Transcript 網路電話分享器 - 國立交通大學資訊工程學系NCTU Department of

網路應用生活化
•網路電話/網路電視簡介
•P2P 簡介
•如何避免連在網路上剛安裝完就中毒
蔡文能
交通大學資訊工程學系
[email protected]
1
網路電話(VoIP)簡介
• VoIP – Voice over IP network
– IP network 就是一般以 IP 協定為主的網際網路
– IP == Internet Protocol
– Protocol == 協定 == 約定
– 網際網路(Internet)主要協定是 TCP/IP
• TCP/IP 是一套協定的簡稱
– 包括TCP, UDP, IP, SNMP, SMTP, FTP, HTTP,
ICMP, IGMP, …
2
網路電視(IP TV)
VOD, MOD, ..
P2P: TV ants, PPStream, PPLive, …
數位影音技術：
MPEG2, MPEG4, H264
網路多媒體內容技術：
SMIL(Synchronize Multimedia Integration
Language)
3
IPTV – Market
WE - IPTV Subscribers, 2004-2009 (M)
• 2006 is key year: major operators
are expanding or launching service
• Market environment is very different
from country to country
• 10 Million subscribers in Western
Europe by 2009
12
8
4
0
2004 2005 2006 2007 2008 2009
WE - IPTV Revenues, 2004-2009 ($B)
• Subscriptions will be main
source of revenue
• Differentiation is key
• Western European
opportunity for IPTV
subscriptions is almost
$2.5B by 2009
3
2
1
0
2004
2005
2006
2007
2008
2009
4
常見網路相關名詞解釋
• 台灣ADSL一般都以PPPoE方式取得IP 位置，並提供浮動IP 位置，
即每次連上網時臨時取得IP 位置；Cable Modem 與社區網路一般則
以DHCP方式取得IP位置，故每次連上網時之IP都不同。
• ADSL（Asymmetric Digital Subscriber Line） 全名為「非對稱數位
式用戶線路」，和傳統的56K撥接數據機類似，是一種利用現有的傳
統電話線提供寬頻上網的服務。因通常上傳頻寬遠小於下載頻寬，所
以稱為非對稱式。
• PPPoE （Point-to-Point Protocol over Ethernet） 是一種利用個人電
腦透過寬頻Modem（如xDSL,等）連線至寬頻網路上，用戶僅須在個
人的電腦上加裝乙太網路卡，然後向網路服務提供者（ISP）與ADSL
線路提供者申請ADSL的服務，透過一般的電話線，連線至網際網路。
• DHCP（Dynamic Host Configuration Protocol） 它的主要功能是讓
一部機器能夠透過自己的 Ethernet Address 廣播, 向 DHCP server 要
求取得有關 IP, Netmask, Default Gateway, DNS 等設定資訊。電腦
的網路設定要選自動取得 IP以表示要用 DHCP 協定。
5
建立 ADSL 連線
6
ADSL 寬頻
7
PPPoE
8
ADSL 帳號密碼
9
10
網路電話發展
• VoIP（Voice over Internet Portocol）技術自1995
年開始萌芽，現在已經普及化。
• 傳統電話是經由「公眾電話網路（PSTN）」的電
路交換網路來提供聲音傳輸。
• 網路電話是把語音訊號壓縮成數據資料封包(data
packet)，經由『網際網路』來傳輸。
• 成功範例 (可節省大量電話費 )
– Skype : 電腦撥電腦, 電腦撥PSTN, PSTN 撥電腦
– IPBB: 同上, 但電腦也可 由網路電話分享器取代, 直接接
到原來的電話機;目前網路電話分享器約需台幣3000元;
也可使用電腦不用一般話機: IPBB軟體電話。
11
Skype 網路電話 (1/2)
• 使用 SuperNode 觀念
– 自己找較快速的路走
• P2P(Peer-to-Peer)架構
– Napster是第一個P2P, 1999年美國東北大學一
個大二學生Shawn Fanning 寫出讓大家分享
MP3音樂;多次被判違法終於關閉
– 接著Gnutella, FastTrack/Kazza,…,Kuro, ezPeer
• FastTrack和Kazaa是Scandinavians、Niklas
Zennstrom(Skype設計者)和Janus Friis設計的，
是supernode的先驅。2001年3月，在一家荷蘭公
司Consumer Empowerment的產品中最先使用。
•
2005/09/12 Skype 以41億美元 賣給EBay 拍賣網站!
