withitsMACaddress
Workingexample
Youconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
1. YourlaptopusesDHCP(DynamicHostConfigurationProtocol)tobootstrapitselfonthelocalnetwork.A. Newhostdoesn’thaveanIPaddress,doesn’tknowwhotoaskB. BroadcastsDHCPDISCOVERto255.255.255.255withitsMACaddressC. DHCPserverrespondswithconfig:leaseonhostIPaddress,gatewayIP
address,DNSserverinformation
Workingexample
Youconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
2.YourlaptopmakesanARPrequesttolearntheMACaddressofthelocalrouter.
Workingexample
Youconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
2.YourlaptopmakesanARPrequesttolearntheMACaddressofthelocalrouter.
A. Everyconnectionoutsidethelocalnetworkwillbeencapsulatedinalink-layerframewiththelocalrouter’sMACaddressasthedestination.
Workingexample
Youconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
2.YourlaptopmakesanARPrequesttolearntheMACaddressofthelocalrouter.
A. Everyconnectionoutsidethelocalnetworkwillbeencapsulatedinalink-layerframewiththelocalrouter’sMACaddressasthedestination.
B. YourlaptopencapsulateseachIPpacketinanEthernetframeaddressedtothelocalrouter
WorkingexampleYouconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
2.YourlaptopmakesanARPrequesttolearntheMACaddressofthelocalrouter.
A. Everyconnectionoutsidethelocalnetworkwillbeencapsulatedinalink-layerframewiththelocalrouter’sMACaddressasthedestination.
B. YourlaptopencapsulateseachIPpacketinaWIFIEthernetframeaddressedtothelocalrouter
C. Thelocalrouterde-capsulates theseEthernetframesandre-encodesthemtoforwardthemonitsfiberconnectiontoitsupstreamISP,ortoanotherpartofthenetwork.
WorkingexampleYouconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
2.YourlaptopmakesanARPrequesttolearntheMACaddressofthelocalrouter.
A. Everyconnectionoutsidethelocalnetworkwillbeencapsulatedinalink-layerframewiththelocalrouter’sMACaddressasthedestination.
B. YourlaptopencapsulateseachIPpacketinaWIFIEthernetframeaddressedtothelocalrouter
C. Thelocalrouterde-capsulates theseEthernetframesandre-encodesthemtoforwardthemonitsfiberconnectiontoitsupstreamISP,ortoanotherpartofthenetwork.
D. Eachhopre-encodesthelinklayerforitsownnetwork.
WorkingexampleYouconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
3.YoulaptopdoesaDNSlookuponucsd.eduA. ItlearnedtheIPaddressofaDNSserverfromtherouterorwasalready
hardcodedin(8.8.8.8)
WorkingexampleYouconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
3.YoulaptopdoesaDNSlookuponucsd.eduA. ItlearnedtheIPaddressofaDNSserverfromtherouterorwasalready
hardcodedin(8.8.8.8)B. EachrequestisaDNSqueryencapsulatedinoneormoreUDPpackets
encapsulatedinoneormoreIPpackets
WorkingexampleYouconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
3.YoulaptopdoesaDNSlookuponucsd.eduA. ItlearnedtheIPaddressofaDNSserverfromtherouterorwasalready
hardcodedin(8.8.8.8)B. EachrequestisaDNSqueryencapsulatedinoneormoreUDPpackets
encapsulatedinoneormoreIPpacketsC. Eachresponsetellsthelaptopwhatauthoritynameserver toquery,untilit
learnsthefinalIPAddress(132.239.180.101)forucsd.edu
WorkingexampleYouconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
3.YoulaptopdoesaDNSlookuponucsd.eduA. ItlearnedtheIPaddressofaDNSserverfromtherouterorwasalready
hardcodedin(8.8.8.8)B. EachrequestisaDNSqueryencapsulatedinoneormoreUDPpackets
encapsulatedinoneormoreIPpacketsC. Eachresponsetellsthelaptopwhatauthoritynameserver toquery,untilit
