1 / 17

Network Security: Lab#3 Transport-Level Security Tools

Network Security: Lab#3 Transport-Level Security Tools. J. H. Wang May 12, 2011. Objectives. To learn to use transport-level security tools SSL/TLS clients/servers To learn to access secure Web services HTTPS To learn to use secure shell SSH. Packages Used in this Lab.

radley
Download Presentation

Network Security: Lab#3 Transport-Level Security Tools

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Network Security: Lab#3Transport-Level Security Tools J. H. Wang May 12, 2011

  2. Objectives • To learn to use transport-level security tools • SSL/TLS clients/servers • To learn to access secure Web services • HTTPS • To learn to use secure shell • SSH

  3. Packages Used in this Lab • OpenSSL: an open source implementation of SSL and TLS protocols • (again!) • PuTTY: an implementation of SSH • PuTTY: for telnet and ssh • PSFTP: for secure FTP

  4. OpenSSL • Homepage: http://www.openssl.org/ • Current version: 1.0.0d (open source) • Source: • Unix/Linux: openssl-1.0.0d.tar.gz • Binary: • Win32 OpenSSL : http://www.slproweb.com/products/Win32OpenSSL.html • Win32 OpenSSL v1.0.0d • Visual C++ 2008 Redistributables • Steps • Install (skipped) • OpenSSL command-line tool

  5. Experiment Scenario • Running a generic SSL/TLS server • Connecting to a SSL/TLS server • Connecting to a secure remote Web server • Remote login a host • Transferring files to/from a remote host

  6. OpenSSL Command-Line Tools • OpenSSL command-line tool • s_server: a generic SSL/TLS server • cd \OpenSSL-Win32\bin • openssl s_server -cert PEM\server.pem • Or openssl s_server -cert PEM\server.pem -accept 443 -www • For HTML output • s_client: a generic SSL/TLS client • openssl s_client • Default: localhost:443

  7. Another Example • Another example: • s_server: other options • cd \OpenSSL-Win32\bin • openssl s_server -cert PEM\server.pem-accept 443 -www • For HTML output • Use a Web browser to connect • https://localhost/

  8. Yet Another Example • Still another example: • s_server: other options • cd \OpenSSL-Win32\bin • openssl s_server -cert PEM\server.pem -accept 443 -WWW • For simulating a Web server • Put a file under the directory \OpenSSL-Win32\bin • cp index.html \OpenSSL-Win32\bin\ • Use a Web browser to connect and get the page • https://localhost/index.html

  9. HTTPS • HTTP over TLS • Implemented on most browsers • Example services • CSIE Webmail: https://csie.ntut.edu.tw/mail/ • Gmail: https://mail.google.com/ • Facebook: https://www.facebook.com/ • You can also setup a secure Web server • E.g. Apache-SSL, Apache+mod_ssl

  10. Creating a Secure Web Server • Apache-SSL: Apache-1.3.41+SSL-1.60 • Homepage: http://www.apach-ssl.org/ • Configuration files, digital certificates • Mod_ssl: 2.8.31 with Apache 1.3.41 • Homepage: http://www.modssl.org/ • Installation: See Tab [Example]

  11. Secure Shell • PuTTY beta 0.60: a free implementation of Telnet and SSH for Windows and Unix • http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html • For Windows: (Binaries) • putty.exe: Telnet and SSH client • psftp.exe: SFTP client • For Unix: (Source) • Putty-0.60.tar.gz

  12. Examples on Windows • Ex.1: Connecting to a remote host with PuTTY (similar to Telnet) • Ex.2: Transferring a file to/from a remote host with PSFTP (similar to FTP)

  13. Connecting to a remote host

  14. Transferring a file to/from a remote host

  15. Examples on UNIX/Linux • Ex.1: Connecting to a remote host (similar to Telnet) • ssh -l <user> <host> • Ex.: ssh -l <user> 140.124.13.2 • You can run commands on a remote host • Ex.2: Transferring a file to/from a remote host (similar to FTP) • sftp <user>@<host> • Ex.: sftp <user>@140.124.13.2 • You can upload your homepage to the server

  16. Some Commands in UNIX/Linux • Displaying the files • ls • Change directory • cd <directory> • In FTP/sftp: • Displaying the files: ls • Displaying the local files: !dir • Change directory: cd <dir> • Change local directory: lcd <dir> • Upload files: put <filename> • Download files: get <filename> • Quit the system: bye

  17. Summary • Running a generic SSL/TLS server • Connecting to a SSL/TLS server • HTTPS • Secure shell

More Related