1 Internet Information Shop Jos Visser Open Solution Providers 13 juli 2004
2 i c Open Solution Providers All rights reserved Open Solution Providers is a trademark of Uniteam B.V. This document has been created with vi and typeset with L A TEX, never change a winning team! Various trademarks used in this documents belong to their respective owners. This work is based on previous original work of the Open Solution Providers. ABN AMRO Nederland N.V. is granted a world-wide non-exclusive right to use, copy and distribute this book for ABN AMRO internal use. Formatted (and presumably printed) on 13 juli 2004.
4 Inhoudsopgave I Inleiding Internet 3 1 Introduction Welcome What is an internet What is Internet The history of Internet Using Internet Internet form and structure Internet Definition Internet physical structure World Wide Internet Internet structure example TCP/IP protocols IP address Host names Who controls Internet Who runs and manages Internet Internet Organisations Internet Society (ISOC) Internet Architecture Board (IAB) Internet Engineering Taskforce (IETF) Internet Research Taskforce (IRTF) Internet Network Information Center (InterNIC) Internet Assigned Numbers Authority iii
5 iv INHOUDSOPGAVE 2.11 Request for Comment Who pays Internet Basic Applications Basic Applications Telnet Telnet example FTP FTP example example Usenet News News example News example Connecting to Internet Why connect to Internet How to connect to Internet UUCP Login account Dial-up connection SLIP/PPP High Speed Digital Lines II De kern van Internet: het TCP/IP protocol 51 5 Introduktie Welkom Inhoud Inleiding TCP/IP Inleiding Het probleem Eigenschappen van netwerken De oplossing: netwerkprotocollen
6 INHOUDSOPGAVE v 6.5 Protocolniveaus Open System Interconnection Bekende netwerkprotocollen en -architecturen De TCP/IP protocol suite TCP/IP kernprotocollen TCP/IP gerelateerde protocollen Request for Comment IP - Het Internet Protocol IP - Het Internet Protocol Het Transmission Control Protocol Het User Datagram Protocol De informatiestroom IP-adressen en subnet masks IP-adressen en subnet masks IP adres Adresklassen Adresregistratie Adresvoorbeelden Configuratie IP-adres Subnetting Voorbeeld subnetting IP-adressen in applicaties Hostnamen Domain Names Fully Qualified Domain Names Domain name hierarchie Aliassen Hostnaam resolutie Hostnaam resolutie Hostnaam resolutie Methoden van hostnaam resolutie Hosts file Voorbeeld hosts file
7 vi INHOUDSOPGAVE 8.6 Network Information Service Domain Name Server DNS concept DNS voorbeeld Resolver configuratie voorbeeld DNS weetjes Load balancing met de DNS Geavanceerde onderwerpen Gevanceerde onderwerpen Poortnummers Poortnummer schematisch voorbeeld Poortnummers toelichting Well known ports Routering Routeringstabel Routeringsprotocollen Sockets IP next generation IPng IP-adressen III De wondere wereld van Internet Introductie Welkom Inhoud Inleiding Inleiding Internet Wijd verbreid Standaarden KISS Geen featurism Waarom dan toch Internet
8 INHOUDSOPGAVE vii 12 De basis van Internet De basis van Internet bericht bericht voorbeeld headers body adressen adres voorbeelden en het netwerk Mail User Agent Mail Transport Agent Post Office communicatie protocollen communicatie protocollen Communicatie MUA - MTA MUA - PO MTA - MTA MTA - PO SMTP SMTP sessie SMTP sessie SMTP eigenschappen POP POP sessie POP sessie POP eigenschappen IMAP Randverschijnselen Randverschijnselen Van adres naar mail host DNS records DNS records voorbeeld
9 viii INHOUDSOPGAVE 14.5 Aliassen Forwarding Adres herschrijving MIME MIME structuur MIME header voorbeelden MIME aandachtspunten beveiliging beveiliging Beveiligingsproblemen Denial of service Privacy Integriteit Authenticatie Fysiek PEM PEM eigenschappen PGP PGP eigenschappen encryptie IV De techniek achter het World Wide Web Introductie Welkom Inhoud Inleiding Hoe het zo gekomen is Het World Wide Web Het World Wide Web (again) Populariteit van het Organisatie van het web
