Networking and Unix
X52.9547 (also known as Y12.1009)
Section 1

Contents

  1. Here’s a syllabus that’s more detailed than the catalog descriptions for X52.9547 and Y12.1009.
  2. How far did we get in the Handouts? What’s the homework?
  3. Bibliography, Handouts and errors in the Fall 2005 Handouts.
  4. Source code
  5. RFC’s and other networking resources
  6. List of students
  7. Touch sensitive class photos
    1. Fall 2005 Section 1 (Thursday)
    2. Fall 2004 Section 1 (Thursday)
    3. Summer 2004 Section 1 (Thursday)
    4. Fall 2003 Section 1 (Thursday)
    5. Summer 2003 Section 1 (Thursday)
    6. Spring 2003 Section 1 (Thursday)
    7. Fall 2002 Section 1 (Thursday)
    8. Summer 2002 Section 1 (Thursday)
  8. For the room assignments, see Mark’s home page.
  9. Download any file from i5.nyu.edu to your hard disk.
  10. Upload a file from your hard disk to i5.nyu.edu.

How far did we get?
What’s the homework?

Fall, 2005

  1. October 20, 2005: up to Handout 1, p. 13. On Thursday, October 27, please print Handout 2 and bring it to class. Also please bring a digital camera to take the class photo. Admire last semester’s photo. Read the rest of Handout 1. Are there any corrections yet? Our last class will be on Thursday, December 22, 2005.

    Get your loginame and secret password for i5.nyu.edu. One way to get the secure shell software to connect is by picking up the free NYU CD at one of the labs. You can also log in from a lab.

    Play with the “binary calculator” bc. Run the command

    arp -a
    
    to see the Ethernet address of i5.nyu.edu. Run
    ifconfig -a
    
    to see the IP version 4 address of i5.nyu.edu. Column 1 of
    netstat -an -f inet -P tcp | more
    
    will show the TCP port numbers of the processes on i5.nyu.edu currently talking via TCP segments carried in IP datagrams. Try these commands on whatever other Unix systems you have an account on.

    In the Craig Hunt book, read up to p. 23. Look at the diagrams of an IP datagram on pp. 14 and 679, a TCP segment on pp. 19, 682, a UDP chunk on p. 18, and an ICMP chunk on p. 683.

  2. October 27, 2005: up to the end of Handout 1. On Thursday, November 3, please print Handout 3 and bring it to class. Are there any corrections yet? Nothing to hand in.

    Run localhosts.c or localhosts.pl in Handout 1, pp. 25–29. If you have an account on a Unix machine other than i5.nyu.edu, give localhosts the IP version 4 address and the netmask of that other host.

    To see the four packets of Dialog 1 in Handout 2,

    cd ~mm64/public_html/x52.9547/src/snoop
    pwd
    /usr/sbin/snoop -i arp_icmp.snoop -ta -p 1,1 -v | cat -n
    /usr/sbin/snoop -i arp_icmp.snoop -ta -p 2,2 -v | cat -n
    /usr/sbin/snoop -i arp_icmp.snoop -ta -p 3,3 -v | cat -n
    /usr/sbin/snoop -i arp_icmp.snoop -ta -p 4,4 -v | cat -n
    

  3. November 3, 2005: up to Handout 2, p. 25. Print the manual page for snoop. See Dialogs 1 and 2 by saying
    cd ~mm64/public_html/x52.9547/src/snoop
    pwd
    /usr/sbin/snoop -i arp_icmp.snoop -ta -p 1,1 -v | cat -n
    /usr/sbin/snoop -i arp_icmp.snoop -ta -p 2,2 -v | cat -n
    etc.
    
    /usr/sbin/snoop -i udp.snoop -ta -p 1,1 -v | cat -n
    /usr/sbin/snoop -i udp.snoop -ta -p 2,2 -v | cat -n
    etc.
    
