DOCSLIB.ORG

Ipv6 Enabling CIFS/SMB Applications

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Ipv6 Enabling CIFS/SMB Applications IPv6 Enabling CIFS/SMB Applications 2010 Storage Developers Conference Santa Clara Dr David Holder CEng FIET MIEEE [email protected] http://www.erion.co.uk © Erion Ltd 2010 - All rights reserved Background – Erion David Holder Over twelve years in IPv6 Over twenty years Windows networking Author Erion Director IPv6 enabling Samba Erion Ltd Over twelve years providing IPv6 training and consultancy World’s leading IPv6 training company © Erion Ltd 2010 - All rights reserved BACK GROUND AND HISTORY © Erion Ltd 2010 - All rights reserved Why is IPv6 so Important Now? Ubiquitous support for IPv6 IPv4 addresses are finally running out Widespread mandates for IPv6 Default on Windows Server 2008 & Windows 7 Default on Linux and Unix You may be using IPv6 and don’t know it! © Erion Ltd 2010 - All rights reserved IPv6 and Windows Networking NetBIOS cannot be IPv6 enabled Windows Networking Raw SMB over IPv6 works Pre Active Directory (NT etc) Port Protocol Description NetBIOS 137 UDP NBT Name Service NBT WINS 137 TCP NBT Name Service NetBIOS 138 UDP Datagram service Over TCP/IP (NBT) SMB 138 TCP Unused 139 UDP Unused IPv4 Specific IPv4 Active Directory 139 TCP Session Service DNS 445 TCP Raw SMB over TCP/IP LDAP CLDAP Kerberos Active Directory: DNS, LDAP, Active Directory SMB/CIFS CLDAP, Kerberos, SMB/CIFS can operate over IPv6 NOTE: Active Directory is more than the sum of the individual protocols © Erion Ltd 2010 - All rights reserved History of Windows and IPv6 Windows Server 2008 Fully Integrated IPv6 Fully Integrated IPv6 Stack and Functionality Services Windows Vista Windows 7 SP1 Production Production Stack + Firewall Stack & IPv6 Teredo and Windows 2003 Components CIFS Peer to Peer Works! Advanced Networking Pack SP2 Production + Firewall Stack + Teredo Peer Firewall to Peer Teredo and Windows XP SP1 Peer to Peer Developer Production Preview & Stack & Components Components Microsoft Research Technology Stack Preview Windows 2000 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 © Erion Ltd 2010 - All rights reserved Windows Networking & IPv6 IPv4 IPv6 NBT/NetBIOS Yes No WINS Yes No NT Domains Yes No SMB/CIFS Windows XP Yes Yes File Sharing Windows 2003 Yes Yes Active Directory Windows Vista Yes Yes Including file sharing and everything… Windows 7 Yes Yes Windows Server 2008 Yes Yes © Erion Ltd 2010 - All rights reserved History of Samba and IPv6 Vista and Windows Windows with Server 2008 Production support for IPv6 Stack & CIFS and AD Components over IPv6 Early versions: IPv6 name resolution CIFS Linux Client possible with Erion Patch IPv6 Support Works IPv6 support possible with Erion Patch Samba 4 Samba 3.2 IPv6 Support Added Samba 3 No IPv6 support (pre 3.2) (IPv6 support will IPv6 Patch Samba 2.2 Not be added) Not Recommended (historic version) 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 © Erion Ltd 2010 - All rights reserved IPv6 PROGRAMMING © Erion Ltd 2010 - All rights reserved History of IPv6 Socket API API Changes RFC 2292 RFC 3542 Advanced Advanced Sockets Sockets API for API for IPv6 IPv6 Definitive Networking IEEE Std. Services 1003.1-2001 Standards (XNS) 5.2 The Open ISO/IEC Group 9945:2002 RFC 2133 RFC 2553 RFC 3493 Work started Basic Basic Basic on API in IPng Socket Socket Socket Working Extensions Extensions Extensions Group For IPv6 For IPv6 For IPv6 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 © Erion Ltd 2010 - All rights reserved Socket API IPv4 vs IPv6 (1) IPv4 IPv6 Socket API Socket API Protocol Independent Name Resolution No Yes Protocol Independent Address Structure No Yes Supports IPv4 & IPv6 Protocols No Yes Supports IPv4 & IPv6 Applications No Yes