Networking and Security with Linux by Steven Gordon School of Engineering and Technology CQUniversity Australia This book is available as: HTML: sandilands.info/nsl/ PDF: sandilands.info/nsl/nsl.pdf NSL 19.03 1 March 2019 (r1671) Contents List of Figures xi List of Tables xiii Glossary xv 1 Introduction1 1.1 Purpose of This Book.............................1 1.1.1 History.................................1 1.1.2 Audience................................2 1.1.3 This is NOT a Textbook.......................2 1.2 Using This Book...............................3 1.2.1 Organisation of the Chapters....................3 1.2.2 Following the Examples.......................3 1.2.3 Terminology and Notation......................4 1.2.4 Book Website and Formats......................4 1.2.5 Downloading Example Files.....................4 1.2.6 Other Books and Sources.......................4 1.3 Recognition..................................7 1.3.1 Acknowledgements..........................7 1.3.2 Apologies, Limitations and Reporting Bugs.............7 1.3.3 Licensing...............................8 2 Linux, Ubuntu and VirtualBox9 2.1 What is Ubuntu Linux?...........................9 2.1.1 Why Not Microsoft Windows?....................9 2.2 Installing Ubuntu Linux........................... 10 2.2.1 Ubuntu Variants........................... 10 2.2.2 Installation Approaches....................... 11 2.3 Virtualisation and VirtualBox........................ 12 3 Virtual Networking with Linux and VirtualBox 15 3.1 Virtual Networking and virtnet....................... 15 3.1.1 What is Virtual Networking?.................... 15 3.1.2 Motivation for virtnet........................ 15 3.1.3 How Does virtnet Work?....................... 17 3.1.4 virtnet Terminology.......................... 17 3.1.5 History of virtnet........................... 18 i ii CONTENTS 3.2 Getting Started................................ 19 3.2.1 General Requirements........................ 19 3.2.2 Installation.............................. 20 3.2.3 Creating Your First Topology.................... 21 3.2.4 Creating a Different Topology.................... 23 3.3 Using virtnet................................. 24 3.3.1 Usernames and Passwords...................... 24 3.3.2 Login to Nodes with VirtualBox................... 24 3.3.3 Login to Nodes with Secure Shell.................. 26 3.3.4 Transferring Files........................... 27 3.3.5 Using the Host Web Browser to Access a Guest Web Server... 28 3.3.6 Shutting Down, Saving and Deleting Nodes............ 30 3.4 Troubleshooting virtnet............................ 30 4 Linux Command Line 31 4.1 Prerequisites.................................. 31 4.1.1 Assumed Knowledge......................... 31 4.1.2 Linux and Network Setup...................... 31 4.2 Entering Commands............................. 31 4.2.1 Command Prompt.......................... 31 4.2.2 Commands, Parameters and Options................ 32 4.2.3 Output and Errors.......................... 34 4.2.4 Help with Commands......................... 34 4.3 Directory and File Operations........................ 35 4.4 Viewing and Editing Files.......................... 41 4.4.1 Viewing Text Files.......................... 41 4.4.2 Creating Text Files.......................... 44 4.4.3 Text Editors.............................. 45 4.5 Shortcuts in Bash............................... 46 4.6 Pipes and Redirection............................ 47 4.7 Processes and Jobs.............................. 47 4.8 Searching for Files.............................. 47 4.9 Processing Text Files............................. 47 4.10 More Examples................................ 47 5 The Internet and Applications 51 5.1 The Internet.................................. 51 5.2 Clients, Servers and Addressing....................... 51 5.2.1 Addresses and Ports......................... 51 5.2.2 Servers................................. 52 5.2.3 Clients................................. 53 5.3 Web Browsing................................. 53 5.3.1 HTTP Operation........................... 53 5.3.2 Web Browsing on the Command Line................ 53 5.4 Remote Login................................. 54 CONTENTS iii 6 Automating Tasks with Scripts 57 6.1 Prerequisites.................................. 57 6.1.1 Assumed Knowledge......................... 57 6.1.2 Linux and Network Setup...................... 57 6.2 Introduction to Scripts............................ 57 6.2.1 Shell Scripts are Text Files...................... 58 6.2.2 Variables in Scripts.......................... 59 6.2.3 For Loops............................... 59 6.2.4 If/Then/Else............................. 60 6.2.5 Input Parameters........................... 60 6.2.6 Executing Shell Scripts........................ 