1 / 55

Advanced Guide to Linux Networking and Security

Advanced Guide to Linux Networking and Security. Chapter 2 Configuring Basic Networking. Objectives. Describe how network interfaces are initialized Configure network interfaces using scripts and text-mode utilities Configure Linux networking using popular graphical utilities

carr
Download Presentation

Advanced Guide to Linux Networking and Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Advanced Guide to Linux Networking and Security Chapter 2 Configuring Basic Networking

  2. Objectives • Describe how network interfaces are initialized • Configure network interfaces using scripts and text-mode utilities • Configure Linux networking using popular graphical utilities • Effectively use networking utilities to test a network and troubleshoot networking problems • Understand the IPX and AppleTalk protocols Configuring Basic Networking

  3. Initializing Network Interfaces • Basic actions taken by Linux at boot time • Recognize network interface hardware • Install appropriate drivers • Configure interfaces for use • How to determine if Linux recognized interface • Search directory for interface names • Kernel < 2.6: enter command cat /proc/net/dev • Kernel >= 2.6: enter command dir /sys/class/net • Examples of search objects that will likely be present • eth0: physical Ethernet interface • lo: local loopback interface Configuring Basic Networking

  4. Interface Names • Default names for network interfaces • Ethernet interface: eth prefix and numerical suffix • Examples: eth0,eth1, eth2 • Token-Ring interface: tr prefix and numerical suffix • Examples: tr0, tr1, tr2 • How to change interface names using ip program • Take the interface down: ip link set eth0 down • Change interface name: ip link set eth0 name inside • Rename interface: ip link set inside up • Two commands for displaying interface information • ip link show inside or ifconfig inside Configuring Basic Networking

  5. Configuring Basic Networking

  6. Multiple Interfaces • Example: eth0, eth1, eth2, etc. • Challenge: match physical connectors to proper name • Order of driver loading determines interface naming • Two methods for ordering interface detection • Plug and Play logic in the case of PCI interface • Hardware settings in case of ISA bus cards • Addition of new interface impacts naming scheme • Existing interface may be renamed at boot time • Precaution: verify connectors linked to same interface name Configuring Basic Networking

  7. Interface Drivers • Implemented as kernel modules • Kernel modules appear below /lib/modules directory • View modules loaded using lsmod command • Display example: e1000 76956 2 (autoclean) • e1000 refers to Intel Gigabit Ethernet interface • Run lspci program for list of internal interfaces • Drivers may be researched on the Internet • Download driver to system, if necessary • modprobe can be used to load (reload) driver • Does not require absolute path or file extension • Example: modprobe sis900 ( loads SiS900 driver) Configuring Basic Networking

  8. ISA Bus Interfaces • May require specification of certain details • I/O address, interrupt number, and DMA channel • Two options: embed into command directly or via file • Specify details as parameters with modprobe • Example: modprobe ne2000 irq =15 io=0x300 • Specify interrupt 15 and I/O address 300 • Specify details in configuration file used by modprobe • Possible file name: /etc/modprobe.conf • Possible file contents: alias eth0 3c59x options 3c59x irq=15 io=0x300 • Syntax documented in filename’s man page Configuring Basic Networking

  9. Special Purpose Interfaces • Point-to-Point Protocol (PPP): connects two hosts • May operate over several types of hardware • Example: network connection over modem • Goal: reach Internet Service Provider (ISP) • Serial Line Internet Protocol (SLIP) • Used for transmitting network data over a serial port • Has been superseded by PPP • Parallel Line Internet Protocol (PLIP) • Uses a parallel port as a network interface • Allows computers to be connected with parallel cables • Speeds can reach 20 kb/s Configuring Basic Networking

  10. Special Purpose Interfaces (continued) • Integrated Services Digital Network (ISDN) • Provides 128- or 144-kb/s bandwidth • ISDN cards work like modems • DSL and cable modems provide faster service • Linux also supports other high-speed connections • Example: frame relay • Frame relay card connects to ISP using T-1 line • T-1 provides speed of 1.544 Mb/s • T-3 provides speed of 45 Mb/s, at greater cost Configuring Basic Networking

  11. Configuring Networking With Command-line Utilities • Techniques common to all Linux distributions • Two traditional commands: ifconfig and route • ip program is replacing older commands • Part of the new IPROUTE2 package Configuring Basic Networking