10 INHOUDSOPGAVE ix De structuur van het web De structuur van het web WWW Componenten WWW Transacties World Wide Web WWW Client Voorbeelden van browsers Eigenschappen van browsers Documenttypen Filetypes WWW Server URL URI URL voorbeelden HTTP en HTML HTTP en HTML WWW specifieke elementen HTML HTML voorbeeld HTML voorbeeld in IE HTML voorbeeld in lynx HTML faciliteiten HTML aandachtspunten HTML, pro en contra Hoe maak je HTML? HTTP HTTP server software HTTP voorbeeld Waar komen documenten vandaan? HTTP, pro en contra
12 INHOUDSOPGAVE xi 22.8 SSL Implementatie van SSL Overige onderwerpen Overige onderwerpen Do you want a cookie? VRML HyperWave Web robots Proxy servers V Internet beveiliging Introductie Welkom Inhoudsopgave Inleiding Inleiding Wat gaan we beveiligen Tegen wie gaan we beveiligen Hoeveel beveiliging kun je je veroorloven Beveiliging is geen projekt! Internet risico s Beveiliging en de organisatie Houding Social Engineering Kennis Beveiligingsbeleid Beveiligingsmaatregelen Firewall Gebruikersidentificatie en -verificatie Encryptie en digitale handtekening Internet risico s 323
14 INHOUDSOPGAVE Packet Filter Circuit gateway Application gateways Algemene opbouw van firewalls Packet Filtering Circuit gateways Application gateways Overige onderwerpen Overige onderwerpen Authenticatie Identificatie Authenticatie Autorisatie Wederzijdse authenticatie Wachtwoorden One-time passwords Challenge-Response Biometrische kenmerken Encryptie Basis van encryptie Juridische aspecten van encryptie Het breken van encryptie Sleutels stelen Zwakheden in het algoritme Brute force Bekende encryptiealgoritmes DES Triple-DES RC2 en RC IDEA Public Key Encryption Digitale handtekeningen A Literatuurlijst 383
15 2 INHOUDSOPGAVE
16 Deel I Inleiding Internet 3
18 Hoofdstuk 1 Introduction 5
19 6 HOOFDSTUK 1. INTRODUCTION 1.1 Welcome This shop is designed to present an introduction to Internet. It is intended for those who want to know what Internet is and how to use it. This workbook contains all sheets presented during the shop, but can also be used as a reference after you complete the shop.
20 1.2. WHAT IS AN INTERNET What is an internet The word internet has more than one meaning. For those using Internet, there is just one Internet, but in fact an internet is just a collection of networks, using the same network communication protocol, linked together. The individual networks might even not be running the same protocol, as long as the protocol used for communications between the individual networks, the internet protocol, is the same. By definition, any number of networks linked to one another would be an internet. On an internet, nodes in each of the inter-linked networks can communicate with nodes in each other network. Usually, security measures will be taken to avoid this, of course. The inter network connectivity is set up using gateways between the local network, and the other networks. Each local network is connected to the Internet by means of such a gateway.
21 8 HOOFDSTUK 1. INTRODUCTION 1.3 What is Internet The Internet is not just any internet. Note that Internet is spelled with a capital I, whereas internet is not. Internet is an internet, existing of many computers and users, just like any other internet. The common protocol used in Internet is TCP/IP. This shop is not about TCP/IP however! One could see Internet as a huge computer with a very high potential of computing power (imagine the power of processors) not managed by anyone (imagine your own site not administered). As a matter of fact, there have been documented cases of Internet users combining their computing power to solve numerically difficult problems (like cracking encryption keys). Despite the fact that some think of Internet as complete anarchy, in fact it is the largest working computer network in the world. This anarchy is also the success of Internet. Most people using Internet also contribute in some way (so called prosumers). Most of the software used on Internet is public domain and can be obtained from many Internet sites all over the world. Using Internet is still relatively cheap, but don t forget that commercialisation of Internet is on it s way.