    Run the program udp.pl on Handout 2, p. 20 (or the C program udp.c on pp. 17–19). The command
    /bin/netstat -a -f inet -P udp
    
    will show you all the currently active UDP sockets. Insert the statement
    print `netstat -a -f inet -P udp`;
    
    (with back quotes) at line 23 of udp.pl (or something similar at line 79 of udp.c) and hand in the output.
  4. November 10, 2005: up to Handout 3, p. 13. Read the snoop war story in pp. 471–478 of the textbook. Hand in Homeworks 3.1 and 3.2.
  5. November 17, 2005: up to Handout 4, p. 4. Hand in Homeworks 4.1 and 4.2. Run netstat -r to see the routing table on your computer. No class on Thursday, November 24 (Thanksgiving).
  6. December 1, 2005: up to Handout 5, p. 18 (except pp. 11–13). What routing protocol does your company use? OSPF? Can you get a zone transfer?
  7. December 8, 2005: up to Handout 6, p. 5. Run a master DNS server (it could be the one we ran in Handout 5, pp. 18–27). Just make sure it’s not bound to port 53. Can you get it to serve IP v6 addresses as well as v4 addresses (Homework 5.1)? Then hand in Homework 5.2. When you’re done with Homework 5.2, kill your master and slave servers.
  8. December 15, 2005: up to Handout 8, p. 5. Run mytelnet.pl in Handout 8, pp. 3–5 several times, connecting it to the servers in Handout 7, p. 22. (Connect to ports 7 and 13 of labinfu.unipv.it, not www.unipv.it.)

    Expand forkexecwait.pl in Handout 7, p. 14 into a more fully-featured shell, and hand it in. Instead of hardwiring in the name of program that the child should turn into (the grep in line 9), let the program read the name from the standard input. Print a prompt (e.g., $ and a blank) before letting the user type their choice. Do this in a loop so that it happens until the user types control-d to terminate the standard input. Line 47 of mytelnet.pl in Handout 8, p. 4 shows how to do this. Each time you execute line 47, it reads one line of standard input and stores it in the variable $_. Remove the trailing newline from this variable with the chomp in line 6 of parent.pl in Handout 7, p. 7. Then pass the variable to the Perl function exec. Extra credit: if the lines ends with an ampersand (immediately before the newline that you chomp off),

    while () {
    	chomp $_;
    	#As in awk, a Perl regular expression is enclosed in slashes.
    	if ($_ =~ /&$/) {
    	#etc.
    
    chomp off the ampersand and skip the call to wait. This will run the child in the background. Unfortunately, the zombie children will be left behind, but we’ll fix it next week.)

  9. December 22, 2005:

Fall, 2004

  1. September 23, 2004: up to Handout 1, p. 13; also pp. 18–19, 21. Read the rest of Handout 1, and make the corrections. Get your loginame and secret password for i5.nyu.edu. One way to get the secure shell software to connect is by picking up the free NYU CD at one of the labs. You can also log in from a lab.

    Play with the “binary calculator” bc. Use nslookup and dig to see if www.microsoft.com really has eight IPv4 addresses. Admire last semester’s class photo and click on each nose.

    In the Craig Hunt book, read up to p. 23. Look at the diagrams of an IP datagram on pp. 14 and 679, a TCP segment on pp. 19, 682, a UDP chunk on p. 18, and an ICMP chunk on p. 683.

    Try the two following commands, to whatever host you want. ping sends out and recieves ICMP chunks carried in IP datagrams. traceroute sends out UDP chunks carried in IP datagrams, and recieves ICMP chunks of bad news, carried in IP datagrams. When you traceroute from i5.nyu.edu to any destination, is the first stop along the way always WWITSGW-VLAN-13.NET.NYU.EDU (128.122.253.129)? See Handout 1, pp. 20–21. In Windows, traceroute is called tracert.

    ping aixmita1.urz.uni-heidelberg.de
    traceroute aixmita1.urz.uni-heidelberg.de
    
  2. September 30, 2004: up to Handout 2, p. 15.

    Modify the localhosts.pl program in Handout 1, pp. 23–27, so that its first argument is the address of the network rather than the address of an arbitrary host on the network. This modification will make the program simpler. (The address of our network is 128.122.253.128; see Handout 1, p. 21.) Hand in the first page of output.