12
Skype 網路電話 (2/2)
• 為目前音質最好的 VoIP
• 網內互打免費;透過 Skype-out, 打美國或大
陸每分鐘都0.7元台幣以下
• 可租用 Skype-in 號碼, 可由一般電話打入
• 可設定Call forwarding
• 支援 Voice Mail 語音信箱
13
IPBB 軟體電話(類似 Skype)
14
D-Link VoIP網路電話分享器DVG-1401SP
• VoIP網路電話分享器連接家用 ADSL
電話與ADSL
分接盒
本來接到
電話
小烏龜
有4個port, 可當
Switch(交換器)用,
可連接四部電腦
網內互打免費;
透過 ipbb-out, 打
美國或大陸每分鐘
都在一元台幣以下
ATU-R:
ADSL Transceiver
Unit Remote ;
是ADSL Modem 的
正式名稱。
15
D-Link VoIP網路電話分享器設定
• 網路線連接電腦與 DVG-1401SP
• 用Browser (如 MSIE)連入 192.168.15.1
– Default 帳號/密碼: user/user
16
Login 到 DVG-1401SP畫面
17
WAN 設定
18
LAN 設定
19
20
Access control
21
設定防火牆
22
23
設定 ipbb 會員號碼與密碼
24
25
26
P2P 簡介
• Napster是第一個P2P, 1999年美國東北大學一個大
二學生Shawn Fanning 寫出讓大家分享 MP3音樂;
多次被判違法終於關閉(被 BMG 收購改合法經營)
• BMG (博德曼)於2003/11 被 Sony 併購(2004/07獲
歐盟通過)
• Sony 於2005/04/08 以48億美元收購 MGM (米高梅)
27
P2P file sharing
• Napster
– Centralized, sophisticated search
• Gnutella
– Flooding, TTL, unreachable nodes
• FastTrack (KaZaA)
– Heterogeneous peers
• eDonky, eMule, BitTorrent, …
– Anonymity, caching, replication
28
Napster
P1
P5
S
P2
P2
P4
Where is
“quit playing games” ?
FTP
P3
• Centralized index
• File names =>
active holder machines
• Sophisticated search
– Easy to implement
– Ensure correct search
• Centralized index
– Lawsuits
– Denial of service
– Can use server farms
29
Gnutella
P
P
P
P
P
P
• Flooding
• Overlay network
• Decentralized
– Robust
P
P
P
• Not scalable.
– Use TTL. Query can
fail
• Can not ensure
correctness
30
KaZaA (FastTrack) (1/2)
P
P
P
P
• Super-nodes
• Election:
P
P
– capacity
P
P
P
P
P
P
• bandwidth, storage, CPU
– and availability
• connection time
• public address
• Use heterogeneity of
peers
• Inherently non-scalable
– If flooding is used
31
KaZaA (FastTrack) (2/2)
• Supernodes
– Kazaa Media Desktop (KMD) users with the fastest
Internet connections and the most powerful
computers are automatically designated as
Supernodes.
– A Supernode contains a list of some of the files made
available by other KMD users and where they are
located. When you perform a search, your KMD first
searches the nearest Supernode to you, and then
sends you immediate results.
32
eDonkey / eMule
• Started on May 13th 2002
– Based on the eDonkey2000
– new version use Kademlia serverless network
• Claims
– Most reliable peer-to-peer file sharing clients
33
Classic server based eD2k
• Each client must be connected to a server
to the network
– server checks to see first other clients can
freely connect to your client
• Yes, assigned a High ID
• No, assigned a low ID
• After ID is assigned a list of all shared files is sent
to the server, server as the hash values to the
database
34
BitTorrent
• Delivers a sets of large files to people
– uses the upload capacity of everyone trying to
download the files
– As the number of people downloading the
files goes up, uses the bandwidth of everyone
downloading the file to deliver to everyone
else downloading the file.
