Department of Computer Science & Engineering
SUBJECT: Secure Network Protocol CSC-428
B.E.IV Year – VII Semester (Branch: CSE)
SNP LAB FILE
Submitted By: Name: Nitish Kumar UID: 14BCS1446 Branch: BE/CSE(IS-3)
Chandigarh university
Secured Network Protocol CSC-428
INDEX S.NO . 1)
NAME OF EXPERIMENT
2)
Configuration of FTP and Authentication in FTP
3)
Installing SMTP server
4)
Securing IIS
5)
Simulation of ARP / RARP.
6)
Simulating a Wi-Fi Network
7)
Measuring Network Performance
DATE
p.no
LW FW
VV
TM
SIGN
Experiment to get hands on experience on OPENLDAP
. 8)
Introduction to IEEE 802.15.4 and ZigBee
9)
Nodes Configuration in ZigBee network.
10)
Network Topologies used in ZigBee network.
15BCS1446
Page 2
Chandigarh university
Secured Network Protocol CSC-428
PRACTICAL NO:1 OBJECTIVE: Experiment to get hands on experience on OpenLDAP. Introduction to OpenLDAP OpenLDAP is a free, open source implementation of the Lightweight Directory Access Protocol (LDAP) developed by the OpenLDAP Project. It is released under its own BSDstyle license called the OpenLDAP Public License. LDAP is a platform-independent protocol. is a protocol for querying and modifying a X.500-based directory service running over TCP/IP. Services built on the LDAP protocol are used to serve a wide range of information. The protocol is well-suited to serving information that must be highly available and accessible, but does not change frequently. Common applications include: Centralization of user and group information as part of Single Sign On (SSO). Authenticate users in a web application. Create a shared address directory for mail agents. Authenticate users locally So the LDAP protocol accesses LDAP directories. Here are some key concepts and terms: A LDAP directory is a tree of data entries that is hierarchical in nature and is called the Directory Information Tree (DIT). An entry consists of a set of attributes. An attribute has a type (a name/description) and one or more values. Every attribute must be defined in at least one objectClass. Attributes and objectclasses are defined in schemas (an objectclass is actually considered as a special kind of attribute). Each entry has a unique identifier: its Distinguished Name (DN or dn). This, in turn, consists of a Relative Distinguished Name (RDN) followed by the parent entry's DN. The entry's DN is not an attribute. It is not considered part of the entry itself. OpenLDAP software is an open source implementation of the lightweight Directory Access Prortocol. The suite includes: slapd - stand-alone LDAP daemon (server) libraries implementing the LDAP protocol, and utilities, tools, and sample clients. Also available from the OpenLDAP Project: Fortress - Role-based identity access management Java SDK JLDAP - LDAP Class Libraries for Java JDBC-LDAP - Java JDBC - LDAP Bridge Driver Steps to install and configure openLDAP server 15BCS1446
Page 3
Chandigarh university
Secured Network Protocol CSC-428
1. Login to root and change the hostname. $su Password: #gedit/etc/hostname
After opening this file, we get a default hostname which can be changed. Give new name as : server.ldap.com Then save it.
#reboot
15BCS1446
Page 4
Chandigarh university
Secured Network Protocol CSC-428
To check the new hostname: #hostname Serves.ldap.com
2. Install openLDAP #apt.getinstall slapd ldap-utils It asks whether to continue [y/n] press y
Now you will be asked to enter Admin password (same as root password)
3. Configure openLDAP Now , open a file #gedit /etc/ldap/ldap.conf
15BCS1446
Page 5
Chandigarh university
Secured Network Protocol CSC-428
4. Reconfigure the slapd with updated values:#dpkg-reconfigure slapd
Omit openLDAP server configuration? Press No
DNS domain name: ldap.com and then press ok
15BCS1446
Page 6
Chandigarh university
Organization name:ldap.com then press ok
Admin password
Confirm
15BCS1446
Secured Network Protocol CSC-428
Page 7
Chandigarh university
Database backend to use: HDB then press ok
DB to be removed?
Move old DB?
