CompTIA Linux+ XK0-005 – Unit 09 – Networking Part 3

20. Character Based Names Part1

Now, most every system server service has some sort of character based names. That’s because it’s easy for us. We use names. All we have to do is find a way to map those names to the actual addresses. And there’s a number of ways of doing that. One is you can create a static host file on your system that has every system’s name and IP address so that it’s always on your your local system. The downside, of course, is that if anybody ever changes their address or changes their name, then you have to manually update those files. So when we deal with static entries like that, we lose a lot of the dynamic capability to respond to topology changes, to respond to network changes.

Another option is a dynamic name mapping that is done through the service called DNS, the domain name service. It’s like a large yellow pages or white pages where it looks up the name of that you’re searching for, tells you the IP address, and you’re good to go. The reason we say it’s dynamic is that if you change your name, technically, your system should dynamically register with DNS and say, here’s my update. Here’s my new IP address. Here’s my new name. And so that database is constantly evolving as things in the networks change. Bye.

21. Character Based Names Part2

Microsoft had in one of their proprietary protocols called netbuy. This thing called a net BIOS name. Now, unlike a DNS name, it was not hierarchical. DNS started with a structure. Right at the very top was the dots. Hey, this kind of sounds like the file system, doesn’t it? Instead of it being a forward slash for the root directory in Linux, DNS is starting started with a dot and from there the next level were the net biz, TV, whatever there is today. Below that was the next layer. So you might have www. kensdomain. com. Well, that told you my path. I’m under the. com structure. Under there’s a domain called Ken and underneath that I have a www domain or a training domain or whatever the case is.

It was a hierarchy to the DNS. Net BIOS didn’t have that structure. It was just a name, 15 characters or less, that name mapped to an IP address. And so there were services that could also translate the Net BIOS to those IPS. The dynamic part of that was called the wins service in Microsoft and you could actually dynamically create a host file on your system. The host file is generally called Lmhost, but that’s more of a Microsoft issue. We’re going to stick with today’s current technology where we hope unless you have some old legacy application in your network that you are never going to deal with Net BIOS, everything will be DNS and you’ll have a DNS server or at worst a static host file from which to be able to get the IP addresses.

22. Name Utilities

Now, there are a number of utilities that you can use to again verify what names and IP addresses and everything else. For instance, if you want to know what’s your host name, there is a hostname command. Now, hostname is just your computer’s name. You have to remember that you may be configured to have what we call a DNS suffix, which means that you might have a hostname server one. But the DNS suffix added on that you would be using to represent yourself outside might still have ken’s domain. com. Ping is another utility that you would use to ping another host by its name. Now, often we might say ping server too.

What we don’t see behind the scenes is sometimes you have a DNS suffix that is defaulted, like maybe Ken’s domain. com. So when you do type the ping, it’s actually trying to find server two kensdomain. com, even though you didn’t type it. So there’s a lot to understanding what you’re seeing happening behind the scenes with these utilities. And I’m trying to give you kind of an idea of it’s easy to use, but behind the scenes a little bit more might be happening. Also in the Etsy folder, there is a hosts file. A host file, by the way, is standard on almost every single system. That is a static list of names to IP.

23. Demo – Identifying Addresses and Names

All right, we’re going to take a look at some of the settings that we have for our network. One of the most important ones that we’re going to use is the hostnames one. So we’re going to come down here into our command line, type in hostname. We see our hostname is Debian and we’re going to test it out. We’re going to actually ping the name Debian and we see that it resolves to this address. One twenty seven, zero zero, one. Well, that’s actually the loopback address that’s appropriate. And I hit control C by the way, to get out of there. You can see where it’s the little carrot C, that means control C. Well, where do we get that name? Well, the name was the host name given to us in our configuration.

But we would see that if we actually went to the folder or the file called Host file, you would see that not only does the username of Debian or the computer name of Debian come up as a so, it is also the command or the name local host which is another substitute for finding basically your connections back to yourself. So even if I were to ping local host that also refers to myself, it’s called the loop back for a reason. It’s our loopback name, or the loopac address I should say, which is just redirecting all traffic to our network card and then we can go from there. But that is how we can look at some of the ways in which names get resolved through the host file and the host name command to see what our computer’s name is.

