M 602: Interplanetary Overlay Network-Delay Tolerant Network (ION-DTN) (15 pts) M 602:行星际覆盖网络延迟容忍网络(ION-DTN)(15分)

What You Need你需要什么

Two Linux machines.两台Linux机器。 I used two Ubuntu 18.04 64-bit Server virtual machines.我使用了两个Ubuntu 18.04 64位服务器虚拟机。

Background背景

Spacecraft don't use normal internet protocols like TCP and UDP, because the transmissions have high latency and loss rates.航天器不使用普通的互联网协议,如TCP和UDP,因为传输具有高延迟和丢失率。 Instead, they use Delay-Tolerant Networking (DTN), defined in RFC 4838 .相反,他们使用RFC 4838中定义的延迟容忍网络(DTN)。

You can see live transmissions to spacecraft on this page , as shown below.您可以在此页面上看到航天器的实时传输,如下所示。

If you click a device that is in use, and click the "more detail" link in the lower right corner of the page, you see more information about the transmissions, as shown below.如果单击正在使用的设备,然后单击页面右下角的“更多详细信息”链接,您将看到有关传输的更多信息,如下所示。 When I did it, this data link was running at 3 Mb/sec.当我这样做时,这个数据链路以3 Mb /秒的速度运行。

Purpose目的

To run DTN on local machines, capture the traffic in Wireshark, and examine it.要在本地计算机上运行DTN,请捕获Wireshark中的流量并进行检查。

Interplanetary Overlay Network (ION)行星际覆盖网络(ION)

This is the software we'll use to run DTN, described here:这是我们用来运行DTN的软件,如下所述:

https://sourceforge.net/projects/ion-dtn/ https://sourceforge.net/projects/ion-dtn/

Network Setup网络设置

You need two Linux machines that can ping each other.您需要两台可以相互ping通的Linux机器。 Each server also needs a numerical ID--I used the last octet in the IP address for that.每个服务器还需要一个数字ID - 我使用IP地址中的最后一个八位字节。 I used these two servers:我使用了这两个服务器:

Server 149 with IP 172.16.123.149服务器149 ,IP 172.16.123.149
Server 150 with IP 172.16.123.150服务器150 ,IP 172.16.123.150

You will have to adjust the network addresses and IDs in the instructions below to match your systems.您必须在下面的说明中调整网络地址和ID以匹配您的系统。

Installing ION安装ION

On both machines, in a Terminal, execute these commands:在两台机器上,在终端中,执行以下命令: 
sudo apt update sudo apt update
sudo apt install build-essential -y sudo apt install build-essential -y
wget https://sourceforge.net/projects/ion-dtn/files/ion-3.6.2.tar.gz/download wget https://sourceforge.net/projects/ion-dtn/files/ion-3.6.2.tar.gz/download
tar xzvf download tar xzvf下载
cd ion-3.6.2 cd ion-3.6.2
./configure 。/配置
make使
sudo make install sudo make install
sudo ldconfig sudo ldconfig

Configuring Server 149配置服务器149

First you need a configuration file that describes your network of two servers and tells ION to send the traffic over UDP on port 1113.首先,您需要一个描述两个服务器网络的配置文件,并告知ION通过端口1113上的UDP发送流量。

For complete details of the configuration, see the "ION Deployment Guide.pdf" file in the ion-3.6.2 folder you just created with the previous commands.有关配置的完整详细信息,请参阅刚使用先前命令创建的ion-3.6.2文件夹中的“ION Deployment Guide.pdf”文件。

In a Terminal, execute these commands:在终端中,执行以下命令: 

mkdir dtn mkdir dtn
cd dtn cd dtn
nano host149.rc nano host149.rc
Paste in this code, as shown below.粘贴此代码,如下所示。

You will need to adjust the IP addresses for your network! 您需要调整网络的IP地址! 

## begin ionadmin ## begin ionadmin 
1 149 '' 1 149''
s小号

a contact +1 +3600 149 149 100000联系人+1 +3600 149 149 100000
a contact +1 +3600 149 150 100000联系人+1 +3600 149 150 100000
a contact +1 +3600 150 149 100000联系人+1 +3600 150 149 100000
a contact +1 +3600 150 150 100000联系人+1 +3600 150 150 100000

a range +1 +3600 149 149 1范围+1 +3600 149 149 1
a range +1 +3600 149 150 1范围+1 +3600 149 150 1
a range +1 +3600 150 149 1范围+1 +3600 150 149 1
a range +1 +3600 150 150 1范围+1 +3600 150 150 1

m production 1000000米生产100万
m consumption 1000000消费100万
## end ionadmin ## end ionadmin 

