Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
10
Nslookup: set q[uerytype] Changes the type of information query. More information about types can be found in Request For Comment (RFC) 1035. (The set type command is a synonym for set querytype.) set q[uerytype]=value Default = A. Parameters Value A. ANY CNAME GID HINFO MB MG MINFO MR MX NS PTR SOA TXT UID UINFO WKS Computers IP address All types of data Canonical name for an alias Group identier of a group name Computers CPU and operating system type Mailbox domain name Mail group member Mailbox or mail list information Mail rename domain name Mail exchanger DNS name server for the named zone Computer name if the query is an IP address, otherwise the pointer to other information DNS domains start-of-authority record Text information User ID User information Well-known service description
117
Exhibit 6.11 Using NSLOOKUP to Retrieve MX Records from the Yale University Name Server
operations. In examining the entries in Exhibit 6.12, note that Yale University operates four name servers. Also note that the IP address for each server has also been obtained.
Exhibit 6.12 Reading the Start of Authority (SOA) Records at Yale University through the Use of NSLOOKUP
118
the ability of those records to be retrieved. Thus, if one sets the record type to A and again enters the domain yale.com, one would not obtain a listing of A records because Yale blocks their retrieval by foreign name servers.
Finger
Finger, a fourth built-in utility, is a program that enables a user to obtain information about who is logged onto a distant computer or to determine information abut a specic user. The use of this command results in a new verb referred to as ngering, which is not a rude gesture, but a query on the Internet.
Format
The general format of the nger command on a UNIX system is: finger [username] @ {host.name\IP.address} Exhibit 6.13 illustrates the nger command options under Microsoft Windows operation system. Note that the -l option results in a long display that can provide detailed information about a user or host computer.
Security Considerations
Similar to other network utility programs under the Microsoft operating system, nger runs in the command prompt dialog box as a DOS application. Because
Exhibit 6.13
119
Exhibit 6.14
the use of nger can provide detailed information about a user or host, it is normally blocked by programming a router to bar datagrams that contain the destination port that identies a nger application. An example of nger blocking is shown in Exhibit 6.14. In this illustration, the author attempted to nger several domains. First, this author ngered ford.com without success. Next, a U.S. government agency; followed by an attempt to nger Yale University; and, nally, the Federal Bureau of Investigation. Each of these nger attempts was unsuccessful as those organizations block ngering as a security measure.
Applications
As indicated in Exhibit 6.14, many organizations block ngering as a security measure. Thus, a logical question is, Why discuss its use? The reason is that many organizations will operate ngering internally, but block its ow into the network. Then, people within an organization obtain the ability to query a host or user to determine who is working on the host, their telephone number, the application they are using, and other information that may be of assistance when attempting to solve a problem. As indicated in this chapter, the TCP/IP protocol suite contains several built-in application programs that can be used to determine information about hosts, the paths between networks, and users on a host. By carefully considering the use of different application programs, one can obtain valuable tools that will assist in ensuring that if problems occur, one can focus attention on the potential location and perhaps even the cause of the problem.
Chapter 7
122
routers, this topic is also examined. For those of us from Missouri, the show me state, this chapter concludes with an examination of how two popular routing protocols operate in order to obtain an appreciation of the manner by which both routers in the Internet and on private TCP/IP networks understand where to route datagrams.
Network Routing
For a large network such as the Internet or a private network operated by a multinational corporation, it would more than likely be impractical for each router to have entries for each network address. Even if memory was free, whenever a table update was broadcast to adjacent routers, the time required to transmit routing table entries could become so long that it would preclude the ability to transport production data for signicant periods of time. Recognizing this potential problem, the various committees responsible for the development of the TCP/IP protocol suite also developed a series of routing protocols. Some protocols are used to convey information within a network consisting of two or more subnetworks managed by a common entity, with the collection of networks referred to as an autonomous system. Other protocols are designed to convey information between autonomous systems. Thus, rather than one routing protocol, the TCP/IP protocol suite supports a family of routing protocols. Because routing methods within an autonomous system differ from routing protocols used to interconnect autonomous systems, one can view the Internet or a corporate enterprise network as a global network and examine the manner by which routing occurs within a global system.
Autonomous Systems
In examining Exhibit 7.1, one can rst more narrowly dene an autonomous system. As previously mentioned, it represents a collection of networks managed by a common entity. In actuality, it is the routing protocol that is managed, with the result that only a single routing protocol is used within an autonomous system. Thus, one can also view an autonomous system as a group of networks that use routers to exchange routing information between subnetworks in the system via the use of a common routing protocol. Each network shown in Exhibit 7.1 can represent a corporate network, educational network, or governmental network. When connected to the Internet through the services of an Internet service provider (ISP), the ISP represents
123
Exhibit 7.1 A Global System Using Different Types of Protocols to Advertise Reachable Information
an autonomous system. If Exhibit 7.1 represents a private enterprise network, perhaps autonomous system 1 represents North America, system 2 represents South America, etc. Thus, each subnetwork in an autonomous network could represent a series of LANs and routers that connect ofces in California and the Pacic Northwest, Texas, the southwestern United States, etc. Because organizations acquire IP addresses at different points in time, there is no structure associated with an address relationship between networks in an autonomous system. This explains why the individual networks in autonomous system 1 are numbered 1.1, 3.2, and 4.7 in the example, while the networks located in autonomous system 2 are numbered 3.7, 5.7, and 6.3. For example, in real life, an ISP in Chicago might be responsible for providing routing and connectivity information for a mixture of Class A, B, and C networks whose IP addresses span the gamut of the valid range of addresses available for each class. The only restriction concerning addressing is the fact that each address must be within the allowable range; no single network address can be repeated anywhere else in the global system.
124
125
Exhibit 7.2
Recognizing the differences between an IGP and an EGP, one can now focus on the general type of information included in routing tables and the rationale for routers having to advertise the contents of their routing tables to neighbors.
1 1 2 3
In the preceding example, the term static is used to signify that the entries are permanent and do not vary. While there may be the need for dynamic
126
routing tables, in many situations, static routing remains a practical solution for conguring routers. For example, if an organization uses one router to connect a LAN to the Internet via an ISP, it makes sense and enhances router performance to use static routing. This is because the organizations router only needs to know the address of the ISPs router. By using static routing in this situation, the organizations router avoids transmitting router table updates, enabling less bandwidth required for overhead and more bandwidth becoming available for actual data transfer. Returning to the previous example, a problem with the above conguration is the fact that it does not indicate alternate paths between networks, For example, if the circuit between router R1 and router R2 failed, the above conguration does not indicate that datagrams could ow to network 1.2 via router R3. If one wanted to recongure router R1 with knowledge of all possible paths to the three networks, one possible port-network table would be as follows:
Port Network
1 1 2 2 3
In examining the preceding port/network table, note that there is no mechanism to distinguish the fact that routing a datagram via a particular port number to a network results in either direct or indirect routing. For example, from router R1 the transfer of a datagram via port 1 provides a direct route to network 1.3. If the datagram is transmitted via port 2, the datagram will have to be relayed via router R2 to reach network 1.3. Thus, another metric is required to distinguish direct paths from indirect paths. That metric is a hop count, which indicates the number of routers a datagram must ow through to reach a particular network. Thus, the routing table for router R1 might be revised as follows:
Port Network Hop Count
1 1 2 2 3
1 2 1 2 0
In examining the preceding port/network/hop count table, note that a direct connection to a network results in a router hop count of zero. Also