22 1.4. THE HISTORY OF INTERNET The history of Internet Some of the important mile stones in the history of Internet: Back in the 60 s, the first experiments with connecting computers were conducted. Until then, computers had been standalone; no data could be shared on-line. As computing power was expensive, it had to be used as economically as possible. In those days, there were not many standards in the computing environment. Every machine had it s own - probably locally adapted - operating system, so it was a tough job to connect systems of an entirely different architecture to one another. In those early 60 s Paul Baran at RAND presented a series of reports on the topic of computer networks. Around 1965 there was a project at Computer Corporation of America, founded by DARPA, linking two computers to a network, a third computer was added later. Another important experiment was carried out in 1968, the first experiment for ARPA- NET was set up. The original idea was for ARPANET to carry command and control data in case of a nuclear war, but that was forgotten soon enough. In 1974, TCP/IP was defined as a standard to overcome the many manufacturers networking protocols. It was meant as a general protocol, to be implemented by several manufacturers. In 1978 it became the preferred way to send data from one computer to another within the USA government. In the early 80 s BSD UNIX came with built-in TCP/IP support and set a new standard in UNIX communications. There was a lot of panic on Internet at November 1st 1988, when the Internet worm
23 10 HOOFDSTUK 1. INTRODUCTION was born (and died). That day, a self- reproducing program was sent to Internet. Based on a set of well- known bugs, Robert T. Morris had written a program that spread via Internet hosts to each Internet host known locally. Unfortunately, each network on Internet has at least one node knowing at least one node not in the local network, so it spread rapidly. Needless to say that these bugs are solved by now, but as of that day, security became a real issue on the net.
24 1.5. USING INTERNET Using Internet At first, Internet was used to transmit files from one computer to another and to login on remote systems. Later electronic mail (or ) was added, thereby giving users the ability to send messages to other users of the network. The chapter on basic Internet application contains a more detailed introduction to these applications. As more systems connected to the network and the amount of information available on the systems grew, new tools had to be developed to easily access the enormous amount of information, and to easily locate items of interest. As cheaper and better hardware became available the user interfaces of the various Internet applications improved and new easy-to-use applications were developed. Examples of these newer services are WAIS, Gopher and the World Wide Web. These applications will be covered in a separate info shop.
25 12 HOOFDSTUK 1. INTRODUCTION
26 Hoofdstuk 2 Internet form and structure 13
27 14 HOOFDSTUK 2. INTERNET FORM AND STRUCTURE 2.1 Internet Definition As has been mentioned in the Introduction module of this shop, Internet is a collection of interconnected networks. These networks use the TCP/IP protocols to communicate with one another. Strictly spoken it is not necessary for these networks to use TCP/IP for their intra network communications, but they usually do. Most commercial online information services (like CompuServe and America Online (AOL)) offer connectivity to Internet in one form or another. Special gateways convert between the propriatry protocols of those providers and the Internet protocols. Other gateways exist to convert from X.400 to Internet and vice versa.
28 2.2. INTERNET PHYSICAL STRUCTURE Internet physical structure Knowing that Internet consists of multiple interconnected networks, the question How are these networks connected? invariably pops up. The answer is that special organisations exist (providers) that offer Internet connectivity to it s members and/or customers. These providers maintain their own high-speed backbone infrastructure. If we want to connect to Internet we have to use the services of a provider. Most providers have several Points of Presence (POP) where we can connect to. Usually we connect to the nearest POP of our provider of choice. Internet providers maintain links between each other and all Internet providers have agreed upon relaying each others traffic. Therefore, if we connect to one provider we can communicate with the rest of Internet through the combined infrastructures of the world s various Internet providers.
