# The Final Exam of Network Programming (2017-1) 1. (8%) Explain the key idea of effective user IDs in UNIX. Assume that you need to write a CGI program to update a system database with root privilege. How would you use effective user IDs to solve the problem? ``` 1.EUID: 讓該程式執行時暫時以其他User的權限來執行只有該User能夠執行行為，例如: 修改密碼時需要以root 權限改密碼。 2.在編譯出CGI的執行檔後，下 `sudo chmod u+s ./cgi_program` (possible) UNIX在讀、寫或執行檔案的時候，會先去確認EUID是否有權限能做這件事 先使用root權限執行cgi程式，在沒有要更新database的時候使用seteuid(非0)來drop掉root 權限(安全性問題)，之後在要更新database的時候使用seteuid(0)來把root權限拿回來 ``` 2. (18%) Write a simple and short program (named test) for the single process concurrent server doing this: All messages from clients as well as all login/logout events are broadcast to all clients. (Assume that the connectTCP and passiveTCP functions are provided.) ```C fd_set rfds, afds; FD_ZERO(&afds); FD_ZERO(&rfds); int sockfd = passiveTCP(“http”, “tcp”, 30); FD_SET(sockfd, &afds); int nfds = sockfd, newfd; int clifd[1024] = {0}, idx = 0; void broadcast(int clientfd, const char* str) { for (int i = 0; i < idx; ++i) { if (clifd[i] != 0) { write(clifd[i], buf, sizeof(buf)); } } } void main() { while (true) { memcpy(&rfds, &afds, sizeof(afds)); select(nfds + 1, rfds, NULL, NULL, NULL); if (FD_ISSET(sockfd, &rfds)) { newfd = accept(sockfd, NULL, NULL); clifd[idx++] = newfd; broadcast(clifd[idx - 1], "login"); FD_SET(newfd, &afds); nfds = max(newfd, nfds); } for(int i = 0; i <= nfds; ++i) { if (i != sockfd && FD_ISSET(i, &rfds)) { int ret; char buf[1024] = {0}; ret = read(i, buf, sizeof(buf)); if (ret == 0) { broadcast(i, "logout"); for (int j = 0; j < idx; j++) { if (clifd[j] == i) { clifd[j] = 0; } } FD_CLR(i, &afds); } else { broadcast(i, buf); } } } } } ``` 3. (18%) Write a simple and short program (named wrapper) for the following: (a) create four child processes p1, p2, eh1 and eh2, (b) forward stdin (or 0) messages of wrapper to stdin of p1, (c\) forward stdout (or 1) of p1 to stdin of p2, (d) forward stdout of p2 back to wrapper’s stdout, (e) forward stderr (or 2) of both p1 and p2 to eh1’s and eh2’s stdin respectively, (f) forward stdout of eh1 and eh2 to p2’s stdin and wrapper’s stdout respectively, and (g) forward stderr of eh1 and eh2 to wrapper’s stderr. ```C int pid_p1, pid_p2, pid_eh1, pid_eh2; int pipe_b[2], pipe_c[2], pipe_d[2], pipe_e1[2], pipe_e2[2], pipe_f1[2], pipe_f2[2], pipe_g1[2], pipe_g2[2]; pipe(pipe_b); pipe(pipe_c); pipe(pipe_d); pipe(pipe_e1); pipe(pipe_e2); pipe(pipe_f1); pipe(pipe_f2); pipe(pipe_g1); pipe(pipe_g2); // p1 switch((pid_p1 = fork())) { case -1: exit(1); break; case 0: // child // (b) close(pipe_b[1]); dup2(pipe_b[0], 0); close(pipe_b[0]); // (c) close(pipe_c[0]); dup2(pipe_c[1], 1); close(pipe_c[1]); // (e) close(pipe_e1[0]); dup2(pipe_e1[1], 2); close(pipe_e1[1]); exit(0); default: close(pipe_b[0]); dup2(0, pipe_b[1]); break; } // p2 switch((pid_p2 = fork())) { case -1: exit(1); break; case 0: // child // (c) close(pipe_c[1]); dup2(pipe_c[0], 0); close(pipe_c[0]); // (d) close(pipe_d[0]); dup2(pipe_d[1], 1); close(pipe_d[1]); // (e) close(pipe_e2[0]); dup2(pipe_e2[1], 2); close(pipe_e2[1]); // (f) close(pipe_f1[1]); dup2(pipe_f1[0], 0); close(pipe_f1[0]); exit(0); default: // parent // (d) close(pipe_d[1]); dup2(1, pipe_d[0]); break; } switch((pid_eh1 = fork())) { case -1: exit(1); break; case 0: // child // (e) close(pipe_e1[1]); dup2(pipe_e1[0], 0); close(pipe_e1[0]); // (f) close(pipe_f1[0]); dup2(pipe_f1[1], 1); close(pipe_f1[1]); // (g) close(pipe_g1[0]); dup2(pipe_g1[1], 2); close(pipe_g1[1]); exit(0); default: // (g) close(pipe_g1[1]); dup2(2, pipe_g1[0]); break; } switch((pid_eh2 = fork())) { case -1: exit(1); break; case 0: // child // (e) close(pipe_e2[1]); dup2(pipe_e2[0], 0); close(pipe_e2[0]); // (f) close(pipe_f2[0]); dup2(pipe_f2[1], 1); close(pipe_f2[1]); // (g) close(pipe_g2[0]); dup2(pipe_g2[1], 2); close(pipe_g2[1]); exit(0); default: // (f) close(pipe_f2[1]); dup2(1, pipe_f2[0]); // (g) close(pipe_g2[1]); dup2(2, pipe_g2[0]); break; } ``` 5. Describe the expiration model and the validation model of HTTP [Reference](https://symfony.com/doc/current/http_cache/validation.html) ``` 1. Expiration model 判斷 cache 是否有過期的計算方法 - Age Calculation current_age = age(from header) + respose dalay + resident time * response delay = reponse time - request time * resident time = now - response time if current_age > lifetime: update_cache() 2. Validation model 判斷 cache 跟 server 的網頁資料一致性 如果資料相同，回傳304，此時就繼續用 cache 的資料 ``` 7. (6%) Explain what is inetd in UNIX. Describe how it works, why it is important in UNIX. [reference-1](https://debian-handbook.info/browse/zh-TW/stable/sect.inetd.html) [reference-2](http://mail.lsps.tp.edu.tw/~gsyan/freebsd2001/srv_ctrl.html) ``` inetd : 將較少人使用的服務或是不需要持續執行的服務，用一個 process 來做管理，節省系統資源。 會去讀 /etc/inetd.conf 的檔案去監聽指定的 port，當有連線到該 port 時，就會啟動對應的程式 ``` 8. (6%) What are the problems of the rsh service through a firewall? How do you design your proxy servers in DMZ for this service? > rsh 的 error report 使用 port < 1023，如果將此條規則寫入會有資安上的風險。 > 在使用 rsh 時使用 proxy server 代為轉送，繞過 port 在 firewall 上造成的風險。 9. (8%) If we want to allow outbound telnet connections and allow both inbound and outbound SMTP connections between bastion SMTP server S1 and internal SMTP server S2, design your policy setting table for the interior routers. | # | Direction | Protocol | src IP | src Port | dst IP | dst port | ACK | Action | | -------- | -------- | -------- | -------- | -------- | -------- | -------- |-------- | --------| | 1 | Out | TCP | Internel | >1023 | Externel | 23 | Any | Permit | | 2 | In | TCP | Externel | 23 | Internel | >1023 | Yes | Permit | | 3 | In | TCP | S1 | >1023 | S2 | 25 | Any | Permit | | 4 | Out | TCP | S2 | 25 | S1 | >1023 | Yes | Permit | | 5 | Out | TCP | S2 | >1023 | S1 | 25 | Any | Permit | | 6 | In | TCP | S1 | 25 | S2 | >1023 | Yes | Permit | | 7 | Either | TCP | Any | Any | Any | Any | Any | Deny | 11. (5%) If a mail system supports “piping” in the fields of “To” and “From” without any protection, design a simple way to attack the system and explain the reason. [reference](https://docs.osticket.com/en/latest/Getting%20Started/Email%20Piping.html) ``` Piping : 把 Email 的內容(Text) input 到對方 receiver 端的程式當中，而不是儲存到 mailbox 先在 From 的欄位輸入一段惡意程式碼，對方程式執行時會執行到該惡意程式碼，對receiver端做攻擊或是竊取資訊 ``` 12. (8%) For each of the following four firewall architectures, indicate whether it is safe and explain the reason. ``` C (a) Dual-Home Host Architecture : Safe, 因為架構本身只提供內網 proxy 服務，對外不提供任何服務 (b) Merging bastion and Exterior Router : safe, 因為即使 Exterior Router 被入侵，仍需要再繞過 interior router 才有辦法進到 interal network (c) Screened Host Architecture : unsafe, 當 bastion host 被入侵，內網就會遭受到威脅 (d) Mutiple Internal Network: safe, 只有用到一台 interior router，減少攻擊點，而且不會有 internal network -> perimeter Network -> intelnal Network 這條路徑可走 ``` 13. (6%) For an NAT, assume that it is Cone NAT as described in the class. Briefly describe how to do UDP hole punching on the NAT. [reference1](http://www.cs.nccu.edu.tw/~lien/Writing/NGN/firewall.htm) [reference2] ``` 先有一台公開的 public server X，假設有兩台不同NAT內的電腦要進行通訊(A,B)，A、B先連上 X，X 回傳對方的 public ip 跟 port，再來兩端進行連線，就不會被 Restricted Cone NAT 限制而被拒收，即可順利通訊 ```