Source & binary compatibility for IPv4 Apps Yes it is IPv4! Yes Protocol Independent Interface Identification No Yes Thread safe Depends… Yes © Erion Ltd 2010 - All rights reserved Socket API IPv4 vs IPv6 (2) IPv4 only Dual IPv6 & IPv4 Protocol Family PF_INET PF_INET6 Address Family AF_INET AF_INET6 Socket Address Structure sockaddr_in sockaddr_in6 Generic Address Structure sockaddr_storage IP Address Structure in_addr in_addr6 Resolve Name to Address gethostbyname getaddrinfo Resolve Address to Name gethostbyaddr getnameinfo Text to Binary Conversion inet_aton inet_pton Binary to Text Conversion inet_ntoa inet_ntop © Erion Ltd 2010 - All rights reserved Dual Stack and IPv6 API New socket API explicitly dual stack only New API supports both IPv6 and IPv4 IPv6 applications can also be IPv4 applications IPv6 Application IPv4 Application (supports IPv4) IPv4 Socket IPv4 API is subset IPv6 Socket API API of Transport (TCP/UDP) IPv6 socket library IPv6 IPv4 Stack Stack IPv6 DataLink IPv4 IPv6 Host IPv4 Host © Erion Ltd 2010 - All rights reserved Creating a Socket Creating an IPv4 socket socket(PF_INET, SOCK_STREAM, 0); /* TCP socket */ socket(PF_INET, SOCK_DGRAM, 0); /* UDP socket */ Creating an IPv6 (or IPv4) socket socket(PF_INET6, SOCK_STREAM, 0); /* TCP socket */ socket(PF_INET6, SOCK_DGRAM, 0); /* UDP socket */ © Erion Ltd 2010 - All rights reserved Passing Addresses to API IPv4 Code struct sockaddr_in addr; socklen_t addrlen = sizeof(addr); /* Put an IPv4 address in addr structure */ bind(sockfd,(struct sockaddr *)&addr, addrlen); IPv6 Code struct sockaddr_in6 addr; socklen_t addrlen = sizeof(addr); IPv6 & IPv4 /* Put an IPv6 address in addr structure */ bind(sockfd,(struct sockaddr *)&addr, addrlen); Portable Code struct sockaddr_storage addr; socklen_t addrlen = sizeof(addr); IPv6 & IPv4 /* Put an IPv4 or IPv6 address in addr structure and set addrlen */ bind(sockfd,(struct sockaddr *)&addr, addrlen); © Erion Ltd 2010 - All rights reserved Passing Addresses to Application IPv4 Code struct sockaddr_in addr; socklen_t addrlen = sizeof(addr); accept(sockfd,(struct sockaddr *)&addr, &addrlen); IPv6 Code struct sockaddr_in6 addr; socklen_t addrlen = sizeof(addr); IPv6 & IPv4 accept(sockfd,(struct sockaddr *)&addr, &addrlen); Portable Code struct sockaddr_storage addr; socklen_t addrlen = sizeof(addr); IPv6 & IPv4 accept(sockfd,(struct sockaddr *)&addr, &addrlen); © Erion Ltd 2010 - All rights reserved Dual Stack and IPv6 API (1) sockaddr_in6 or sockaddr_storage sockaddr_in6 or sockaddr_storage IPv6 Socket IPv6 Application IPv6 Socket SRC = 3000::1 SRC = ::FFFF:192.168.1.2 DST = 3000::2 DST = ::FFFF:192.168.1.3 IPv4-mapped IPv6 addresses IPv6 Socket API Transport (TCP/UDP) ::FFFF:192.168.1.2 IPv4 IPv6 IPv4 Stack Stack 3000::1 192.168.1.2 DataLink IPv6 Host IPv4 Host 3000::2 192.168.1.3 IPv6 Socket IPv4 Socket SRC = 3000::2 SRC = 192.168.1.3 DST = 3000::1 DST = 192.168.1.2 © Erion Ltd 2010 - All rights reserved Dual Stack and IPv6 API (2) sockaddr_in6 or sockaddr_storage sockaddr_in or sockaddr_storage IPv6 Socket IPv6 Application IPv4 Socket SRC = 3000::1 SRC = 192.168.1.2 DST = 3000::2 DST = 192.168.1.3 IPv6 Socket API Transport (TCP/UDP) ::FFFF:192.168.1.2 IPv4 IPv6 IPv4 Stack Stack 3000::1 192.168.1.2 DataLink IPv6 Host IPv4 Host 3000::2 192.168.1.3 IPv6 Socket IPv4 Socket SRC = 3000::2 SRC = 192.168.1.3 DST = 3000::1 DST = 192.168.1.2 © Erion Ltd 2010 - All rights reserved Address Conversion Conversion from binary representation to textual and vice versa IPv4 Code To Binary int inet_aton (const char *cp, struct in_addr *inp); in_addr_t inet_addr( const char *cp); To Text char *inet_ntoa(struct in_addr in); IPv6 Code To Binary int inet_pton(int family, const char *src, void *dst); const char *inet_ntop(int family, const void *src, To