About Remote Access (ARA)

One of the basic mechanisms of computer networks is to be able to carry out computer commands remotely. Users can run their program applications on computers that are located far apart. One application that can perform remote actions is TELNET.

Deployment-Remote-Access

Substance:

TELNET
Remote Execution Command protocol (REXEC and RSH)
Secure Shell (SSH)
History of SSH
SSH Usage
Virtual Network Computing (VNC)
How VNC Works
Remote Desktop Protocol (RDP)

1. TELNET

Telnet is a standard protocol with STD number 8. It is described in RFC 854 -- TELNET protocol specification and RFC 855 -- TELNET options specifications.

TELNET provides an interface to a program on one host (TELNET client) to access resources on another host (TELNET server) so that the client will feel like doing activities on its own host. It looks like in this picture.

Performing remote login with TELNET

For example, a user using a workstation on a LAN accesses a host that is also connected to the LAN and feels like using a terminal on the host. Most telnets do not provide a graphical interface.

2. Remote Execution Command protocol (REXEC and RSH)

Remote EXEcution Command Daemon (REXECD) is a server that allows the execution of a command sent by a host via a TCP/IP network, the client uses the REXEC application or uses the Remote Shell Protocol (RSH) to transfer an activity from one host to another.

REXECD is a server (or daemon). Where its task is to handle commands from other hosts, then forward the command to the virtual machine to perform the command action. The daemon provides automatic login if the username and password have been entered.

REXEC uses TCP port 512, while RSH uses TCP 514. It is explained as in this figure.

REXEC and REXECD Principles

3. Secure Shell (SSH)

In the computer world, secure shell or SSH is a standard protocol that forms a secure path for communication between computers. SSH uses public key encryption techniques on the user authentication system to access other computers. SSH provides an encryption system on the path used, thus providing a high level of data security.

SSH is commonly used to perform remote login and run commands on remote computers, but SSH can also be used as a network tunnel, forwarding TCP ports, and X11 connections. It can also be used to transfer files with the SFTP or SCP protocols. The SSH server operates on port 22.

Examples of SSH usage

4. History of SSH

In 1995, Tatu Ylonen, a researcher from Helsinki University of Technology, Finland, designed a security protocol that could secure against password sniffing techniques. The success of SSH replaced the rlogin, TELNET, and rsh protocols. Where these protocols do not provide authentication security and data confidentiality facilities. Ylonen published this protocol as freeware in July 1995.

In December 1995, Ylonen founded SSH Communications Security which was used to market and develop SSH, and SSH evolved into a proprietary protocol.

In 1996, SSH-1 was revised to SSH-2 using a more secure algorithm.

In 1999, several communities wanted an open source version of SSH, so OpenSSH was created.

5. Using SSH

SSH is widely used for:

With SSH client used for remote server control.
With the combination of SFTP you can transfer files
With the combination of rsync can be used as a mirror, backup
With the combination of SCP used for rcp applications with data security capabilities
Port Forwarding or tunneling

6. Virtual Network Computing (VNC)

VNC is a system used to share resources for the desktop, which uses the RFB (Remote Frame Buffer) protocol which is used to remotely manage other computers. VNC sends information on keyboard keystrokes and mouse clicks so that it can control other computers on the network and display the screen on the controlling computer.

VNC is platform-independent, meaning that VNC viewer can connect to VNC server even if the operating system is different. There are various VNC server-client and in java form. VNC can be controlled from several clients at the same time. VNC is widely used in remote technical support, file access from home computer to work computer.

VNC was first developed at AT&T, and is open source with a GPL license.

7. How VNC Works

VNC has 2 parts, namely, client and server. Server is a program that shares the source and screen on the computer, and Client (viewer) is a program that sees and interacts with the server.

VNC uses a simple protocol based on how graphics work, namely "place a box at a given x,y position". The server sends a framebuffer as large as the specified box to the client. So that sending images is only needed for moving parts, but if there is a movement of the image that demands a full screen, then the image sent is also as large as the full screen image.

VNC uses ports 5900 to 5906, each port represents a port on the X-windows screen (ports 5900 to 5906 for screens 0 to 6). For the java viewer implemented in RealVNC on ports 5800 to 5806. These ports can be changed.

On Windows computers, computers can only use 1 screen unlike Unix. So it only uses port 5900.

VNC on Windows accessing VNC on MAC and Linux

8. Remote Desktop Protocol (RDP)

RDP is a multi-channel protocol that allows users to connect to Microsoft Terminal Services. For clients, it can be done from Windows operating systems, and other operating systems such as Linux, FreeBSD, Mac OS X. On the server side, the application uses port 3389.

