1 / 28

ITP 457 Network Security

ITP 457 Network Security. Networking Technologies I. Overview. OSI seven layer model Network Protocols TCP. OSI model. Introduced in 1980 Based on the concept of Protocol Layering

swaters
Télécharger la présentation

ITP 457 Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ITP 457Network Security Networking Technologies I

  2. Overview • OSI seven layer model • Network Protocols • TCP

  3. OSI model • Introduced in 1980 • Based on the concept of Protocol Layering • Protocol Layering – when 2 computers want to communicate with each other, a series of small software modules on each system would do a “set of tasks” to foster the communication • Completely theoretical • No one today uses actual implementation of the seven layer model • Used for teaching network technologies

  4. What is a network protocol? • Set of rules for sending and receiving data across a physical network • Also consists of software to implement these rules • Physical topology lays out the physical devices; logical topology instructs the hardware how to separate the data into packets; protocols handle the translation from software to the logical topology

  5. What kinds of tasks? • Modules for : • Making sure data is formatted properly • Taking care of retransmitting lost packets • Actually transferring the packet from hop to hop in the network • Module = layer • Each module has a small refined job to do in the communication

  6. Protocol Stack • All modules taken together are called “protocol stack”

  7. Protocol Stack • Each layer on sending machine communicates with the same layer on receiving machine. • Lower layers provide services to higher layers • Benefit : Layered approach enables us to replace software on one layer while other layers remain the same

  8. The OSI Layers • Application Layer - The application layer is the OSI layer closest to the end user, and this layer interacts with software applications that implement a communicating component. • Telnet , FTP, SMTP, HTTP • Also MS Word and Excel • Presentation Layer – This layer deals with how data elements will be represented for transmission. • EBCDIC, ASCII, MPEG • Also SSL, TLS

  9. OSI Layers Continued • Session Layer- This layer co-ordinates sessions between communicating machines, helping them initiate, maintain and manage them. • TCP Ports, NetBIOS, • Transport Layer- This layer is used to provide a reliable communication stream between the two systems, potentially including retransmitting lost packets, putting packets in proper order and providing error checking. • TCP, UDP

  10. OSI Layers Continued • Network Layer - This layer is responsible for moving data from one system across a bunch of “routers” to the destination machine, end to end across the network. • Routers work here • IP, IPSec, ARP, IPX • Data Link Layer- This layer moves data across “one” hop of the network. • Ethernet, PPP, SLIP, Token Ring • Physical Layer – This layer actually transmits the bits across the physical link or cable • 10BaseT, 100BaseT, 802.11b/g, DSL

  11. An example to explain the seven layers • Taken from Lewis Technology: http://www.lewistech.com/rlewis/Resources/JamesBondOSI2.aspx • James Bond and the OSI seven Layer Model

  12. Situation: James Bond must deliver a confidential message • Meets Number One on the 7th floor (Application) • A message is handed to Bond. His mission is to deliver this message to the U.S. Ambassador in London. • Goes to the 6th floor (Presentation) • Bond copies the message into a secret code and destroys the original message. • Goes to the 5th floor (Session) • Security double checks that bond has the whole message, and puts a seal on the message verifying that it is complete.

  13. Bond goes through more security • Goes to the 4th Floor (Transport) • Here, Bond sees if there are any other messages to deliver to the U.S. Ambassador. Also, if the message is too heavy for Bond to deliver all at once, he can break up the message and hand parts to other Agents to deliver to the Ambassador. • Goes to the 3rd Floor (Network) • Here, Bond proceeds to look up the U.S. Embassy’s address, and double checks to make sure that the U.S. Ambassador is indeed there. Bond also uses mapquest to plot out his route. • Goes to the 2nd Floor (Data Link) • Here, Bond puts the message in a special courier pouch with the seal of MI6. He also puts a note inside saying if there are other parts of the message, who the message is from, and for whom the message is intended.

