Routers are one of the most important devices on the Internet. It is the tens of thousands of routers spread all over the world that form the "bridge" of the Internet, a giant information network that runs around us day and night. The core communication mechanism of the Internet is a data transmission model called "store and forwarding". Under this communication mechanism, all data flowing on the network is sent, transmitted and received in the form of a packet. Any computer connected to the Internet must have a unique network "address" to communicate with other machines and exchange information. Data is not transmitted directly from its "starting point" to the "destination". On the contrary, data is divided into fragments of a certain length according to specific standards before transmission. Each data packet is added with the network address of the destination computer, which is like putting an envelope with the recipient's address written. Such a data packet will not be "lost" when it is transmitted online. Before reaching the destination, these data packets must be forwarded and relayed through layers of communication devices or computers on the Internet. The operation of ancient post stations was a vivid metaphor for this process. On the Internet, routers play the role of forwarding packets "post station".
Most popular routers exist in the form of hardware devices, but in some cases, programs are also used to implement "software routers". The only difference between the two is the difference in execution efficiency. The router is generally associated with at least two networks and determines the transmission path of each packet based on its status of the connected network. The router generates and maintains a table called a "routing information table" where the address and status information of other adjacent routers are tracked. The router uses a routing information table and determines the optimal transmission path for a specific data packet based on optimization algorithms such as transmission distance and communication costs. It is this characteristic that determines the "intelligence" of the router. It can automatically select and adjust the transmission of data packets according to the actual health of the adjacent network, and do its best to deliver the data packets at the best route and the lowest cost. Whether the router can operate safely and stably directly affects the activities of the Internet. Regardless of the reason why the router crashes, denial of service or sharp decline in operational efficiency, the result will be disastrous.
The methods of hacking routers are similar to those of attacking other computers on the Internet, because in a strict sense, the router itself is a computer with a special mission, although it may not look like a PC that people usually know. Generally speaking, hackers' attacks on routers are mainly divided into the following two types: one is to obtain management permissions through some means or means and directly invade the system; the other is to use remote attack methods to cause the router to crash or run significantly reduce its operating efficiency. In comparison, the former is more difficult.
In the first intrusion method mentioned above, hackers generally use the carelessness of the system user or known system defects (such as "bed bugs" in the system software) to obtain access to the system and ultimately obtain super administrator rights through a series of further actions. It is generally difficult for hackers to gain control of the entire system from the beginning, and in normal circumstances, this is a gradual escalation intrusion process. Since routers do not have many user accounts like ordinary systems and often use special software systems with relatively high security, it is much more difficult for hackers to obtain the management rights of the router system than hacking ordinary hosts. Therefore, most existing hacker attacks against routers can be classified as the second type of attack method. The ultimate purpose of this attack is not to directly invade the system, but to send off offensive data packets to the system or send a huge number of "garbage" data packets to the system at a certain time interval, thereby consuming a lot of the router's system resources, making it unable to work normally or even completely crashed.
Introduction to routing technology
STUN Technology:
That is, serial tunnel technology. This technology is to transfer SNA software packages from FEP
(3745/6) serial port is sent to the router, packaged into IP packets through the router, and then
Transmission is made of a router on a network, and then unpacked and restored through the router.
The SDLC data packets that are SNA are sent to the SDLC interface device.
CIP technology:
CIP is a channel interface processor. It is
It is a card device that can be easily installed in the CISCO7000 series router. CIP
By directly connecting to the channel of the IBM main machine, the IBM main machine provides the access capability of multi-protocol inter-network for the multi-protocol network.
. Provide TCP/IP, SNA, APPN traffic to the main machine, thus eliminating the intermediate equipment (such as 3172)
Interconnect controller and IBM3745/6 FEP requirements.
DLSw technology:
It is an international standard technology that can package SNA software packages through IP and then transmit them to I from the IP network.
Any router node on the P network is then transmitted to the SDLC interface through the router's serial port.
The device or transmission to the LLC2 link layer protocol transmission SNA via the Ethernet interface (or TOKEN RING) interface device
The SNA node of the packet (such as RS6000).
An E1 interface of MIP:
It can provide 30 sub-channels of 64Kbps, and the channels can also be combined into larger sub-channels of N×64K.
It is sufficient to meet the bandwidth needs of connecting with municipal banks for a considerable period of time.
CiscoWorks:
Network management application is a series of SNMP-based management application software that can be integrated into SunNet Manager.
The main functions provided on HP OpenView, IBM NetView/AIX, Windows95/NT platforms are
:
Allows new routers to be installed remotely using adjacent routers
Provides a wide range of dynamic status, statistics and configuration information for Cisco's online products, intuitively graphically
Displays Cisco's device, as well as basic troubleshooting information.
Audit and record configuration files changes, detecting unauthorized configuration changes on the network
Convenient configuration of similar routers in the network
Record the details of a contact person for a specific device
View the status information of a device, including buffer memory, CPU load, available memory, and used connections
Word and agreement
Collect historical data of the network, analyze network traffic and performance trends, and display them graphically
Establish an authorization checker to protect CiscoWorks applications and network devices from unauthorized users
In particular, Cisco has specially developed for I to manage SNA Internet networks well
The CiscoWorks Blue Network Management application for BM Network Management not only supports the above functions, but also adds routing.
SNA-type MIBs in the machine support NMVT and LU6.2 management methods, and provide SNA management-related functions, such as:
Know the state of each SNA resource in the network and use it to change the state of SNA resource
Helps detect problems related to network data flow delays and can be used to measure response time from the host to the LU.
[1]
Article entry: csh Editor in charge: csh