The initial version of RDP was version 4.0, which was used in Terminal Services on the Windows NT 4.0 Server operating system, Terminal Server Edition. In Windows 2000 it became version 5.0 with additional features such as being able to print to a printer installed on the local computer. Version 5.1 is in Windows XP Professional, which is able to display 24-Bit graphics and sound. Version 5.2 is in Windows 2003, which has a console mode connection feature. And in Windows Vista it will use version 6.0

Feature

Supports 24bit color usage
128bit encryption
Supports Transport Layer Security
Using audio application but listening on local computer
File System Redirection
Printer Redirection
Port Redirection
The clipboard can be used on a local computer or a remote computer.
Share hard disk resources with remote computers

Application Examples

Remote Desktop Connection

Computer Network Remote Execution

1. TELNET

Telnet is a standard protocol with STD number 8. It is described in RFC 854 -- TELNET protocol specification and RFC 855 -- TELNET options specifications.

Figure 10.1 TELNET – performing a remote login with TELNET

For example, a user using a workstation on a LAN accesses a host that is also connected to the LAN and feels like using a terminal on the host. Most telnets do not provide a graphical interface.

2. Remote Execution Command protocol (REXEC and RSH)

REXEC uses TCP port 512, while RSH uses TCP 514. This is explained in Figure 10.2.

Figure 10.2 Principles of REXEC and REXECD

3. Secure Shell (SSH)

Figure 10.3 Example of using SSH

3.1. History of SSH

In December 1995, Ylonen founded SSH Communications Security which was used to market and develop SSH, and SSH evolved into a proprietary protocol.

In 1996, SSH-1 was revised to SSH-2 using a more secure algorithm.

In 1999, several communities wanted an open source version of SSH, so OpenSSH was created.

3.2. SSH Usage

SSH is widely used for:

With SSH client used for remote server control.
With the combination of SFTP you can transfer files
With the combination of rsync can be used as a mirror, backup
With the combination of SCP used for rcp applications with data security capabilities
Port Forwarding or tunneling.

4. Virtual Network Computing (VNC)

VNC was first developed at AT&T, and is open source with a GPL license.

4.1. How VNC Works

VNC has 2 parts, namely, client and server. Server is a program that shares the source and screen on the computer, and Client (viewer) is a program that sees and interacts with the server.

VNC uses ports 5900 to 5906, each port represents a port on the Xwindows screen (ports 5900 to 5906 for screens 0 to 6). For the java viewer implemented in RealVNC on ports 5800 to 5806. The ports can be changed.

On Windows computers, computers can only use 1 screen unlike Unix. So it only uses port 5900.

Figure 10.4 VNC on Windows accessing VNC on MAC and Linux

5. Remote Desktop Protocol (RDP)

5.1. Features

Supports 24bit color usage
128bit encryption
Supports Transport Layer Security
Using audio application but listening on local computer
File System Redirection
Printer Redirection
Port Redirection
The clipboard can be used on a local computer or a remote computer.
Share hard disk resources with remote computers.

5.2. Application Examples

Figure 10.5 Remote Desktop Connection

Understanding Naming & Directory Protocols

TCP/IP protocol has many types of applications, but all of them are forms of network utilities. All of them are important in a company to use the network. The network is there to be accessed and serve users, both from inside and outside. Servers are needed to serve applications, data and other resources. These servers can run on various types of hardware, from various vendors and also various types of operating systems. This chapter will explain the methods for accessing a source and application on a distributed network.

Domain Name System (DNS)
Dynamic Domain Name System (DDNS)
Network Information System (NIS).

1]. Understanding Domain Name System (DNS)

DNS is described in the protocol standard with no STD 13. And is described in RFC 1034, and RFC 1035.

In the beginning of the internet, a user could only access the internet using an IP address. So users had to memorize various IP addresses like memorizing telephone numbers. For example, to access a server, users had to know the IP address of the server, by TELNET 202.154.187.5. Then a naming system was developed so that users could simply access the internet with a unique name, for example TELNET www. Where IP 202.154.187.5 is mapped with the name www.

Because the development of the internet is very fast, the Domain Name System (DNS) system was developed. Where it is enough for a host to map a name to an IP, so that other hosts simply access the host and ask for a name and the IP address is replied to the asking host. So the asking host does not need to have the mapping database.

