Chapter 2 Networking Overview. Figure 2.1 Generic protocol layers move data between systems.

Slides:



Advertisements
Similar presentations
TCP/IP Refresher This presentation is an amalgam of presentations by Mark Michael, Randy Marchany and Ed Skoudis. I have edited and added material. Dr.
Advertisements

Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.
CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)
CCNA – Network Fundamentals
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 OSI Transport Layer Network Fundamentals – Chapter 4.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
1 Chapter 3 TCP and IP. Chapter 3 TCP and IP 2 Introduction Transmission Control Protocol (TCP) Transmission Control Protocol (TCP) User Datagram Protocol.
CS3505 The Internet and Info Hiway transport layer protocols : TCP/UDP.
Chapter 7 – Transport Layer Protocols
TRANSPORT LAYER  Session multiplexing  Segmentation  Flow control (TCP)  Connection-oriented (TCP)  Reliability (TCP)
Firewalls and Intrusion Detection Systems
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.
Institute of Technology Sligo - Dept of Computing Semester 2 Chapter 9 The TCP/IP Protocol Suite Paul Flynn.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
Chapter 4 OSI Transport Layer
Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
1 Chapter 6 Network Security Threats. 2 Objectives In this chapter, you will: Learn how to defend against packet sniffers Understand the TCP, UDP, and.
Firewalls CS432. Overview  What are firewalls?  Types of firewalls Packet filtering firewalls Packet filtering firewalls Sateful firewalls Sateful firewalls.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
8: Network Security8-1 Security in the layers. 8: Network Security8-2 Secure sockets layer (SSL) r Transport layer security to any TCP- based app using.
FIREWALL Mạng máy tính nâng cao-V1.
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
Networking Basics TCP/IP TRANSPORT and APPLICATION LAYER Version 3.0 Cisco Regional Networking Academy.
January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.
Web Server Administration Chapter 10 Securing the Web Environment.
The Saigon CTT Semester 1 CHAPTER 12 – 13 – 14 Le Chi Trung.
What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.
Chapter 6: Packet Filtering
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Services Networking for Home and Small Businesses – Chapter.
1 Chapter Overview TCP/IP DoD model. 2 Network Layer Protocols Responsible for end-to-end communications on an internetwork Contrast with data-link layer.
Chap 9 TCP/IP Andres, Wen-Yuan Liao Department of Computer Science and Engineering De Lin Institute of Technology
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 OSI Transport Layer Network Fundamentals – Chapter 4.
1 LAN Protocols (Week 3, Wednesday 9/10/2003) © Abdou Illia, Fall 2003.
TCP/IP Transport and Application (Topic 6)
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
Access Control List (ACL)
TCP/IP Protocols Contains Five Layers
TCP/IP Honolulu Community College Cisco Academy Training Center Semester 2 Version 2.1.
Data Networks ISOTDAQ 2012
Cisco Networking Academy S2 C9 TCP/IP. ensure communication across any set of interconnected networks Stack components such as protocols to support file.
TCP/IP (Transmission Control Protocol / Internet Protocol)
Chapter 32 Internet Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
S305 – Network Infrastructure Chapter 5 Network and Transport Layers.
Security fundamentals Topic 10 Securing the network perimeter.
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
1 Bus topology network. 2 Data is sent to all computers, but only the destination computer accepts 02608c
Telecommunications Essentials John R. Durrett July 5, 2005.
Page 12/9/2016 Chapter 10 Intermediate TCP : TCP and UDP segments, Transport Layer Ports CCNA2 Chapter 10.
Access Control List (ACL) W.lilakiatsakun. Transport Layer Review (1) TCP (Transmission Control Protocol) – HTTP (Web) – SMTP (Mail) UDP (User Datagram.
Network Basics CS490 - Security in Computing Copyright © 2005 by Scott Orr and the Trustees of Indiana University.
01_NF_Ch04 – OSI Transport Layer ( 傳輸層 ) Source: CCNA Exploration.
Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review Last modified
K. Salah1 Security Protocols in the Internet IPSec.
CITA 352 Chapter 2 TCP/IP Concepts Review. Overview of TCP/IP Protocol –Language used by computers –Transmission Control Protocol/Internet Protocol (TCP/IP)
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Internet Protocol Version4 (IPv4)
IST 201 Chapter 11 Lecture 2. Ports Used by TCP & UDP Keep track of different types of transmissions crossing the network simultaneously. Combination.
Executive Director and Endowed Chair
Chapter 5 Network and Transport Layers
Introduction to TCP/IP networking
TCP/IP Internetworking
TCP/IP Internetworking
Overview of Networking & Operating System Security
Chapter 4 Core TCP/IP Protocols
Firewalls Purpose of a Firewall Characteristic of a firewall
Transport Layer 9/22/2019.
Presentation transcript:

