Slides for chapter 2

prunelimitΔίκτυα και Επικοινωνίες

23 Οκτ 2013 (πριν από 3 χρόνια και 7 μήνες)

95 εμφανίσεις

ISA 3200

NETWORK SECURITY

Chapter 2: An Introduction to Networking

Learning Objectives

Upon completion of this chapter, you should be able to:


Describe the basic elements of computer
-
based data
communication


Know the key entities and organizations behind current
networking standards, as well as the purpose of and
intent behind the more widely used standards


Explain the nature and intent of the OSI reference
model and list and describe each of the model’s seven
layers


Describe the nature of the Internet and the relationship
between the TCP/IP protocol and the Internet


2

5/31 and 6/2

ISA 3200
---
Summer 2010

Networking Fundamentals


Fundamental exchange of information:
sender communicates message to receiver
over some medium


Communication only occurs when recipient is
able to receive, process, and comprehend
message


One
-
way flow of information is called a
channel


When recipient becomes a sender, for
example by responding to original sender’s
message, this two
-
way flow is called a circuit


3

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
4

Networking Fundamentals (continued)


4


Any medium may be subject to
interference, called noise, which occurs in
variety of forms


Attenuation: loss of signal strength as signal
moves across media


Crosstalk: occurs when one transmission
“bleeds” over to another


Distortion: unintentional variation of
communication over media

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
5

Networking Fundamentals (continued)


5


Any medium may be subject to interference,
called noise, which occurs in variety of forms
(continued)


Echo: reflection of a signal due to equipment
malfunction or poor design


Impulse: sudden, short
-
lived increase in signal
frequency or amplitude, also known as a spike


Jitter: signal modification caused by
malfunctioning equipment


White noise: unwanted noise due to signal
coming across medium at multiple frequencies

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
6

Reasons to Network


6


Data communications: exchange of
messages across a medium


Networking: interconnection of groups or
systems with purpose of exchanging
information


Some reasons to build a network:


To exchange information


To share scarce or expensive resources


To allow distributed organizations to act as
if centrally located

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
7

Types of Networks


7


Networks can be categorized by:


Components: peer
-
to
-
peer (P2P), server
-
based, distributed multi
-
server


Size: local area network (LAN), metropolitan
area network (MAN), wide area network
(WAN)


Layout or topology: physical (ring, bus, star,
hierarchy, mesh, hybrid), logical (bus, star)


Media: guided (wired), unguided (wireless)

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
8

Network Standards


8


Among the agencies that work on data
communications standards are:


Internet Society (ISOC)


Internet Assigned Numbers Authority (IANA)


American National Standards Institute (ANSI)


International Telecommunication Union (ITU)


Institute of Electrical and Electronics Engineers
(IEEE)


Telecommunications Industry Association (TIA)


International Organization for Standardization
(ISO)

5/31 and 6/2

ISA 3200
---
Summer 2010

Layered Schemes

5/31 and 6/2

ISA 3200
---
Summer 2010


9


Communication is so complex that it is
very helpful to modularize the systems
involved


The scheme generally used is a layered
scheme


Each layer in a communication ‘stack’
handles one aspect of communication
over a network

Logical vs. Actual

5/31 and 6/2

ISA 3200
---
Summer 2010


10


A layer operates by


Receiving data from a higher layer


Sending data to a lower layer


Logically, a layer acts as if it is
communicating with the associated layer
on a different system


5/31 and 6/2

ISA 3200
---
Summer 2010


11

Layer 1

Layer 2

Layer 3

Host A

Layer 1

Layer 2

Layer 3

Host B

Logical Channels

Hops

5/31 and 6/2

ISA 3200
---
Summer 2010


12


Connecting one network to another


Some hosts belong to two or more
networks


Communication can move from physical
network to
physical network

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
13

OSI Reference Model and Security


13


OSI reference model allocates functions of
network communications into seven distinct
layers, each with its own functions and protocols


Premise of model is information sent from one
host is translated and encoded through various
layers, from Application layer to Physical layer