## begin ltpadmin ## begin ltpadmin 
1 32 1 32
a span 149 32 32 1400 10000 1 'udplso 172.16.123.149:1113' 300跨度149 32 32 1400 10000 1'udplso 172.16.123.149:1113'300
a span 150 32 32 1400 10000 1 'udplso 172.16.123.150:1113' 300跨度150 32 32 1400 10000 1'udplso 172.16.123.150:1113'300
s 'udplsi 172.16.123.149:1113' s'udplsi 172.16.123.149:1113'
## end ltpadmin ## end ltpadmin 

## begin bpadmin ##开始bpadmin 
1 1
a scheme ipn 'ipnfw' 'ipnadminep'一个方案ipn'ipnfw''ipnadminep'
a endpoint ipn:149.0 q端点ipn:149.0 q
a endpoint ipn:149.1 q终点ipn:149.1 q
a endpoint ipn:149.2 q终点ipn:149.2 q
a protocol ltp 1400 100协议ltp 1400 100
a induct ltp 149 ltpcli导入ltp 149 ltpcli
a outduct ltp 149 ltpclo outduct ltp 149 ltpclo
a outduct ltp 150 ltpclo outduct ltp 150 ltpclo
s小号
## end bpadmin ## end bpadmin 

## begin ipnadmin ## begin ipnadmin 
a plan 149 ltp/149计划149 ltp / 149
a plan 150 ltp/150计划150 ltp / 150

## end ipnadmin ## end ipnadmin

Save the file with Ctrl+X , Y .使用Ctrl + XY保存文件。 Enter . 输入

Testing the Server Locally在本地测试服务器

We can use ION to send a message from this server back to itself, just to test it.我们可以使用ION将来自此服务器的消息发送回自身,只是为了测试它。

First we'll use the "killm" command, which kills any previously running ION processes.首先,我们将使用“killm”命令,该命令可以杀死任何先前运行的ION进程。 Then we'll start the ION server.然后我们将启动ION服务器。 On server 149, in a Terminal, execute these commands:在服务器149上,在终端中,执行以下命令: 

killm killm
ionstart -I host149.rc ionstart -I host149.rc
If your configuration file is correct, ION will start with "0 errors", as shown below.如果您的配置文件正确,ION将以“0 errors”开头,如下所示。 Otherwise you'll have to debug your file.否则你将不得不调试你的文件。

Execute this command to see the listening UDP socket, as highlighted in the image below.执行此命令以查看侦听UDP套接字,如下图所示。 

ss -panu ss -panu

Execute this command to see the status of some ION services:执行此命令以查看某些ION服务的状态: 

ipcs IPCS
You should see three "Semaphore Arrays", as shown below.您应该看到三个“Semaphore Arrays”,如下所示。

Execute this command to send a "loopback" message from your server to itself, via DTN:执行此命令以通过DTN从服务器向自身发送“回送”消息: 

echo "Hello, World!"回声“你好,世界!” | | bpsource ipn:149.1 bpsource ipn:149.1
Execute this command to see the message:执行此命令以查看消息: 
bpsink ipn:149.1 bpsink ipn:149.1
You should see the "Payload delivered", as shown below.您应该看到“Payload deliver”,如下所示。 Press Ctrl+C to exit "bpsink".Ctrl + C退出“bpsink”。

Setting Up Server 150设置服务器150

On your other server, which I am calling "Server 150", in a Terminal, execute these commands:在您的另一台服务器上,我称之为“Server 150”,在终端中执行以下命令: 
mkdir dtn mkdir dtn
cd dtn cd dtn
nano host150.rc nano host150.rc
Paste in this code, as shown below.粘贴此代码,如下所示。

You will need to adjust the IP addresses for your network! 您需要调整网络的IP地址! 

## begin ionadmin ## begin ionadmin 
1 150 '' 1 150''
s小号

a contact +1 +3600 149 149 100000联系人+1 +3600 149 149 100000
a contact +1 +3600 149 150 100000联系人+1 +3600 149 150 100000
a contact +1 +3600 150 149 100000联系人+1 +3600 150 149 100000
a contact +1 +3600 150 150 100000联系人+1 +3600 150 150 100000

a range +1 +3600 149 149 1范围+1 +3600 149 149 1
a range +1 +3600 149 150 1范围+1 +3600 149 150 1
a range +1 +3600 150 149 1范围+1 +3600 150 149 1
a range +1 +3600 150 150 1范围+1 +3600 150 150 1

m production 1000000米生产100万
m consumption 1000000消费100万
## end ionadmin ## end ionadmin 

