Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 7 –Security in Networks  Introduction to networks  Threats against network applications  Controls against network applications  Firewalls.

Published byAvice O’Brien’ Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 7 –Security in Networks  Introduction to networks  Threats against network applications  Controls against network applications  Firewalls."— Presentation transcript:

1

2 Chapter 7 –Security in Networks  Introduction to networks  Threats against network applications  Controls against network applications  Firewalls  Intrusion detection systems  Private e-mail

3 Terminal-Host Systems  Created in the 1960s Central host computer does all the processingCentral host computer does all the processing Terminal is dumb--only a remote screen and keyboardTerminal is dumb--only a remote screen and keyboard Created in the 1960s, when microprocessors for terminal intelligence did not existCreated in the 1960s, when microprocessors for terminal intelligence did not exist TerminalsHost

4 PC Networks  The Most Common Platform in Organizations Allows PCs to share resourcesAllows PCs to share resources Both Wintel (Windows/Intel) PCs and MacintoshesBoth Wintel (Windows/Intel) PCs and Macintoshes Network

5 Network  A Network is an Any-to-Any Communication System Can connect any station to any otherCan connect any station to any other

6 “Connect to GHI” Network  Each Station has a Unique Network Address To connect, only need to know the receiver’s addressTo connect, only need to know the receiver’s address Like telephone numberLike telephone number ABC DEF GHI JKL MNO

7 LANs and WANs  Networks Have Different Geographical Scopes  Local Area Networks (LANs) Small OfficeSmall Office Office BuildingOffice Building Industrial Park / University CampusIndustrial Park / University Campus  Wide Area Networks (WANs) Connect corporate sites orConnect corporate sites or Connect corporate sites with sites of customers and suppliersConnect corporate sites with sites of customers and suppliers

8 Elements of a Simple LAN Hub or Switch Wiring Hub or Switch connects all stations Wiring is standard business telephone wiring (4 pairs in a bundle)

9 Elements of a Simple LAN Server Client PC Server Client PCs are used by ordinary managers and professionals; receive service Servers provide services to client PCs Server

10 Elements of a Simple LAN  Client PC Begin with stand-alone PCBegin with stand-alone PC Add a network interface card (NIC) to deal with the networkAdd a network interface card (NIC) to deal with the network Networks have many client PCsNetworks have many client PCs  Server Most PC nets have multiple serversMost PC nets have multiple servers

11 Wide Area Networks  WANs Link Sites (Locations) Usually sites of the same organizationUsually sites of the same organization Sometimes, sites of different organizationsSometimes, sites of different organizations WAN Site A Site C Site B

12 Client/Server Processing  Two Programs Client program on client machineClient program on client machine Server program on server machineServer program on server machine Work together to do the required processingWork together to do the required processing Client MachineServer Client Program Server Program

13 Client/Server Processing  Cooperation Through Message Exchange Client program sends Request message, such as a database retrieval requestClient program sends Request message, such as a database retrieval request Server program sends a Response message to deliver the requested information or an explanation for failureServer program sends a Response message to deliver the requested information or an explanation for failure Client MachineServer Client Program Server Program Request Response

14 Client/Server Processing  Widely Used on the Internet  For instance, webservice Client program (browser) sends an HTTP request asking for a webserver fileClient program (browser) sends an HTTP request asking for a webserver file Server program (webserver application program) sends an HTTP response message with the requested webpageServer program (webserver application program) sends an HTTP response message with the requested webpage HTTP Request Message HTTP Response Message

15 Client/Server Processing  On the Internet, a Single Client Program--the Browser (also known as the client suite)--Works with Many Kinds of C/S server applications WWW, some E-mail, etc.WWW, some E-mail, etc. Browser Webserver E-mail Server

16 Standards Organizations and Architectures  TCP/IP Standards Created by the Internet Engineering Task Force (IETF)Created by the Internet Engineering Task Force (IETF) Named after its two most widely known standards, TCP and IPNamed after its two most widely known standards, TCP and IP  TCP/IP is the architecture, while TCP and IP are individual standards  However, these are not its only standards, even at the transport and internet layers IETF standards dominate in corporations at the application, transport, and internet layersIETF standards dominate in corporations at the application, transport, and internet layers  However, application, transport, and internet standards from other architectures are still used

