Network Layer - ISSA South Texas Chapter

inexpensivedetailedΔίκτυα και Επικοινωνίες

23 Οκτ 2013 (πριν από 3 χρόνια και 9 μήνες)

80 εμφανίσεις

Classification Public

CISSP Training:
Telecommunications and
Networks

Prepared by T. Brian Granier

March 2006 based upon Shon
Harris,
All in One CISSP Exam
Guide, Third Edition

Classification Public

Domain Objectives
-

Telecom


OSI model


TCP/IP and many other protocols


LAN, WAN, MAN, intranet and extranet
technologies


Cable types and data transmission types


Network devices and services


Communications security management


Telecommunications devices


Remote access methods and technologies


Wireless technologies

Classification Public

Protect confidentiality, integrity, and availability:


C
onfidentiality


through network protocols,
authentication services, encryption services


I
ntegrity


through firewalls and IDS


A
vailability


through backups and redundancy,
operating performance

Never forget


CIA Model

CIA Triad

Integrity

Confidentiality

Availability

Classification Public

OSI Model


Physical


Data Link (Logical Link Control / Media Access Control)


Network


Transport


Session


Presentation


Application

P
lease
D
o
N
ot
T
hrow
S
ausage
P
izza
A
way

or

A
ll
P
eople
S
eem
T
o
N
eed
D
ata
P
rocessing

Classification Public

OSI Model (Continued)

The OSI (Open Systems Interconnection) reference model
was developed by the International Standards
Organization (ISO). It defines seven layers of
functionality in data communications (protocol stack).


It is a protocol hierarchy
-

layer n talks to layer n on
another host through interfaces with lower and upper
layers on the same host.


In the OSI model, layers 1
-
3 are considered chained
(vertical) and layers 4
-
7 are end
-
to
-
end between
networks (horizontal), even though the actual data
transmission is always vertical, except at the lowest
layer.

Classification Public

OSI Model (Continued)

Physical Layer


transmits raw bit stream (1s and 0s) over a
communications channel (wire or fiber connection).


unit transferred: bits


defines mechanical, functional, and electrical
interface specification for connection to media


physical link characteristics include voltage levels,
timing of voltage changes, physical data rates,
maximum transmission distances, and physical
connectors


physical layer hardware: cabling, transceivers, hubs

Classification Public

OSI Model (Continued)

Data Link Layer


unit transferred: frames


formats messages for transmission


transfers units of data (frames) across physical link.


breaks the raw input data stream into data frames for the network layer.


processes acknowledgement frames from the receiver.


bridge is example of L2 device


handles physical addressing (MAC address), line discipline, error
notification, optional flow control


Data link layer has two sublayers defined by IEEE: MAC (Media Access
Control) and LLC (Logical Link Control).

Classification Public

OSI Model (Continued)

Data Link Layer continued

Media Access Control (MAC) Sublayer


MAC address is 48 bit physical address, unique for LAN interface card.


Burned into Read Only Memory.


First six bits provided by IEEE, identify vendor


MAC sublayer manages protocol access to physical network medium


how do stations on a network gain access to the media and permission to transmit their
data
-

contention, token passing, polling

Logical Link Control (LLC) Sublayer


defined in IEEE 802.2 specification


presents a uniform interface to upper layers, independent of LAN media access


allows multiple higher layer protocols to share a single physical data link


includes CRC fields responsible for frame synchronization, flow control, and error
checking within the frame

Classification Public

OSI Model (Continued)

Network Layer


unit transferred: packets (datagrams)


creates and routes packets


IP addressing (if TCP/IP network)


manages connections across network.


adds routing information and selects appropriate facilities for
transmitting message.


breaks messages into packets at sending end and reassembles
packets into messages at receiving end.


controls operation of subnet
-

congestion control, accounting


devices not on the same network must communicate via
intermediate system (e.g., router)


routing protocols operate at this layer

Classification Public

OSI Model (Continued)

Transport Layer


unit transferred: segments


establishes and deletes connections across the network


accepts data from session layer, splits into smaller units
(fragmentation/reassembly), passes to network layer, and ensures
safe arrival at other end.


provides reliable data transmission, including error correction and
reestablishing communication after a network failure.


transport layer functions include flow control, multiplexing, virtual
circuit management, error checking and recovery


Transport protocols: TCP (reliable), UDP (unreliable)


Ports, sockets at this layer

Classification Public

OSI Model (Continued)

Session Layer


establishes and terminates logical sessions
between machines (ex. RPC, X Windows) and
synchronizes communication.


AppleTalk protocol is one example


not really used in TCP/IP model.

Classification Public

OSI Model (Continued)

Presentation Layer


standardizes data presentation to application.


ensures that information is delivered in a form the
recipient can understand, responsible for translating
data into formats that can be readily understood by
each system.


handles syntax and semantics of transmitted
information, code formatting and conversion
(EBCDIC
-
ASCII, one's or two's complements), may
handle encryption


Layer 6 standards include JPEG, GIF, MPEG, MIDI

Classification Public

OSI Model (Continued)

Application Layer


manages user interface to network


interacts with software applications that implement a
communicating component: file access and transfer,
virtual terminal, email, web


SMTP, telnet, FTP, TFTP, HTTP, SNMP, etc.

Classification Public

OSI Model (Continued)

TCP/IP Reference Model


OSI model was developed before protocols. TCP/IP
model was developed after protocols.


OSI model has some stuff that turned out not to be
very useful (session and presentation layers)


TCP/IP model has 4 layers: Application, Transport,
Internet (network), Host
-
to
-
network (combines Data
link and Physical layers). Some people use a five
layer model
-

leave data link and physical layers in.