## begin ltpadmin ## begin ltpadmin 
1 32 1 32
a span 149 32 32 1400 10000 1 'udplso 172.16.123.149:1113' 300跨度149 32 32 1400 10000 1'udplso 172.16.123.149:1113'300
a span 150 32 32 1400 10000 1 'udplso 172.16.123.150:1113' 300跨度150 32 32 1400 10000 1'udplso 172.16.123.150:1113'300
s 'udplsi 172.16.123.150:1113' s'udplsi 172.16.123.150:1113'
## end ltpadmin ## end ltpadmin 

## begin bpadmin ##开始bpadmin 
1 1
a scheme ipn 'ipnfw' 'ipnadminep'一个方案ipn'ipnfw''ipnadminep'
a endpoint ipn:150.0 q端点ipn:150.0 q
a endpoint ipn:150.1 q终点ipn:150.1 q
a endpoint ipn:150.2 q终点ipn:150.2 q
a protocol ltp 1400 100协议ltp 1400 100
a induct ltp 150 ltpcli导入ltp 150 ltpcli
a outduct ltp 149 ltpclo outduct ltp 149 ltpclo
a outduct ltp 150 ltpclo outduct ltp 150 ltpclo
s小号
## end bpadmin ## end bpadmin 

## begin ipnadmin ## begin ipnadmin 
a plan 149 ltp/149计划149 ltp / 149
a plan 150 ltp/150计划150 ltp / 150

## end ipnadmin ## end ipnadmin

Save the file with Ctrl+X , Y .使用Ctrl + XY保存文件。 Enter . 输入

Testing the Server Locally在本地测试服务器

On server 150, in a Terminal, execute these commands:在服务器150上,在终端中,执行以下命令: 
killm killm
ionstart -I host150.rc ionstart -I host150.rc
If your configuration file is correct, ION will start with "0 errors", as shown below.如果您的配置文件正确,ION将以“0 errors”开头,如下所示。 Otherwise you'll have to debug your file.否则你将不得不调试你的文件。

Execute these commands to send a "loopback" message from your server to itself, via DTN:执行这些命令,通过DTN从服务器向自身发送“环回”消息: 

echo "Hello, World!"回声“你好,世界!” | | bpsource ipn:150.1 bpsource ipn:150.1
bpsink ipn:150.1 bpsink ipn:150.1
You should see the "Payload delivered", as shown below.您应该看到“Payload deliver”,如下所示。 Press Ctrl+C to exit "bpsink".Ctrl + C退出“bpsink”。

Sending Traffic from One Server to the Other将流量从一个服务器发送到另一个服务器

On server 149, execute this command:在服务器149上,执行以下命令: 
echo "This is Server 149 calling Server 150" | echo“这是服务器149调用服务器150”| bpsource ipn:150.1 bpsource ipn:150.1

On server 150, execute this command:在服务器150上,执行以下命令: 

bpsink ipn:150.1 bpsink ipn:150.1
Your message should arrive, as shown below.您的消息应该到达,如下所示。 Press Ctrl+C to exit "bpsink".Ctrl + C退出“bpsink”。

Viewing the DTN Traffic in Wireshark在Wireshark中查看DTN流量

Start Wireshark and monitor the interface connecting your virtual machines.启动Wireshark并监视连接虚拟机的接口。

At the top of the Wireshark window, in the filter bar, enter this filter:在Wireshark窗口的顶部,在过滤器栏中输入以下过滤器: 

ltp LTP
On server 149, execute this command again:在服务器149上,再次执行此命令: 
echo "This is Server 149 calling Server 150" | echo“这是服务器149调用服务器150”| bpsource ipn:150.1 bpsource ipn:150.1
The traffic should appear in Wireshark, as shown below:流量应该出现在Wireshark中,如下所示:

M 602: Protocol Name (15 pts) M 602:协议名称(15分)

Wireshark uses a different name for this protocol, covered by a green box in the image above. Wireshark为此协议使用不同的名称,由上图中的绿色框覆盖。

That's the flag.那是旗帜。

References参考

I saw a demonstration of this by Laura Chappell at the WASTC 2019 Winter ICT Educators' Conference which inspired me to get this working. Laura ChappellWASTC 2019冬季ICT教育工作者大会上看到了这个演示,这启发了我的工作。 Go see her talks, they are always wonderful!去看她的谈话,他们总是精彩!

Converted to a CTF 3-1-19转换为CTF 3-1-19