Router Basic Analysis

Router) is one of the most important devices on the Internet, tens of thousands of routers all over the world constitute the "bridge" of the Internet, a giant information network that keeps running around us day and night ". The core communication mechanism of the Internet is a data transmission model called "Storage forwarding. In this communication mechanism, all data flowing on the network is sent, transmitted, and received in the form of packets Packet. Any computer connected to the Internet must have a unique network address to communicate with other machines and exchange information ". Data is not directly transmitted from its "Starting Point" to "destination". On the contrary, data is divided into segments of a certain length according to specific standards before transmission-data packets. The Network Address of the destination computer is added to each data packet, which is like an envelope with a good recipient address. Such data packets will not be lost during online transmission ". Before arriving at the destination, these packets must be transmitted through multiple communication devices or computers on the Internet. The operation of the station in ancient times is an image of this process. On the internet, routers play the role of forwarding data packets "station.
Most popular routers exist in the form of hardware devices, but in some cases, "software routers" are also implemented using programs. The only difference between the two is that the execution efficiency is different. Generally, a router is connected to at least two networks and determines the transmission path of each data packet based on its status of the connected network. The router generates and maintains a table named "route info table", in which the address and status information of other adjacent routers are tracked. The router uses the routing information table and determines the optimal transmission path of a specific data packet based on optimization algorithms such as the transmission distance and communication fee. This feature determines the "intelligence" of the router. It can automatically select and adjust the data packet transmission status based on the actual running status of the adjacent network, make the best effort to transmit data packets at the optimal route and minimum cost. The security and stability of routers directly affect Internet activities. Whatever the cause, the router crashes, the denial of service, or the operation efficiency drops sharply, the results will be disastrous.

The methods used by hackers to attack routers are similar to those used to attack other computers on the Internet, because in a strict sense, a router itself is a computer with a special mission, although it may not look as familiar as PCs. Generally, hacker attacks against vrouters are divided into the following two types: one is to obtain management permissions through some means or channels and directly intrude into the system; first, remote attacks may cause the router to crash or cause a significant reduction in operating efficiency. In comparison, the former is more difficult.

In the first intrusion method mentioned above, hackers generally use system users' carelessness or known system defects, such as "bugs" in system software, to gain access to the system, the super administrator privilege is obtained through a series of further actions. Generally, it is difficult for hackers to gain control of the entire system from the very beginning. In general, this is a gradually upgraded intrusion process. Because vrouters do not have as many user accounts as normal systems, and they often use dedicated software systems with relatively high security, therefore, it is much more difficult for hackers to obtain the management right of the router system than to intrude into a common host. Therefore, most of the existing hacker attacks against routers can be classified into the second type of attack methods. The ultimate goal of this attack is not to directly intrude into the system, but to send a large number of "junk" packets to the system by sending aggressive packets to the system or sending them at a certain interval, this consumes a lot of system resources of the router, making it unable to work normally or even crash completely.

Introduction to Routing Technology

STUN Technology:

That is, the serial tunnel technology. This technology is to integrate the SNA software package from FEP
3745/6) the serial port is sent to the router, Which is packaged into an IP packet by the router, and then
Transmitted in a vro network, to the target vro, and then restored by the vro package.
Sna sdlc data packets are sent to SDLC interface devices.

CIP technology:

CIP is the Channel Interface Processor ). It is

A plug-in card device can be conveniently installed in the CISCO7000 series router. CIP
Provides multi-protocol inter-network access for IBM computers through direct connections with IBM computers
. Provides TCP/IP, SNA, and APPN traffic for large machines, thus canceling
Interconnection controller and IBM3745/6 FEP requirements.

DLSw Technology:

It is an international standard technology that can package SNA software packages in IP Mode and then transmit them
Any vro node on P is transmitted to the SDLC interface through the serial port of the vro.
The device or the device through the Ethernet interface (or token ring) interface is transmitted to the LLC2 link layer protocol for SNA transmission.
The SNA node of the data packet (for example, RS6000 ).

An E1 interface of MIP:

It provides 30 64 Kbps sub-channels and can be combined into a larger sub-channel of N × 64 KB,
It is sufficient to meet the bandwidth requirements for connecting to local cities for a long period of time.

CiscoWorks:

Network management applications are a series of SNMP-based management applications that can be integrated in SunNet Manager,
HP OpenView, IBM NetView/AIX, and Windows95/NT Platforms provide the following functions:
:

Allow Remote Installation of new routers using neighboring Routers

Provides a wide range of dynamic status, statistics, and configuration information for Cisco's Internet products.

Displays Cisco devices and basic troubleshooting information.

Audits and records configuration file changes, and detects unauthorized configuration changes on the network

Facilitate the configuration of similar routers in the Network

Records the contact details of a specific device.

View the status information of a device, including buffer memory, CPU load, available memory, and active connections.

Ports and protocols

Collect historical network data, analyze network traffic and performance trends, and display them graphically

Establish authorization check programs to protect CiscoWorks applications and network devices from unauthorized user access
In particular, Cisco has developed a dedicated
In addition to the above features, the CiscoWorks Blue network management application of BM network management also adds routes
The SNA-type MIBs in the tool. It supports NMVT and LU6.2 management methods and provides SNA management functions, such:

Knows the status of each SNA resource in the network and is used to change the SNA resource status.

Helps detect problems related to network data stream latency and can be used to measure the response time from the host to the LU.