15BCS1446
Secured Network Protocol CSC-428
Page 8
Chandigarh university
Secured Network Protocol CSC-428
Allow LDAPv2 protocol? Then press No
5. Test the openLDAP server #ldapsearch -x //shows certain values that we will relate with.
LDAP server administration 1. Install phpldapadmin package #apt-get install phpldapadmin
15BCS1446
Page 9
Chandigarh university
Secured Network Protocol CSC-428
Window appears : do you want to continue? [y/n] press y. We need to know IP address and for that lets open up another terminal and give the following command #ifconfig
Now, move back # gedit /etc/phpldapadmin/config.php
We need to edit following values of the file:1. Set LDAP server name $servers->setValue(‘server’,’name’,’Ramandeep LDAP server’)
2. Set the server ip address $servers->setValue(‘server’,’name’,’address’)
15BCS1446
Page 10
Chandigarh university
Secured Network Protocol CSC-428
3. Set the server domain name $servers->setValue(‘server’,’base’,array(‘dc=ldap,cc=com)
4. Set server domain name again $server->setValue(‘login’,’bind_id’,’cn-admin,dc=ldap,dc-com’)
Save the file. Back to the terminal #systemetc restart apache2
5. Open the web browser
15BCS1446
Page 11
Chandigarh university
Secured Network Protocol CSC-428
PRACTICAL NO:2 OBJECTIVE: Configuration of FTP and Authentication in FTP Introduction to FTP server An FTP server is a software application running the File Transfer Protocol (FTP), which is the protocol for exchanging files over the Internet. At its core, the file transfer protocol is a way to connect two computers to one another in the safest possible way to help transfer files between two or more points. FTP uses what is called a client-server method for file sharing, wherein all of the files you want to share are uploaded to a specialized FTP server. Using a particular type of program called an FTP client, you can then access that server in a secure fashion from any computer in the world with an Internet connection. One of the major benefits that FTP and especially SFTP, or "secure file transfer protocol" brings to the table is one of security. You can safely secure all of your files on your FTP server, but restrict access to certain directories or even individual files within a directory based on only the people in your organization who need that information to do their jobs. Transferring files from a client computer to a server computer is called "uploading" and transferring from a server to a client is "downloading". Access to an FTP server can be managed in two ways: 1. Anonymous 2. Authenticated In the Anonymous mode, remote clients can access the FTP server by using the default user account called "anonymous" or "ftp" and sending an email address as the password. In the Authenticated mode a user must have an account and a password. User access to the FTP server directories and files is dependent on the permissions defined for the account used at login. As a general rule, the FTP daemon will hide the root directory of the FTP server and change it to the FTP Home directory. This hides the rest of the file system from remote sessions. vsftpd - FTP Server Installation vsftpd is an FTP daemon available in Ubuntu. It is easy to install, set up, and maintain. To install vsftpd you can run the following command: sudo apt install vsftpd
Anonymous FTP Configuration By default vsftpd is not configured to allow anonymous download. If you wish to enable anonymous download edit /etc/vsftpd.conf by changing: anonymous_enable=Yes
15BCS1446
Page 12
Chandigarh university
Secured Network Protocol CSC-428
During installation a ftp user is created with a home directory of /srv/ftp. This is the default FTP directory.If you wish to change this location, to /srv/files/ftp for example, simply create a directory in another location and change the ftp user's home directory: sudo mkdir /srv/files/ftp sudo usermod -d /srv/files/ftp ftp After making the change restart vsftpd: sudo restart vsftpd Finally, copy any files and directories you would like to make available through anonymous FTP to /srv/files/ftp, or /srv/ftp if you wish to use the default. User Authenticated FTP Configuration By default vsftpd is configured to authenticate system users and allow them to download files. If you want users to be able to upload files, edit /etc/vsftpd.conf: write_enable=YES Now restart vsftpd: sudo restart vsftpd Now when system users login to FTP they will start in their home directories where they can download, upload, create directories, etc. By default, anonymous users are not allowed to upload files to FTP server. To change this setting, you should uncomment the following line, and restart vsftpd: anon_upload_enable=YES Securing FTP At this point, let’s add/modify/uncomment these two following options to restrict FTP users to their Home directories. chroot_local_user=YES allow_writeable_chroot=YES The option chroot_local_user=YES importantly means local users will be placed in a chroot jail, their home directory by default after login. Save the file and close it. sudo restart vsftpd FTP can also be encrypted using FTPS. Different from SFTP, FTPS is FTP over Secure Socket Layer (SSL). SFTP is a FTP like session over an encrypted SSH connection. A major difference is that users of SFTP need to have a shell account on the system, instead of a nologin shell. To configure FTPS, edit /etc/vsftpd.conf and at the bottom add: ssl_enable=Yes Authentication in FTP server 1. Test FTP server by creating a FTP user with useradd command as follows: $ sudo useradd -m -c "Raman, Contributor" -s /bin/bash raman $ sudo passwd raman 2. Then, we have to explicitly list the user aaronkilik in the file /etc/vsftpd.userlist with the echo command and tee command as below: 15BCS1446
Page 13
Chandigarh university
Secured Network Protocol CSC-428
$ echo "raman" | sudo tee -a /etc/vsftpd.userlist $ cat /etc/vsftpd.userlist 3. Determine whether a user listed in the file /etc/vsftpd.userlist, is actually placed in his/her home directory after login: # ftp 192.168.56.102 Connected to 192.168.56.102 (192.168.56.102). 220 Welcome to TecMint.com FTP service. Name (192.168.56.102:raman) : raman 331 Please specify the password. Password: 230 Login successful. Remote system type is UNIX. Using binary mode to transfer files. ftp> ls
15BCS1446
Page 14
Chandigarh university
Secured Network Protocol CSC-428
EXPERIMEN T-3 OBJECTIVE - Installing SMTP server SMTP (Simple Mail Transfer Protocol) is a TCP/IP protocol used in sending and receiving email. However, since it is limited in its ability to queue messages at the receiving end, it is usually used with one of two other protocols, POP3 or IMAP, that let the user save messages in a server mailbox and download them periodically from the server. In other words, users typically use a program that uses SMTP for sending e-mail and either POP3 or IMAP for receiving e-mail. On Unix-based systems, sendmail is the most widely-used SMTP server for e-mail. A commercial package, Send mail, includes a POP3 server. SMTP usually is implemented to operate over Internet port 25. An alternative to SMTP that is widely used in Europe is X.400. Many mail servers now support Extended Simple Mail Transfer Protocol (ESMTP), which allows multimedia files to be delivered as e-mail.
Objective of SMTP Working of SMTP: SMTP is a simple ASCII protocol that is based on client-server model. After establishing the TCP connection, the sending machine, operating as the client, waits for the receiving machine, operating as the server, to talk first. The server starts by sending a line of text giving its identity and telling whether or not it is prepared to receive mail. If it is not, the client releases the connection and tries again later.\ SMTP Commands • SMTP commands are sent from the client to the server. • Each command consists of a keyword or command name followed by zero or more argument. It means some keywords do not contain any argument. • The format of command is: • There are 14 different SMTP commands listed in the table below: SMTP Responses • SMTP responses are sent from server to client. • Each response begins with a three digit code and may be followed by additional textual information. • The leading digits indicate the category of the response. The difference categories of response are: 1. Positive completion reply. It indicates that the requested action has been successfully completed. A new request may be initiated. 2. Positive Intermediate reply. It indicates that the command has been accepted, but the requested action is being held in abeyance, pending receipt of further information.
