Hands On NetworkingNetwork Applications

Ram P Rustagi, ISE Deptrprustagi@pes.edu

Kundan Kumar, MCA DeptManini Sahoor, MCA Dept

Ravi Teja, MCA DeptSourav Mandal, MCA Dept

June 30, 2012

2

Course contents

• General Networking Overview– Network Configuration– tools/utilities

• Building (IPv4) routing networks• Using ARP to advantage• Studying ICMP• Network security issues• Bandwidth Management, Queuing• IPv6: Routing, working with IPv4 networks• NAT and load balancing• Installing/configuring Network applications

– DHCP, FTP, Apache WS, EMail• Socket Programming• Take Home

– WiFi Access– Software Defined Network

• Assessment, Feedback2

3

Web Server

• HTTP protocol– Headers– Methods– Request and status line– Persistent connection– SSL certificate

• Valid for a name• WE-1

– Install Apache, and setup socket (other than 80)• Enable directory listing

• WE-2– Configure to have password based access for

directories• WE-3

– Configure to have virtual hosts• WE-4

– Install SSL certificate (Self signed)

3

Web Server – WE 1

• Displaying Directory listing– By default following is enabled

• Options Indexes• index.html, index.php is present

– Removing index.html/index.php will do the work– Alternatively, play with Options Indexes

4

Web Server – WE 2

• Password protecting the directories– Create a password file

• htpasswd /etc/apache2/passwdfile user_name• For first time, use –c option to create the file• Using –c option for existing file will rewrite• Add entries for each required user

– Specify the password file in /etc/apache2/apache2.conf

<Directory /var/www/mydir> AuthType Basic AuthName "By Invitation" AuthUserFile /etc/apache2/passwdfileRequire valid-user </Directory>

– Restart the web server• /etc/init.d/apache2 restart

5

Web Server – WE 4

• Generating Self Signed Certificate– What is SSL Certificate

• Enables to encrypt the sites content when sent on connection

• Enables client to verify the site – What the site says it is and what the site client

connected to• Contains the following information

– Validity period– Sitename– Certificate authority

» In our case, this will be us» Typically, it is Verisign, Thawte, GoDaddy etc.

– Enabling SSL module• a2enmod ssl

– Create a directory to keep certificate file• mkdir /etc/apache2/ssl 6

• Generating the certificate– Need three files

– Replace <server> with website name• <server.key> – private key file• <server.csr> – request file for certificate signing• <server.crt> – actual certificate file

– Generating key file (for website rpr.pesise.in)• openssl genrsa -des3 -out rpr.pesise.in.key 1024

– Need to enter some passphrase– Generating a request file for certificate signing

• openssl req -new -key rpr.pesise.in.key -out rpr.pesise.in.csr

– Generate the actual certificate file• openssl x509 -req -days 730 -in rpr.pesise.in.csr -signkey rpr.pesise.in.key -out rpr.pesise.in.crt

7

Web Server – WE 4

• Installing the certificate– Edit the following SSL config file

• /etc/apache2/sites-available/default-ssl– Modify the following entries

• <VirtualHost _default_:443>• ServerName rpr.pesise.in:443• SSLEngine on• SSLCertificateFile /etc/apache2/ssl/rpr.pesise.crt

• SSLCertificateKeyFile /etc/apache2/ssl/rpr.pesise.in.key

– Enable the default virtual host

• a2ensite default-ssl

– Restart apache

– Access the site as https://rpr.pesise.in8

Web Server – WE 4

9

DHCP

• DHCP– Setting DHCP– DHCP with relay agents– DHCP with fixed IP addresses– DHCP with options– Blocking communication among clients

• WE-1– Configuring simple DHCP server

• WE-2– Configuring DHCP server with reserved IP

• WE-3– Configuring options

• Timeouts• Blocked communication among recipients

9

10

Installing FTP Server

• FTP overview– Control channel (port 21)– Data channel (port 20 on client side)– Active vs passive FTP

10

• Using server vsftpd (very secure FTP Daemon)– sudo apt-get install vsftpd– Edit the config file /etc/vsftpd.conf to make changes

•anonymous_enable=YES•write_enable=YES•pasv_enable=YES ## if needed

– Restart FTP daemon• sudo service vsftpd restart

– Use ftp client to connect to FTP server • Upload/download files

11

Installing FTP Server

12

Installing Email Applications

• Email involves– Server

• Accepts email using SMTP– Clients

• Retrieves mail using POP3/IMAP4 protocol• Software being used

– postfix– mailutils for local clients– Installing software

• sudo apt-get install postfix• sudo apt-get install mailutils

12

Email application

• Sending emails• Receiving emails

13