Text char *dst, size_t cnt); These functions are not protocol independent and should be avoided – if possible! Use getaddrinfo() and getnameinfo() © Erion Ltd 2010 - All rights reserved Textual Address Formats (1) Global and Link Local addresses Prefix obscured for slide Global Addresses Link local Addresses Note: Windows Server 2008 IPv6 Address dialog box is not (hex separated by colons) wide enough for IPv6 addresses! Interface ID (Number or name) IPv6 interfaces have unique interface ID and name # smbclient -L //fe80::9416:bd6b:8d9c:7490%eth0 -U Administrator IPv4-mapped IPv6 addresses ::ffff:192.168.1.1 © Erion Ltd 2010 - All rights reserved Textual Address Formats (2) URLs, URIs and UNCs Use IPv6 in square brackets in URIs and URLs [3000:0:20:0:3de2:17ca:d07d:5f10] Not in UNCs (use ipv6-literal.net. names instead) 3000-0-20-0-3de2-17ca-d07d-5f10.ipv6-literal.net. © Erion Ltd 2010 - All rights reserved Name Resolution API has evolved over time Use getaddrinfo() and getnameinfo() Protocol independent Thread safe (some other functions are not) Don’t use getipnodebyname() or getipnodebyaddr() DNS Resolver NIS LDAP etc… © Erion Ltd 2010 - All rights reserved Windows IPv6 Name Resolution Options NetBIOS name resolution IPv4 Only WINS IPv4 Only Hosts file IPv4 and IPv6 Link-local Multicast Name IPv4 and IPv6 Resolution (LLMNR) Note: Windows Only DNS IPv4 and IPv6 Literal Addresses IPv4 and IPv6 Linux/Unix NSS module © Erion Ltd 2010 - All rights reserved Literal Addresses In UNCs can use ipv6-literal.net. names 2045-5249-4f4e--1.ipv6-literal.net Literal DNS name converts to IPv6 addresses Hyphens replace colons in domain name s indicates interface (replaces %) NSS module nss-ipv6literal provides this on Linux/Unix © Erion Ltd 2010 - All rights reserved Link-local Multicast Name Resolution (LLMNR) Performs name resolution without DNS DNS over multicast (not mDNS) Works for IPv4 and IPv6 hosts Uses multicast addresses IPv6 FF02::1:3 IPv4 224.0.0.252 © Erion Ltd 2010 - All rights reserved getaddrinfo() Returns linked list
Load more

Recommended publications
  • OSI Model and Network Protocols
    CHAPTER4 FOUR OSI Model and Network Protocols Objectives 1.1 Explain the function of common networking protocols . TCP . FTP . UDP . TCP/IP suite . DHCP . TFTP . DNS . HTTP(S) . ARP . SIP (VoIP) . RTP (VoIP) . SSH . POP3 . NTP . IMAP4 . Telnet . SMTP . SNMP2/3 . ICMP . IGMP . TLS 134 Chapter 4: OSI Model and Network Protocols 4.1 Explain the function of each layer of the OSI model . Layer 1 – physical . Layer 2 – data link . Layer 3 – network . Layer 4 – transport . Layer 5 – session . Layer 6 – presentation . Layer 7 – application What You Need To Know . Identify the seven layers of the OSI model. Identify the function of each layer of the OSI model. Identify the layer at which networking devices function. Identify the function of various networking protocols. Introduction One of the most important networking concepts to understand is the Open Systems Interconnect (OSI) reference model. This conceptual model, created by the International Organization for Standardization (ISO) in 1978 and revised in 1984, describes a network architecture that allows data to be passed between computer systems. This chapter looks at the OSI model and describes how it relates to real-world networking. It also examines how common network devices relate to the OSI model. Even though the OSI model is conceptual, an appreciation of its purpose and function can help you better understand how protocol suites and network architectures work in practical applications. The OSI Seven-Layer Model As shown in Figure 4.1, the OSI reference model is built, bottom to top, in the following order: physical, data link, network, transport, session, presentation, and application.