15BCS1446
Page 15
Chandigarh university
Secured Network Protocol CSC-428
3. Transient Negative Completion reply. It indicates that the command was not accepted and the requested action did not occur. However, the error condition is temporary and the action may be requested. 4. Permanent Negative Completion reply. It indicates the command was not accepted and the requested action did not occur. Mail Transfer Phases The basic SMTP operation occurs in three phases: 1. Connection set up 2. Mail transfer 3. Connection termination Connection Setup An SMTP sender will attempt to set up a TCP connection with a target host when it has one or more mail message to deliver to that host. The following sequence occurs during connection setup: 1. The sender opens a TCP connection with the receiver. 2. Once the connection is established, the receiver identifies itself with '220 Service Ready". 3. The sender identifies itself with the HELO command. 4. The receiver accepts the sender's identification with "250 'OK". 5. If the mail service on the destination is not available, the destination host returns a "421 Service Not Available" reply in step 2 and the process is terminated. Mail transfer • Once the connection has been established, the SMTP sender may send one or more messages to the SMTP receiver. • There are three logical phases to the transfer of a message : 1. A MAIL command identifies the originator of the message. 2. One or more RCPT commands identify the recipients of this message. 3. A DATA command transfers the message text. Connection termination • The SMTP sender closes the connection in the following manner: 1. The sender sends a QUIT command and waits for a reply. 2. Sender initiates TCP close operation for the TCP connection. 3. The receiver initiates its TCP close after sending is reply to the QUIT command.\ SMTP Services installation on IIS 6.0 On the Start menu, click Control Panel, double-click Add or Remove Programs, and then click Add/Remove Windows Components. 1. In the Components list, click Application Server, and then click Details. 15BCS1446
Page 16
Chandigarh university
Secured Network Protocol CSC-428
2. In the Subcomponents of Application Server list, click Internet Information Services (IIS), and then click Details. 3. In the Subcomponents of Internet Information Services (IIS) list, select the SMTP Service check box, and then click OK. 4. Click Next. If you are prompted for the Windows CD or the network install path, follow the instructions. 5. Click Finish. SMTP configuration Installing the SMTP service will create a new node in IIS Manager. In order to configure the SMTP virtual server, you must start IIS Manager. For more information, see the topic "SMTP Administration" in the IIS Operations Guide. To start IIS Manager from the Run dialog box 1. On the Start menu, click Run. 2. In the Open box, type inetmgr and then click OK. To start IIS Manager from the Administrative Services console 1. On the Start menu, click Run. In the Run text box, type control panel, and then click OK. 2. In the Control Panel window, click Administrative Tools. 3. In the Administrative Tools window 4. click Internet Information Services. Default Settings The default SMTP virtual server has the following default settings. If you create a new virtual server, you can configure default settings using the New Virtual Server Wizard. Name: The name of the virtual server that appears in IIS Manager.You can change the name of the virtual server in IIS Manager. Simply right-click the virtual server and then click Rename. IP address/TCP port: All unassigned/25.You can use the General tab in the SMTP virtual server properties dialog box to change this setting. If you change this setting, you must specify an IP address and TCP port combination that is not being used by another SMTP virtual server. Default domain: The domain name that is listed on the Computer Name tab in System Properties.The default domain is used to stamp messages from addresses that do not have a domain. An SMTP virtual server can have only one default domain, and it cannot be deleted. To change the name of the default domain in IIS Manager, double-click the virtual server, and then double-click Domains. Right-click the local (or default) domain, and then click Rename. Home directory: C:\Inetpub\Mailroot.The home directory is the root of your SMTP content directories, and it must be local to the computer on which the SMTP service runs. FlowChart :-not applicable
Algorithm:- not applicable
Code:- not applicable
15BCS1446
Page 17
Chandigarh university
Secured Network Protocol CSC-428
EXPERIMENT- 4 OBJECTIVE: Securing IIS Internet Information Services (IIS, formerly Internet Information Server) is an extensible web server accepts requests from remote client computers and returns the appropriate response. This basic functionality allows web servers to share and deliver information across local area networks, such as corporate intranets, and wide area networks, such as the internet. A web server can deliver information to users in several forms, such as static webpages coded in HTML; through file exchanges as downloads and uploads; and text documents, image files and more Web servers provide portals Modern web servers can provide far more functionality for a business and its users. Web servers are often used as portals for sophisticated, highly interactive, web-based applications that tie enterprise middleware and back-end applications together to create enterprise-class systems. For example, Amazon Web Services allows users to administer public cloud resources through a web-based portal. Meanwhile, streaming media services, such as Spotify for music and Netflix for movies, deliver real-time streaming content through web servers.
IIS works IIS works through a variety of standard languages and protocols. HTML is used to create elements such as text, buttons, image placements, direct interactions/behaviors and hyperlinks. The Hypertext Transfer Protocol (HTTP) is the basic communication protocol used to exchange information between web servers and users. HTTPS -- HTTP over Secure Sockets Layer (SSL) -- uses Transport Layer Security or SSL to encrypt the communication for added data security. The File Transfer Protocol, or its secure variant, FTPS, can transfer files. Versions of IIS IIS has evolved along with Microsoft Windows. Early versions of IIS arrived with Windows NT. IIS 1.0 appeared with Windows NT 3.51, and evolved through IIS 4.0 with Windows NT 4.0. IIS 5.0 shipped with Windows 2000. Microsoft added IIS 6.0 to Windows Server 2003. IIS 7.0 offered a major redesign with Windows Server 2008 (IIS 7.5 is in Windows Server 2008 R2). IIS 8.0 came with Windows Server 2012 (Windows Server 2012 R2 uses IIS 8.5). And IIS 10 arrived with Windows Server 2016 and Windows 10. With each iteration of IIS, Microsoft has added new features and updated existing functionality. For example, IIS 3.0 added ASP for dynamic scripting; IIS 6.0 added support for IPv6 and improved security and reliability; and IIS 8.0 brought multicore scaling on non-uniform memory access hardware, centralized SSL certificate support and Server Name Indication.