29 16 HOOFDSTUK 2. INTERNET FORM AND STRUCTURE 2.3 World Wide Internet In Europe, each country has one or more national providers. For instance in the Netherlands the two largest providers are NLnet (a spin off from the Dutch Unix User Group - NLUUG) and SURFnet (a government sponsored organisation to connect Dutch universities). National providers usually maintain one or more high-speed national backbones. The European national backbones are connected to each other using European backbones. Currently EUnet, Ebone and EuropaNet are the best known european network connectors. This European backbone structure has various connections with the other parts (continents) of Internet. The worlds largest Internet backbone is the National Science Foundation network (NSFnet) in the United States of America. NSFnet currently has over fifteen major nodes connected with 45Mbps links.
30 2.4. INTERNET STRUCTURE EXAMPLE Internet structure example The screen dump shown in the slide provides an example of how Internet is structured. It shows the output of the traceroute command. This command traces the flow of packets through Internet as packets make their way to their destination. The originating system in this example is a PC connected to NLNet s point-of-presence in Amsterdam. The traceroute command shows how packets find their way to a U.S. government laboratory in California. Each printed line is a router connecting one or more networks. As we can deduce from the output of traceroute, NLNet s connects to EUNet s network in Amsterdam (EUNet is located in the same building as NLNet!). EUNet has it s own links to the United States (from Amsterdam to Vienna). From there on, the traffic is relayed through various other networks before it reaches the lbl network. Even within the lbl network, the packets have to take several hops before the destination is reached.
31 18 HOOFDSTUK 2. INTERNET FORM AND STRUCTURE 2.5 TCP/IP protocols For one application in Internet to talk to another it is necessary for them to agree on the form and content of their communication. These agreements are commonly called protocols. A large variety of network communication protocols exist: SNA, DECNET, NS and TCP/IP. Most protocols are vendor specific, they were developed by large hardand software vendors as a means of constructing single-vendor networks. TCP/IP is different in that it has not been designed and implemented by one particular computer vendor. Instead, TCP/IP has been invented and built by a research group in such a way that it could be implemented on a wide range of computers and/or operating systems. TCP/IP is open. The core protocols of TCP/IP are TCP, UDP and IP. TCP and UDP take care of application to application communications (OSI model layer 4). IP is responsible for routing a packet of information through the network (OSI model layer 3). TCP/IP is not dependent on one data link layer or another. IP operates with ethernet, token ring, arcnet, serial lines, ISDN, X25 and almost any other means of physically transporting data from one node to an adjacent node. Other protocols that are often used by TCP/IP hosts are ARP (Address Resolution Protocol), SNMP (Simple Network Management Protocol) and ICMP (Internet Control and Monitoring Protocol). For more information on TCP/IP and related protocols consult one of the many fine books on this subject.
32 2.6. IP ADDRESS IP address In order for IP to be able to route packets through an internet, each IP-interface (a network interface that can be used by IP) has to have a unique IP-address. Such an IP-address is a 32-bit logical network number that uniquely defines this interface in the network. For convenience we usually write an IP-address as a 4- number string: This 32-bit addressing scheme gives us a maximum of 4 billion network interfaces in Internet. Organisations acquire a group of IP-addresses that they can hand out within their own network. For instance General Electric has registered all IP addresses that start with 3. This means that all hardware that is part of the GE corporate network gets an IP- address that starts with 3, e.g Nobody connected to Internet is allowed to use IP-adresses that start with 3 without GE s approval! GE can define up to 16 million interfaces in it s corporate network. Other large IPaddress owners are Hewlett-Packard, IBM en Digital Equipment Corporation. Smaller organisations get a group of IP-address with 2 bytes out of four prescribed. For instance the Rijksuniversiteit Groningen has obtained all IP-addresses that start with They can hand out approximately IP-addresses within their own network. Even smaller organisations receive a 3-byte network number. For instance the well known Dutch publisher Thieme has received the IP-address range *. It is the network administrator s responsibility to refrain from handing out duplicate or unauthorised IP-addresses. A failure to do so would probably lead to the network being disconnected from Internet by a joint action of some or all other Internet users (mainly