Professional Documents
Culture Documents
of CSE, MSRIT
1. INTRODUCTION
General Introduction
The aim of this project is more than one client programs running on different
terminals (client) can get connected to server and hence remotely log into the server.
The Server or the admin has no complete control over the client system. This may
make the client to misuse the weakness of the server or administrator.
The proposed system gives the administrator or the server complete control
over the client systems that have logged in to the intra network as well as providing
him the flexibility of monitoring certain activities of the client and the status of the
system like that of current applications, files of remote systems, sending warning
messages as well as shutting down the system and remote applications.
The rlogin starts a terminal session on the remote host specified as host. The
remote host must be running an rlogin service (daemon) for rlogin to connect to.
Remote login is nothing but to have an access on the remote machine. Here we refer
to a system we initially login to as either the local system or client system. The
system that you initially login to is the remote system or server system. In the
application that we have proposed usually works on using these modules:
2. LITERATURE SURVEY
Two remote hosts communicate via a network and through various network devices
like router, bridges and gateways. In software application, this can be done using
socket programming.
Client
It is an Application program that requests for establishing connections for the purpose
of data communication.
Server
User Agent
It is a client that initiates a request. These are often browsers, editors, spiders (web-
traversing robots) or other end user tools. Computer networks are the communication
systems for connecting end systems. The computers in a network use well defined
protocols to communicate. Since the networks are complex, they are organized as a
series of layers. Most networks follow ISO OSI 7- layer model. The various layers are
shown in the next page.
The Physical Layer defines the electrical and physical specifications for
devices. In particular, it defines the relationship between a device and a physical
medium. This includes the layout of pins, voltages, cable specifications, hubs,
repeaters, network adapters, host bus adapters (HBAs used in storage area networks)
and more.
To understand the function of the Physical Layer, contrast it with the functions
of the Data Link Layer. Think of the Physical Layer as concerned primarily with the
Interaction of a single device with a medium, whereas the Data Link Layer is
concerned more with the interactions of multiple devices (i.e., at least two) with a
shared medium. Standards such as RS-232 do use physical wires to control access to
the medium.
The major functions and services performed by the Physical Layer are:
To understand the function of the Physical Layer, contrast it with the functions of
the Data Link Layer. Think of the Physical Layer as concerned primarily with the
interaction of a single device with a medium, whereas the Data Link Layer is
concerned more with the interactions of multiple devices (at least two) with a shared
medium. Standards such as RS-232 use physical wires to control access to the medium.
The major functions and services performed by the Physical layer are:
Establishment and termination of a connection to a communications medium.
Participation in the process whereby the communication resources are
effectively shared among multiple users. For example, contention resolution and
flow control.
The Network Layer provides the functional and procedural means of transferring
variable length data sequences from a source to a destination via one or more networks,
while maintaining the quality of service requested by the Transport Layer. The
Network Layer performs network routing functions, and might also perform
fragmentation and reassembly, and report delivery errors. Routers operate at this layer -
sending data throughout the extended network and making the Internet possible. This is
a logical addressing scheme - values are chosen by the network engineer. The
addressing scheme is hierarchical.
Careful analysis of the Network Layer indicated that the Network Layer could
have at least 3 sub layers:
Subnetwork Access - that considers protocols that deal with the interface
to networks, such as X.25;
Subnetwork Dependent Convergence - when it is necessary to bring the level of
a transit network up to the level of networks on either side;
Subnetwork Independent Convergence – which handles transfer across multiple
networks.
The best example of this latter case is CLNP, or IPv7 ISO 8473. It manages the
connectionless transfer of data one hop at a time, from end system to ingress router,
router to router, and from egress router to destination end system. It is not responsible
for reliable delivery to a next hop, but only for the detection of error packets so they
may be discarded. In this scheme, IPv4 and IPv6 would have to be classed with X.25
as Subnet Access protocols because they carry interface addresses rather than node
addresses.
This model lacks the formalism of the OSI reference model and associated
documents, but the IETF does not use a formal model and does not consider this a
limitation, as in the comment by David D. Clark, “We reject: kings, presidents and
voting. We believe in: rough consensus and running code.” Criticisms of this model,
which have been made with respect to the OSI Reference model, often do not consider
the ISO’s later extension to that model.