15BCS1446
Page 18
Chandigarh university
Secured Network Protocol CSC-428
key features and improvements Integrated extensions Building on the extensible and modular architecture introduced with IIS 7, the new IIS 7.5 integrates and enhances existing extensions while still providing additional extensibility and customization. WebDAV and FTP WebDAV and FTP functionality available in IIS 7 has been greatly enhanced by incorporating many new features that enable Web authors to publish content more reliably and securely than before. The new FTP and WebDAV modules also offer Web server administrators more options for authentication, auditing, and logging. Request Filtering The Request Filtering module, previously available as an extension for IIS 7, helps prevent potentially harmful requests from reaching the server by allowing you to restrict or block specific HTTP requests. Administration Pack modules Extension modules previously available for IIS 7 as part of the IIS Administration Pack offer additional tools to help you administer your IIS 7.5 Web server from IIS Manager. These modules include the Configuration Editor and UI extensions that will help you manage Request Filtering rules, FastCGI, and ASP.NET application settings. Management enhancements IIS 7.5 has the same distributed and delegated management architecture as IIS 7, but IIS 7.5 also offers new administration tools. Best Practices Analyzer Best Practices Analyzer (BPA) is a management tool that can be accessed by using Server Manager and Windows PowerShell. BPA can help administrators reduce best practice violations by scanning an IIS 7.5 Web server and reporting when potential configuration issues are found. IIS Module for Windows PowerShell The IIS module for Windows PowerShell is a Windows PowerShell snap-in that allows you to perform IIS 7 administrative tasks and manage IIS configuration and run-time data. In addition, a collection of task-oriented cmdlets provide a simple way to manage Web sites, Web applications, and Web servers. Application hosting enhancements Offering a variety of new features that help increase security and improve diagnostics, IIS 7.5 is an even more flexible and manageable platform for many types of Web applications, such as ASP.NET and PHP. Service hardening Building on the IIS 7 application pool isolation model that increased security and reliability, every IIS 7.5 application pool now runs each process as a unique, less-privileged identity. Managed service accounts Domain accounts that have passwords managed by the host computer are now supported as service identities in IIS 7.5. This means that server administrators no longer have to worry about expiring application pool passwords. Failed Request Tracing for FastCGI In IIS 7.5, PHP developers that use the FastCGI module can implement IIS trace calls within their applications. Developers can then troubleshoot application errors by using IIS Failed Request Tracing to debug the code during development.
15BCS1446
Page 19
Chandigarh university
Secured Network Protocol CSC-428
Enhancement to .NET support on Server Core The Server Core installation option of Windows Server 2008 R2 provides support for the .NET Framework 2.0, 3.0, 3.5.1, and 4.0. This means you can host ASP.NET applications, perform remote management tasks from IIS Manager, and locally run cmdlets included with the IIS module for Windows PowerShell for IIS. Installing and secure IIS Web Server After you finish installing the operating system, a list of initial configuration tasks appears. To install the Web Server (IIS) role, in the list of tasks, click Add roles and then click Web Server (IIS 1. Open IIS Manager 2. Select the name of the machine to view the modules for the whole machine, or change to the specific web site to view the modules enabled for the selected site 3. Double click on ‘Modules’ 4. To disable a module, click on the module from the list and select ‘Remove’ from the Actions pane 5. Confirm the removal by pressing Yes
Disable the OPTIONS method 1. Open IIS Manager 2. Select the name of the machine to configure this globally (or change to the specific web site for which you need to configure this) 3. Double click on ‘Request Filtering’ 4. Change to the HTTP Verbs tab 5. From the Actions pane, select ‘Deny Verb’ 6. Insert ‘OPTIONS’ in the Verb, and press OK to save changes
15BCS1446
Page 20
Chandigarh university
Secured Network Protocol CSC-428
Enable Dynamic IP Restrictions The Dynamic IP Restrictions module helps blocks access to IP addresses that exceed a specified number of requests and thus helps prevent Denial of Service (DoS) attacks.
1. 2. 3. 4. 5.
Open IIS Manager Select the name of the machine to configure this globally (or change to the specific web site for which you need to configure this) Double click on ‘IP Address and Domain Restrictions’ From the Actions pane, select ‘Edit Dynamic Restriction Settings’ Modify and set the dynamic IP restriction settings as needed and press OK to save change
Enable and Configure Request Filtering Rules Open IIS Manager 1. Select the name of the machine to configure this globally (or change to the specific web site for which you need to configure this) 2. Double click on ‘Request Filtering’ 3. Change to the Rules tab 4. From the Actions pane, select ‘Add Filtering Rule’ 5. Set the required rules, and press OK to save changes
15BCS1446
Page 21
Chandigarh university
Secured Network Protocol CSC-428
Enable logging Configuring IIS logging will cause IIS to log various information from HTTP requests received by the server..IIS logging can be enabled and configured from IIS Manager > select the machine name or the specific site you want to configure > Logging. Since these log files might grow quite large, it would be a good idea to start a new file periodically.
Use the Security Configuration Wizard (SCW) and the Security Compliance Manager (SCM) Both of these Microsoft tools can be used to test your IIS security. The Security Configuration Wizard (SCW) runs different checks and provides advice and recommendations on how to boost your server’s security. The Security Compliance Manager (SCM) tool performs security tests on your server and compares server configurations to predefined templates as per industry best practices and security guide recommendations.