Physical layer initiates transmission to receiver


Receiver translates and decodes message by
processing information through each layer in
reverse order

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
14

The Physical Layer


14


The primary function of the Physical layer is
to place the transmission signal carrying the
message onto the communications media

that is, to put “bits on a wire”


The functions of the Physical layer are:


Establish and terminate the physical and logical
connection to the media


Manage the flow and communication on the
media


Embed the message onto the signal carried
across the physical media

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
15

Network Media


15


Dominant media types and standards
include:


Coaxial cable


Fiber
-
Optic cable


Twisted
-
pair wire


Wireless LAN


Bluetooth


Infrared

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
16

Embedding the Message


16


Method used to embed message on signal
depends on type of message and type of
signal


Two types of message (or information):


Analog information: continuously varying
source (such as voice communications)


Digital information: discrete, between a few
values (such as computer communications)

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
17

Embedding the Message
(continued)


17


Multiplexing combines several circuits to
create high
-
bandwidth stream to carry
multiple signals long distances


Three dominant multiplexing methods are:


Frequency division multiplexing (FDM): combines
voice channels


Time division multiplexing (TDM): assigns a time
block to each client


Wave division multiplexing (WDM): uses different
frequencies of light so multiple signals can travel
on same fiber
-
optic cable

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
18

Managing Communication


18


Bit (or signal) flow conducted in several ways:


Simplex transmissions: flow one way through a
medium


Half
-
duplex transmissions: flow either way, but
in only one direction at a time


Full
-
duplex transmissions: can flow both ways at
the same time


Serial transmissions: flow one bit at a time down
a single communications channel


Parallel transmissions: flow multiple bits at a
time down multiple channels

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
19

Managing Communication (continued)


19


Asynchronous (or timing
-
independent)


Formulate data flow so each byte or character
has its own start and stop bit


Used in older modem
-
based data transfers to
send individual characters between systems


Synchronous (or timing
-
dependent)


Use computer clocking to transmit data in
continuous stream between two systems


Clock synchronization makes it possible for end
nodes to identify start and end of data flow


This protocol is much more efficient

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
20

Data Link Layer


20


Primary networking support layer


Referred to as first “subnet” layer because
it provides addressing, packetizing, media
access control, error control, and some
flow control for local network


In LANs, it handles client
-
to
-
client and
client
-
to
-
server communications

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
21

Data Link Layer (continued)


21


DLL is further divided into two sublayers:


Logical Link Control (LLC) sublayer


Primarily designed to support multiplexing and
demultiplexing protocols transmitted over MAC
layer


Also provides flow control and error detection
and retransmission


Media Access Control (MAC) sublayer


Designed to manage access to communications
media

in other words, to regulate which clients
are allowed to transmit and when

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
22

DLL Protocols


22


Dominant protocol for local area
networking is Ethernet for wired networks
and Wi
-
Fi for wireless networks


Other DLL LAN protocols include:


Token ring


Fiber Distributed Data Interface (FDDI)


Point
-
to
-
Point Protocol (PPP)


Point
-
to
-
Point Tunneling Protocol (PPTP)


Layer Two Tunneling Protocol (L2TP)


WANs typically use ATM and frame relay

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
23

Forming Packets and Addressing


23


First responsibility of DLL is converting
Network layer packet into DLL frame


DLL adds not only a header but also a trailer


When necessary, packet is fragmented into
frames, with corresponding information
embedded into each frame header


Addressing is accomplished with a number
embedded in network interface card (NIC)


This MAC address allows packets to be
delivered to an endpoint; typically shown in
hexadecimal format (e.g., 00
-
00
-
A3
-
6A
-
B2
-
1A)

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
24

Media Access Control


24


A primary function of DLL is controlling
flow of traffic

that is, determining which
station is allowed to transmit when


Two general approaches:


Control


Contention

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
25

Media Access Control (continued)


25


Control (deterministic)


Well
-
regulated network: traffic transmitted in
orderly fashion, maintaining optimal data rate