The protocol was designed by David P. Reed in 1980 and formally defined in
RFC 768. UDP uses a simple transmission model without implicit hand-shaking
dialogues for guaranteeing reliability, ordering, or data integrity. Thus, UDP provides
an unreliable service and datagram may arrive out of order, appear duplicated, or go
missing without notice. UDP assumes that error checking and correction is either not
necessary or performed in the application, avoiding the overhead of such processing at
the network interface level. Time-sensitive applications often use UDP because
dropping packets is preferable to waiting for delayed packets, which may not be an
Secured Intra Network Through Server Dominance 8
Dept. of CSE, MSRIT
option in a real-time system. If error correction facilities are needed at the network
interface level, an application may use the Transmission Control Protocol (TCP)
or Stream Control Transmission Protocol (SCTP) which are designed for this purpose.
UDP’s stateless nature is also useful for servers that answer small queries from huge
numbers of clients.
Unlike TCP, UDP is compatible with packet broadcast (sending to all on local
network) and multicasting (send to all subscribers). Common network applications that
use UDP include: the Domain Name System (DNS), streaming media applications
such as IPTV, Voice over IP (VoIP), Trivial File Transfer Protocol (TFTP) and many
online games.
The well-known ports are controlled and assigned by the Internet Assigned
Numbers Authority (IANA) and on most systems can only be used by system
processes or by programs executed by privileged users. The assigned well-known ports
occupy port numbers in the range 0 to 1023. The ports with numbers in the range
1024-65535 are not controlled by the IANA and on most systems used by ordinary
user-developed programs.
Confusion due to two different applications trying to use the same port numbers
on one host is avoided by writing those applications to request an available port from
TCP/IP. Because this port number is dynamically assigned, it may differ from one
UDP, TCP and ISO TP-4 all use the same “port principle“. To the extent possible,
the same port numbers are used for the same services on top of UDP, TCP and ISO
TP-4.
2.5.2 Sockets
A socket is a network communications endpoint. The analogy is to a wire (the
network data connection) being plugged into a socket. Sockets come in two primary
flavors. An active socket is connected to a remote active socket via an open data
connection. Closing the connection destroys the active sockets at each endpoint. A
passive socket is not connected, but rather awaits an incoming connection, which will
spawn a new active socket.
The kernel, at the heart of all Linux systems, is developed and released under the
GNU General Public License and its source code is freely available to everyone. It is
this kernel that forms the base around which a Linux operating system is developed.
There are now literally hundreds of companies and organizations and an equal number
of individuals that have released their own versions of operating systems based on the
Linux kernel. More information on the kernel can be found at our sister site, LinuxHQ
and at the official Linux Kernel Archives. The current full-featured version is 2.6
(released December 2003) and development continues.
Apart from the fact that it’s freely distributed, Linux’s functionality, adaptability
and robustness, has made it the main alternative for proprietary Unix and Microsoft
operating systems. IBM, Hewlett-Packard and other giants of the computing world
have embraced Linux and support its ongoing development. Well into its second
decade of existence, Linux has been adopted worldwide primarily as a server platform.
Its use as a home and office desktop operating system is also on the rise. The operating
system can also be incorporated directly into microchips in a process called
“embedding“ and is increasingly being used this way in appliances and devices.
Those curious to see the capabilities of Linux can download a live CD version
called Knoppix. It comes with everything you might need to carry out day-to-day tasks
on the computer and it needs no installation. It will run from a CD in a computer
capable of booting from the CD drive. Those choosing to continue using Linux can
find a variety of versions or “distributions” of Linux that are easy to install, configure
and use. Information on these products is available in our distribution section and can
be found by selecting the mainstream/general public category.
GNU/Linux distributions.
Fedora has a comparatively short life cycle: version X is maintained until one
month after version X+2 is released. With 6 months between releases, the maintenance
period is about 13 months for each version.
Linus Torvalds, author of the Linux kernel, says he uses Fedora because it had
fairly good support for PowerPC when he used that processor architecture. He became
accustomed to the operating system and continues to use it (as of 2008).
Red Hat, Inc. (NYSE: RHT) is an S&P 500 company in the free and open source
software sector, and a major Linux distribution vendor. Founded in 1993, Red Hat has
its corporate headquarters in Rayleigh, North Carolina with satellite offices worldwide.