  14. Bond gets moving! • Goes to the 1st Floor (Physical) • Here, Q hands Bond the keys to his Aston Martin to race to the embassy. • At the US Embassy: • Bond goes through the same process, starting at the 1st floor, then getting to the 7th floor to deliver the message

  15. TCP/IP • No one uses the OSI protocols • Every major computer system ranging from mainframes to the smallest of palmtops support TCP/IP • Open Standard – no one controls it • Part of Internet Engineering Task Force (IETF)

  16. Where does TCP/IP it fit in? • TCP/IP adheres to the bottom 4 layers of the OSI model. It views everything above that as the responsibility of the application.

  17. Application(Web browser,email client, telnet client) Application(Web browser,email client, telnet client) Transport LayerTCP Transport Layer(TCP) Network Layer(IP) Network Layer (IP) Network Layer(IP) Data Link Layer Data Link Layer Data Link Layer Physical Layer Physical Layer Physical layer System Alice Router System BOB

  18. Understanding TCP/IP • Developed for academia and research and includes no built-in strong security capabilities • Its really a suite of protocols, including • TCP – Transmission Control Protocol; Ensures that communications are established and maintained • IP – Internet Protocol; Handles software computer addresses • ARP – Address Resolution Protocol; Associates IP addresses with MAC addresses • RIP – Routing Information Protocol; finds routes in the network • Not really good for large networks – for that, use OSPF • ICMP – Internet Control Message Protocol; Handles error messages for TCP/IP (ping command) • PPP – Point to Point Protocol; dial-up protocol • SMTP – Simple Main Transport Protocol; used to send e-mail • POP3/IMAP4 – Post Office Protocol v3/Internet Message Advertising Protocol v4; used for receiving e-mail

  19. TCP/IP • Traditional TCP/IP protocol suite provides no means for ensuring the confidentiality, integrity or authentication of any data transmitted across the network. • This means that when you send any packet across the internet, TCP/IP will allow any other user to see or modify your data !!! • Traditionally all security capabilities were implemented in the applications. • Recent extensions to TCP/IP – IPSec • Still fairly new

  20. TCP • Workhorse of the Internet • Some of the applications that use TCP • File transfer • telnet • Email using various protocols • Web browsing, using HTTP • Each of these applications generates packets and passes them to the TCP/IP stack on the local machine.

  21. TCP Ports • Header of each TCP packet contains 2 port numbers: a source port and a destination port. • Port : logical “little doors” on a system where data can be sent and received. • There are 65,535 different TCP Ports on each machine.

  22. TCP Port Numbers • Well known TCP ports: • 20, 21 – FTP ( File Transfer Protocol ) • 22 – SSH – ( Secure SHell ) • 23 – Telnet • 25 – SMTP ( Simple Mail Transfer Protocol ) • 53 – DNS ( Domain Name Server ) • 80 – HTTP ( Hyper Text Transfer Protocol ) • 443 – HTTPS ( HTTP over SSL/TLS )

  23. TCP Port Numbers Continued • Well known TCP ports for Applications: • 1214 – Kazaa • 3074 – Xbox Live • 3306 – MySQL • 3724 – World of Warcraft • 5001 – Slingbox • 5050 – Yahoo Messenger • 5190 – ICQ and AOL Instant Messenger • 6891 through 6901 – MSN Messenger • 31337 – BackOrifice

  24. TCP Port Communication • Server listens on “open” ports • Client sends request and connects to an “open” port on server • To see which ports are in use on a windows/2000 or Unix system, you can use “netstat –na” • Attackers often take an inventory of open ports on a system using various tools!!!!

  25. TCP control bits U R G A C K P S H R S T S Y N F I N

  26. TCP Control bits • URG – Urgent Pointer • ACK – used to acknowledge earlier packets • PSH – used to flush data through the TCP layer • RST – reset function , due to error or interruption • SYN – system should synchronize sequence numbers. • FIN – There is no more data from sender. Therefore session should be terminated.

  27. Handshake • TCP communication sessions established using 3-way handshake. • SYN , ACK used in handshake • Hacker can violate the three way handshake when scanning a target

  28. Reference • Networking : A Beginner's Guide (Network Professional's Library)by Bruce A. Hallberg • Absolute Beginner's Guide to Networking (3rd Edition)

More Related