FlowChart :-not applicable
Algorithm:- not applicable
Code:- not applicable
15BCS1446
Page 22
Chandigarh university
Secured Network Protocol CSC-428
EXPERIMENT- 5 OBJECTIVE: Simulation of ARP / RARP. ARP :- Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network. For example, in IP Version 4, the most common level of IP in use today, an address is 32 bits long. In an Ethernet local area network, however, addresses for attached devices are 48 bits long. (The physical machine address is also known as a Media Access Control or MAC address.) A table, usually called the ARP cache, is used to maintain a correlation between each MAC address and its corresponding IP address. ARP provides the protocol rules for making this correlation and providing address conversion in both directions. ARP Works When an incoming packet destined for a host machine on a particular local area network arrives at a gateway, the gateway asks the ARP program to find a physical host or MAC address that matches the IP address. The ARP program looks in the ARP cache and, if it finds the address, provides it so that the packet can be converted to the right packet length and format and sent to the machine. If no entry is found for the IP address, ARP broadcasts a request packet in a special format to all the machines on the LAN to see if one machine knows that it has that IP address associated with it. A machine that recognizes the IP address as its own returns a reply so indicating. ARP updates the ARP cache for future reference and then sends the packet to the MAC address that replied. Packet structure OF ARP The Address Resolution Protocol uses a simple message format containing one address resolution request or response. The size of the ARP message depends on the upper layer and lower layer address sizes, which are given by the type of networking protocol (usually IPv4) in use and the type of hardware or virtual link layer that the upper layer protocol is running on. The message header specifies these types, as well as the size of addresses of each. The message header is completed with the operation code for request (1) and reply (2). The payload of the packet consists of four addresses, the hardware and protocol address of the sender and receiver hosts.
15BCS1446
Page 23
Chandigarh university
Secured Network Protocol CSC-428
RARP:- (Reverse Address Resolution Protocol) is a protocol by which a physical machine in a local area network can request to learn its IP address from a gateway server's Address Resolution Protocol (ARP) table or cache. A network administrator creates a table in a local area network's gateway router that maps the physical machine (or Media Access Control MAC address) addresses to corresponding Internet Protocol addresses. When a new machine is set up, its RARP client program requests from the RARP server on the router to be sent its IP address. Assuming that an entry has been set up in the router table, the RARP server will return the IP address to the machine which can store it for future use. RARP Works RARP is described in Internet Engineering Task Force (IETF) publication RFC 903.[1] It has been rendered obsolete by the Bootstrap Protocol (BOOTP) and the modern Dynamic Host Configuration Protocol (DHCP), which both support a much greater feature set than RARP. RARP requires one or more server hosts to maintain a database of mappings of Link Layer addresses to their respective protocol addresses. Media Access Control (MAC) addresses need to be individually configured on the servers by an administrator. RARP is limited to serving only IP addresses. Reverse ARP differs from the Inverse Address Resolution Protocol (InARP) described in RFC 2390, which is designed to obtain the IP address associated with a local Frame Relay data link connection identifier. InARP is not used in Ethernet.
Packet structure of RARP
15BCS1446
Page 24
Chandigarh university
Secured Network Protocol CSC-428
FlowChart :-
Algorithm:CLINT:1.Start the program 2. Using socket connection is established between clint and server 3. Get the IP address to be converted into mac address 4. Send this IP address to server 5.Server returns the mac address to clint SERVER 1.Start the program 2.Accept the socket which is created by the client. 3.Server maintains the table in which and corresponding MAC address are stored
15BCS1446
Page 25
Chandigarh university
Secured Network Protocol CSC-428
4.Read the IP address which is send by the client . 5.Map the IP address with its MAC address and return the Mac address to client
Code:-
Client: import java.io.*; import java.net.*; import java.util.*; class Clientarp { public static void main(String args[]) { try { BufferedReader in=new BufferedReader(new InputStreamReader(System.in)); Socket clsct=new Socket("127.0.0.1",139); DataInputStream din=new DataInputStream(clsct.getInputStream()); DataOutputStream dout=new DataOutputStream(clsct.getOutputStream()); System.out.println("Enter the Logical address(IP):"); String str1=in.readLine(); dout.writeBytes(str1+'\n'); String str=din.readLine(); System.out.println("The Physical Address is: "+str); clsct.close(); } 15BCS1446
Page 26
Chandigarh university
Secured Network Protocol CSC-428
catch (Exception e) { System.out.println(e); } } } Server: import java.io.*; import java.net.*; import java.util.*; class Serverarp { public static void main(String args[]) { try { ServerSocket obj=new ServerSocket(139); Socket obj1=obj.accept(); while(true) { DataInputStream din=new DataInputStream(obj1.getInputStream()); DataOutputStream dout=new DataOutputStream(obj1.getOutputStream()); String str=din.readLine(); String ip[]={"165.165.80.80","165.165.79.1"}; String mac[]={"6A:08:AA:C2","8A:BC:E3:FA"}; 15BCS1446
Page 27
Chandigarh university
Secured Network Protocol CSC-428
for(int i=0;ijava Serverarp E:\networks>java Clientarp Enter the Logical address(IP): 165.165.80.80 The Physical Address is: 6A:08:AA:C2
15BCS1446
Page 28
Chandigarh university
Secured Network Protocol CSC-428
EXPERIMENT- 6 OBJECTIVE: Simulating a Wi-Fi Network Wi-Fi is stands for wireless fidelity. Wi-Fi uses the 802.11 standard; it was developed by the Institute of Electrical and Electronics Engineers (IEEE) in 1997. Wi-Fi was superseded by the extensions 802.11a and 802.11b, and later by 802.11g. Wi-Fi technology uses radio communication and operating at a frequency of 2.4GHz. IEEE 802.11 standards?[vi]
802.11 is the original wireless local area networks standard. It supports 1 Mbps to 2 Mbps. 802.11a is a very high speed wireless local area networks standard for 5 GHz band and it supports 54 Mbps. It uses an orthogonal frequency division multiplexing (OFDM) encoding scheme. 802.11b is a wireless standard for 2.4 GHz band. It supports 11 Mbps. 802.11b uses only DSSS( Direct Sequence Spread Spectrum). 802.11d is a international roaming. This automatically configures devices to meet local RF regulations. 802.11e address the quality of service requirements for all IEEE wireless radio interfaces. 802.11f defines inter-access point communications to facilitate multiple vendor-distributed wireless local area networks. 802.11g establishes an additional modulation technique for 2.4 GHz band. This supports speeds up to 54 Mbps. 802.11h defines the spectrum management of the 5 GHz band. 802.11i address the current security weaknesses for both authentication and encryption protocols. 802.11n provides higher throughput improvements. It also provides speeds up to 500 Mbps.