24. Ports

Now in a part of the communications that deal with TCP and IP is this issue of ports. There’s really two ports that we have to deal with, the source port and the destination port. So let’s talk about that. Almost every discussion that you ever see on ports talk about destination ports, but they don’t tell you that. They say, oh, here’s some common ports. 20 and 21 are for FTP, 25 is the sending mail SMTP 110 for receiving pop, port 80 is Http. Okay, folks, those are destination ports. That means that when I send some traffic to another server and I use as my destination address and port, I’m saying I want to connect to that service running on the machine.

But I also supply what’s called a source port. Now, the source port can be any value from zero to 65 535. Generally speaking, the source port should be some value above 1024. Now, what does the source port do? Well, really, it’s a randomly picked generated number that I use so that when I communicate to you on your web server with your destination port of 80, you reply to my source port. Kind of in a way, it becomes the new destination port for the reply traffic, and it helps me keep that traffic separate for the other things running on my operating system. So I have a web page open, I got a browser, I’m on your server, I hit you on port 80, you’re responding to my port 55, 50.

Let’s say I open up another browser and I go to a completely different web server. I hit them on their port 80, they reply back to my port, let’s say 55, 51, because it’s a different port. I can associate it on my Linux machine with the right web browser so that I don’t have different web pages from different servers getting crossed up and intermingled and causing all sorts of communication problems. In a way, it’s a part of what we talked about with the session oriented part of layer five, is that I want to keep that traffic separate. And so I do that by my source ports. So when we talk about ports, realize most definitions and most conversations are about destination ports, but we always have to source and destination both.

So when people say, well, you got to memorize these ports, you’re memorizing destination ports. Now, the first 1024 ports are often called the well known ports. That’s because most of them have or will be assigned to specific types of applications. As I’ve already said, port 80 means http 443 means Secure Socket Layer 53 is DNS. These are ports that are well known. Does it mean that your web server has to use port 80? And the answer is no. You can use any port you want. It’s only important that I know what the port is so I can communicate with you.

25. Demo – Viewing an Using Ports

Well, let’s take a look and see what ports are already kind of preprogrammed here on our system. So I’m going to go to the etsy services, and I’m going to pipe that to the actually, I got the less at the beginning, so less is a program we use to open up the etsy services, and we can start seeing that we have port one for the TCP, max echo, seven discard card systat, and a lot of these things. And as I page down, you can see very few of these ports are actually listed twice. And the reason they’re listed twice is that if you look, for example, with the echo, that TCP and UDP both can use that particular protocol. Same with daytime, you see the same thing here in a second with DNS, another one of those commonly used by both protocols, SSH as well.

So anyway, this is just a list of the ports, usually up to 1024, but sometimes there are some applications that we’re familiar with that occur outside of that range. But those are all the services that we see and it kind of lets us know basically the ports that if you program any utility that uses it by this port name, then these are the ports that are going to be defaulted when you set them up. So that’s looking at the services that we have and the more I page down, the more you can see some more of those different port numbers. They go with different types of services if you’re never sure what they are. And these information on the side isn’t enough, that’s where you start doing a little bit of your search engine work to figure out exactly what these different port numbers mean.

26. Authentication

Now, another part of networking is the authentication of who you are. In fact, networking really revolves around the AAA, the authentication, authorization and accounting. And I’ve talked about this in some other units. And so we’re going to hit it again because this is where it really matters to us is for the remote access. I mean, yeah, if you’re logging in locally because you’re sitting in front of the server or sitting in front of my workstation station and you open it up or turn it on and you connect, I’d like you to have a username and password.

But in reality, if I can touch the machine, I own it anyway. But if it’s a remote connection, I almost always want to say, you got to authenticate. I am not going to allow anonymous access unless I’m hosting a website and I’m running a web service. And then it’s only that web service that I would allow anonymous access to. Otherwise, anything else got to be authenticated. Once authenticated, you’ll have permissions, authorization, and then under accounting, I’m going to log what you do so I know what actions have taken place.

27. Authentication Factors

Now, when it comes to authentication, you are technically verifying somebody’s identity. So let’s think about that. Identity is something that you know, something that you have or something that you are. In fact, we call those factors. You might even hear them called authentication factors. Most of us deal with the identity of something, you know, my username and password. Now, verify, buying that you gave me the right username and password, that is what authentication is. It’s a verification of your ID. So it’s the same thing with something you have. Now, when we talk about these authentication factors, something you have would be something you carry with you on your person. It might be a smart card for some systems. It could be a synchronous or asynchronous token generator.