Red Hat has become associated to a large extent with its enterprise operating
system Red Hat Enterprise Linux and with the acquisition of open-source enterprise
middleware vendor JBoss. Red Hat provides operating-system platforms along with
middleware, applications, and management products, as well as support, training, and
consulting services.
A shell script is a program written for Bash. The simplest shell script is a
sequence of Linux commands, but when you add the power of variables and flow
control, you can do a lot more with it. Shell scripts are similar to DOS batch files
(those files that end in .bat), but shell scripts are more powerful and actually easier to
create.
Shell scripts are interpreted, which means that the shell reads each line
and acts on it immediately. This process differs from that of a formal programming
language like C or C++, where the program is compiled and optimized for faster
execution. So there’s a tradeoff--it’s easier to create quick little shell scripts, but if the
task at hand requires serious number crunching or complicated logic, a compiled
language is better.
An important thing to note is that all of the shell script syntax and examples in this
section will work in both the Bash and Korn (pdksh) shells. The C shell (tcsh) has
subtle differences in many areas, so scripts written for one shell may not work in
another. If you decide to use the C shell instead of Bash, use the man tcsh command
for more information on writing shell scripts for that environment.
All that is necessary to create this script is to open a text editor (but not a word
processor), such as gedit or vi, and type the following three lines exactly as shown on
a new, blank page:
#!/bin/bash
clear
Alternatively, the above code could be copied from this page and pasted to a
blank page opened by the text editor page using the standard keyboard or mouse copy
and paste functions.
After saving this plain text file, with a file name such as morning (or anything
else desired), the script is complete and almost ready to run. Scripts are typically run
by typing a dot, a forward slash and the file name (with no spaces in between) and then
pressing the ENTER key. Thus, for example, if the above script were saved with the
. /morning
However, the script probably will not run, in which case an error message will
appear on the screen such as bash: ./morning: Permission denied. This is because the
permissions for the file first have to be set to executable. (By default, the permissions
for new files are set to read and write only.) The problem can easily be solved by using
the chmod command with its 755 option (which will allow the file creator to read,
write and execute the file) while in the same directory as that in which the file is
located as follows:
Now the script is ready to run by typing the following, again while in the same
directory, and then pressing the ENTER key:
./morning!
2.8.1 Overview
Berkeley sockets (also known as the BSD socket API) originated with the
4.2BSD Unix operating system (released in 1983) as an API. Only in 1989, however,
could UC Berkeley release versions of its operating system and networking library free
from the licensing constraints of AT&T’s copyright-protected Unix.
The socket API forms the de facto standard abstraction for network sockets.
Most other programming languages use an interface similar to the C API. The API is
also used for Unix domain sockets, which are an interface to inter-process
communication (IPC) channels within a single computer.
Socket interfaces are accessible at three different levels, most powerfully and
fundamentally at the raw socket level. Very few applications need the degree of
control over outgoing communications that this provides, so raw sockets support was
intended to be available only on computers used for developing Internet-related
technologies. In recent years, most operating systems have implemented support for it
anyway, including Fedora and RedHat.
Linux supports BSD style socket programming. Both connection oriented and
connectionless types of sockets are supported. In connection oriented communication,
the server and client establish a connection, before any data is exchanged. In
connectionless communication, data is exchanged as a part of the message. In either
case server always starts up first, binds itself to socket, and listens to messages. How
the server attempts to listen depends on the type of connection for which you have
programmed it.
Some of the API used for some of the system call are
•Socket()
•Bind()
•Accept()
•Listen()
•Connect()
•Sendto()
•Recvfrom()
Socket API
socket () creates an endpoint for communication and returns a file descriptor for the
socket. socket () takes three arguments:
Domain, which specifies the protocol family of the created socket. For example:
PF_INET for network protocol IPv4 or
PF_INET6 for IPv6.
PF_UNIX for local socket (using a file).
Type, one of:
SOCK_STREAM (reliable stream-oriented service or Stream Sockets)
SOCK_DGRAM (datagram service or Datagram Sockets)
SOCK_SEQPACKET (reliable sequenced packet service), or
SOCK_RAW (raw protocols atop the network layer).