learnsthefinalIPAddress(132.239.180.101)forucsd.eduD. Thisaddressiscached,alongwiththeauthoritiesforthehierarchyinthe
hostname
WorkingexampleYouconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
4.YoulaptopopensaTCPconnectionto132.239.180.101
WorkingexampleYouconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
4.YoulaptopopensaTCPconnectionto132.239.180.101A. EachpacketoftheTCPhandshakeisencodedinanIPpacketthatis
encodedasEthernetframesthataredecodedandre-encodedastheypassthroughthenetwork
WorkingexampleYouconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
4.YoulaptopopensaTCPconnectionto132.239.180.101A. EachpacketoftheTCPhandshakeisencodedinanIPpacketthatis
encodedasEthernetframesthataredecodedandre-encodedastheypassthroughthenetwork
B. ThelocalrouterhasaroutingtablethatcontainsIPprefixesthatitmatchesagainsttheIPaddressthattellsitwhataddresstoforwardthepacketsto
WorkingexampleYouconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
4.YoulaptopopensaTCPconnectionto132.239.180.101A. EachpacketoftheTCPhandshakeisencodedinanIPpacketthatis
encodedasEthernetframesthataredecodedandre-encodedastheypassthroughthenetwork
B. ThelocalrouterhasaroutingtablethatcontainsIPprefixesthatitmatchesagainsttheIPaddressthattellsitwhataddresstoforwardthepacketsto
C. ThepacketpassesthroughaseriesofAutonomousSystems(AS)
WorkingexampleYouconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
4.YoulaptopopensaTCPconnectionto132.239.180.101A. EachpacketoftheTCPhandshakeisencodedinanIPpacketthatis
encodedasEthernetframesthataredecodedandre-encodedastheypassthroughthenetwork
B. ThelocalrouterhasaroutingtablethatcontainsIPprefixesthatitmatchesagainsttheIPaddressthattellsitwhataddresstoforwardthepacketsto
C. ThepacketpassesthroughaseriesofAutonomousSystems(AS)D. E.g.sbcglobal.net ->att.net ->leve3.net->cenic.net ->ucsd.edu
WorkingexampleYouconnectyourlaptoptoacaféwifi networkandtypeucsd.edu intoyourbrowser’sURLbar.Whathappens?
5.YourlaptopsendsaHTTPGETrequestinsidetheTCPconnection6.BasedontheHTTPresponse,yourlaptopperformsanewDNSlookup,TCPhandshake,andHTTPGETforeveryresourceintheHTMLasitrenders
Networkattacksoverview
• DNSCachepoisoning
https://www.cloudflare.com/learning/dns/dns-over-tls/
https://www.cloudflare.com/learning/dns/dns-over-tls/
DNSoverTLSandDNSoverHTTPS
• DNSoverTLS– usesTLSoverUDPtoprotectDNSqueries• Port853
• DNSoverHTTPS– usesHTTPSprotocol/porttotransferDNSqueries• Port443
• Whytwodifferentsolutions?Aren’ttheythesame?• Twodifferentprotocols/groupsofpeoplewritingthem• ProsandConsofeach
https://blog.chromium.org/2020/05/a-safer-and-more-private-browsing-DoH.html
Networkattacksoverview
• DNSCachepoisoning• DenialofService• Resourceconsumptionofservice• TCPhandshakesareexpensive
• Networkperimeterdefenses• Heyyou!Getoffmyfirewall!
PA5Overview!
PA5overview
• PlannedtobereleasedThursdayorFriday,2weekstofinishit(harddeadlineofJune11th becauseweneedtoturningrades)• Scavengerhunt!YouneedtofindStefan’s“password”• Nothisactualpassword…
• We’llsendyouanemailwithatarfile• Fromthere,needtofigureouthowtogetthepassword• Scavengerhuntsopleasebecautiousofspoilers…cometoofficehoursorutilizeprivatepostsonPiazza
Overviewoftoolsyoumayneed
• nc• nmap• ssh• tcpdump• wget
Overviewoftoolsyoumayneed
• Nc – allowsyoutomakeconnectionslocally• Nmap – scanports/IPs(locallyandexternally)• Ssh – connecttoservers• Tcpdump – viewtrafficonmachine• Wget – downloadoffilesfrominternet
• Allofthesehave“man”pages!
NetCat (shoutout toJuliaEvans)
Happyhunting!