    [Show full text]
  • Importance of DNS Suffixes and Netbios
    Importance of DNS Suffixes and NetBIOS Priasoft DNS Suffixes? What are DNS Suffixes, and why are they important? DNS Suffixes are text that are appended to a host name in order to query DNS for an IP address. DNS works by use of “Domains”, equitable to namespaces and usually are a textual value that may or may not be “dotted” with other domains. “Support.microsoft.com” could be considers a domain or namespace for which there are likely many web servers that can respond to requests to that domain. There could be a server named SUPREDWA.support.microsoft.com, for example. The DNS suffix in this case is the domain “support.microsoft.com”. When an IP address is needed for a host name, DNS can only respond based on hosts that it knows about based on domains. DNS does not currently employ a “null” domain that can contain just server names. As such, if the IP address of a server named “Server1” is needed, more detail must be added to that name before querying DNS. A suffix can be appended to that name so that the DNS sever can look at the records of the domain, looking for “Server1”. A client host can be configured with multiple DNS suffixes so that there is a “best chance” of discovery for a host name. NetBIOS? NetBIOS is an older Microsoft technology from a time before popularity of DNS. WINS, for those who remember, was the Microsoft service that kept a table of names (NetBIOS names) for which IP address info could be returned.
    [Show full text]
  • Operator's Guide
    MILITARY POWER SUPPLY Operator’s Guide Ethernet & SNMP MPS-4000-1U MPPS-4000-1U Made in USA 1.888.567.9596 (USA only) | SynQor Headquarters 155 Swanson Road, Boxborough, MA 01719-1316 USA | www.synqor.com QMS: 006-0006748 Rev. E 01\19\2021 MPS with Ethernet Interface Contents 1 Overview ............................................................................................................................................... 2 2 Initial Configuration .............................................................................................................................. 2 2.1 DHCP Server .................................................................................................................................. 2 2.2 NetBIOS Hostname ....................................................................................................................... 2 2.3 Local Connection ........................................................................................................................... 2 3 Web Interface ....................................................................................................................................... 3 3.1 MONITOR Page ............................................................................................................................. 4 3.2 CONTROL Page .............................................................................................................................. 5 3.3 NETWORK Page ............................................................................................................................
    [Show full text]
  • The Networker's Guide to Appletalk, IPX, and Netbios
    03 9777 CH03 5/21/01 3:42 PM Page 85 3 The Networker’s Guide to AppleTalk, IPX, and NetBIOS UNTIL THE EARLY 1990S,TCP/IP WAS REALLY ONLY PREVALENT in large govern- ment and research facilities where UNIX and other supercomputing operating systems used it as a common network communications protocol.When PCs came into the picture, they were not networked. Rather, they were used either as front-ends to big micro or mainframe systems (IBM was a big fan of this approach) or as standalone sys- tems. In the early 1980s, as PCs grew in number and in performance, three strategies emerged to provide PCs with networking services:AppleTalk, Novell NetWare, and IBM’s NetBIOS. The goal of this chapter is to give you an understanding of the various protocols that make up the protocol suites and the roles they perform. It is not intended to explain how to design, set up, and manage a network. Chapter 7,“Introduction to Cisco Routers,” and Chapter 10,“Configuring IP Routing Protocols on Cisco Routers,” discuss configuration issues for these protocols. Because NetBIOS is a ses- sion layer protocol rather than a protocol suite, it will be described in the context of its operational behaviors at the end of this chapter. 03 9777 CH03 5/21/01 3:42 PM Page 86 86 Chapter 3 The Networker’s Guide to AppleTalk, IPX, and NetBIOS AppleTalk AppleTalk was an outgrowth of the Apple Macintosh computing platform. First intro- duced in 1984 and updated in 1989, it was designed to provide the Macintosh with a cohesive distributed client/server networking environment.AppleTalk,