Protocol, specifying the actual transport protocol to use. The most common are
IPPROTO_TCP, IPPROTO_SCTP, IPPROTO_UDP, IPPROTO_DCCP. These
protocols are specified in <netinet/in.h>. The value “0” may be used to select a
default protocol from the selecteddomain and type. The function returns -1 if an
Secured Intra Network Through Server Dominance 16
Dept. of CSE, MSRIT
Prototype
Bind API
bind() assigns a socket an address. When a socket is created using socket(), it is only
given a protocol family, but not assigned an address. This association with an address
must be performed with the bind() system call before the socket can accept
connections to other hosts. bind() takes three arguments:
Prototype
Listen API
After a socket has been associated with an address, listen() prepares it for incoming
connections. However, this is only necessary for the stream-oriented (connection-
oriented) data modes, i.e., for socket types (SOCK_STREAM, SOCK_SEQPACKET).
listen() requires two arguments:
Prototype
Secured Intra Network Through Server Dominance 17
Dept. of CSE, MSRIT
Accept API:
sockfd, the descriptor of the listening socket that has the connection queued.
cliaddr, a pointer to a sockaddr structure to receive the client’s address
information.
addrlen, a pointer to a socklen_t location that specifies the size of the client
address structure passed to accept (). When accept () returns, this location
indicates how many bytes of the structure were actually used.
The accept() function returns the new socket descriptor for the accepted connection, or
-1 if an error occurs. All further communication with the remote host now occurs via
this new socket.
Datagram sock2ets do not require processing by accept() since the receiver may
immediately respond to the request using the listening socket.
Prototype
Connect API
The connect() system call connects a socket, identified by its file descriptor, to a
remote host specified by that host’s address in the argument list.
Certain types of sockets are connectionless, most commonly user datagram protocol
sockets. For these sockets, connect takes on a special meaning: the default target for
sending and receiving data gets set to the given address, allowing the use of functions
such as send() and recv() on connectionless sockets.
connect() returns an integer representing the error code: 0 represents success, while -1
represents an error.
Prototype
3.1 Introduction
Software requirement specification is a document that signifies the requirement
of the system to perform and also the initiative that has to be taken while handling the
system. The various situations under which the system functions is also taken into
consideration.
The end user of our project system will be the admin of the organization or the
person controlling the server. They may expect good graphical interface which is
possible from Linux and shell programming and also quick access and performance of
the system which is possible from socket programming on Linux platform.
We are assuming that the intra network where the system is working has
sufficient bandwidth to support the clients and also sufficient port and socket
connections which are prerequisites for the functioning of the system. And moreover
the client systems are also utilized in the intra network and this also makes us to assume
that we have sufficient number of clients in the network.
4. SYSTEM DESIGN
System Design is the process or art of defining the architecture, components,
modules, interfaces, and data for a system to satisfy specified requirements. One
could see it as the application of systems theory to product development. There is
some overlap with the disciplines of systems analysis, systems architecture and
systems engineering.
Object-oriented analysis and design methods are becoming the most widely used
methods for computer system design. The UML has become the standard language
used in Object-oriented analysis and design. It is widely used for modeling software
systems and is increasingly used for high designing non-software systems and
organization
The System proposed will be helping the server or the admin in gaining the
complete control over the clients systems. For this, the system architecture is designed
in such a way that it reveals all the applications running on the clients systems.
For this purpose, the system will be using the concepts of socket programming
and Shell programming. For this purpose, the system is based on Linux platform which
supports both.
Hub
The Server.
The hub.
The clients.
The Server is Mainly the admin which controls the intra networks. This process is done
via hub and the various clients in the intra network will be acted upon parallel by the
server.
This is how the system works. Every packet accessed by the client will be through the
hub. So whatever be the scenario, every packet entering the intra network must get the
permission of the server. I.e. the server will be monitoring the intra network through the
hub.
Incoming Packets
to Intra Network
Client
Hub
(End User) Client
Packets to Hub Outgoing
Packets from
Server Intra Network
Monitoring
Server
(Administrator)
Whenever the unauthorized packet enters the system, the server checks the packet
availability in the network. With this, the server can get the hold of each and every
packet coming and going out from the network.
Our project has a very important role to play in educational institutions,
where students hoodwink the lecturers pretending that they are working but instead
utilize the lab resources for their own amusement. By implementing our code in the all
lab systems the lecturer, sitting in the server can ensure that all students are doing the
Remote login
and Telnet Run Remote Authentication
Session Login Service
User
Administrator
Fig 4.4: System User Interface design
The System interface will be mainly the C, C++ coding on Linux platform which
consists of socket and shell programming. This helps us in having a much better
interface via command line prompt. Further the Linux also provides the security on the
interfaces.
