If you can't read please download the document
Upload
-
View
219
Download
2
Embed Size (px)
Citation preview
Lectures/LAN-Lec01-Introduction.ppt
1
..
2007
. ..
-
"" (, , )
("" )
( )
( ) (CD/DVD-ROM, flash- ..)
,
file.txt
,
, ,
(+)
(-) ,
(-)
MSOffice
MSOffice
MSOffice
MSOffice
-
-
,
,
, (, )
,
, -
-
, ,
,
-
-
C:
D:
E:
C:
D:
-
-
,
-
; ,
..
,
,
Windows , (Remote Registry, MMC,)
Web- (swat)
,
(, Windows XP/Vista)
(Remote Desktop, PC Anywhere, RAdmin ..)
,
telnet/ssh (UNIX)
X Window , (), ,
Windows NT 4.0 Terminal Server Windows
,
(, )
..
, ,
, ,
, ,
,
(1)
, (, )
(, MPI)
(2)
,
,
(2)
,
,
Message Passing Interface (MPI, ) ,
MPI , ,
MPI
MPI,
- (ICQ, MSN-messenger,)
(Skype,)
..
- .
.. , .. . . , , . : , 2001.
TCP/IP. Microsoft Windows 2000 Server. .: , 2001.
Lectures/LAN-Lec02-Architecture.ppt
2
..
2007
. ..
Windows
/;
;
;
;
,
?
(, )
DOS
ipx.com
ipx.com
(, net.exe)
DOS
ipx.com
:
?
?
DOS?
N
1
( )
N-1
2
( )
DOS (2)
lsl.com
3c509.com -
ipxodi.com -
(, net.exe)
lsl.com
ipxodi.com
3c509.com
DOS (2)
lsl.com ipxodi.com
, (),
?
lsl.com, ipxodi.com
3c509.com
Windows
Windows
( NT/2000/XP/)
TDI
NDIS
Windows
(Network Interface Card, NIC) ,
NIC
(IRQ number)
- (I/O Base)
Windows
Network Driver Interface Specification (NDIS) ,
NDIS
NIC
Windows
Transport Driver Interface (TDI) .
TCP/IP
NWLink ( IPX/SPX, Microsoft Windows)
NetBEUI (NetBIOS Extended User Interface)
(DLC, IrDA,)
Windows
API
Winsock API
NetBIOS API
Telephony API
Messaging API
WNet API
Windows
(InterProcess Communication, IPC)
DCOM (Distributed Component Object Model)
RPC (Remote Procedure Call)
Pipes
MailSlots
Windows
Windows
""
" "
Windows
( NT/2000/XP/)
TDI
NDIS
DCOM
RPC
Pipes
MailSlots
Winsock
TAPI
NetBIOS API
TCP/IP
NetBEUI
NWLink
Windows
(binding)
(, ), ,
a 1
NIC1
TDI
TCP/IP
NetBEUI
a 2
NIC2
NDIS
N
1
N-1
2
, ;
, ;
, ;
, ;
,
. , , ,
,
,
, , (header) / (trailer),
,
N
1
N-1
2
, ,
,
N
1
N-1
2
/
, , i- , i- , ()
/
N
1
N-1
2
N
1
N-1
2
/
N- N
, ,
, ,
(Open Systems Interconnection Reference Model), 1
TCP/IP. Microsoft Windows 2000 Server. .: , 2001.
.. , .. . . , , . : , 2001.
Lectures/LAN-Lec03-OSIRM-1.ppt
3
ISO/OSI (.1)
..
2007
. ..
(Open Systems Interconnection Reference Model)
ISO/OSI
(IBM, Honeywell, Digital .) , , ,
1978 . (International Standards Organization, ISO) , Open Systems Interconnection (OSI) Reference Model
ISO/OSI
,
, ,
ISO/OSI
OSI , - -
,
,
,
, , ,
ISO/OSI
(Application)
(Data Link)
(Presentation)
(Session)
(Transport)
(Network)
(Physical)
ISO/OSI Reference Model
OSI ( )
( )
(TCP/IP)
ISO/OSI
, , ,
( , , , )
( )
( )
t
U
1
1
1
1
1
0
0
0
/
(transmitter-receiver) , ,
10Base5, 10Base2, 10BaseT Ethernet
ISO/OSI
(frame)
, , ,
MAC- (MAC Media Access Control)
A
B
MAC- MAC-
A
B
MACA
MACB
MACA
MACB
,
A
B
MACA
MACB
CRC (Cyclical Redundancy Check)
CRC ,
CRC , , (, Ethernet 2-32)
A
B
MACA
MACB
,
, ( ) . .