    [Show full text]
  • Recycling Ipv4 Attacks in Ipv6
    RReeccyycclliinngg IIPPvv44 aattttaacckkss iinn IIPPvv66 Francisco Jesús Monserrat Coll RedIRIS / Red.es Jornadas de Seguridad Buenos Aires, 4 de Octubre de 2005 Index •Why we need to care about IPv6 ? • Brief introduction to IPv6 •IPv6, it’s more secure ? •Problems recycling . •Solutions and future About RedIRIS Since 1988 provides Internet connection to Academic and Research centres in Spain. Pioneers in the launch of Internet services in Spain, (DNS, news, CSIRT, ...). Based in point of presence (POA) in each region that interconnects all the centres 250 organizations connected Since January 2004 , RedIRIS is part of red.es , a government agency to promote Information society Same backbone for normal and experimental (internet2) connections, Using Internet2 in the backbone Use of the backbone for advanced applications: Opera Oberta: High quality Live Opera transmission at fast speed > 10 Mbs. Use of multicast to distribute the contents Since May 2005 , testing of multicast over IPv6 for the transmission of the videos. • Couldld thisis inincrease the use of IPv6 ? Use of IPv6 Some of the Spanish Universities are starting to use IPv6: http://www.uv.es/siuv/cas/zxarxa/ipv6.wiki IPv6 Security ? We are NOT going to talk about:: IPSEC and all the cryptographic stuff .. Traffic labelling, IP headers, etc. Why IPv6 is more secure than IPv4? Etc, etc, etc. ... For this you can: Search in google CISCO: http://www.cisco.com/security_services/ciag/documents/v6-v4-threats.pdf Michael H. Warfield’s (ISS) presentation at FIRST Conference 2004, http://www.first.org IPv6 Security ? We are NOT going to talk about:: IPSEC and all the cryptographic stuff .
    [Show full text]
  • SMB Analysis
    NAP-3 Microsoft SMB Troubleshooting Rolf Leutert, Leutert NetServices, Switzerland © Leutert NetServices 2013 www.wireshark.ch Server Message Block (SMB) Protokoll SMB History Server Message Block (SMB) is Microsoft's client-server protocol and is most commonly used in networked environments where Windows® operating systems are in place. Invented by IBM in 1983, SMB has become Microsoft’s core protocol for shared services like files, printers etc. Initially SMB was running on top of non routable NetBIOS/NetBEUI API and was designed to work in small to medium size workgroups. 1996 Microsoft renamed SMB to Common Internet File System (CIFS) and added more features like larger file sizes, Windows RPC, the NT domain service and many more. Samba is the open source SMB/CIFS implementation for Unix and Linux systems 2 © Leutert NetServices 2013 www.wireshark.ch Server Message Block (SMB) Protokoll SMB over TCP/UDP/IP SMB over NetBIOS over UDP/TCP SMB / NetBIOS was made routable by running Application over TCP/IP (NBT) using encapsulation over 137/138 139 TCP/UDP-Ports 137–139 .. Port 137 = NetBIOS Name Service (NS) Port 138 = NetBIOS Datagram Service (DGM) Port 139 = NetBIOS Session Service (SS) Data Link Ethernet, WLAN etc. Since Windows 2000, SMB runs, by default, with a thin layer, the NBT's Session Service, on SMB “naked” over TCP top of TCP-Port 445. Application 445 DNS and LLMNR (Link Local Multicast Name . Resolution) is used for name resolution. Port 445 = Microsoft Directory Services (DS) SMB File Sharing, Windows Shares, Data Link Ethernet, WLAN etc. Printer Sharing, Active Directory 3 © Leutert NetServices 2013 www.wireshark.ch Server Message Block (SMB) Protokoll NetBIOS / SMB History NetBIOS Name Service (UDP Port 137) Application • Using NetBIOS names for clients and services.
