網路電話/網路電視簡介 P2P 簡介 如何避免連在網路上剛安裝完就中毒

Presentation on theme: "網路電話/網路電視簡介 P2P 簡介 如何避免連在網路上剛安裝完就中毒"— Presentation transcript:

1 網路電話/網路電視簡介 P2P 簡介 如何避免連在網路上剛安裝完就中毒
網路應用生活化 網路電話/網路電視簡介 P2P 簡介 如何避免連在網路上剛安裝完就中毒 蔡文能 交通大學資訊工程學系

2 網路電話(VoIP)簡介 VoIP – Voice over IP network TCP/IP 是一套協定的簡稱
IP network 就是一般以 IP 協定為主的網際網路 IP == Internet Protocol Protocol == 協定 == 約定 網際網路(Internet)主要協定是 TCP/IP TCP/IP 是一套協定的簡稱 包括TCP, UDP, IP, SNMP, SMTP, FTP, HTTP, ICMP, IGMP, …

3 網路電視(IP TV) VOD, MOD, .. P2P: TV ants, PPStream, PPLive, … 數位影音技術：
MPEG2, MPEG4, H264 網路多媒體內容技術： SMIL(Synchronize Multimedia Integration Language)

4 IPTV – Market 2006 is key year: major operators are expanding or launching service Market environment is very different from country to country 10 Million subscribers in Western Europe by 2009 Subscriptions will be main source of revenue Differentiation is key Western European opportunity for IPTV subscriptions is almost $2.5B by 2009

5 常見網路相關名詞解釋 台灣ADSL一般都以PPPoE方式取得IP 位置，並提供浮動IP 位置，即每次連上網時臨時取得IP 位置；Cable Modem 與社區網路一般則以DHCP方式取得IP位置，故每次連上網時之IP都不同。 ADSL（Asymmetric Digital Subscriber Line） 全名為「非對稱數位式用戶線路」，和傳統的56K撥接數據機類似，是一種利用現有的傳統電話線提供寬頻上網的服務。因通常上傳頻寬遠小於下載頻寬，所以稱為非對稱式。 PPPoE （Point-to-Point Protocol over Ethernet） 是一種利用個人電腦透過寬頻Modem（如xDSL,等）連線至寬頻網路上，用戶僅須在個人的電腦上加裝乙太網路卡，然後向網路服務提供者（ISP）與ADSL線路提供者申請ADSL的服務，透過一般的電話線，連線至網際網路。 DHCP（Dynamic Host Configuration Protocol） 它的主要功能是讓一部機器能夠透過自己的 Ethernet Address 廣播, 向 DHCP server 要求取得有關 IP, Netmask, Default Gateway, DNS 等設定資訊。電腦的網路設定要選自動取得 IP以表示要用 DHCP 協定。

6 建立 ADSL 連線

7 ADSL 寬頻

8 PPPoE

9 ADSL 帳號密碼

10

11 網路電話發展 VoIP（Voice over Internet Portocol）技術自1995年開始萌芽，現在已經普及化。
傳統電話是經由「公眾電話網路（PSTN）」的電路交換網路來提供聲音傳輸。 網路電話是把語音訊號壓縮成數據資料封包(data packet)，經由『網際網路』來傳輸。 成功範例 (可節省大量電話費 ) Skype : 電腦撥電腦, 電腦撥PSTN, PSTN 撥電腦 IPBB: 同上, 但電腦也可 由網路電話分享器取代, 直接接到原來的電話機;目前網路電話分享器約需台幣3000元; 也可使用電腦不用一般話機: IPBB軟體電話。

12 Skype 網路電話 (1/2) 使用 SuperNode 觀念 P2P(Peer-to-Peer)架構 自己找較快速的路走
Napster是第一個P2P, 1999年美國東北大學一個大二學生Shawn Fanning 寫出讓大家分享 MP3音樂;多次被判違法終於關閉 接著Gnutella, FastTrack/Kazza,…,Kuro, ezPeer FastTrack和Kazaa是Scandinavians、Niklas Zennstrom(Skype設計者)和Janus Friis設計的，是supernode的先驅。2001年3月，在一家荷蘭公司Consumer Empowerment的產品中最先使用。 2005/09/12 Skype 以41億美元 賣給EBay 拍賣網站!