You might see these people have these little key chains or these chains around their neck and they got a little round cylindrical object that has numbers on it. And they use those numbers when they’re logging in or have to type a pin in to do a challenge. It’s just adding to the complexity of authentication. And then the other one is the something you are, which we generally say is biometrics. That would be scanning your thumbprint, your palm iris, the voice pattern patterns that you use to speak with whatever it is. It’s something about you physically that you are that helps in the authentication process. So those are the different types of factors. But again, remember, it’s all about verifying that you are correctly who you say you are. So authentication technically is verifying your identity. And your identity can fall in one of those three factors, or all of them if you want.

28. One -factor Authentication

All right, so when we talk about authentication, if you go with the basics one factor authentication, you are going with the easiest one to break. One factor authentication means that if I want to find a way to impersonate you or break in, all I need to do is figure out that one way. So one factor is generally something, you know, username and password. Over half of our hacking is people simply listening to other people talk or asking a person for their username and password. It’s not difficult. I can go on for a number of hours with different stories of how I’ve heard people give away their passwords, yelling.

It across the room inside of a cell phone company, being at a major airline and listening to somebody ask for the password to the baggage computer over a walkie talkie. I mean, it just goes on and on and on. Dumpster diving that’s so easy to get that one password from somebody that it’s almost not even worth having one factor authentication. So we tell people that you should use multifactor authentication, a combination of two, at least two of the three things. Something you know, something you are, something you have.

29. Two -factor Authentication

So when we get into two factor authentication, the beauty of this is that even if somebody tricks me out of my password, they still need to have another method to identify who they are. Maybe it’s a smart card that they carry in their wallet. So, great, you called me on the phone, or you intercept my password. You only know half of the solution. You still can’t authenticate because you have to complete both factors. Or it could be a fingerprint scanner. In fact, we’re seeing a lot of even lowend inexpensive laptops these days built in with a fingerprint scanner right next to the mousepad. It’s getting that important to start considering multifactor authentication.

30. Three -factor Authentication

Now, if you have three factor authentication, you’re trying your best to make it very difficult for anybody to get in. That’s where you’re doing the password, the biometrics, and the something you have the smart card or token generator. Now, I’ve told this story before, and I’ll just tell it here briefly. I was working at some large company in the Midwest. It was hot, it was August, it was humid. That’s what I remember the most. I was in the tornado shelter part of the building, which is always if you’re not used to tornadoes, it’s kind of odd to think that you actually have to worry about having a shelter. Anyway, they were the series of doors, and I had a little magnetic card that unlocked the doors that I was allowed to go through as a contractor.

And I was bored, so I was trying my card on every door as I walked through. I know I’m a bit odd when it comes to security. I like to know, what will these things happen? And here’s a door that’s got a name plaque and another door, the name plaque and another, and finally get to this one door that has no name plaque on it, and my key card doesn’t work. I can’t get the door to open. So two things hit me. Number one, must be important because my card didn’t open it. And number two, it was the only unlabeled door. And what do we people read security books and they say, oh, don’t label the doors that have important stuff behind them.

Well, they also forget the next paragraph that says, don’t label everything else and make it stand out like a sore thumb. Anyway, it had the key card. That’s something you have to get in. I looked through a little side window that let me see down the hallway, and there was a thumbprint scanner and followed by a combination key lock. So it was the whole something you have the key magnetic key card to get in the first one to something you are and the something you know to get into the next set. So it looked pretty secure. Now, while I was peering through the window, some guy came up behind me and said, hey, can I help you? Scared me to death. I jumped and I said, hey, my name is Ken, and I’m here doing this blah, blah, blah stuff.

And I said, I’d really like to see and I took a guess, the network operations room. And the guy says, oh, sure, come with me. Had the right key card thumbprint typed in the combination, watched them type in the combination. I mean, all I needed to do was get some, like, R rated movie and chop off a thumb and I would have got in on my own. Anyway, it was that easy to get past. So even though three factor authentication is really cool conceptually, I just wanted to give you that long story to make sure you remember security is only as strong as your weakest link. Unfortunately, we, the people that are running these systems are often the weakest link. Anyway, it was a good idea. It almost worked. Other than the fact somebody let me in.

• Category: Uncategorized