  12. Using the ifconfig Command • Traditional way to view and control network interfaces • Display list of interfaces with drivers using ifconfig • Network and loopback interfaces appear to the left • Loopback interfaces uses the 127.0.0.1 IP address • Status fields shown by ifconfig • Linkencap: link encapsulation; e.g., "Ethernet” • HWaddr: hardware address/ MAC address of interface • inet: IPv4 address of the interface • Bcast: broadcast address of the interface • Mask: subnet or network mask of the interface • UP: indicates the interface is up Configuring Basic Networking

  13. Using the ifconfig Command (continued) • Status fields shown by ifconfig (continued) • BROADCAST: indicates interface supports broadcasting • MULTICAST: indicates interface supports multicasting • LOOPBACK: indicates interface is a loopback device • MTU: maximum transmission unit • Metric: determines cost of a route using interface • RX packets: number of packets received • TX packets: number of packets transmitted • collisions: number of specific collision errors • txqueuelen: number of packets in transmission queue Configuring Basic Networking

  14. Using the ifconfig Command (continued) • Status fields shown by ifconfig (continued) • RX bytes: number of bytes received at interface • TX bytes: number of bytes transmitted by interface • Interrupt: interrupt or IRQ of the interface hardware • Base address: I/O address of interface hardware • Memory: memory address range of interface hardware • Parameters used for display, control and configuration • Display status of just one interface: ifconfig eth0 • Stop an interface: ifconfig eth0 down • Start an interface: ifconfig eth0 up Configuring Basic Networking

  15. Using the route Command • Traditional way to view and configure routing table • Display routing table using route and no parameters • Basic information for host in route demonstration • One Ethernet interface (eth0) • IP address of 10.0.1.1 • A subnet mask of 255.255.255.0 • Output consists of three lines • Line defining where to send traffic for 10.0.1.0 network • Line defining where to send traffic for 127.0.0.0 network • Line routing packet with any other destination address Configuring Basic Networking

  16. Using the route Command (continued) • Columns in output of the route command • Destination: network or host to which table entry applies • Gateway: IP address of host forwarding a packet • Genmask: network mask of the routing table entry • Flags: nine one-letter flags about routing table entry • Metric: number of hops this route represents • Ref: number of references made to this route • Use: number of times route has been looked up • Iface: interface on which packets should be sent • Routing table may be handled by Linux and user Configuring Basic Networking

  17. Using the route Command (continued) • Example: bringing up eth0 interface • Enter ifconfig eth0 10.0.1.3 netmask 255.255.255.0 • Linux automatically populates five fields • User adds address of gateway • Enters route add default gw 10.0.1.1 • Typical routing scenario • Two Ethernet segments connect to local router-Host C • Host C interface connects to Internet via ISP's router • Host A and B have default gateway set to 10.0.1.1 • Host D has default gateway set to 10.0.2.1 • Host C's default gateway set to 69.30.87.1 (ISP router) Configuring Basic Networking

  18. Configuring Basic Networking

  19. Using the route Command (continued) • Making the scenario more complex • Host B is now a router, in addition to host C • Default gateway set to 69.30.87.1 • Add another route to host B to locate network 10.0.2.0 • Add another route to host A's routing table • Includes gateway 10.0.1.1 for destination 10.0.2.0 • Default gateway is now to host B with address 10.0.1.2 • Host C already routes to networks 10.0.1.0 and 10.0.2.0 • Set default gateway to 10.0.1.2 so it can reach Internet Configuring Basic Networking

  20. Configuring Basic Networking

  21. Using the ip Command • ip designed to replace ifconfig, route, arp • Examples of powerful features • Configure an interface using CIDR notation • ip addr add 10.1.1.204/29 dev eth0 • Display routing table • ip route • Add default gateway to routing table • ip route add default dev eth0 via 10.1.1.201 • Display statistics only upon request • ip –statistics link dev eth0 • Search ip man page or Internet for more information Configuring Basic Networking

  22. Adding IP Addresses to Interfaces • IP aliasing: assigning extra IP addresses to interface • Method for creating aliases based on ifconfig • Append colon and number to interface name • Example: first alias called eth0:0 • Alias names may use letters after interface identifier • Example: eth0:web1 • Method for creating aliases based on ip • Aliases lack names, but Linux knows how to use them • Command syntax is more compact and readable • Example: ip addr 10.0.0.3/8 dev eth0 Configuring Basic Networking

  23. PCMCIA and PC Card Interfaces • Hot-pluggable devices loaded and unloaded on the fly • Kernel modules for cards kept in separate directory • Configuration files and scripts in /etc/pcmcia directory • How to use PCMCIA and PC Card interface • Edit the /etc/pcmcia/network.opts file • Create hotplug event by removing and inserting card • Scripts should then run and activate interface • New /sys filesystem supports USB and FireWare • Introduced with kernel version 2.6 • A more generic and intelligent hot-pluggable system Configuring Basic Networking

