20-CS-6053 Network Security Spring 2017
Lab 1 Hints

Secret Key, Public Key, Hash Algorithms, IPSec, Kerberos, Authentication, more

 

Monitor times out trying to find the server

    The monitor cannot find the server if:
  1. Your code is running behind a router - the router NATs addresses
  2. Your code is not running behind a router but your internet access is provided by an ISP such as Time-Warner and the packets are blocked - ISPs do not like servers running on their customers computers - perhaps they are blocking the packets.
Get your code running on helios first by logging in with putty or ssh. Then experiment with VPN and SSH -L and SSH -R from home. Here is what I do:

    Call the computer running the project software the localhost. Assume the passive server is listening to port 20000 on the localhost and the monitor is running on helios and listening to port 8180. Run the following on localhost from a shell:
   xterm -e ssh -L 8180:helios.ececs.uc.edu:8180 helios.ececs.uc.edu &
   xterm -e ssh -R 20000:localhost:20000 helios.ececs.uc.edu &
   java Homework localhost 8180 myidentity	
You will see two shells open on helios - just ignore them. The -L switch says send port 8180 packets from the localhost to helios. The -R switch says send port 20000 packets from helios to the localhost. This should blast through any firewall, router, or ISP blocks. You only need an account on helios, which I am sure you have. I know of no ISP that forbids ssh tunnels, not even the Chinese do this!

Monitor says "host xxxxx is not known"

    In ActiveClient.java try changing
    HOSTNAME = toMonitor.getLocalAddress().getHostName();
to
    HOSTNAME = toMonitor.getLocalAddress().toString().substring(1);
This will send your IP address to the monitor - the monitor may have a better chance of making a connection knowing this.

Server can't verify the monitor

    Assume
   String PPCHECKSUM = "";
   ...
   String msg = GetMonitorMessage();
   PPCHECKSUM = GetNextCommand(msg,"PARTICIPANT_PASSWORD_CHECKSUM");
   String PASSWORD = "whatever";
   MessageDigest md = MessageDigest.getInstance("SHA");
Then
   String password = PASSWORD.toUpperCase();  // important
   md.update(password.getBytes());
   BigInteger big = new BigInteger(1,md.digest()); // important, big is a
   // positive signed magnitude integer, not a 2's complement integer.
   // Below, the trim is because I am paranoid.  Important - the PPCHECKSUM
   // is a hex number, hence toString(16);
   if (big.toString(16).equals(PPCHECKSUM.trim())) return true;  // the test
	else return false

A Sample Player

    Instructions: Create a directory, say SamplePlayer. Download sampleplayer.tar and untar it in that directory. Run the twoplayers script to start clients and servers for two players named franco1 and franco2 assuming a monitor is running on the localhost, port 8150. The server of one player is on port 20500 and the other on port 20000. Use the active client of one to issue TRANSFER_REQUEST commands to the other. Run oneplayer to start a single client and server and a shell. Use the shell to send commands to the localhost monitor via telnet. Detailed instructions are in the file.