Index
1. Ether TAP and Ether TUN
- these notes came from the NSTX
Debian GNU/Linux and the ULM (user mode linux configuration)
- is a package which provides pseudo devices which allow
a user program to read/write Ethernet packets
- more than
this it allows the sysadmin to configure an ethertap device
to deliver all Ethernet packets destined for an IP address
to a device, ie ( /dev/tap0 )
- which in turns means a user level
program can read all these packets
- and it allows
a user program to write these packets to the
/dev/tun0
- the user level
program can therefore manipulate these Ethernet packets and
provide:
- encryption of all Ethernet
packets
- tunnelling Ethernet packets over another
protocol (say DNS)
2. Configuring TUN and TAP under GNU/Linux
- create the
device with tunctl (available from the UML (user mode linux)
utilities
-
tunctl -u uid
- uid is the user id or username that UML will be run
as
- it will tell you what device was
created (assume tap0 )
-
now configure the device /dev/tap0
to have the IP address 192.168.0.1
-
ifconfig tap0 192.168.0.1 up
- now enable IP forewarding
-
bash -c ’echo 1 > /proc/sys/net/ipv4/ip_forward’
- now tell the operating system that
192.168.0.2 is reachable via
/dev/tap0
-
route add -host 192.168.0.2 dev tap0
- enable the APR protocol across this tunnel
-
bash -c ’echo 1 > /proc/sys/net/ipv4/conf/tap0/proxy_arp’
arp -Ds 192.168.0.2 eth0 pub
chmod 666 /dev/net/tun
- now you should be able to ping
192.168.0.2
- you will have
to have configured the server
192.168.0.2 in the same way
3. NSTX
4. Practice exam question
- Network attacks occur at many
different protocol layers. Choose 3 network protocol example
attacks (two at the transport layer and one from the IP
layer) and clearly show with the aid of a diagram how these
attacks can be mounted.
- Critically analyse appropriate
countermeasures for such attacks.
5. Book sources
- For the discussion on DNS
- TCP/IP Illustrated, Volume 1: The
Protocols, Addison-Wesley, 1994, ISBN 0-201-63346-9.
- For security on various protocols see
- 802.11 Security By Bruce Potter, Bob
Fleck 1st Edition December 2002 ISBN: 0-596-00290-4 192
pages
-
802.11 Security
-
IP over DNS
-
Secure shell
-
Python resource
Index
1. Ether TAP and Ether TUN
2. Configuring TUN and TAP under GNU/Linux
3. NSTX
4. Practice exam question
5. Book sources
Index
This document was produced using
groff-1.22.