13 Skype 網路電話 (2/2) 為目前音質最好的 VoIP 網內互打免費;透過 Skype-out, 打美國或大陸每分鐘都0.7元台幣以下
可租用 Skype-in 號碼, 可由一般電話打入 可設定Call forwarding 支援 Voice Mail 語音信箱

14 IPBB 軟體電話(類似 Skype)

15 D-Link VoIP網路電話分享器DVG-1401SP
VoIP網路電話分享器連接家用 ADSL 電話與ADSL 分接盒 有4個port, 可當 Switch(交換器)用, 可連接四部電腦 小烏龜 本來接到電話 網內互打免費; 透過 ipbb-out, 打美國或大陸每分鐘都在一元台幣以下 ATU-R: ADSL Transceiver Unit Remote ; 是ADSL Modem 的正式名稱。

16 D-Link VoIP網路電話分享器設定 網路線連接電腦與 DVG-1401SP
用Browser (如 MSIE)連入 Default 帳號/密碼: user/user

17 Login 到 DVG-1401SP畫面

18 WAN 設定

19 LAN 設定

20

21 Access control

22 設定防火牆

23

24 設定 ipbb 會員號碼與密碼

25

26

27 P2P 簡介 Napster是第一個P2P, 1999年美國東北大學一個大二學生Shawn Fanning 寫出讓大家分享 MP3音樂;多次被判違法終於關閉(被 BMG 收購改合法經營) BMG (博德曼)於2003/11 被 Sony 併購(2004/07獲歐盟通過) Sony 於2005/04/08 以48億美元收購 MGM (米高梅)

28 P2P file sharing Napster Gnutella FastTrack (KaZaA)
Centralized, sophisticated search Gnutella Flooding, TTL, unreachable nodes FastTrack (KaZaA) Heterogeneous peers eDonky, eMule, BitTorrent, … Anonymity, caching, replication

29 Napster Centralized index File names => active holder machines
Sophisticated search Easy to implement Ensure correct search Lawsuits Denial of service Can use server farms P1 P5 S P2 P4 P2 Where is “quit playing games” ? FTP P3 The file can be mapped to many machines. Client can choose based on load, closeness, etc.

30 Gnutella Flooding Overlay network Decentralized Not scalable.
Robust Not scalable. Use TTL. Query can fail Can not ensure correctness P With degree 2, and TTL 7, it can receive up to 128 responses, and generate 128 requests.

31 KaZaA (FastTrack) (1/2) Super-nodes Election:
capacity bandwidth, storage, CPU and availability connection time public address Use heterogeneity of peers Inherently non-scalable If flooding is used P P P P P P P P P Why is it inherently non-scalable? P P P

32 KaZaA (FastTrack) (2/2) Supernodes
Kazaa Media Desktop (KMD) users with the fastest Internet connections and the most powerful computers are automatically designated as Supernodes. A Supernode contains a list of some of the files made available by other KMD users and where they are located. When you perform a search, your KMD first searches the nearest Supernode to you, and then sends you immediate results.

33 eDonkey / eMule Started on May 13th 2002 Claims
Based on the eDonkey2000 new version use Kademlia serverless network Claims Most reliable peer-to-peer file sharing clients

34 Classic server based eD2k
Each client must be connected to a server to the network server checks to see first other clients can freely connect to your client Yes, assigned a High ID No, assigned a low ID After ID is assigned a list of all shared files is sent to the server, server as the hash values to the database

35 BitTorrent Delivers a sets of large files to people
uses the upload capacity of everyone trying to download the files As the number of people downloading the files goes up, uses the bandwidth of everyone downloading the file to deliver to everyone else downloading the file.