Server
Hub
End System Clients
These basic System Functionalities can be expressed through the diagram given below:
Authentication Successful? No
Yes Data
Transfer
Data Data
Transfer Violating Organization Transfer
Rules?
Yes No
The basic blocks in the system consists of the server, the end system client and
the various interactions taking place between them in the form of Data transfer or
System status or issue of the warning messages or shutting down the applications in the
end system or shutting down the end system entirely as well. Fig 4.6 is a pictorial
representation of the block diagram of the system:
The authentication
Selection of the client system
Viewing the various operations of the client
The Authentication
We are using the user name and password methodology for the authentication
purposes. This is shown in the figure 4.7. The user gives his username and password for
the process of authentication and this is done by the server.
Username
Password
Run processes
Chat Facility
Retrieve data
Admin
Monitor Client Processes
Secured Intra Network Through Server Dominance 29
Request Username
Request password
Confirm Login
Fig 5.2 Use Case Diagram 2
5.1.1 Documentation
The use case diagram above depicts the basic working of the system. The
interactions happening between the actors are also depicted accordingly.
Actors
Administrator
Clients
Run Processes
o The client systems in the intra-network may need to run several
processes for their purpose. While running processes, they may make
critical use of the system resources, like memory, CPU, system bus
etc.
Secured Intra Network Through Server Dominance 31
Dept. of CSE, MSRIT
Chat Facility
o Through the chat facility, the clients can request the administrator for
certain information like the request access to files, passwords for
protected files if the user is eligible to access the file and similar other
information. The administrator can also use the chat facility to
communicate with the clients.
Retrieve data
o The clients may request the administrator for access to any useful
information or files which may be stored in the server. The
administrator will first check if the user who has requested for the file
is eligible for accessing the file and if yes, he will retrieve the file and
share it with the requesting user.
: Client-1 : Client-2
: Admin
Enter usrname
Request password
Enter password
Verify
Retrieval Request
Retrieve File
Share files and Send file to client
transfer data
Secured Intra Network Through Server Dominance 33
Dept. of CSE, MSRIT
Run
Processes
Monitor process
Request info
through chat
REPLY
Monitor file
sharing
Send Warning
5.2.1 Description of the Sequence Shut
and down
Diagram
applications
If the user id and Password entry by the user matches with those
stored in the server side, the authentication is successful and the
subsequent login confirmed message is sent to the user.
Otherwise the login is invalid and the user has to re-enter the
information.
If the file requested is present with another client, then the file
may be sent directly by the client present within the intranet.
If the requested file is present in the server, the request must be
passed to the administrator, who must retrieve the file from the
server and send it back to the client.
Flow of event
The Chat Facility in the servers similar to that available in the
internet. That is similar like a window screen which shows the IP
address of the client to server. Selecting those IP address will
form a chat platform for both server and client.
Flow of Event
If the client is violating the code of rules of the organisation, the
client sends a warning message either through chat or separately.
In Case if no reply found from the client either for the chat
message or for the Warning message, the admin can close the
situation without any concern of the client.
Intranet
Server Client
Chat Facility (Admin) monitoring by
Secured Intra Network Through Server Dominance administrator 36
Dept. of CSE, MSRIT
Internet
The system architecture shows the basic working of the system. As depicted in the
figure, a number of clients are logged into the intranetwork which is constantly
monitored by the system administrator.
In the due process, the clients may perform their normal operations like
running processes, applications and programs or sharing files and data with other
clients connected to the same intranetwork.
Each client system can be monitored through their unique IP address
assigned to them while connecting to the intranetwork. The network administrator
can view the processes running in the client systems including the usage of the
resources like the system bus and memory.
There is also a chat facility provided between the clients connected in the
intranetwork and the administrator for any sharing any important files or
requesting access permission to any files or requesting password and similar
issues.
In the second level of the hierarchy, the whole intranetwork is connected to
the internet, with the administrator sitting in between who monitors and controls
the flow of the packets coming in to the intranetwork from the internet and going
out from the intranetwork to the internet.
User
name
accepted
Enter Password
Accepted
Applications in
the client
Process Chat
Securedrunning
Intra Network Through Server Dominance 38
Admin
Monitor Monitor