, , . .
, ,
( ), , ,
Ethernet
Token Ring
FDDI
ISO/OSI
(Open Systems Interconnection Reference Model), 2
TCP/IP. Microsoft Windows 2000 Server. .: , 2001.
.. , .. . . , , . : , 2001.
Lectures/LAN-Lec04-OSIRM-2.ppt
4
ISO/OSI (.2)
..
2007
. ..
(Open Systems Interconnection Reference Model)
ISO/OSI
, , ,
A B?
A
B
C D
,
A
B
C
D
- ,
,
(hop)
,
,
1
A
B
2
3
C
D
1
2
1
1
2
2
A: 1.1
C: 1.2 2.1
D: 2.2 3.1
B: 3.2
1
A
B
2
3
C
D
1
2
1
1
2
2
,
,
,
, (" ")
()
" ", ,
, , ,
, , , ,
() ;
( )
,
A
1
A
B
2
3
C
D
1
2
1
1
2
2
..
11.11
21.22
21.23
( )
, ( )
A (1.1) 1.2 , MAC- 1.2
1
A
C
1
2
MACA
MACB
, , (MTU Maximum Transmission Unit)
, , ,
Ethernet
MTU = 1500
A
C
, ,
IP TCP/IP
IPX Novell
ISO/OSI
( ) ,
(, , )
A
B
A1
A2
A3
B1
B2
B3
, " + "
, TCP/IP IP-:N
A
B
A1
A2
A3
B1
B2
B3
2
, ,
,
1
2
,
,
,
( )
1
2
, , " ", ""
A
B
A1
A2
A3
B1
B2
B3
( )
(Open Systems Interconnection Reference Model), 3
IEEE 802
TCP/IP. Microsoft Windows 2000 Server. .: , 2001.
.. , .. . . , , . : , 2001.
Lectures/LAN-Lec05-OSIRM-3.ppt
5
ISO/OSI (.3)
..
2007
. ..
(Open Systems Interconnection Reference Model)
IEEE 802
ISO/OSI
, ,
, NetBIOS- 16- , NetBIOS- , , , 15 ,
A
B
A
_
_
_
_
0
A
_
_
_
_
_
B
_
_
_
_
0
B
_
_
_
_
_
,
A
B
A
_
_
_
_
0
A
_
_
_
_
_
B
_
_
_
_
0
B
_
_
_
_
_
A.A
MACA
B.B
MACB
, ,
A
B
A
_
_
_
_
0
A
_
_
_
_
_
B
_
_
_
_
0
B
_
_
_
_
_
,
, , ,
A
B
A
_
_
_
_
0
A
_
_
_
_
_
B
_
_
_
_
0
B
_
_
_
_
_
,
,
, , ,
ISO/OSI
,
, .
A
B
: x86
: Windows
: POWER
: Linux
char name[4] = "";
short num = 4096;
char name[4] = "";
short num = 16;
,
A
B
: x86
: Windows
: POWER
: Linux
char name[4] = "";
short num = 4096;
char name[4] = "";
short num = 4096;
ASCII EBCDIC
cp866, CP-1251, ISO-8859-5,
KOI8-R ..
CR CR/LF
SSL (Secure Socket Layer), TCP/IP
ISO/OSI
IEEE 802
IEEE 802
IEEE 802 .
IEEE Institute of Electrical and Electronics Engineers
802 1980
IEEE 802
802
(ISO) ISO 8802
(ANSI)
..
