Network security in liunx introduces some network knowledge

Source: Internet
Author: User

Here I introduced some linux network security and prevention, as well as some network knowledge, which is vividly described. Let's take a look. I have summarized the statements by myself, but they are recorded one by one without any plagiarism,





TCP/IP


Layer-7 relationship

Application

Indicates

Session

Transmission

Network

Data Connection

Physical





Tcp has a total of 4/5 Layers

Including

1 Application Layer --- application indicates session

2 Transport Layer --- transmission tcp udp

3 network layer --- network ip icmp

4. Data connection --- data connection arp rarp

5 physical ----- physical




Physical Layer

Transmit signals based on physical lines


-------------


Provide reliable protocols in the unreliable physical layer -------- data connection role

-----------------

Data Connection history

Arp Protocol ip address for MAC)

Rarp mac ip address retrieval)



[Root @ localhost/] # arp-n ------ view arp cache table

[Root @ localhost/] # arp-d 192.168.1.111 ------ Delete the address in the arp cache table

[Root @ localhost/] # tcpdump-I eth0-nn arp and host 192.168.1.111 ----- capture arp packets



Arp gateway Spoofing

Arp-s IP mac ---- solution for mac



-------------

Network Layer


Ip protocol

Icmp protocol


Bandwidth occupied by icmp flood attack ping ---- solution to disable ping



Ip is responsible for data packet slicing and restructuring


---------------------

Transport Layer


Reliable connection of tcp transmission control protocol

One or three handshakes

Two or four waves

3. Each packet is confirmed. If the packet is incomplete, it will be re-transmitted.

4 Mark syn request FIN request disconnected, goodbye ACK response RST disconnect PUSH flag URG emergency flag

5. Flow Control Sliding Window

6. Connection status


Unreliable connection to udp user data packets


Syn

A ------> B

Syn + ack + 1

A <------ B ---- three-way handshake

Ack + 1

A ------> B



Data Transmission

A ------> B

A <------ B



FIN

A ------> B

Ack

A <------ B

FIN ----- Four Waves

A <------ B

Ack

A ------> B




A Indicates that client B is the server.


The process of data transmission is as follows)


Are you there?

A ------> B

In!

A <------ B ---- three-way handshake

Yes!

A ------> B



Have you eaten?

A ------> B

Eat --- send data, send a request, and reply

A <------ B



No chat

A ------> B

Good

A <------ B

I want to go back.

A <------ B

888888

A ------> B




Rtt value ---- round-trip time of the Data Packet




Tos Sliding Window for traffic control ----- top Protocol

The principle is that a sends data packets to B, and a sends data packets to B until the packet is sent.




Dos attacks send syn requests in a crazy manner and do not reply to the server ack until the pool is fully occupied. Each time a random port is opened, the server must be better than the server to get rid of it. Otherwise, the server must be scraped off and becomes a single-choice)

DDOS attacks have become a mass building.





[Root @ localhost ~] # Cat/proc/sys/net/ipv4/tcp_synack_retries --- this means that if the server replies five times, you will be disconnected.

5

[Root @ localhost ~] # Cat/proc/sys/net/ipv4/tcp_syncookies ---- after enabling the cookies, the semi-connection infinity will be recorded, which does not consume memory but consumes CPU)

1

Echo 1024>/proc/sys/net/ipv4/tcp_max_syn_backlog ---- set the number of semi-connections


-----------------------------

Udp protocol

Send data packets, no matter whether you receive them or not.

Dup can also be set to reliability. The upper-layer protocol can be used to set the reliability.


This article is from the "history_xcy" blog, please be sure to keep this http://historys.blog.51cto.com/7903899/1296714

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.