Parameter Standard approved Available bandwidth No. of overlapping channel Frequency Typical Data Rate Maximum Data Rate Range Compatibility Advantages 15BCS1446
802.11a
802.11b
<802.11g
Sept 1999
Sept 1999
June 2003
300MHz
83.5MHz
83.5MHz
4
3
3
5GHz
2.4GHz
2.4GHz
23 Mbit/s
4.5 Mbit/s
19 Mbit/s
54 Mbit/s
11 Mbit/s
54 Mbit/s
115 feet None
115 feet None
125 feet backward compatible with b fast
fast maximum
lowest cost
Page 29
Chandigarh university
Secured Network Protocol CSC-428
speed regulated frequencies prevent signal interference from other devices
signal range is good and not easily obstructed
maximum speed signal range is good and not easily obstructed
highest cost shorter range signal that is more easily obstructed
slowest maximum speed home appliances may interfere on the unregulated frequency band
costs more than 802.11b appliances may interfere on the unregulated signal frequency
Dis-advantages
The basic difference between 802.11a,802.11b and 802.11g are given below : Hardware Requirements for Wi Fi Access Point :-Access Point acts as a bridge between the wireless devices and wired network. It allows multiple devices to connect through it for accessing the network. An AP can also act as a router by which the data transmission can be possible from one access point to another. Wireless Network Card :- A wireless network card is required on each device on a wireless network. A laptop usually has an expansion slot which the network card would fit in to. A desktop computer would need an internal card, which will usually have a small antenna or an external antenna on it. These antennas are optional on most equipment and they help to increase the signal on the card. Transmitter :-A transmitter is basically used for emitting the wireless signals and it also receive the connection requests where a wireless client will send the requests and receives the replies from the transmitter. Here the transmitter is the wireless router. SIMULATE WIFI NETWORK USING CISCO PACKET TRACER
15BCS1446
Page 30
Chandigarh university
15BCS1446
Secured Network Protocol CSC-428
Page 31
Chandigarh university
15BCS1446
Secured Network Protocol CSC-428
Page 32
Chandigarh university
FlowChart :-not applicable
Algorithm:- not applicable
Code:- not applicable
15BCS1446
Secured Network Protocol CSC-428
Page 33
Chandigarh university
Secured Network Protocol CSC-428
EXPERIMENT NO:7 OBJECTIVE: Measuring network performance Introduction Network performance is the analysis and review of collective network statistics, to define the quality of services offered by the underlying computer network. It is a qualitative and quantitative process that measures and defines the performance level of a given network. It guides a network administrator in the review, measure and improvement of network services . Network Performance measures The following measures are often considered important:
Bandwidth commonly measured in bits/second is the maximum rate that information can be transferred Throughput is the actual rate that information is transferred Latency the delay between the sender and the receiver decoding it, this is mainly a function of the signals travel time, and processing time at any nodes the information traverses Jitter variation in packet delay at the receiver of the information Error rate the number of corrupted bits expressed as a percentage or fraction of the total sent
Network Performance Tools Host Monitor: Host Monitor is another useful tool that a network administrator can use. It monitors and analysis’s all traffic flowing through the network, it checks hosts status and statistics and reports them in log files and reports.
GFI Network Server: Monitor GFI works on both Windows and Linux platforms. It maximizes the availability of the network by monitoring all stations connected to the network, (i.e. workstations, servers, routers, switches printers etc.) It checks for failures and irregularities and will send alerts by multiple media to the network administrator when it detects a fault. GFI’S Monitoring service and its management service run on separate 15BCS1446
Page 34
Chandigarh university
Secured Network Protocol CSC-428
interfaces. The network engine is multi-threaded and can run up to 40 checks simultaneously. This makes it a good platform for both small and large organisations as it is easily scalable GFI Network Server Monitor can check the status of a terminal server by actually performing a complete login and checking if the session is established correctly. GFI Network Server Monitor can check the availability of all leading database applications. GFI Network Server Monitor includes extensive checks for monitoring Linux servers.
Argus: Argus is a real-time flow monitor, which checks metrics such as connectivity, delay, packet loss, capacity and jitter on a per transaction basis. It supports Linux, Solaris, FreeBSD, OpenBSD, NetBSD, and MAC OS X Argus can be used for security management, Network Billing, Network oprations management and performance management. It can be used to monitor specific individual sectins of the network or the entire enterprise
SmokePing : SmokePing works on a Unix platform and is an open source software. It measures and stores Latency in the network. It stores long term data and can graphically display the information in an easy to read format. It has a smart alarm system which will trigger alarms for anticipated Latency of loss based on predefined patterns.
15BCS1446
Page 35
Chandigarh university
Secured Network Protocol CSC-428
Axence NetVision: NetVision is relatively recent, developed in 2006. It runs on all platforms. Once it runs, it detects all hosts on the entire network and scan the services running on them. It displays the hosts on an interactive map along with the critical information, making it easy for the administrator to visually check for potential problems
PRTG Network Monitor :PRTG Network Monitor monitors system availability using a variety of methods from simple ping through SNMP and WMI protocols to specific tasks such as HTTP, DNS, and Remote Desktop availability using various sensors. Using specific sensors for specific machines, an administrator can monitor service availability – including Exchange and SQL- and be notified instantly of problems. Also PRTG comes with some bandwidth monitoring sensors, so you can ensure that malware designed to do DoS, "phone home" ,and other overload activities are not operating on your network.