IEEE 802
IEEE 802 OSI
(Logical Link Control, LLC)
(Media Access Control, MAC)
IEEE 802
802.1 802,
802.2 (LLC)
802.3 (Carrier Sense Multiple Access with Collision Detection, CSMA/CD)
802.4 (Token Bus)
802.5 (Token Ring)
802.6 (Metropolitan Area Network, MAN)
IEEE 802
802.7
802.8
802.9
802.10
802.11
802.12 (Demand Priority Access LAN, 100BaseVG-AnyLan)
IEEE 802
IEEE 802
TCP/IP. Microsoft Windows 2000 Server. .: , 2001.
.. , .. . . , , . : , 2001.
Lectures/LAN-Lec06-Topologies.ppt
6
..
2007
. ..
(, , )
, ,
,
(bus)
(star)
(ring)
""
, . , , MAC-
?
, ,
, . , . , .
, . .
""
NIC
,
""
( ),
, 80-
"" (hub),
. , "" , .
, "" ,
/
.
""
NIC
( )
, "" , ""
""
UpLink-
""
, ,
, ( " ")
"" ,
/?
,
. , "",
()
()
()
NIC
, ""
()
NIC
( ())
, , "" ()
, Token Ring,
()
, ,
()
"" ( )
()
"" ()
( , , )
, , ,
()
"" ()
, ,
.. , .. . . , , . : , 2001.
Lectures/LAN-Lec07-Cables.ppt
7
..
2007
. ..
( -)
( )
, ( )
. ( ),
""
,
. ,
, ,
( ) ( )
. :
().
( , )
Ethernet ( 10Base-5)
EIA/TIA-568 ( RG-8 RG-11)
EIA/TIA-568A
1/12" 2,17
1/2" 12
50
10Base-5
500
50
"5-4-3"
5
4 ,
3 ( )
2500
10Base-5
, (vampire tap, " ")
NIC AUI (Attachment Unit Interface), 4
DB-15
AUI 50
100
2,5
10Base-5
AUI
-
Ethernet ( 10Base-2)
EIA/TIA-568
RG-58 /U
RG-58 A/U
RG-58 C/U RG-58 A/U
EIA/TIA-568A
1/30" 0,85
5
50
10Base-2
185
50
"5-4-3"
5
4 ,
3 ( )
925
10Base-2
NIC BNC (British Naval Connector)
BNC-
BNC- BNC T-, , , BNC- NIC
30
0,5
10Base-2
BNC-, ,
BNC-
BNC T-
BNC
BNC -
10Base-2
( , 10Base-5)
10Base-5
, ,
. "" "".
- , . - ( 4), .
(Unshielded Twisted Pair, UTP)
(Shielded Twisted Pair, STP) ,
Screened Twisted Pair (ScTP)
Foiled Twisted Pair (FTP)
Pair in Metal Foil (PiMF) , -
..
(Ethernet, Token Ring, ATM ..)
EIA/TIA-568 EIA/TIA-568A UTP
IBM (Type1, Type2 ..) UTP STP
UTP
1
( 20 /c)
2
2 IBM
4 /
UTP
3 (1991 .)
" " (EIA-568) 3 16
10 /c
100
4 (1993 .)
20
3 ( 16 /)
100
UTP
5
5 100
100
6
6 200 ( 250)
7
7 600
8- RJ-45
EIA/TIA-568 /
2
EIA/TIA-T568A
-
-
-
-
EIA/TIA-T568B
-
-
-
-
EIA/TIA-568 2
(T568A T568B)
()
( T568A, T568B)
,
10Base-T
3
100
"4 ": 4
( ) 500
- ,
, ( , )
(, )
MIC, ST, SC
( )
5-10
/
50-60 ( : 50/125 62,5/125 )
500-800
,
1,55 , 1,3 , 0,85
( )
, , ( )
.
, , 25
10Base-F
(2 )
500-800 1
FOIRL (Fiber Optic Inter-Repeater Link)
1000
4-
2500 ( , )
10Base-FL
2000
4-
2500
10Base-FB
2000
5- (!)
2740
,
.. , .. . . , , . : , 2001.
Lectures/LAN-Lec08-Coding.ppt
8
,
..
2007
. ..