    [Show full text]
  • Troubleshooting Novell IPX
    CHAPTER 8 Troubleshooting Novell IPX NetWare is a network operating system (NOS) and related support services environment created by Novell, Inc., and introduced to the market in the early 1980s. Then, networks were small and predominantly homogeneous, local-area network (LAN) workgroup communication was new, and the idea of a personal computer (PC) was just becoming popular. Much of NetWare’s networking technology was derived from Xerox Network Systems (XNS), a networking system created by Xerox Corporation in the late 1970s. By the early 1990s, NetWare’s NOS market share had risen to between 50 percent and 75 percent. With more than 500,000 NetWare networks installed worldwide and an accelerating movement to connect networks to other networks, NetWare and its supporting protocols often coexisted on the same physical channel with many other popular protocols, including TCP/IP, DECnet, and AppleTalk. Although networks today are predominately IP, there are some legacy Novel IPX traffic. Novell Technology Basics As an NOS environment, NetWare specifies the upper five layers of the OSI reference model. The parts of NetWare that occupy the upper five layers of the OSI model are as follows: • NetWare Core Protocol (NCP) • Service Advertisement Protocol (SAP) • Routing Information Protocol (RIP) NetWare provides file and printer sharing, support for various applications such as electronic mail transfer and database access, and other services. Like other NOSs, such as the network file system (NFS) from Sun Microsystems, Inc., and Windows NT from Microsoft Corporation, NetWare is based on a client/server architecture. In such architectures, clients (sometimes called workstations) request certain services such as file and printer access from servers.
    [Show full text]
  • Purpose Scope Standard Statement Revision History
    State of Michigan Department of Information Technology TECHNICAL POLICY MANUAL SUBJECT Global Windows Internet Naming Service (WINS) Standard Type NUMBER DATE ISSUED REVISION DATE REVISION NUMBER Standard 1410.26 11-04-05 Purpose Windows Internet Name Service (WINS) provides a dynamic replicated database service that can register and resolve NetBIOS names to IP addresses used on your network. Windows 2003 Server provides WINS, which enables the server computer to act as a NetBIOS name server and register and resolve names for WINS-enabled client computers on a network as described in the NetBIOS over TCP/IP standards. The purpose of this standard is to provide the necessary guidelines for the use of the Microsoft Windows Internet Naming Service (WINS) protocol within the SOM Network. Scope This standard applies to any group using WINS in the SOM to resolve NetBIOS names and addresses. Standard Statement The development of new applications and name resolution must be based on the Domain Name Service (DNS) protocol that remains in line with the direction of Michigan/1. Existing implementations of WINS, which are disparate, will move to the centralized implementation of WINS servers as defined in the State of Michigan Active Directory Design. Revision History Revision Effective Description of Enhancements Level Date 11-04-05 Initial Release Standard_M1WI08_Wins.doc 1 Printed 11/4/2005 @ 1:53 PM State of Michigan Department of Information Technology TECHNICAL POLICY MANUAL SUBJECT Global Windows Internet Naming Service (WINS) Standard Type NUMBER DATE ISSUED REVISION DATE REVISION NUMBER Standard 1410.26 11-04-05 Terms and Definitions NetBIOS Network Basic Input/Output System is a program that allows applications on different computers to communicate within a local area network.
    [Show full text]
  • TCP/IP Fundamentals for Microsoft Windows
    TCP/IP Fundamentals for Microsoft Windows Microsoft Corporation Published: May 21, 2006 Updated: Jan 9, 2012 Author: Joseph Davies Editor: Anne Taussig Abstract This online book is a structured, introductory approach to the basic concepts and principles of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite, how the most important protocols function, and their basic configuration in the Microsoft® Windows Vista™, Windows Server® 2008, Windows® XP, and Windows Server 2003 families of operating systems. This book is primarily a discussion of concepts and principles to lay a conceptual foundation for the TCP/IP protocol suite and provides an integrated discussion of both Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6). The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This content is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. The terms of use of this document can be found at http://www.microsoft.com/info/cpyright.mspx. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
    [Show full text]
  • Lecture 16: TCP/IP Vulnerabilities and Dos Attacks: IP Spoofing, SYN Flooding, and the Shrew Dos Attack