15BCS1446
Page 36
Chandigarh university
FlowChart :-not applicable
Algorithm:- not applicable
Code:- not applicable
15BCS1446
Secured Network Protocol CSC-428
Page 37
Chandigarh university
Secured Network Protocol CSC-428
EXPERIMENT NO:8 OBJECTIVE: Introduction to IEEE 802.15.4 and ZigBee IEEE 802.15.4 :-The Institute of Electrical and Electronics Engineers (IEEE) supports many working groups to develop and maintain wireless and wired communications standards. For example, 802.3 is wired Ethernet and 802.11 is for wireless LANs (WLANs), also known as Wi-Fi. The 802.15 group of standards specifies a variety of wireless personal area networks (WPANs) for different applications. For instance, 802.15.1 is Bluetooth, 802.15.3 is a highdata-rate category for ultra-wideband (UWB) technologies, and 802.15.6 is for body area networks (BAN). There are several others.The 802.15.4 standard defines the physical layer (PHY) and media access control (MAC) layer of the Open Systems Interconnection (OSI) model of network operation (Fig. 1). The PHY defines frequency, power, modulation, and other wireless conditions of the link. The MAC defines the format of the data handling. The remaining layers define other measures for handing the data and related protocol enhancements including the final application.
Most networking systems, both wired and wireless, use the OSI communications model. Most systems also use at least the first four layers, but many do not use all seven layers. More specifically, Figure 2 shows the layer 1 and layer 2 details of 802.15.4.
15BCS1446
Page 38
Chandigarh university
Secured Network Protocol CSC-428
802.15.4 standard uses only the first two layers plus the logical link control (LLC) and service specific convergence sub-layer (SSCS) additions to communicate with all upper layers as defined by additional standards. The goal of the standard is to provide a base format to which other protocols and features could be added by way of the upper layers .While three frequency assignments are available, the 2.4-GHz band is by far the most widely used (see the table). Most available chips and modules use this popular ISM band.
The standard uses direct sequence spread spectrum (DSSS) modulation. It is highly tolerant of noise and interference and offers coding gain to improve link reliability.With regard to channel access, 802.15.4 uses carrier sense multiple access with collision avoidance (CSMACA). This multiplexing approach lets multiple users or nodes access the same channel at different times without interference.Transmission range varies considerably depending on the 15BCS1446
Page 39
Chandigarh university
Secured Network Protocol CSC-428
nature of the path that must for the most part be line of sight (LOS). Transmit power level and receiver sensitivity are also factors. Under the best conditions the range can be as great as 1000 meters with a clear outdoor path. Most applications cover a shorter range of 10 to 75 meters. All communications between nodes must pass through the central coordinator node. A basic peer-to-peer (P2P) topology is also defined (Fig. 3b). Any device may then talk to any other device. This basic topology may be expanded into other topologies in the upper network layers, such as the popular mesh topology.
3. The 802.15.4 standard defines the star (a) and peer-to-peer (b) common network topologies. ZigBee The most widely deployed enhancement to the 802.15.4 standard is ZigBee, which is a standard of the ZigBee Alliance. The organization maintains, supports, and develops more sophisticated protocols for advanced applications.These enhancements include authentication with valid nodes, encryption for security, and a data routing and forwarding capability that enables mesh networking. The most popular use of ZigBee is wireless sensor networks using the mesh topology.
15BCS1446
Page 40
Chandigarh university
Secured Network Protocol CSC-428
ZigBee is also available in a version that supports energy harvesting where no battery or ac mains power is available. And, one of the key benefits of ZigBee is the availability of predeveloped applications. These upper-layer software additions implement specialized uses for ZigBee. Some of these applications include: • Building automation for commercial monitoring and control of facilities • Remote control (RF4CE or RF for consumer electronics) • Smart energy for home energy monitoring • Health care for medical and fitness monitoring • Home automation for control of smart homes • Input devices for keyboards, mice, touch pads, wands, etc. • Light Link for control of LED lighting
15BCS1446
Page 41
Chandigarh university
Secured Network Protocol CSC-428
• Retail services for shopping related uses • Telecom services • Network services related to large mesh networks The ZigBee Alliance also offers full testing and certification of ZigBee-enabled products to ensure interoperability. ZigBee has been around for more than 10 years now and is widely used. It is a great option for many applications. For some simpler communications projects it may be overkill with its extra complexity and cost. Plain old 802.15.4 may be a better choice in such cases.
FlowChart :-not applicable
Algorithm:- not applicable
Code:- not applicable
EXPERIMENT NO:9 15BCS1446
Page 42
Chandigarh university
Secured Network Protocol CSC-428
OBJECTIVE:- Nodes Configuration in ZigBee network. ZigBee networks are called Personal Area Networks or PANs. In the ZigBee protocol, the only node that can start a new network is the coordinator. For that reason, each ZigBee network must have one coordinator. XBee Gateway includes a built-in XBee ZigBee node already configured as coordinator. Therefore, as soon as you power on the XBee Gateway device, your ZigBee network is initialized. To start a network, the coordinator must automatically choose a PAN identifier (PAN ID) and the operating channel for that network. Once those parameters are established and the network is initialized, the coordinator and routers can allow other devices (other routers or end devices) to join the network and route data. Each network is defined with a unique PAN identifier (PAN ID). This identifier is common among all devices of the same network. That is, devices on the same ZigBee network must share the same PAN ID in order to communicate with each other. When you power on a coordinator, it automatically establishes the PAN ID or uses a pre-configured one when it creates the new network.
If the PAN ID of the coordinator is 0, it performs a PAN scan to identify nearby Zig Bee networks and uses a random unused PAN ID to start the new network. By default, an XBee Gatewaycoordinator is configured to generate a random PAN ID.
If the PAN ID for a router or end device is 0, it performs a PAN scan and tries to join any available ZigBee network it finds.
You can connect to an XBee ZigBee module that is configured as a router node to the network initialized by XBee Gateway. By default, the PAN ID of this ZigBee module is configured to 0. Therefore, if you power on the XBee ZigBee module and there is no other ZigBee network around, the module joins the ZigBee network initialized by XBee Gateway automatically. The joining operation occurs when the Association LED of the board on which the XBee ZigBee module is mounted starts blinking. The 802.15.4 PHY (physical layer) protocol description defines 16 operating channels in the 2.4 GHz frequency band. Before starting the network, the coordinator automatically performs a channel scan to select a good channel to use for the network. You can configure all the ZigBee nodes in a network with the channel or channels on which they operate. ZigBee defines three different device types: coordinator, router, and end device. Coordinator ZigBee networks always have a single coordinator device. This device Starts the network, selecting the channel and PAN ID.Distributes addresses, allowing routers and end devices to join the network.Buffers wireless data packets for sleeping end device children.