36 Risks of File Sharing (1/2)
Virus vulnerability do something bad to your own system attempt to transmit itself to other computers the chances of obtaining a virus increases because some files are modified to include a virus or have had their filenames changed to represent a desirable program Spy Ware (間諜軟體) Spy ware are programs that track your network activity, such as web sites you've visited, data you have submitted on the web (your phone number, name, address, ...) etc., and send it to a company without your knowledge

37 Risks of File Sharing (2/2)
More than 12 spyware in free Kazza To name a few: Gator, Cydoor, SaveNow and eZula Kazaa’s paid version doesn’t have spyware!! ) Other popular P2P freeware like iMesh, Morpheus, and many more all had spyware  Over 70 P2P viruses by July, 2003 (from Sophos, PLC) Kazaa is targeted by 69 of the 71 viruses

38 IRTF Research Groups Peer-to-Peer (P2P) is a way of structuring distributed applications such that the individual nodes have symmetric roles. Rather than being divided into clients and servers each with quite distinct roles (such as Web clients vs. Web servers), in P2P applications a node may act as both a client and a server. P2P systems are in general deployable in an ad-hoc fashion, without requiring centralized management or control. They can be highly autonomous, and can lend themselves to anonymity. Some historical examples of P2P systems are USENET servers, built on top of NNTP, and inter-domain routing, built on top of BGP.

39 Sun JXTA project JXTA technology is a set of open, generalized peer-to-peer protocols that allows any connected device (cell phone to PDA, PC to server) on the network to communicate and collaborate. Java JXTA-J2SE APIs

40 References http://www.skype.com/skype_p2pexplained.html Kazaa website
gnutella website emule website bitTorrent website IRTF Research Groups: Sun JXTA project:

41 Network Address Translation
如何避免連在網路上剛安裝完就中毒 躲在 NAT 後面減少 Worm 入侵 Network Address Translation 一般簡稱頻寬分享器 或個人用路由器 NT$800~NT$3000左右(2005年) 蔡文能

42 Why連在網路上剛安裝完就中毒 Worm Solution 第一隻Worm: 1987 在Cornel大學by Moris
會自動從網路溜進來 現在多與 Virus 技術結合 Solution 離線安裝與補強(Patch) 躲在 NAT 後面用 private IP 何謂 private IP vs. public IP ?

43 NAT Network Address Translation
Private IP to Public IP translation Use port mapping technique All private addresses are translated into the same public address but different port numbers are used. NAT Router keeps track of these in a table and translates back returning traffic Static NAT (for servers) Private IP ? Public IP ?

44 Private network Private IP network is an IP network that is not directly connected to the Internet. NAT is a method that enables hosts on private networks to communicate with hosts on the Internet. Private IP (non-routable IP addresses) – – –

45 D-Link DI-740UP 家用路由器

46 路由器? 交換器? 路由器 Router 交換器 Switch 集線器 Hub --- 連 MAC address 也不認識
認識 封包(packet)中的 IP address 一般頻寬分享器可支援 router mode 和 bridge mode (橋接模式則對 IP address視而不見) 交換器 Switch 不認識 IP address, 但認識 MAC address MAC address 為網路卡的硬體位址, 可說是網路卡的身分證號碼, 48 bits 集線器 Hub --- 連 MAC address 也不認識

47 DI-704UP 設定精靈 DI-704UP 的預設內部 IP 是 192.168.0.1 (大部分產品都類似),
所以要用 Browser (如 IE) 打入 連進去管理

48 學校內選固定IP (static IP) ADSL 與撥接一般選PPP over Ethernet

49 WAN 設定 (即出去的網路) WAN IP WAN subnet Mask WAN Gateway DNS

50 各參數做何用途? WAN IP WAN subnet Mask WAN Gateway DNS Domain Name Service

51 外部(WAN)設定

52 內部(LAN)設定

53 DHCP 管理 IP 的發放

54

55

56

57 網路應用簡介 謝謝捧場 蔡文能