3  Network

3.0.1 Server Network Diagram

root@cyber24:~# hostname -I
64.23.172.30 10.48.0.5 10.124.0.2 


root@cyber24:~# ip route
default via 64.23.160.1 dev eth0 proto static 
10.48.0.0/16 dev eth0 proto kernel scope link src 10.48.0.5 
10.124.0.0/20 dev eth1 proto kernel scope link src 10.124.0.2 
64.23.160.0/20 dev eth0 proto kernel scope link src 64.23.172.30

NetworkDiagram cluster_server Server: cyber24 Internet Internet Gateway Default Gateway: 64.23.160.1 Internet->Gateway Network2 64.23.160.0/20 Gateway->Network2 eth0b eth0 10.48.0.5 Network1 10.48.0.0/16 eth0b->Network1 eth0a eth0 64.23.172.30 eth1 eth1 10.124.0.2 Network3 10.124.0.0/20 eth1->Network3 Network2->eth0a

3.1 Network Services On A Server

Lists all active listening network services and their port:

jeremy@cyber24:~$ sudo ss -tuln
[sudo] password for jeremy: 
Netid     State      Recv-Q      Send-Q           Local Address:Port           Peer Address:Port     Process     
udp       UNCONN     0           0                   127.0.0.54:53                  0.0.0.0:*                    
udp       UNCONN     0           0                127.0.0.53%lo:53                  0.0.0.0:*                    
tcp       LISTEN     0           4096                127.0.0.54:53                  0.0.0.0:*                    
tcp       LISTEN     0           10                     0.0.0.0:8888                0.0.0.0:*                    
tcp       LISTEN     0           4096             127.0.0.53%lo:53                  0.0.0.0:*                    
tcp       LISTEN     0           4096                         *:22                        *:*

3.2 Protocols

3.2.1 Introduction to SSH

3.2.1.1 What is SSH?

SSH stands for Secure Shell. It is a cryptographic network protocol used to securely access and manage devices over an unsecured network. SSH provides a secure channel over an unsecured network by using a client-server architecture, enabling users to log into another computer over a network, execute commands, and manage files.

3.2.1.2 How SSH Works

SSH operates by establishing an encrypted connection between a client and a server. Here’s how it works:

  1. Client Initiates a Connection: The client starts an SSH connection by attempting to contact the server using an SSH client software.

  2. Authentication: The server authenticates the client using credentials like a username and password or SSH keys. SSH keys are preferred for stronger security.

  3. Establish a Secure Channel: Once authenticated, SSH creates an encrypted session, ensuring all data transferred between the client and server is secure.

  4. Execute Commands or Transfer Files: Users can execute commands remotely, manage files, or even tunnel other protocols through SSH.

3.2.1.3 Key Features of SSH

  • Encryption: All data sent over SSH is encrypted, protecting it from eavesdropping and attacks.

  • Authentication: Supports multiple authentication methods, including passwords and public key authentication, with SSH keys being the most secure option.

  • Port Forwarding: Allows secure tunneling of network connections through SSH, enabling secure access to resources on a remote network.

  • File Transfer: Facilitates secure file transfer between the client and server using protocols like SCP (Secure Copy Protocol) and SFTP (SSH File Transfer Protocol).

3.2.1.4 SSH in Practice

  • Remote Administration: SSH is commonly used by system administrators for remote management of servers and devices.

  • Secure File Transfers: SSH provides a secure way to transfer files over a network, making it ideal for backup and synchronization tasks.

  • Git Operations: Developers often use SSH keys to securely connect to Git repositories for version control operations.

3.2.1.5 Setting Up SSH

To use SSH, you typically need an SSH client and server. Most operating systems include an SSH client by default, such as OpenSSH. Here’s how you can establish an SSH connection from a terminal:

ssh username@remote_server_ip
# or
ssh username@remote_server_name

Replace username with your remote username and remote_server_ip with the server’s IP address or domain name.

3.2.1.6 Conclusion

SSH is a vital tool for secure remote management and data transfer, widely used in IT, development, and network administration. Understanding SSH and its capabilities is essential for anyone working with networked systems, providing the foundation for secure communications and remote operations.

3.2.2 Introduction to HTTP

HTTP

Look at the lock icon showing the connection is not secure.

3.2.2.1 What is HTTP?

HTTP stands for Hypertext Transfer Protocol. It is the foundation of data communication on the World Wide Web. HTTP is a protocol used for transferring hypertext (such as HTML) between a client and a server. This protocol allows web browsers and servers to communicate with each other to fetch and display web pages.

3.2.2.2 How HTTP Works

sequenceDiagram
    participant Client
    participant Server

    Client->>Server: HTTP Request
    Note right of Server: Server processes request
    Server-->>Client: HTTP Response
    Note left of Client: Client receives response

HTTP operates as a request-response protocol. Here’s a basic overview of how it works:

  1. Client Makes a Request: When you enter a URL in your web browser, the browser (client) sends an HTTP request to the server hosting the website.

  2. Server Processes the Request: The server receives the request, processes it, and prepares a response.

  3. Server Sends a Response: The server sends back an HTTP response to the client. This response contains the requested resources, such as HTML files, images, or other data.

  4. Browser Displays the Content: The browser interprets the response and displays the content on your screen.

3.2.2.3 Key Concepts in HTTP

  • Request Methods: HTTP defines several methods indicating the action to be performed on a resource. The most common methods are:
    • GET: Requests data from a server.
    • POST: Submits data to be processed by the server.
    • PUT: Updates or replaces existing data on the server.
    • DELETE: Deletes data from the server.
  • Status Codes: HTTP responses come with status codes that indicate the result of the request. Some common status codes are:
    • 200 OK: The request was successful, and the server returned the requested data.
    • 404 Not Found: The requested resource was not found on the server.
    • 500 Internal Server Error: The server encountered an error while processing the request.
  • Headers: HTTP headers are key-value pairs sent in both requests and responses. They contain metadata about the request or response, such as content type, language, or caching information.

Using telnet to see headers

$ telnet cyber.mrchen.store 80
Trying 64.23.172.30...
Connected to cyber.mrchen.store.
Escape character is '^]'.
GET / HTTP/1.1
Host: cyber.mrchen.store

HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Aug 2024 20:11:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 2055
Connection: keep-alive
X-Frame-Options: DENY
Vary: Cookie
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
...
  • Stateless Protocol: HTTP is stateless, meaning each request from a client to a server is independent. The server does not retain any information about previous requests. This simplifies server design but requires additional mechanisms to manage user sessions.

3.2.2.4 HTTP vs. HTTPS

While HTTP is used for general web browsing, it is not secure by itself. HTTPS (HTTP Secure) is an extension of HTTP that uses encryption (SSL/TLS) to secure the data transferred between the client and the server. This ensures that sensitive information, such as passwords and credit card details, is transmitted securely.

3.2.2.5 Conclusion

Understanding HTTP is crucial for anyone learning about the web and how it works. As the backbone of web communication, HTTP facilitates the interaction between clients and servers, making it possible to access and share information across the internet.