    Hand in Homework 2.1 (Ethernet). Run lines 4–6 at the bottom of Handout 2, p. 5. In other words, examine the arp cache before and after you ping all the hosts on the local network.

    Read about the formats of the headers of the packets in the IP, ICMP, UDP, and TCP protocols. See pp. 12–23, 679–684 in the textbook, or read the RFC’s directly:

    Admire the class photo. Next week we’ll make it touch sensitive.

  3. October 7, 2004: up to Handout 3, p. 7. The TCP timestamp option is in RFC 1323. Hand in Homeworks 3.1 and 3.2.
  4. October 14, 2004: up to Handout 4, p. 5. Hand in Homework 4.2; also find out at what level sendmail is launched. If you have a cable modem, bring in a printout of the output of
    ifconfig -a
    netstat -r
    netstat -nr
    
    before the connection is made and then while you’re connected. Did making the connection put new entries into the routing table?
  5. October 21, 2004: up to Handout 5, p. 18. Does www.whatismyip.com (Handout 5, p. 3) return your host’s IP address, or are you behind a NAT proxy? Bring in a printout of a zone transfer (uu.nl in Handout 5, pp. 17–18 would be fine, but I’d rather see a zone transfer from some other organization), but don’t hand it in. If you have a Unix account on another host, run netstat -r and netstat -nr there and hand in the output.
  6. October 28, 2004: up to Handout 6, p. 12. Make a master or slave DNS server. Hand in proof that it works: a transcript of nslookup or dig, and a printout of the logging file. Will our version of DNS let make an IPv6 record? Send me a letter (mark.meretzky@nyu.edu) using SMTP (and expect too, if you wish) impersonating the polititian of your choice, living or dead, explaining why I should vote for you. Do Homework 6.2, but don’t hand it in.
  7. November 4, 2004: up to Handout 7, p. 18. Make the corrections to the Handouts. See if you’re still running a DNS server:
    ps -Af | grep in.named
    
    If so, kill every copy that you’re running.

    Hand in Homework 7.1. (The Perl program in Handout 7, pp. 1–2 is correct as written: we have to call alarm each time around the loop. And each new call to alarm cancels the previous request for an alarm.) Run the C program in Handout 7, pp. 11–12 or the Perl program in Handout 7, p. 14, but don’t hand it in. See pp. 20–21 of

    man -M /usr/perl5/5.6.1/man perlfunc
    
    to see why the first argument of the Perl exec function must be a variable.
  8. November 11, 2004: up to Handout 8, p. 17. Can you see a zombie (Handout 7, pp. 19–20)? Is our machine i5.nyu.edu really big endian or little endian? (The output in Handout 7, p. 27, was actually producted on a different machine.) Does the telnet we built in class really work? (It does.) Run the server in Handout 8, pp. 15–17 that serves only one client.

    Handout 7, p. 22, showed how to get the loginnames of people logged in at Heidelberg by telneting to port 79. You could use the login.ex expect script to log into their accounts, if you knew their password. Try all the words in our /usr/dict/words file. Also, try those words with a digit at the end. In other words, try the following passwords:

    typical_word
    typical_word0
    typical_word1
    typical_word2
    etc.
    
    Write a shellscript with triply nested loops: one for each login name that you know of, one for each word in /usr/dict/words, and one for each string in the series "", "0", "1", "2", ..., "9". If you do discover someone’s password, do no damage.
  9. November 18, 2004: up to Handout 9, p. 32. The Perl server myserver in Handout 8, p. 17 has been renamed myserver.pl. Write a TCP or UDP server that can serve many clients, using either multiple processes or multiple threads. Prove that the server works by telnetting to it twice.
  10. December 2, 2004:

Errors in the Spring 2005 Handouts

Handout 1

Handout 2

  1. p. 10: change the PID of the snoop from 20681 to 20680.