1. Naming Hierarchy

Naming a domain is formed in a hierarchical tree form. Where this makes it easier to control a domain name. Example:

small.itso.raleigh.ibm.com

Small is the name of the host, itso.raleigh.ibm.com is the lowest-level domain name, and is a subdomain of raleigh.ibm.com, and is also a subdomain of ibm.com, and is also a subdomain of the com domain which is also a top-level domain. This can be seen in Figure 9.1.

Figure 9.1 DNS – Naming Hierarchy

2. Fully Qualified Domain Names (FQDN)

When using DNS, users can access a site with only a small part of a domain. For example, to access the official campus website from the campus LAN network, users simply type www. In fact, the full name of the server is www.eepis-its.edu. The name www.eepis-its.edu is an FQDN.

3. Generic domain

The three characters of the top-level domain are also called generic domains or organizational domains. Table 9.1 shows examples of Top-Level Domains.

Table 9.1 Top-Level Domains

| Nama Domain | Arti                              |
|-------------|-----------------------------------|
| com         | Organisasi komersial (company)    |
| edu         | Institusi edukasi atau pendidikan |
| gov         | Institusi pemerintahan            |
| int         | Organisasi internasional          |
| mil         | Militer AS                        |
| net         | Pusat layanan jaringan            |
| org         | Organisasi non-profit             |
| Kode-negara | 2 digit kode negara               |

Since the Internet originated in the United States, most top-level domains are owned by US agencies. However, currently only gov and mil are used exclusively in the US.

4. Country Domain

Each country has its own domain using 2 letter characters which are the abbreviation of the country's name. The characters used are in accordance with ISO 3166. Example: Indonesia uses the .id domain.

5. Mapping Domain Names to IP Addresses

The one that controls the name mapping is the nameserver. The nameserver is a server program that holds the master or duplicate of the name mapping database to the IP address. The function of the nameserver is to answer requests from client programs about a domain name. The name of the client program is called the name resolver.

6. Mapping IP Addresses to Domain Names -- pointer query

For mapping IP addresses to domain names, it is not in a hierarchical form but in the domain format in.addr-arpa (ARPA is used because the internet started from ARPAnet).

The use of in.addr-arpa is a reverse mapping of an IP address. Example: IP with address 129.34.139.30, in the database is written as 30.139.34.129.in-addr.arpa. Then search for a matching host name. This system is called a pointer query.

7. Domain Name Distribution

Setting a domain name can be done on a local network, this is because the way DNS works uses a zones of authority system or commonly abbreviated as zones. Where with this zones system a nameserver can delegate a domain name to another nameserver connected via internetworking.

On the root nameserver, the nameserver delegates a domain to a nameserver. Example: domain eepis-its.edu, where the .edu nameserver on eduacause.net delegates the name eepis-its to the nameserver on the PENS campus network. The domain name eepis-its is delegated to the nameservers ns1.eepis-its.edu (202.154.187.2) and ns2.eepis-its.edu (202.154.187.3). And on the nameservers ns1 and ns2 the host names of the eepis-its.edu network are recorded.

8. Domain Name Resolution

The processes carried out in requesting a domain name include:

A program uses gethostbyname().
Resolver queries a nameserver
The nameserver checks whether there is an answer in the local database or in temporary storage (cache). If not found, the nameserver will forward to another nameserver according to the domain name hierarchy.
The user program receives a response in the form of an IP address or an error message if an error occurs.

The above process is called Domain Name Resolution, which is a server-client based application. The client function is performed by the resolver transparently to the user. While the server function is performed by the Nameserver.

This delivery uses UDP and TCP channels.

9. Full domain name resolver

It is said to be a full resolver if DNS resolution is performed from the user program, and is queried to a nameserver from the resolver program to be processed. The full resolver system is shown in Figure 9.2.

Figure 9.2 DNS – using a full resolver for domain name resolution

10. Domain name stub resolver

A program equipped with domain name processing subroutines and can query nameservers is called a domain name stub resolver. Where in UNIX, stub resolver is done with the gethostbyname() and gethostbyaddr() subroutines. Stub resolver can be seen in;

Figure 9.3 DNS – using stub resolvers for domain name resolution

11. Domain Name Server Operations

Types of nameservers include:

1. Primary

Nameservers use zones from disk and have authorization over the entire zone.

2. Secondary

This nameserver has authorization over the entire zone but the zone data is taken from the primary nameserver using the zones transfer process.

3. Caching-only

A nameserver that has no authorization and zone data. But only forwards queries to a registered nameserver.