    Lecture 16: TCP/IP Vulnerabilities and DoS Attacks: IP Spoofing, SYN Flooding, and The Shrew DoS Attack Lecture Notes on “Computer and Network Security” by Avi Kak ([email protected]) March 16, 2021 5:43pm ©2021 Avinash Kak, Purdue University Goals: • To review the IP and TCP packet headers • Controlling TCP Traffic Congestion and the Shrew DoS Attack • The TCP SYN Flood Attack for Denial of Service • IP Source Address Spoofing Attacks • BCP 38 for Thwarting IP Address Spoofing for DoS Attacks • Python and Perl Scripts for Mounting DoS Attacks with IP Address Spoofing and SYN Flooding • Troubleshooting Networks with the Netstat Utility CONTENTS Section Title Page 16.1 TCP and IP 3 16.2 The TCP/IP Protocol Stack 5 16.3 The Network Layer (also known as the Internet 14 Layer or the IP Layer) 16.4 TCP, The Transport Layer Protocol for Reliable 25 Communications 16.5 TCP versus IP 34 16.6 How TCP Breaks Up a Byte Stream That 36 Needs to be Sent to a Receiver 16.7 The TCP State Transition Diagram 38 16.8 A Demonstration of the 3-Way Handshake 44 16.9 Splitting the Handshake for Establishing 52 a TCP Connection 16.10 TCP Timers 58 16.11 TCP Congestion Control and the Shrew DoS Attack 60 16.12 SYN Flooding 68 16.13 IP Source Address Spoofing for SYN Flood 71 DoS Attacks 16.14 Thwarting IP Source Address Spoofing With BCP 38 84 16.15 Demonstrating DoS through IP Address Spoofing and 89 SYN Flooding When The Attacking and The Attacked Hosts Are in The Same LAN 16.16 Using the Netstat Utility for Troubleshooting 103 Networks 16.17 Homework Problems 113 Computer and Network Security by Avi Kak Lecture 16 Back to TOC 16.1 TCP and IP • We now live in a world in which the acronyms TCP and IP are almost as familiar as some other computer-related words like bits, bytes, megabytes, etc.
    [Show full text]
  • Quick Network Setup Guide Printing Through a Queue, Or Sharename
    1470NQNSG_FRONT_Eng K PANTONE326 Laser Printer HL-1470N Type of Network Printer An example of a Shared printer*1, An example of a printer Quick Network Setup Guide printing through a queue, or sharename. in a Peer-to-Peer network. 1 A shared printer can been seen in the Network Neighborhood. Follow the instructions for Setting Up the Printer in the "Quick Setup Guide" first. * Printer Printer Printer If you are going to connect the printer to a network, we recommend you contact your system administrator prior to Printer installation. If you are an Administrator: Configure your printer referring to the following instructions. If you are installing the driver on your PC, refer to the reverse side of this sheet after the administrator has configured the printer. LAN USB Parallel LJ5745001 Printed in China ® For the Administrator (For Windows users only) Windows Server Netware Server LAN Install the BRAdmin Professional Configuration utility Windows Workstation (Network) Novell Netware, Windows® 95/Windows NT® 4.0 does not Use the BRAdmin Professional utility to configure the network parameters of Brother network connected printers. support USB printing. LAN (Network) Client Client Client Client Client Insert the CD-ROM. Select the HL-1470N model button, and then Click the Install Software Select BRAdmin Professional. 1 2 3 4 Client select the appropriate language. icon. Install the BRAdmin Professional utility referring to the on-screen instructions. Network Guide Chapter Map Driver Deployment Wizard To configure the print server refer to the Network Guide The Driver Deployment Wizard can be used to help with the installation of locally or network connected Brother To access the Network Guide, insert the CD-ROM supplied with the printer, printers.
    [Show full text]
  • 851/951 Eng Datablad
    AXIS 851/951 Network CD-ROM Server for Ethernet and Token Ring, with a built in drive option Axis Network CD-ROM Server provides a flexible and cost-efficient solution for sharing CD-ROMs. All CD-ROMs are accessible to all us- ers at all times. Easy Sharing of The AXIS 851/951 Network CD-ROM Server enables several CD-ROMs network users to access CD-ROMs at the same time. No more changing discs and no need to search for discs around the office. The built in drive option is cost effective and gets you started at once. Up to six external CD-ROM drives can be connected. Designed for Mixed Can be used simultaneously from Windows (including LAN Environment Windows NT and Windows 95), OS/2, DOS and UNIX platforms using Novell NetWare, Microsoft Networks and NFS. File Server The Axis CD-ROM server uses peer to peer communication Independent with the client workstation without the need for the data to pass through a file server. Installation is done in minutes without any file server down time. Security and License Passwords can be used to restrict user access. The number of Control Options users simultaneously accessing any CD-ROM can be limited to comply with licensing agreements. Quick to Install and No special drivers or software is needed. Configuration and Easy to Use management is done via already existing application tools. High speed CD-ROM drives are supported through use of 32-bit RISC processor technology. The CD-ROM server is shown with a CD-ROM drive installed.
    [Show full text]