( )
, , , [1]
( )
( )
( )
. "" (.. )
() ( )
() ( )
()
ISO/IEC 11801
EN 50173
ANSI/TIA/EIA 568-
( )
, ,
( )
, - ,
,
5-10
( ) 25
Wi-Fi (Wireless Fidelity)
2-15 (Access Point, AP), 50 ,
25
2
( )
( )
5-10 / ( ) 100 /
( .)
(, )
,
-
t
t
,
t
t
,
t
t
, . ,
Not Return to Zero (NRZ)
Not Return to Zero with ones Inverted (NRZi)
Multi-Level Transition-3 (MLT-3)
Return to Zero (RZ)
2B1Q
NRZ
Not Return to Zero (NRZ)
, ( )
( )
RS232
t
0
1
0
1
1
0
0
0
NRZi
Not Return to Zero with ones Inverted (NRZi)
,
t
0
1
0
1
1
0
0
0
MLT-3
Multi-Level Transition-3 (MLT-3)
: +U, 0, -U, 0, +U, 0,
, NRZ
t
0
1
0
1
1
0
0
0
RZ
Return to Zero (RZ)
,
t
0
1
0
1
1
0
0
0
(-II)
,
2
Ethernet, Token Ring
t
0
1
0
1
1
0
0
0
2B1Q
2B1Q
4 2 , : 00 -U1, 01 -U2, 10 +U2, 11 +U1
t
0
1
0
1
1
0
0
0
, ,
,
4B/5B 4 5, ( FDDI Fast Ethernet)
8B/6T 8 6 3
, (Ai) (Bi-1,Bi-2,),
Bi = Ai ^ Bi-1 ^ Bi-2
,
-
( )
Ethernet
Token Ring
.. , .. . . , , .
: , 2001.
.., .. .
: ., 2005
Lectures/LAN-Lec09-LANTechnologies.ppt
9
..
2007
. ..
Ethernet
Token Ring
, ( / )
ALOHA
CSMA/CD
CSMA/C
CDMA
ALOHA
ALOHA
, . .
,
, , ,
CSMA/CD
Carrier Sensitive Multiple Access with Collision Detection (CSMA/CD)
,
, ( )
, ,
ALOHA ( ) , ALOHA , CSMA/CD
CSMA/CD
, CSMA/CD ,
, ,
, A , B ( ), B , , A
, , , , A,
A
B
CSMA/CD
CSMA/CD
, , ,
(% ),
CSMA/CD
CSMA/CA
Carrier Sensitive Multiple Access with Collision Avoidance (CSMA/CA)
, N
0 N-1
, N
, 1 ( )
, ,
CSMA/CA
t
1
0
0
1
0
1
2
3
1
1
1
0
0 3, 0,1 2
CSMA/CA
CSMA/CA
, N (N /etc/mail/sendmail.cf
sendmail
service sendmail restart
smtp.mydomain.ru
Sendmail B
b.ru
smtp.mydomain.ru
smtp.b.ru
sendmail smtp.mydomain.ru
A 9
/etc/mail/virtusertable
@b.ru%[email protected]
sendmail smtp.b.ru
define(`SMART_HOST',`smtp:smtp.linux.ru')dnl,
smtp.mydomain.ru
smtp.b.ru
Sendmail C
.ru
smtp.mydomain.ru
smtp..ru
sendmail smtp.mydomain.ru
A 7 9
c.ru
useradd ru_c
...
/etc/mail/virtusertable
@c.ruru_c
smtp.mydomain.ru
smtp..ru
Sendmail C
sendmail smtp.c.ru
define(`SMART_HOST',`smtp:smtp.linux.ru')dnl,
fetchmail, /root/fetchmail.cf
poll smtp.mydomain.ru with proto POP3
localdomains c.ru
no envelope
no dns
user "ru_c" with password "password" is
local_user1
local_user2
local_user3
here
smtp.mydomain.ru
smtp..ru
Dynamic Host Configuration Protocol (DHCP) TCP/IP
,
TCP/IP. Microsoft Windows 2000 Server. .: , 2001.
.. , .. . . , , .
