How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.
Published byModified over 4 years ago
Presentation on theme: "How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people."— Presentation transcript:
How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people have a high level understanding but still don’t have enough knowledge to solve simple problems By covering these topics now, it makes learning the higher level aspects of networks easier.
What is a Network? A network is a series of computers that are connected together. Each computer on the network can send messages (information) to any other computer on the network These messages can contain requests for data or services. For example: A computer requests data from a database which resides on another computer A computer sends a document through the network to another computer for printing.
Network Structure The following diagram illustrates a network of computers File Server Printer
How do computers communicate on a network? Each network interface connector (NIC) has a unique address. (NOTE: this is NOT an internet address. More on that later). This address is called the MAC address This address is set by the manufacturer of the NIC and it NEVER changes In order for a computer to send a message to another computer, it must have its address Address:177231Address: 376543
Sending messages The sending computer constructs a message. The message contains: The sender’s address The receiver’s address The data Address:177231Address: 376543 Message Sender: 177231 Receiver: 376543 Data…
Sending the message In order for the message to be sent, it must be placed in a “Packet” A packet is the message which can be encoded on the network medium If the message is too large to fit into a single packet, the message is broken up into several packets and re- assembled by the receiver Address:177231Address: 376543 Message Sender: 177231 Receiver: 376543 Data… Packet
Receiving the message Each computer on the network is constantly listening to the network for messages which are addressed to it When it sees packets which contain its address, it reads those packets off of the network and re- assembles the packets into the original message. Address:177231Address: 376543 Message Sender: 177231 Receiver: 376543 Data… Packet
Replying to the message It is often the case that the sender is expecting a response from the receiver In this case, the roles reverse. The receiver constructs a message and sends it back to the original sender. Address:177231Address: 376543 Packet Message Sender: 376543 Receiver: 177231 Data…
Network insecurities It is at this point that we have our first security problem The network medium is shared by everyone As messages are sent through the network, there is a possibility that they can be viewed by computers other than the intended recipient This is called “sniffing” There is no way to detect that this is happening Address:177231Address: 376543 Message Sender: 376543 Receiver: 177231 Data… Packet
Network insecurities Another type of insecurity is called “Man in the Middle” In this case, the middle computer not only reads the message but changes it as it goes through the network The receiver “thinks” it is getting a message from the sender. The message is actually hijacked by the middle man. There is no way to detect that this is happening Address:177231Address: 376543 Message Sender: 376543 Receiver: 177231 Data… PacketX Packet
Network insecurities – Defence Sniffing and Man in the middle are problems because of the way network hardware worked. Packets were sent to ALL computers on the network (via a hub) and computers would only take messages that were destined for them. New technology (called a switch) only sends the message to the receiving computer. Address:177231Address: 376543 Message Sender: 376543 Receiver: 177231 Data… Packet
Network Structure What we’ve seen so far are computers which are connected to the same physical network But what about computers which are connected to different networks? This is the basis for what we call the “Internet” ?
A Network of Networks – Gateways and Routers Networks are connected together with gateways or routers A gateway is a computer which connects to more than one network A router is a device which connects to more than one network for the purpose of routing traffic between those networks
Sending Messages – Between Networks Each computer has a MAC address. This address is used for sending messages to computers on the same network. A computer’s MAC address is ONLY known on the network to which it is directly connected In order to send a message to a computer on another network, we need a second address
Internetworking Address – IP address To be connected to a network of networks, each computer needs an Internet address This address indicates the computer and the network to which the computer is connected On the Internet, addresses are 32 bits long. They are represented by 4 decimal numbers separated by a period These are examples of Internet Addresses 22.214.171.124 192.168.215.7 126.96.36.199
Network Addressing Setup In this example, each computer has an IP address and that address indicates which network the computer is connected to Because the gateway is connected to both networks, it has 2 IP address (one for each connection) Network: 136.159.2Network: 136.159.3 188.8.131.52184.108.40.206 220.127.116.1118.104.22.168
Sending messages between networks When a computer wishes to send a message, it must know the IP address of the receiver computer. Because the IP address includes the network address, the computer can identify if the receiver is on the same network as itself. If so, it obtains the MAC address of the receiving computer and sends the message directly to it. If the receiver is NOT on the same network, the computer only has one place to send the message To the gateway machine. The computer obtains the MAC address of the gateway and sends the message to it.
