Post on 01-Mar-2021
CPSC 526NETWORK SYSTEMS SECURITY#2 – BASIC NETWORKING
TA: HENRIQUE PEREIRA
SERVER-CLIENT APPLICATIONS
The basic mechanisms of client-server setup are:
1. A client app send a request to a server app.
2. The server app returns a reply.
3. Some of the basic data communications between client and
server are:
• File transfer - sends name and gets a file.
• Web page - sends url and gets a page.
• Echo - sends a message and gets it back.
SOCKET PROGRAMMING
Socket is an interface into which na application process
can both send and/or receive messages to/from another
application process.
PORTS
• A port is a 16-bit number in the range 0-65535
• Managed by the operating system and used by clients to identify servers
• Ports 0-1023 are reserved by the system and used by common network protocols
• Firewalls are commonly configured to differentiate between packets based on their
source or destination port numbers as in port forwarding.
• Ports Database: https://www.speedguide.net/ports.php
SOCKET PROGRAMMINGWITH TCP
• TCP provides a reliable way
to transfer bytes from one
process to another
TCP SOCKET
SIMPLE TCP ECHO SERVER - PYTHON
• http://pages.cpsc.ucalgary.ca/~henrique.pereira/pdfs/TCPServer.py
• Socket Module
• socket.bind – binds a socket to an address ( tuple with hostname/ip and port )
• socket.listen – enable the socket to accept connections
• socket.accept – accepts a connection (returns a new socket and information about the client)
• socket.recv – receives data from the socket as bytes (Py3)
• socket.send – sends data to the socket as bytes (Py3)
• socket.close – closes connection
NMAP
• Most popular port scanner available
• Offers many different scanning techniques:
• Scan for hosts that are up
• TCP ports
• UDP ports
• Other IP Protocols
• Can identify software, version, some configuration details
• nmap -A -T4 127.0.0.1
CONNECTING TO THE *SIMPLE* ECHO SERVER
• Netcat
• Utility for reading/writing to network connections using TCP or UDP.
• Basic client usage: nc [targetHost] [port]
• nc localhost 8888
• nc 127.0.0.1 8888
• Netcat Cheat Sheet
• https://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf
PYTHON – TCP CLIENT
• http://pages.cpsc.ucalgary.ca/~henrique.pereira/pdfs/TCPClient.py
• socket.connect – connects to a server
SOCKET PROGRAMMING WITH UDP
• UDP has no reliable “connection” between client and server
• No handshaking
• Sender attaches IP address and port of destination to each packet
• Server must extract that information from the received packet
• Message oriented protocol
• Data may be lost or arrive out of order
SIMPLE PYTHON UDP SERVER
• http://pages.cpsc.ucalgary.ca/~henrique.pereira/pdfs/UDPServer.py
• socket.socket( socket.AF_INET, socket.SOCK_DGRAM )
• SOCK_DGRAM – UDP DataGRAM
• Default for TCP is SOCK_STREAM
• socket.recvfrom – receives a datagram (returns the data and information about the sender)
• socket.sendto – sends data in bytes to an ip, port tuple
CONNECTING TO THE UDP SERVER
• Netcat
• Utility for reading/writing to network connections using TCP or UDP.
• Advanced client usage: nc [options] [targetHost] [port]
• nc –u 0.0.0.0 8889
• Netcat Cheat Sheet
• https://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf
SIMPLE PYTHON UDP CLIENT
• http://pages.cpsc.ucalgary.ca/~henrique.pereira/pdfs/UDPClient.py