Chapter 2 Networking Overview

Figure 2.1 Generic protocol layers move data between systems

OSI Reference Model  Layer 7 Application Layer  Layer 6 Presentation Layer  Layer 5Session Layer  Layer 4Transport Layer  Layer 3Network Layer  Layer 2Datalink Layer  Layer 1Physical Layer

Figure 2.2 Protocol Layering in TCP/IP

Figure 2.3 Adding headers (and a trailer) to move data through the communications stack and across the network

Understanding TCP/IP Figure 2.4 Members of the TCP/IP family Requests for Comment documents

Transmission Control Protocol (TCP) Figure 2.5 TCP Header -Source/Destination ports -Sequence number: increases for each byte of data transmitted -Data Offset: length of TCP header in 32-bit words -Checksum: data integrity of TCP header and data -Urgent pointer: indicates location of urgent data in data stream

TCP Port Numbers Figure 2.6 TCP source & destination ports closed ports open ports RFC 1700 (well-known ports)

Monitoring Ports in Use Figure 2.7

TCP Control Bits Figure 2.8 URG: Urgent pointer field is significant ACK: Acknowledgment field is significant PSH: Push data through TCP layer RST: Reset connection (used also in response to unexpected data) SYN: Synchronize sequence numbers FIN: no more data from sender; tear down session

TCP 3-Way Handshake Figure 2.9

User Datagram Protocol (UDP) Figure 2.10 Connectionless and unreliable packets not retransmitted Used by streaming audio/video, DNS queries/responses, TFTP, SNMP

Internet Protocol (IP) Figure 2.10 IHL:Internet Header Length Service Type: QOS Total Length:header and data ID:support fragment reassembly Flags: includes don’t fragment and more fragments Protocol: used to indicate TCP, UDP, and ICMP

Local Area Networks and Routers Figure 2.12

IP Addresses Figure 2.13 Figure 2.14

Network Address Translation (NAT) Figure 2.15 Mapping IP addresses from private IP networks (10.x.y.z, y.z, y.z ) to a single external routable IP address Helps hide internal network’s address usage

Firewalls Figure 2.16 Figure 2.17

Firewall Technologies  Traditional packet filters  Stateful packet filters  Proxy-based firewalls

Traditional Packet Filters  Implemented on routers or firewalls  Packet forwarding criteria –Source IP address –Destination IP address –Source TCP/UDP port –Destination TCP/UDP port –TCP code bits eg. SYN, ACK –Protocol eg. UDP, TCP –Direction eg. Inbound, outbound –Network interface

Stateful Packet Filters  Keep tracks of each active connection via a state table –Monitoring of SYN code bits –Content of state table (source & destination IP address and port#, timeout)  Basis of packet forwarding decision –State table – rule set  ACK packets may be dropped if there was no associated SYN packet in state table  May remember outgoing UDP packets to restrict incoming UDP packets to replies  More intelligent but slower than traditional packet filters

Proxy-based Firewall  Client interacts with proxy  Proxy interacts with server on behalf of client  Proxy can authenticate users via userid/password  Web, telnet, ftp proxies  Can allow or deny application-level functions eg. ftp put/get  Caching capability in web proxies  Slower than packet-filter firewalls

Figure 2.18 Proxy-based firewall with application-level controls

Figure 2.19 Using proxy and stateful packet filter firewalls

Personal Firewalls  Installed on personal computers  Eg. Zone Alarm, Black Ice  Filter traffic going in and out of a machine  Usually cannot detect viruses or malicious programs

Address Resolution Protocol (ARP) and Vulnerability to Spoofing Figure 2.20 ARP

Hubs vs. Switches

Security Solutions for Networks  Application-Layer Security  Secure Sockets Layer (SSL)  Internet Protocol Security (IPSec)

Application-Layer Security Tools Pretty Good Privacy (PGP), Gnu Privacy Guard (GnuPG)Pretty Good Privacy (PGP)Gnu Privacy Guard (GnuPG) used to encrypt and digitally sign files for file transfer and Secure/Multipurpose Internet Mail Extension (S/MIME) Used to secure at the application level Supported by clients such as MS Outlook and Netscape Messenger Secure Shell (SSH) Provides remote access to a command prompt across a secure, encrypted session

Secure Socket Layer (SSL)  Specification for providing security to TCP/IP applications at the socket layer.  Allows an application to have authenticated, encrypted communications across a network  Uses digital certificates to authenticate systems and distribute encryption keys  Supports one-way authentication of server to client and two-way authentication  Used by web browsers and web servers running HTTPS  Layer 7 applications such as ftp and telnet can be modified to support SSL

Figure 2.23 client/server applications modified to support SSL

IP Security (IPSec)  Defined in RFCs 2401 to 2412  Runs at IP layer software version 4 & 6  Offers authentication of data source, confidentiality, data integrity, and protection against replays.  Comprised of Authentication Header (AH) and Encapsulating Security Payload(ESP), which can be used together or separately  Client/server must run compatible versions of IPSec

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.