1 / 21

Networking Fundamentals for Computer Security

Learn how networking impacts computer security with insights on internet flow, protocol layering, packet switching, and hardware/software systems. 8

sara-bishop
Télécharger la présentation

Networking Fundamentals for Computer Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Security Workshops Networking 101

  2. Reasons To Know Networking In Regard to Computer Security • To understand the flow of information on the Internet • To understand the levels of activity in network traffic flow • To understand the basis for vulnerabilities • To understand the basis for security tools and how they work

  3. Base Principle – Packet Switching • Messages broken up into packets • Packets are sent onto network, routed to destination, reassembled • Advantages (compared to circuit switching; e.g. traditional phones) • Better sharing of bandwidth • Greater overall efficiency • Allows more users, no greater delay

  4. Protocol Layering • Protocol: a convention for communication between two agents (aka handshaking) • Motivation: Separation of functionality • Layers take care of particular task re: information • Offer services to next layer in protocol stack • Advantage: modularity • Disadvantages: possible overlap, redundancy of functionality

  5. Protocol Data Units • Layer sends message by building a protocol data unit (PDU) • Take data from layer N, add additional information to meet needs of layer N-1 • PDU handed to next lower layer • Lower layer now has responsibility for message

  6. Internet Protocol Stack • Seven layers in Open Systems Interconnect (OSI) model • 7) Application • 6) Presentation • 5) Session • 4) Transport • 3) Network • 2) Data Link • 1) Physical

  7. General Layer Functions • Segmentation / Reassembly • Breaking large message into standard size chunks • Error Control • How to detect or correct errors • Flow Control • Avoid overwhelming slower systems • Multiplexing • Sharing of lower-level connections • Connection setup • How to establish a virtual communication path

  8. Application Layer (7) • Function: High-Level Application Systems and End-User Processes • Implemented in: Software • PDU: Message • Examples • ftp, http, smtp, telnet, …

  9. Presentation Layer (6) • Function: Provides independence from differences in data representation by formatting and encrypting data • Implemented in Software • Examples: ASCII encoding, NFS, FTP file path/name translation

  10. Session Layer (5) • Function: Establishes, manages and terminates connections between applications • Implemented in software • Examples: SSL, DNS, RPC

  11. Transport Layer (4) • Function/Service: Transport message from one system to another system • Implemented in: Software • PDU: Segment • Two methods • TCP (connection-oriented protocol) • UDP (connectionless protocol)

  12. TCP • TCP=Transmission Control Protocol • Connection-Oriented Service • Guaranteed Delivery of Message • Flow Control • Breaks message into shorter segments • Advantage: More Control • Examples • http, ftp, smtp, telnet

  13. UDP • UDP = User Datagram Protocol • Connection-less Service • No Guaranteed Delivery of Message • No Flow Control / Handshaking • No Overhead For Connection • Continuous Data Stream • Advantage: Faster • Disadvantage: Possible loss of information • Examples • Video, Voice (e.g. phone)

  14. Network Layer (3) • Function/Service: Routing segments from host to host, through intermediate systems • Network Layer receives segment and destination address from Transport Layer • Implemented in: Hardware & Software • PDU: Datagram • Two major parts • IP Protocol: structure of datagram, how end systems (and routers) act on this information • Routing protocols: for transfer from source host to destination host • Examples: IP, IPX

  15. Data Link Layer (2) • Function/Service: Move a datagram from one node to the next in the route • Implemented in: Hardware • PDU: Frame • Examples: • Ethernet, Token Ring, FDDI, Gigabit Ethernet

  16. Physical Layer (1) • Function/Service: Routing physical bits from one network node to adjacent node • Implemented in: Hardware • PDU: Bits • Examples • Optical fiber, Twisted pair wire, Coaxial cable • Voltage levels, signaling

  17. Types of Hardware/Software Systems • End Systems / Hosts • Implement all layers • Routers/Packet Switches • Implement layers 1-3 • Can implement IP protocol • Bridges • Implement layer 1-2 • Hubs • Implement layer 1 only • Essentially repeaters • Firewalls • Packet filtering (operate at layer 3) • Application gateways (operate at layer 7)

  18. Internet Addressing • 32-bit quantity that uniquely identifies internet host • Displayed www.xxx.yyy.zzz • Split into two parts: network and host • E.g. 198.23.168 network (198.23.168.0/24) has 256 possible hosts (last part 0-255) • Certain network segments reserved • Can be used for isolated private networks • 10.0.0.0 – 10.255.255.255; 172.16.0.0 – 172.31.255.255; 192.168.0.0 – 192.168.255.255

  19. Port • Certain system process must respond to a particular application protocol (e.g. ftp, smtp) • Port is the “address” for application communication on system • E.g. Port 80 for http • E.g. Port 25 for smtp • E.g. Port 1521 for Oracle connections • Port List: http://www.iana.org/assignments/port-numbers

  20. Socket • Interface between the application layer and the transport layer • Acts as an API between application and network • Programmer only controls application side, plus a few transport level details • Transport protocol (TCP or UDP) • A few transport parameters (e.g. maximum buffer size)

  21. Additional Information • Internet Engineering Task Force (IETF) • http://www.ietf.org • Primary documents: RFCs • IP: RFC 791 • TCP: RFC 793 • UDP: RFC 768 • Internet Addressing: RFC 900 • OSI Model and Information Security • http://www.giac.org/practical/GSEC/Damon_Reed_GSEC.pdf

More Related