180 likes | 377 Views
Network Services. Section Overview. Client-Server Model Network Ports, Services and Daemons Network Protocols Viewing Active Ports Common Server Daemons. TCP/IP Protocol Stack. Application (FTP, HTTP, DNS). Transport Layer (TCP,UDP). Network Layer (IP). Link Layer (Device Drivers).
E N D
Section Overview • Client-Server Model • Network Ports, Services and Daemons • Network Protocols • Viewing Active Ports • Common Server Daemons
TCP/IP Protocol Stack Application (FTP, HTTP, DNS) Transport Layer (TCP,UDP) Network Layer (IP) Link Layer (Device Drivers) Physical Layer (media)
Client-Server Model Server Client Makes a request Request fulfilled Listens for incoming requests
Network Ports • Enables processes to communicate with each other across a network • 64K possible ports • Privileged ports • < 1024 reserved for system use only • Correspond to well-known services • /etc/services
/etc/services Service-name port/protocol aliases Examples: ssh 22/tcp smtp 25/tcp mail www 80/tcp http www-http imaps 993/tcp syslog 514/udp
Running Network Servers • Stand-alone Daemon • Each started via rc script • Always running • Listens (binds) to the service port • Uses resources even when idle • inetd “Super-daemon” • Listens to many ports • Starts daemon when request is received • Daemon shuts down when finished • /etc/inetd.conf
/etc/inetd.conf • service_name: Service name • sock_type: • stream (tcp) • dgram (udp) • raw (direct IP) • proto: protocol used (/etc/protocol) • flags: wait, nowait • user: User to run daemon as • server_path: Full path to daemon program • args: Command line arguments to daemon
Xinetd • Replacement for inetd • Enhancements • Access Control • Resource based limits • Logging (Success and Failure) • Default:/etc/xinetd.conf • Service Specific: /etc/xinetd.d
/etc/xinetd.conf defaults { instances = 60 log_type = SYSLOG authpriv log_on_success = HOST PID log_on_failure = HOST cps = 25 30 } includedir /etc/xinetd.d
Example xinetd service /etc/xinetd.d/imaps: service imaps { disable = no socket_type = stream wait = no user = root server = /usr/local/sbin/imapd groups = yes flags = REUSE IPv6 }
Windows Service Management • Microkernel – Everything a service • Administrative tools -> Services • Service Options • Startup Type: Automatic, Manual, Disabled • Log On: Which user to run service as • Recovery: What to do on failure • Dependencies: Which services does this one depend upon
Settings for: First Failure Second Failure Subsequent Failures Counter Reset (Days) Options: Take no Action Restart the Service Run a program Restart the Computer Windows Service Recovery
Network Protocols • Service request/response syntax • Often uses English commands • Request For Comments (RFC) • Documentation for protocols and practices • Each revision its own number • May have a second classification • For Your Information (FYI) • Best Common Practices (BCP) • Standards (STD)
Viewing Active Ports • netstat –a – Ports in use • Source/destination addresses and ports • Protocol used • State • LISTEN • ESTABLISHED • lsof –i :service – Process using port • tcpdump – View network traffic
Resource Sharing Daemons • Network File System (NFS) • nfsd • mountd • Line Printing Daemon (lpd) • Samba • smbd – Microsoft file and print sharing • nmbd – Microsoft name resolution
Internet Daemons • telnetd – Remote Access • ftpd – File transfer • Berkeley-R Daemons • sshd – Secure Shell • Electronic Mail • sendmail/postfix – Receiving email • imapd, popd – Remote email access • httpd – Web
Infrastructure Daemons • named – DNS • dhcpd – Dynamic Host Config Protocol • nisd/ldapd – Directory Services • fingerd – User information • xntpd – System time synchronization • routed/gated – Routing • Firewall