Classification Public

OSI Model (Continued)


OSI Model vs. TCP/IP Model



Classification Public

OSI Model (Continued)

Resources


"Understanding IP Addressing: Everything You Ever
Wanted To Know", Chuck Semaria,


http://www.3com.com/nsc/501302.html

(this is a
great tutorial if you want to understand IP
addressing, subnetting, etc.)


CISSP preparation slides, Domain 2 Review, Ben
Rothke,


http://www.rothke.com



Books: Computer Security Basics (Russell &
Gangemi), Computer Networks (Tanenbaum)

Classification Public


Connection oriented protocol (TCP)


TCP Three way hand shake


Connectionless protocol (UDP)


ARP


RARP (DHCP and Bootp)


ICMP


Routing Protocols

Common Ports: ftp, http, https, dns, smtp, ssh, snmp



20/21, 80, 443, 53, 25, 22, 161/162

TCP/IP and many other protocols

Classification Public

IPv4


Class A (0.0.0.0


127.255.255.255) /8


Class B (128.0.0.0
-

191.255.255.255) /16


Class C (192.0.0.0


223.255.255.255) /24


Class D (224.0.0.0


239.255.255.255)


Class E (240.0.0.0


255.255.255.255)

IPv6

TCP/IP… (Continued)

Classification Public


Unicast


I want to talk to you


Multicast


I want to talk to my subscribers


Broadcast


I want to talk to everyone

TCP/IP… (Continued)

Classification Public

LAN Topologies


Ring Topology, Bus Topology, Star Topology, Mesh
Topology


Physical vs. Logical topologies

Ethernet (802.3)


most common today


10Base2, 10Base5, 10Base
-
T, FastEthernet

Token Ring (802.5)


logical ring, physical star

FDDI (802.8)


two counter
-
rotating fiber rings

LAN, WAN, MAN, intranet and
extranet technologies

Classification Public


LAN, MAN and WAN


T
-
Circuit types


24 normal 64 kbs channels = 1 T1


28 T1s = 1 T3


Frame
-
relay


X.25


ATM


SONET Ring

LAN, WAN, MAN, intranet and
extranet technologies

Classification Public

Data Transmission types


Analog and Digital


Asynchronous and Synchronous


Broadband and Baseband

Cable types


Coaxial (Thicknet and Thinnet)


Twisted Pair (STP and UTP)


Cat 1 through Cat 7


Fiber
-
optic

Cable and data transmission types

Classification Public

Cable issues


Noise


did you check for fluorescent lights?


Attenuation


you ran the cable how long?


Crosstalk


do you splice the wires together?


Plenum cabling and fire safety

Cable and data transmission types

Classification Public

Media Access Technologies


Token Passing


CSMA/CD


CSMA/CA


Collision Domains


Polling

Cable and data transmission types

Classification Public


Repeaters (Layer 1)


Bridges (Layer 2)


Switches (Layer 2, but…….)


VLANs


Routers (Layer 3 usually)


Gateway (Layer 7 usually)


Network devices and services

Classification Public

Firewalls


Packet Filtering (think router acls)


Stateful Inspection (Checkpoint, iptables)


Proxy (Sonicwall, Eagle>Ratpor>Axent>Symantec)


Application level proxy


Circuit level proxy (sometimes called GSP)


Dynamic Packet filtering (Reflexive)


Kernel Proxy firewalls


Network dvcs and svcs (Cont)

Classification Public

Firewall architectures


Bastion Host


Dual
-
homed firewall


Screened host


Screened subnet

Network dvcs and svcs (Cont)

Classification Public

Other concepts


Spoofing


Honeypots


DNS


cache poisoning and split DNS (split
-
split
DNS)


NAT (Static, Dynamic aka Hide, PAT)


Intranets and Extranets

Network dvcs and svcs (Cont)

Classification Public


QoS


Quality of Service


Constant Bit Rate (CBR) for the delay intolerant


Variable Bit Rate (VBR) for bursty traffic


Unspecified Bit Rate (UBR) best effort service


Available Bit Rate (ABR) take what’s left


http://www.cell
-
relay.com/cell
-
relay/FAQ/d/d16.html


SMDS


Switched Multimegabit Data Source


SDLC


Synchronous Data Link Control


HDLC


High
-
level Data Link Control


HSSI


High
-
Speed Serial Interface

Telecommunications devices

Classification Public


PSTN


VoIP


H.323 Gateways


CSU/DSU


Switching

Telecom devices (Continued)

Classification Public


Dial
-
up and RAS


ISDN, DSL and Cable


VPN


Tunneling Protocols


PPP


PPTP


LT2P


Authentication


PAP


Send in clear text


CHAP


challenge response


EAP


open the door wide to other methods

Remote access methods and
technologies

Classification Public


Spread spectrum


Frequency Hopping Spread Spectrum


Direct Sequence Spread Spectrum
-

use it all


WLAN Terminology


Access Point (AP)


Service Set ID (SSID)


Ad hoc or infrastructure


WEP, LEAP, WPA, WPA
-
2


War driving

Wireless technologies

Classification Public


Wireless standards


802.11b (2.4 Ghz)


11 Mbps


802.11a (5 Ghz)


54 Mbps


802.11e
-

guaranteed delivery


802.11f


enables roaming


802.11g (2.4 Ghz)


54 Mbps


802.11h


follow on to 802.11a for European
countries


802.11i


security models


802.1x

Wireless technologies (Continued)

Classification Public


More wireless standards


802.11j


International interoperability


802.11n


5 GHz WWiSE for > 100 MBps
throughput with intent to maintain backwards
compatability


802.16


MAN wireless standard


802.15


WPAN for PDAs and cell phones


Bluetooth


WAP


gateway between small handheld devices
and normal web applications

Wireless technologies (Continued)

Classification Public








Questions?

The End