: , 2001.
Lectures/LAN-Lec17-TCPIP_Security.ppt
17
..
2007
. ..
, ,
(sniffing)
(man-in-the-middle),
(spoofing)
,
(denial of service, DOS)
, , , , ..
, , ..
,
, -
() ( ),
,
( , )
,
, "" (, public) "" (, private) , "" "",
-
( )
(non-repudiation)
,
,
GenericKey
PrivateKeyA
PublicKeyA
PublicKeyB
A
B
GenericKey
PrivateKeyB
PublicKeyB
PublicKeyA
(integrity) ,
-,
,
GenericKey
PrivateKeyA
PublicKeyA
PublicKeyB
A
B
GenericKey
PrivateKeyB
PublicKeyB
PublicKeyA
-
(confidentiality)
, ,
GenericKey
PrivateKeyA
PublicKeyA
PublicKeyB
A
B
GenericKey
PrivateKeyB
PublicKeyB
PublicKeyA
(authentication) , ,
()
A
B
()
(replay prevention)
, IP-
, , ,
,
M- , S1() S2() , D1() D2()
, ,
A = D1(S1(M)) = D2(S2(M)) = D2(D1(S1(S2(M))))
A = D1(D2(S1(S2(M))))
: -
A M
A B , S1(M)
B A S2(S1(M))
A B D1(S2(S1(M)))
B D2(D1(S2(S1(M)))) = A
S1(M)
A
B
S1()
D1()
M
S2()
D2()
S2(S1(M))
D1(S2(S1(M)))
D2(D1(S2(S1(M))))
M
, ,
(Key Distribution Center, KDC), /
KDC (-)
( )
IPSec
IPSec (IP-Security) IP-, "-"
IP-
Encapsulated Security Payload (ESP) - IP- (Blowfish, 3DES).
Authentication Header (AH) IP- IP
(Security Association, SA) IPSec, () ,
( ) '' '' ( )
(Virtual Private Network, VPN)
Virtual Private Network
IP
,
IP-
IP- ( ); (Network Address Translation, NAT)
IP-
Virtual Private Network
, VPN-1 192.168.1.0/24 192.168.2.0/24, ESP VPN-2, 192.168.2.0/24
VPN- 1
VPN- 2
192.168.2.0/24
192.168.1.0/24
IP1=192.168.1.1
IP2=A.B.C.D
IP1=192.168.2.1
IP2=E.F.G.H
, ,
IP- iptables ( , 2.4 2.6 Linux)
iptables
iptables
IP- , IP-
, ( TCP UDP)
TCP
IP
,
iptables
iptables
iptables (, chains) ,
,
,
iptables
5
1 PREROUTING
2 FORWARD
3 POSTROUTING
4 INPUT
5 OUTPUT
,
TCP/IP
NIC
1
2
3
4
5
iptables
IP- 3 ( )
filter ;
4 INPUT
2 FORWARD
5 OUTPUT
nat (Network Address Translations, NAT);
1 PREROUTING
3 POSTROUTING
5 OUTPUT
mangle ;
iptables
mangle PREROUTING
nat PREROUTING
mangle FORWARD
filter FORWARD
mangle POSTROUTING
nat POSTROUTING
,
mangle PREROUTING
nat PREROUTING
mangle INPUT
filter INPUT
mangle OUTPUT
nat OUTPUT
filter OUTPUT
mangle POSTROUTING
nat POSTROUTING
iptables
iptables
iptables [opts] [-t table] [-com] [parms]
/
//
//
..
filter
iptables-save iptables-restore
iptables
filter
filter
IP- IP-
NIC
TCP TCP
UDP
ICMP ICMP
mac MAC- ,
state
limit
..
iptables
filter
filter
ACCEPT
REJECT , ICMP-
ICMP-
DROP , ICMP-
_
RETURN ,
LOG
iptables
nat
IP-
IP- IP- , ,
NAT
SNAT MASQUERADE IP- /
DNAT IP- ( , )
;
- ,
.. : . :., 2005 .
TCP/IP. Microsoft Windows 2000 Server. .: , 2001.