61 6.3 More Scripting Examples........................... 62 6.3.1 First Script with echo and ls..................... 63 6.3.2 Using Variables............................ 63 6.3.3 For Loops............................... 64 6.3.4 If/Then/Else............................. 66 6.3.5 Input Arguments........................... 67 6.3.6 Reading a Text File.......................... 68 6.3.7 Extra Commands........................... 69 7 Users and Permissions 73 7.1 Prerequisites.................................. 73 7.1.1 Assumed Knowledge......................... 73 7.1.2 Linux and Network Setup...................... 73 7.2 Users and Permissions in Linux....................... 74 7.2.1 Users.................................. 74 7.2.2 Logins................................. 75 7.2.3 Passwords............................... 75 7.2.4 Permissions.............................. 76 7.3 Commands for Managing Users and Permissions.............. 77 7.4 Users and Permissions by Example..................... 79 7.4.1 Adding Users............................. 80 7.4.2 /etc/passwd and /etc/shadow Files................. 81 7.4.3 Adding Groups............................ 82 7.4.4 Creating Files and Directories.................... 82 7.4.5 Setting Permissions.......................... 83 7.4.6 Summary and Other Issues...................... 88 7.5 Passwords, Hashes and Rainbow Tables................... 89 7.5.1 Storing Actual Passwords...................... 89 7.5.2 Storing Hashed Passwords...................... 90 7.5.3 Brute Force Attacks on Hashed Passwords............. 91 7.5.4 Pre-calculated Hashes and Rainbow Tables............. 92 7.5.5 Salting a Password.......................... 93 7.5.6 Summary and Other Issues...................... 94 iv CONTENTS 8 Cryptography in Linux 95 8.1 Prerequisites.................................. 95 8.1.1 Assumed Knowledge......................... 95 8.1.2 Linux and Network Setup...................... 96 8.2 OpenSSL................................... 96 8.2.1 Overview of OpenSSL........................ 96 8.2.2 Example Scenario........................... 97 8.2.3 Random Numbers........................... 97 8.2.4 Symmetric Key Encryption Basics.................. 99 8.2.5 Hash and MAC Functions...................... 100 8.2.6 Symmetric Key Encryption Padding and Modes of Operation.. 102 8.2.7 RSA and Digital Signatures..................... 105 8.2.8 Diffie-Hellman Secret Key Exchange................ 111 8.2.9 Performance Benchmarking..................... 115 8.3 Using Classical Ciphers with pycipher.................... 116 8.3.1 Install pycipher (Recommended Method).............. 116 8.3.2 Install pycipher (Alternative Method)................ 116 8.3.3 Using pycipher............................ 116 9 Networking Tools 119 9.1 Prerequisites.................................. 119 9.1.1 Assumed Knowledge......................... 119 9.1.2 Linux and Network Setup...................... 120 9.2 Operating Systems and Tool Interfaces................... 120 9.3 Viewing and Changing Network Interface Information........... 120 9.3.1 Viewing Interface Information.................... 121 9.3.2 Changing Interface Information................... 122 9.4 Viewing Ethernet Interface Details..................... 123 9.5 Testing Network Connectivity........................ 125 9.6 Testing a Route................................ 126 9.7 Converting Between Domain Names and IP Addresses........... 127 9.8 Viewing the Routing Table.......................... 129 9.9 Converting IP Addresses to Hardware Addresses.............. 130 9.10 Network Statistics............................... 131 9.11 Useful Networking Files........................... 132 9.11.1 /etc/hostname............................ 132 9.11.2 /etc/hosts............................... 132 9.11.3 /etc/resolv.conf............................ 133 9.11.4 /etc/network/interfaces....................... 133 9.11.5 /etc/services.............................. 134 9.11.6 /etc/protocols............................. 135 9.11.7 /etc/sysctl.conf............................ 135 9.12 Application and Performance Testing.................... 136 9.12.1 Generic Application Testing with netcat.............. 136 9.12.2 Traffic Monitoring with iptraf.................... 138 9.12.3 Internet Performance Measurements with iperf........... 138 9.12.4 Packet Drops and Delays with tc.................. 141 CONTENTS v 10 Routing in Linux 143 10.1 Prerequisites.................................. 143 10.1.1 Assumed Knowledge......................... 143 10.1.2 Linux and Network Setup...................... 144 10.2 Routers.................................... 144 10.2.1 Routers and Hosts.......................... 144 10.2.2 Enabling Routing........................... 145 10.2.3 Editing the Routing Table.....................