35
Risks of File Sharing (1/2)
• Virus vulnerability
– do something bad to your own system
– attempt to transmit itself to other computers
– the chances of obtaining a virus increases because
some files are modified to include a virus or have had
their filenames changed to represent a desirable
program
• Spy Ware (間諜軟體)
– Spy ware are programs that track your network
activity, such as web sites you've visited, data you
have submitted on the web (your phone number,
name, address, ...) etc., and send it to a company
without your knowledge
36
Risks of File Sharing (2/2)
• More than 12 spyware in free Kazza
– To name a few: Gator, Cydoor, SaveNow and eZula
– Kazaa’s paid version doesn’t have spyware!! )
– Other popular P2P freeware like iMesh, Morpheus,
and many more all had spyware 
• Over 70 P2P viruses by July, 2003 (from
Sophos, PLC)
– Kazaa is targeted by 69 of the 71 viruses
37
IRTF Research Groups
• Peer-to-Peer (P2P) is a way of structuring distributed
applications such that the individual nodes have
symmetric roles.
• Rather than being divided into clients and servers each
with quite distinct roles (such as Web clients vs. Web
servers), in P2P applications a node may act as both a
client and a server.
• P2P systems are in general deployable in an ad-hoc
fashion, without requiring centralized management or
control. They can be highly autonomous, and can lend
themselves to anonymity.
• Some historical examples of P2P systems are USENET
servers, built on top of NNTP, and inter-domain routing,
built on top of BGP.
38
Sun JXTA project
• JXTA technology is a set of open,
generalized peer-to-peer protocols that
allows any connected device (cell phone
to PDA, PC to server) on the network to
communicate and collaborate.
– Java JXTA-J2SE APIs
39
References
•
•
•
•
•
•
http://www.skype.com/skype_p2pexplained.html
Kazaa website
gnutella website
emule website
bitTorrent website
IRTF Research Groups:
http://www.irtf.org/charters/p2prg.html
• Sun JXTA project:
http://wwws.sun.com/software/jxta/
40
如何避免連在網路上剛安裝完就中毒
躲在 NAT 後面減少 Worm 入侵
Network Address Translation
一般簡稱頻寬分享器
或個人用路由器
NT$800~NT$3000左右(2005年)
蔡文能
41
Why連在網路上剛安裝完就中毒
• Worm
– 第一隻Worm: 1987 在Cornel大學by Moris
– 會自動從網路溜進來
– 現在多與 Virus 技術結合
• Solution
– 離線安裝與補強(Patch)
– 躲在 NAT 後面用 private IP
– 何謂 private IP vs. public IP ?
42
NAT
• Network Address Translation
– Private IP to Public IP translation
– Use port mapping technique
• All private addresses are translated into the
same public address but different port numbers
are used.
• NAT Router keeps track of these in a table and
translates back returning traffic
Private IP ?
• Static NAT (for servers)
Public IP ?
43
Private network
• Private IP network is an IP network that is not
directly connected to the Internet.
• NAT is a method that enables hosts on private
networks to communicate with hosts on the
Internet.
• Private IP (non-routable IP addresses)
– 10.0.0.0 – 10.255.255.255
– 172.16.0.0 – 172.31.255.255
– 192.168.0.0 – 192.168.255.255
44
D-Link DI-740UP 家用路由器
45
路由器? 交換器?
• 路由器 Router
– 認識 封包(packet)中的 IP address
– 一般頻寬分享器可支援 router mode 和 bridge
mode (橋接模式則對 IP address視而不見)
• 交換器 Switch
– 不認識 IP address, 但認識 MAC address
– MAC address 為網路卡的硬體位址, 可說是網
路卡的身分證號碼, 48 bits
• 集線器 Hub --- 連 MAC address 也不認識
46
DI-704UP 設定精靈
DI-704UP 的預設內部 IP 是 192.168.0.1 (大部分產品都類似),
所以要用 Browser (如 IE) 打入 http://192.168.0.1 連進去管理
47
學校內選固定IP (static IP)
ADSL 與撥接一般選PPP over Ethernet
48
WAN 設定 (即出去的網路)
•
•
•
•
•
WAN IP
WAN subnet Mask
WAN Gateway
DNS
DNS 設定用交大資工的與交大計中的即可 
49
各參數做何用途?
• WAN IP
• WAN subnet Mask
• WAN Gateway
• DNS
– Domain Name Service
50
外部(WAN)設定
51
內部(LAN)設定
52
DHCP 管理 IP 的發放
53
54
55
56
網路應用簡介
謝謝捧場
蔡文能
[email protected]
57