17 Standards Organizations and Architectures  OSI Standards Reference Model of Open Systems InterconnectionReference Model of Open Systems Interconnection Created by the International Telecommunications Union- Telecommunications Standards Sector (ITU- T)Created by the International Telecommunications Union- Telecommunications Standards Sector (ITU- T) And the International Organization for Standardization (ISO)And the International Organization for Standardization (ISO) OSI standards dominate the data link and physical layersOSI standards dominate the data link and physical layers  Other architectures specify the use of OSI standards at these layers

18 OSI Reference Model

19 TCP/IP versus OSI  Lowest Four Layers are Comparable in Functionality TCP/IPOSI ApplicationApplication Presentation Session TransportTransport InternetNetwork Data Link (use OSI) Data Link Physical (use OSI) Physical

20 Internet Standards  Accessing the WWW from Home App Trans Int DL Phy User PC Int DL Phy Router App Trans Int DL Phy Webserver HTTP TCP IP PPP Modem IP ? ?

21 Indirect Communication  Application programs on different machines cannot communicate directly They are on different machines!They are on different machines! Browser Trans Int DL Phy User PC Web App Trans Int DL Phy Webserver HTTP Request

22 Layer Cooperation on the Source Host  Application layer process passes HTTP-request to transport layer process Application Transport Internet Data Link HTTP Request PhysicalUser PC

23 Layer Cooperation on the Source Host  Transport layer makes TCP segments HTTP message is the data fieldHTTP message is the data field Adds TCP header fields shown earlierAdds TCP header fields shown earlier Transport process “encapsulates” HTTP request within a TCP segmentTransport process “encapsulates” HTTP request within a TCP segment HTTP Request TCP-H TCP Segment Data Field TCP Header

24 Layer Cooperation on the Source Host  Transport layer process passes the TCP segment down to the internet layer process Application Transport Internet Data Link TCP segment PhysicalUser PC

25 Layer Cooperation on the Source Host  The internet layer process passes the IP packet to the data link layer process Internet layer messages are called packetsInternet layer messages are called packets Application Transport Internet Data Link IP packet PhysicalUser PC

26 Layer Cooperation on the Source Host  The data link layer process passes the PPP frame to the physical layer process, which delivers it to the physical layer process on the first router, one bit at a time (no message at the physical layer) Application Transport Internet Data Link Physical (10110 …)User PC PPP frame To first router

27 PPP-T Layer Cooperation on the Source Host  Recap: Adding Headers and Trailers: Application Transport Internet Data Link HTTP msg PhysicalUser PC HTTP msg TCP-H HTTP msg TCP-H IP-H HTTP msg TCP-H IP-H PPP-H

28 Protocols  A protocol is a standard for communication between peer processes, that is, processes at the same layer, but on different machines TCP, IP, and PPP all have “protocol” as their final “P;” they are all protocolsTCP, IP, and PPP all have “protocol” as their final “P;” they are all protocols TCP (Transmission Control Protocol) is the protocol governing communication between transport layer processes on two hostsTCP (Transmission Control Protocol) is the protocol governing communication between transport layer processes on two hosts Trans TCP Message

29 Domain Name System (DNS)  Only IP addresses are official e.g., 128.171.17.13e.g., 128.171.17.13 These are 32-bit binary numbersThese are 32-bit binary numbers Only they fit into the 32-bit destination and source address fields of the IP headersOnly they fit into the 32-bit destination and source address fields of the IP headers IP Packet 32-bit Source and Destination Addresses (110011...)

30 Domain Name System (DNS)  Users typically only know host names e.g., voyager.cba.hawaii.edue.g., voyager.cba.hawaii.edu More easily remembered, butMore easily remembered, but Will not fit into the address fields of an IP packetWill not fit into the address fields of an IP packet IP Packet voyager.cba.hawaii.edu NO

31 Internet and Data Link Layer Addresses  Each host and router on a subnet needs a data link layer address to specify its address on the subnet This address appears in the data link layer frame sent on a subnetThis address appears in the data link layer frame sent on a subnet For instance, 48-bit 802.3 MAC layer frame addresses for LANsFor instance, 48-bit 802.3 MAC layer frame addresses for LANs Subnet DA DL Frame for Subnet