  24. Wireless Interfaces • Unique features: radio receiver and transmitter • Wireless-specific parameters to display and configure • Frequency, transmit power, data rate, encryption key • Selecting between ad hoc or access point mode • Two wireless-specific programs: iwconfig and iwlist • Used after ifconfig or ip configures network interface • iwconfig: main tool for configuring wireless interfaces • iwconfig syntax: iwconfiginterface option • interface corresponds to interface name • option corresponds to wireless-specific parameters • Example: freq number sets transmitter's frequency Configuring Basic Networking

  25. Wireless Interfaces (continued) • iwlist: displays information about interface's radio • iwlist syntax: iwlist interface option • interface corresponds to interface name • option corresponds to wireless-specific parameters • Example 1: event lists wireless events supported by interface • Example 2: frequency lists interface’s available frequencies Configuring Basic Networking

  26. Using proc • proc filesystem: virtual filesystem • Allows you to view and modify kernel settings • Settings emulate filesystem's directory structure • View proc filesystem by goingto /proc directory • Files and directories do not exist on hard disk • Example: enter cat /proc/cpuinfo for CPU information • Network-related settings in two /proc directories • /proc/net: view status information only • /proc/sys/net: modify network-related settings • Read/write permissions described in later chapters Configuring Basic Networking

  27. Using proc (continued) • Test command for modifying network parameters • Enter echo "49152 65535" > /proc/sys/net/ipv4/ip_local_port_range • Changes port range to correct value (49152 to 65535) • Verify changes made with test command • Enter cat /proc/sys/net/ipv4/ip_local_port_range • New connections use ports in new range • How to make changes permanent • Put echo command in start-up script • Example: /etc/rc.d/rclocal script Configuring Basic Networking

  28. Using proc (continued) • Another proc setting: /proc/sys/net/ipv4/ip_forward • Set to 1 on two conditions • You have more than one interface • You want to route packets between interfaces • Linux should update setting automatically • Manual way to set /proc/sys/net/ipv4/ip_forward • Enter echo "1" > /proc/sys/net/ipv4/ip_forward • Other proc settings presented in later chapters Configuring Basic Networking

  29. Using ARP • Address Resolution Protocol • Obtains hardware address of host given its IP address • Available through arp command • ARP cache: table maintained by ARP protocol • Map of IP addresses to interface hardware addresses • View ARP table using arp –a (the “a” is for “all”) • Displays host name, IP and MAC addresses • Other characteristics of ARP table entries • Entries may be updated (not frequently exercised) • Entries are dynamic, will be discarded if not used Configuring Basic Networking

  30. System Networking Scripts • Intelligent tools for handling network interfaces • Follow model used in UNIX-based systems • High-level controlling script: /etc/init.d/network • Example: start up networking • Enter /etc/rc.d/init.d/network start • /etc/init.d/network based on other scripts and files • Location: /etc/sysconfig/network-scripts subdirectory • Relevant file in subdirectory is called networking • Two main interface control scripts: ifup and ifdown • Actual configuration data stored separately • Example: /etc/sysconfig/network-scripts/ifcfg-eth0 Configuring Basic Networking

  31. System Networking Scripts (continued) • Fedora Core scripts built around aliases with names • ifconfig command suitable for use in scripts • Adding IP alias through scripting • Create new file in /etc/sysconfig/network-scripts • File: ifcfg-eth0:0 (may be copy of existing file ifcfg-eth0) • Change DEVICE and IPADDR lines in new file • Should refer to eth0:0 and the new IP address • Restart networking to activate additional IP address • Additional IP address started every time Linux started • Halt process in future by deleting additional file Configuring Basic Networking

  32. Configuring Networking Using Graphical Tools • Simplifies process of network configuration • Approach taken after learning about command-line • Importance of understanding command-line tools • Provides closer contact with underlying system • Better prepares you for Linux certification • Network Configuration Tool (in Fedora Core) • Start from GNOME desktop or by using neat command • Initial display set to Devices tab • Select interface and click Edit • Ethernet Device window loaded Configuring Basic Networking