The Gateway - Routing There are two possibilities for the gateway: The receiving computer is connected to a network that the gateway is connected to. The gateway obtains the MAC address of the receiver and sends the message to it. The receiving computer is NOT connected to a network that the gateway is connected to. In this case, the gateway has some decisions to make. Where should it send the message?
Routing The Internet is made up of many computers. Some are gateways Some are just computers which use the services of the Internet Gateways know about other gateways. When a gateway receives a message which it doesn’t know what to do with, it must figure out (based on the messages destination address) which gateway to forward the message to. It must choose a gateway which is one step closer to the receiving computer. Every time a message goes through a gateway is called a “hop”.
The Internet Backbone At the core of the Internet is a series of very powerful machines which make up its “backbone” These machines reside in universities, telephone companies, government agencies, ISPs, etc. Packets “hop” through the internet from gateway to gateway until they reach their destination computer. What are the pros and cons of this kind of structure?
The Internet – From a different point of view The previous slides have all shown how the Internet works at the very low level There is another perspective of the Internet at a high level This is the level with which most people are familiar This higher level is focused on a communication mechanism called a “Socket”.
Sockets – What are they? A socket is like a telephone. The sending (source) computer wants to make a call to the receiving (destination) computer. The source knows the IP address of the destination The source opens a “Socket” to the destination The destination must be “listening” for the connection. The destination can choose to “accept” the connection or to refuse the connection. A socket is a bidirectional communication path Messages can be sent in both directions through a socket.
Ports – What are they? Because the destination computer can be listening for MANY different connections, we need a way to manage multiple connections to a computer This is accomplished with “ports”. When a source attempts to establish a socket connection with the destination, it must specify a “port” that is trying to connect to. The port indicates which services the source is trying to connect with. Eg: www is port 80 email (smtp) is port 25
IP Address:22.214.171.124 Port: 13573 Sockets – Making the connection To establish a connection between 2 computers on the Internet, a socket requires 4 pieces of information: The IP address of the source The IP address of the destination The port of the destination The port of the source * *NOTE: The port of the source computer is chosen at random by the source IP Address:126.96.36.199 Port: 80
Security Implications What are the security implications of this structure? If your computer isn’t listening on any ports, then you are relatively safe. Products like zone-alarm notify the user when an attempt is made to connect to a port on the computer Hackers regularly perform “port scans” on possible target computers They attempt to connect to every port If a connection is made, they might attempt to exploit that connection
Viruses/Trojan Horses Normally, your computer at home shouldn’t be listening on any ports. However, if your computer gets infected with a virus or trojan horse, that program may: Attempt to notify someone on the outside that your computer is infected. Listen on a port so that someone on the outside world can connect to your computer. What can a hacker do if s/he can connect to your computer? That depends on the program which is listening for connections from the outside world.
Firewalls This is where firewalls come in to play A firewall is a device which monitors the connections being made. An administrator figures out ahead of time which connections (ports) that are to be allowed and which are to be denied and set up rules The firewall filters out any packets which do not match the rules. Some firewalls will notify an administrator via email or pager if certain kinds of suspicious activity is seen Firewalls are very limited in the security that they can offer
NAT – Network Address Translation Many firewall devices offer something called NAT The firewall has a valid IP address The machines behind the firewall do not When an internal machine makes a request to the Internet, it goes through the firewall In doing so, the firewall puts its own address on the message. The outside world never knows the true address of the internal machine When the reply comes back to the firewall, it forwards the message to the machine which originally made the request Only the firewall truly knows the address of the destination computer
NAT and Security NAT augments the security provided by firewalls considerably However, they can’t provide ultimate security There are still ways in which a machine can be compromised even it NAT is involved. If your machine is infected with a trojan horse or virus which seeks out a connection (rather than listens for one), you still have security problems. Be sure to keep up your virus scanner up to date