15BCS1446
Page 43
Chandigarh university
Secured Network Protocol CSC-428
The coordinator manages the other functions that define the network, secure it, and keep it healthy. This device cannot sleep and must be powered on at all times. Router A router is a full-featured ZigBee node. This device can join existing networks and send, receive, and route information. Routing involves acting as a messenger for communications between other devices that are too far apart to convey information on their own. Can buffer wireless data packets for sleeping end device children. Can allow other routers and end devices to join the network.Cannot sleep and must be powered on at all times.May have multiple router devices in a network End device An end device is essentially a reduced version of a router. This device can join existing networks and send and receive information, but cannot act as messenger between any other devices.Cannot allow other devices to join the network. Uses less expensive hardware and can power itself down intermittently, saving energy by temporarily entering a nonresponsive sleep mode.Always needs a router or the coordinator to be its parent device. The parent helps end devices join the network and stores messages for them when they are asleep. ZigBee networks may have any number of end devices. In fact, a network can be composed of one coordinator, multiple end devices, and zero routers. configuring ZigBee nodes XBee ZigBee Cloud Kit includes an XBee ZigBee module configured as router node. If you want your ZigBee routers or end devices to connect to a ZigBee network with a specific PAN ID, you must configure the ZigBee routers to use the specific PAN ID for the ZigBee network. You must install XCTU on your computer. If you do not have XCTU installed, go to http://www.digi.com/xctu to download and install XCTU. To configure other ZigBee nodes with a custom PAN ID: 1. Attach the XBee ZigBee node to the XBee development board included in the XBee ZigBee Cloud Kit, and connect it to your computer using a USB cable. 2. Open XCTU and add the XBee node that is connected to your computer to the list of radio modules. 3. Select the node and wait for the application to read all its settings. 4. Under the Networking category, replace the current PAN ID with your custom PAN ID in the ID PAN ID field.
15BCS1446
Page 44
Chandigarh university
Secured Network Protocol CSC-428
5. Click the Write radio settings button to save the new PAN ID in the XBee module As soon as you save the new PAN ID in the XBee RF module, the module tries to connect to the ZigBee network that has the PAN ID that you configured.
FlowChart :-not applicable
Algorithm:- not applicable
Code:- not applicable
15BCS1446
Page 45
Chandigarh university
Secured Network Protocol CSC-428
EXPERIMENT NO:10 OBJECTIVE: Network Topologies used in ZigBee network. ZigBee uses the IEEE 802.15.4 2003 specification for its physical layer and MAC layer. IEEE 802.15.4 offers star, tree, cluster tree, and mesh topologies; however, ZigBee supports only star, tree, and mesh topologies. It uses an association hierarchy; a device joining the network can either be a router or an end device, and routers can accept more devices.
Star topology: The star topology consists of a coordinator and several end devices (nodes), as shown in Figure 2.2. In this topology, the end device communicates only with the coordinator. Any packet exchange between end devices must go through the coordinator. The disadvantage of this topology is the operation of the network depends on the coordinator of the network, and because all packets between devices must go through coordinator, the coordinator may become bottlenecked. Also, there is no alternative path from the source to the destination. The advantage of star topology is that it is simple and packets go through at most two hops to reach their destination.
Figure 2.2 Star topology
Tree topology: In this topology, the network consists of a central node (root tree), which is a coordinator, several routers, and end devices, as shown in Figure 2.3. The function of the router is to extend the network coverage. The end nodes that are connected to the coordinator or the routers are called children. Only routers and the coordinator can have children. Each end device is only able to communicate with its parent (router or coordinator). The coordinator and routers can have children and, therefore, are the only devices that can be parents. An end device cannot have children
15BCS1446
Page 46
Chandigarh university
Secured Network Protocol CSC-428
and, therefore, may not be a parent. A special case of tree topology is called a cluster tree topolo gy.
Figure 2.3 Tree topology The disadvantages of tree topology are
a. If one of the parents becomes disabled, the children of the disable parent cannot communicate with other devices in the network. b. Even if two nodes are geographically close to each other, they cannot communicate directly. Cluster tree topology: A cluster tree topology is a special case of tree topology in which a parent with its children is called a cluster, as shown in Figure 2.4. Each cluster is identified by a cluster ID. ZigBee does not support cluster tree topology, but IEEE 802.15.4 does support it.
15BCS1446
Page 47
Chandigarh university
Secured Network Protocol CSC-428
Figure 2.4 Cluster tree topology
Mesh topology: Mesh topology, also referred to as a peer-to-peer network, consists of one coordinator, several routers, and end devices, as shown in Figure 2.5. The following are the characteristics of a mesh topology: A mesh topology is a multihop network; packets pass through multiple hops to reach their destination. The range of a network can be increased by adding more devices to the network. It can eliminate dead zones. A mesh topology is self-healing, meaning during transmission, if a path fails, the node will find an alternate path to the destination. Devices can be close to each other so that they use less power. Adding or removing a device is easy. Any source device can communicate with any destination device in the network. Compared with star topology, mesh topology requires greater overhead. Mesh routing uses a more complex routing protocol than a star topology.
15BCS1446
Page 48
Chandigarh university
Secured Network Protocol CSC-428
In the peer-to-peer topology, there is also one PAN coordinator. In contrast to star topology, any device can communicate with any other device as long as they are in range of one another. A peer-to-peer network can be ad hoc, self-organizing, and self-healing. Applications such as industrial control and monitoring, wireless sensor networks and asset and inventory tracking would benefi t from such a topology. It also allows multiple hops to route messages from any device to any other device in the network. It can provide reliability by multipath routing.
15BCS1446
Page 49