32 Addresses  Each host and router also needs an IP address at the internet layer to designate its position in the overall Internet Subnet 128.171.17.13

33 IPv6  Current version of the Internet Protocol is Version 4 (v4) Earlier versions were not implementedEarlier versions were not implemented  The next version will be Version 6 (v6) No v5 was implementedNo v5 was implemented Informally called IPng (Next Generation)Informally called IPng (Next Generation)  IPv6 is Already Defined Continuing improvements in v4 may delay its adoptionContinuing improvements in v4 may delay its adoption

34 IPv6  IPv6 will raise the size of the internet address from 32 bits to 128 bits Now running out of IP addressesNow running out of IP addresses Will solve the problemWill solve the problem But current work-arounds are delaying the need for IPv6 addressesBut current work-arounds are delaying the need for IPv6 addresses

Download ppt "Chapter 7 –Security in Networks  Introduction to networks  Threats against network applications  Controls against network applications  Firewalls."

Similar presentations

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Network Protocols and Communications Introduction to Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 3: Network Protocols and Communications Introduction to Networks.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Communicating over the Network Network Fundamentals – Chapter 2.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Communicating over the Network Network Fundamentals – Chapter 2.
Introduction Chapter 1. Part A: The Networking Revolution An overview of trends and the importance of networking to your career.

Introduction Chapter 1. Part A: The Networking Revolution An overview of trends and the importance of networking to your career.
Chapter Extension 7 How the Internet Works © 2008 Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 7 How the Internet Works © 2008 Prentice Hall, Experiencing MIS, David Kroenke.
Networking Theory (Part 1). Introduction Overview of the basic concepts of networking Also discusses essential topics of networking theory.

Networking Theory (Part 1). Introduction Overview of the basic concepts of networking Also discusses essential topics of networking theory.
Communicating over the Network

Communicating over the Network
Chapter 1 Read (again) chapter 1.

Chapter 1 Read (again) chapter 1.
EE 4272Spring, 2003 EE4272: Computer Networks Instructor: Tricia Chigan Dept.: Elec. & Comp. Eng. Spring, 2003.

EE 4272Spring, 2003 EE4272: Computer Networks Instructor: Tricia Chigan Dept.: Elec. & Comp. Eng. Spring, 2003.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Introduction To Networking

Introduction To Networking
Bob Baker Communications Bob Baker September 1999.

Bob Baker Communications Bob Baker September 1999.
1 Chapter 8 Local Area Networks - Internetworking Data Communications and Computer Networks: A Business User’s Approach.

1 Chapter 8 Local Area Networks - Internetworking Data Communications and Computer Networks: A Business User’s Approach.
Overview of simple LANs. Networking basics: LAN TCP/IP is the protocol used in the Internet and dominates the internet and transport layers The subnet.

Overview of simple LANs. Networking basics: LAN TCP/IP is the protocol used in the Internet and dominates the internet and transport layers The subnet.
Lecturer: Tamanna Haque Nipa

Lecturer: Tamanna Haque Nipa
Chapter Overview TCP/IP Protocols IP Addressing.

Chapter Overview TCP/IP Protocols IP Addressing.
1 Review of Important Networking Concepts Introductory material. This slide uses the example from the previous module to review important networking concepts:

1 Review of Important Networking Concepts Introductory material. This slide uses the example from the previous module to review important networking concepts:
1 Standards Chapter 2 Copyright 2003 Prentice-Hall Panko’s Business Data Networks and Telecommunications, 4 th edition.

1 Standards Chapter 2 Copyright 2003 Prentice-Hall Panko’s Business Data Networks and Telecommunications, 4 th edition.
Distributed Processing Terminal-Host Systems File Server Program Access Client Server Processing.

Distributed Processing Terminal-Host Systems File Server Program Access Client Server Processing.
1 Computer (Transport) Layer F Manages communication between two computers F Platform independence: one computer does not know even what platform the other.

1 Computer (Transport) Layer F Manages communication between two computers F Platform independence: one computer does not know even what platform the other.
Basic Concepts and Principles Chapter 1 Copyright 2001 Panko.

Basic Concepts and Principles Chapter 1 Copyright 2001 Panko.

Similar presentations

Ads by Google