  33. Configuring Basic Networking

  34. Configuring Basic Networking

  35. Configuring Networking Using Graphical Tools (continued) • General tab of Ethernet Device window • Activate interface when computer boots up • Allow all users to control the interface • Enable IPv6 for the interface • Obtain IP address lease from DHCP or BOOTP server • Choose to use a static IP address and gateway • Route tab of Ethernet Device window • Lets you define a list of static routes • Use for nonstandard routing needs • Hardware Device tab of Ethernet Device window • Allows you to define IP aliases for the interfaces Configuring Basic Networking

  36. Configuring Networking Using Graphical Tools (continued) • Hardware tab of Network Configuration Tool • Shows list similar to list in Devices tab • Also displays manufacturer and model of interface • Click Edit for Network Adapters Configuration window • Click New to define another interface • Select hardware that will add support to the kernel • Actions to take after making any changes • Close each dialog box by clicking OK button • Confirm changes after clicking Close Window button Configuring Basic Networking

  37. Configuring Basic Networking

  38. Configuring Basic Networking

  39. Configuring Networking Using Graphical Tools (continued) • Webmin: Web browser-based configuration program • Webmin is actually a small Web server • Runs on high-number TCP port, such as 10,000 • Point browser at port and Webmin answers • Logon required to access configuration tools • Features of Webmin • Compatible with most versions of Linux and UNIX • Allows for management of different OS platforms • Extensible with modules (usually written in Perl) • Interface periodically changes Configuring Basic Networking

  40. Using Basic Networking Utilities • Additional tools improve experience with Linux • Presentation of three popular utilities to follow • Two ways that help deepen understanding • Experiment through projects at the end of the chapter • Review online man page documentation Configuring Basic Networking

  41. The Telnet Remote Logon Utility • Telnet: terminal emulator program • View files and issue command from remote location • Use as a tool for troubleshooting network problems • Telnet clients installed on all Linux systems • Accessing Telnet server using telnet command • Enter Telnet host name or IP address • If server accepts request, enter username/password • Command prompt appears after logon • Graphical Telnet programs also available • Experiment with Windows Telnet program Configuring Basic Networking

  42. Configuring Basic Networking

  43. Using ping for System Testing • ping: utility used to send ICMP echo packets • ICMP echo packet verifies connection with host • Using ping:ping + host IP address or host name • Actions following entry of ping 198.60.22.20 • Reachable host affirms connection • System displays message showing connection valid • Packets continue to be sent until program halted • Press Ctrl + C to end program and generate summary • Using ping to identify source of problem • Ping 127.0.0.1 checks internal networking stacks Configuring Basic Networking

  44. Using ping for System Testing (continued) • Using ping to identify source of problem (continued) • Ping your own address to check your network card • Ping local host on segment to test Ethernet interface • Ping host on another segment to check default gateway • Ping external host to check distant routers • Basic concepts behind ping troubleshooting • Ping to hosts at increasing distance from system • If host fails to respond, identify host's network segment • Investigate connection to problematic segment • Typical problems: bad cabling, bad routing table entry Configuring Basic Networking

  45. Using ping for System Testing (continued) • Attacks relying on the ping command • Flood ping: repeated ping commandsoverwhelm server • Ping of death: stealth payload corrupts server memory • Components of ping output • Number of bytes sent in packet • Host name and IP address • Sequence number, starting with 0 • Time to Live (TTL) of ICMP packet • Time elapsed during ICMP echo packet round-trip • Statistics shown after pressing Ctrl + C • ping command options used to customize ping tool Configuring Basic Networking

  46. Using traceroute to Examine Routing Patterns • traceroute provides greater detail than ping • Basic traceroute functions • Relies on TTL field and ICMP “packet timed out” data • Identifies each router (each hop) between you and host • Attempts to reach host within 30 hops (may be reset) • Example: enter traceroute 198.60.22.77 • Successful route makes 14 hops • Hop corresponds to line number in display • IP address and host name shown for each router • Probe packets supply three timing values for each hop Configuring Basic Networking

  47. Using traceroute to Examine Routing Patterns (continued) • Two common problems diagnosed by traceroute • Where a packet stops • Where a packet slows down • Some command-line options • Setting maximum number of routers to try • Limiting time to wait for each response • Indicating packets that cannot be fragmented • traceroute packets often blocked for security reasons Configuring Basic Networking

  48. Troubleshooting Network Connections • Use tools shown to troubleshoot variety of problems • List of problems within reach of skill-set follows Configuring Basic Networking

  49. Configuring Basic Networking

  50. Other Networking Protocols • Two lower-level protocols: IPX and AppleTalk • Discussed in context of TCP/IP and routing • Other protocols introduced in later chapters Configuring Basic Networking

More Related