Handout 3

Handout 4

Handout 5

Handout 6

Handout 7

  1. p. 3: change myscript to port_scanner.pl
  2. p. 5: change fork3 to fork3.pl before the pipe cat

Handout 8

Handout 9

Handout 10

Bibliography

The first one is the textbook for X52.9547. The lectures are accompanied by
Handouts available on the web.
  1. TCP/IP Network Administration, Third Edition by Craig Hunt; O’Reilly, ISBN 0-596-00297-1. Page numbers in the Handouts refer to this book. How many copies are left at the main NYU Bookstore (not the NYU Computer Bookstore)?
  2. Instead of the above, you can get The Network CD Bookshelf, Version 2.0; O’Reilly, 2002; ISBN 0-596-00334-x.
  3. The UNIX System Administration Handbook, Third Edition by Evi Nemeth, Garth Snyder, Scott Seebass, Trent R. Hein; Prentice-Hall, 2001; ISBN 0-13-020601-6. Networking is a branch of System Administration. For example, a host is configured for the network by its startup scripts. There’s also a Linux edition of this book.
  4. Computer Networks, Fourth Edition by Andrew S. Tanenbaum; Prentice-Hall, 2003; ISBN 0-13-066102-3. This book is not Unix-specific. Anything Tanenbaum writes is great.
  5. Unix Network Programming, Volume 1: Networking API’s: Sockets and XTI, Second Edition by W. Richard Stevens; Prentice-Hall, 1998; ISBN 0-13-490012-X. Everything there is to know about writing C programs that communicate via sockets. Clear but massive.
  6. TCP/IP Illustrated, Volume 1: The Protocols by W. Richard Stevens; Addison-Wesley, 1994; ISBN 0-201-63346-9. How to listen to all kinds of packets; uses tcpdump instead of snoop.
  7. Ethernet: The Definitive Guide by Charles E. Spurgeon; O’Reilly, 2000; ISBN 1-56592-660-9. Here’s his Ethernet page.
  8. Programming Perl, Third Edition, by Larry Wall, Tom Christiansen, Jon Orwant; O’Reilly, 2000; ISBN 0-596-00027-8. The definitive (and longest) Perl book. It’s easier to write in Perl than in than C, but C programs run faster.
  9. The C Programming Language, Second Edition by Brian W. Kernighan and Dennis M. Ritchie; Prentice-Hall, 1988; ISBN 0-13-110362-8. The definitive (and shortest) C book. Magisterial but hard to understand.

Get an RFC (Request for Comments)

Please type the number of the RFC:
(e.g., 1058 for the Routing Information Protocol RIP)


Networking Resources

  1. The online Unix manual:
  2. Gary Richardson’s notes for this course. A subneting web site.
  3. The Internet Assigned Numbers Authority IANA keeps all the magic numbers on the Internet. Their list of top level domains for all the countries of the world.
  4. Is the DNS server on i5.nyu.edu still up?
  5. The DNS root servers and the attacks on them.
  6. What is my IP address?
  7. DHCP at the Internet Software Consortium.
  8. tcpdump is a packet sniffer by Van Jacobson.
  9. TCP/IP and tcpdump pocket reference guide from SANS
  10. The command
    /usr/sbin/arp i5.nyu.edu
    says that the Ethernet address of i5.nyu.edu is 08:00:20:d8:d7:af. The first three bytes 08:00:20 are the "Organizationally Unique Identifier" that tells who manufactured the hardware. Look up the manufacturer in the lists at the IEEE (type 6 hex digits, no colons) and Cave Bear.
  11. How to break in to Solaris.
  12. An overview of the Internet.
  13. Seven layers vs. four layers
  14. The Sendmail Consortium