12. Resource Records from Domain Name System

The DNS database is called a resource record (RR), where it begins with Start of Authority (SOA), where SOA records the name of the domain. Then there is a nameserver (NS) appointment that will answer the name of the domain.

Resource record format:

Table 9.2 DNS Resource Record Format

| Nama | TTL | Class | Tipe | RData |
|------|-----|-------|------|-------|

Where :

Name: name of the domain
TTL : Time-to-live, the length of time a name will be in the cache. The unit used is seconds, for example 86400 is 1 day.
Class: identifies the protocol name, for example IN (Internet system)
Type: identifies the type of resource record.

Table 9.3 Types of RR

| Tipe  | Nilai | Arti                                                                             |
|-------|-------|----------------------------------------------------------------------------------|
| A     | 1     | Alamat host                                                                      |
| CNAME | 5     | Canonical Name, nama alias dari suatu host                                       |
| HINFO | 13    | CPU dan OS yang digunakan suatu host, bersifat komentar                          |
| MX    | 15    | Mail Exchange untuk suatu domain                                                 |
| NS    | 2     | Nameserver yang memiliki authority untuk suatu domain                            |
| PTR   | 12    | Pointer untuk nama domain                                                        |
| SOA   | 6     | Start of Authority                                                               |
| WKS   | 11    | Well-Known Services, memberikan spesifik dari suatu layanan di jaringan tersebut |

RData : the value depends on the type, for example:

A IP Address
CNAME domain name
MX 16 bit priority followed by domain name
NS host name
PTR domain name.

13. Transportation

DNS messages are sent via UDP and TCP

UDP: port 53. Used for zone transfer between nameservers, with a message length of 512 bytes.
TCP : port 53. Total frame length of the message.

14. DNS Application

DNS is implemented on:

1. host

Get IP address from a hostname or get hostname from an IP address.

2. nslookup

Looks up information about network nodes, and examines the database contents of nameservers.

3. dig

Find more detailed information about a domain name. DIG stands for Domain Internet Groper.

4. Bind

Nameserver application.

2]. Understanding Dynamic Domain Name System (DDNS)

DDNS is used on clients that use the DHCP system, where the DHCP server sends a message to the nameserver to record the IP and host name. How DDNS works can be seen in Figure 9.4.

Figure 9.4 DDNS

Where :

Client gets IP address from DHCP server
The client sends the host name with the IP address to the DHCP server.
Sending update requests during DHCP process
Registers the PTR RR of an IP address to a hostname.

3]. Understanding Network Information System (NIS)

NIS is not an internet standard. NIS is used to share information in a unix environment. Information that can be shared includes /etc/passwd, /etc/group and /etc/hosts.

NIS has advantages including:

Provides consistency of user IDs and group IDs on large networks.
Shortens the time to manage user IDs, group IDs and NFS ownership by both users themselves and system administrators.

The NIS system consists of:

NIS master server. Manages a map or database of user passwords.
NIS slave server. Backup of NIS master server.
NIS client. The system served by the NIS server.

About Remote Access (ARA)

Substance:

1. TELNET

2. Remote Execution Command protocol (REXEC and RSH)

3. Secure Shell (SSH)

4. History of SSH

5. Using SSH

6. Virtual Network Computing (VNC)

7. How VNC Works

8. Remote Desktop Protocol (RDP)

Feature

Computer Network Remote Execution

1. TELNET

2. Remote Execution Command protocol (REXEC and RSH)

3. Secure Shell (SSH)

3.1. History of SSH

3.2. SSH Usage

4. Virtual Network Computing (VNC)

4.1. How VNC Works

5. Remote Desktop Protocol (RDP)

5.1. Features

5.2. Application Examples

Understanding Naming & Directory Protocols

1]. Understanding Domain Name System (DNS)

1. Naming Hierarchy

2. Fully Qualified Domain Names (FQDN)

3. Generic domain

4. Country Domain

5. Mapping Domain Names to IP Addresses

6. Mapping IP Addresses to Domain Names -- pointer query

7. Domain Name Distribution

8. Domain Name Resolution

9. Full domain name resolver

10. Domain name stub resolver

11. Domain Name Server Operations

1. Primary

2. Secondary

3. Caching-only

12. Resource Records from Domain Name System

13. Transportation

14. DNS Application

1. host

2. nslookup

3. dig

4. Bind

2]. Understanding Dynamic Domain Name System (DDNS)

3]. Understanding Network Information System (NIS)

Post a Comment

نموذج الاتصال