Facilitate priority system: key clients or servers
can be polled more frequently than others


Contention (stochastic)


Clients listen to determine if channel is free and
then transmit


Must have mechanisms to deal with collisions


Collision avoidance vs. collision detection

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
26

Switches and Bridges


26


Specific technologies used to connect networks
at Data Link layer


While hub connects networks at Physical layer,
connecting two networks with hub results in one
large network (or collision domain)


Connection via Layer 2 switch, capable of
bridging, maintains separate collision domains


Bridging: process of connecting networks with
DLL protocols while maintaining integrity of each
network, only passing messages that need to be
transmitted between the two

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
27

Network Layer and Packetizing


27


Network layer is primary layer for
communications between networks


Three key functions:


Packetizing


Addressing


Routing


During packetizing, Network layer takes
segments sent from Transport layer and
organizes them into packets for
transmission across a network

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
28

Addressing


28


Network layer uses network
-
layer address
to uniquely identify destination across
multiple networks


Typical address consists of the network
ID and the host ID


In TCP/IP, IP address is network
-
layer
address


IP address contains source and
destination IP address along with
additional packet information

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
29

Addressing (continued)


29


Addresses maintained and issued by Internet
Assigned Numbers Authority (IANA)


In early years, addresses distributed as
follows:


Class A: consists of primary octet (the netid)
with three octets providing host ID portion;
allows up to 16,777,214 hosts on network


Class B: consists of two octets in netid with two
octets providing 65534 host IDs


Class C: consists of three octets in netid with one
octet providing 254 host IDs


Class D and Class E addresses are reserved

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
30

Addressing (continued)


30


This address assignment method proves
inefficient


Internet moving to new version of IP, IPv6,
which uses 128
-
bit address instead of 32
-
bit


Increases available addresses by factor of
2
128


Network Address Translation (NAT): uses
device, like a router, to segregate external
Internet from internal network


Device maps organizational addresses to
different addresses inside the intranet

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
31

Routing


31


Moving Network layer packets across
networks


Routing protocols include static and dynamic


Internal routing protocols:


Used inside autonomous system (AS)


Distance
-
vector routing protocols and link
-
state
routing protocols


External routing protocols:


Communicate between autonomous systems


Translate different internal routing protocols


Border Gateway Protocol (BGP)

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
32

Transport Layer


32


Primary function of Transport layer is to
provide reliable end
-
to
-
end transfer of
data between user applications


Lower layers focus on networking and
connectivity while upper layers, beginning
with Transport layer, focus on
application
-
specific services


Transport layer also responsible for end
-
to
-
end error control, flow control, and
several other functions

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
33

Error Control


33


Process of handling problems with
transfer process, which may result in
modified or corrupted segments


Broken into two components: error
detection and error correction


Errors are typically single
-
bit or multiple
-
bit


Bit errors are most likely the result of
noise interference

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
34

Error Control (continued)


34


Errors detected using one of several schemes:


Repetition: data transmitted redundantly


Parity: “check bits” at end of each byte of data


Redundancy: parity calculated for blocks of data
rather than individual byte (LRC, VRC, CRC)


Errors typically corrected by retransmission
of damaged segment


Dominant error correction techniques are
automatic repeat requests (ARQs)


Three most common ARQs are Stop
-
And
-
Wait, Go
-
Back
-
N, and Selective Repeat

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
35

Flow Control


35


Purpose is to prevent receiver from being
overwhelmed with segments, preventing
effective processing of each received segment


Some error correction techniques have built
-
in flow control


Dominant technique is sliding window
protocol, which provides mechanism by
which receiver can specify number of
segments (or bytes) it can receive before
sender must wait


Receiver enlarges or reduces window size as
necessary

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
36

Other Functions of the Transport Layer


36


Assignment of ports, which identify the
service requested by a user


Combination of Network layer address
and port is referred to as a socket


Tunneling protocols also work at
Transport layer


These protocols work with Data Link layer
protocols to provide secure connections

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
37

Session Layer


37


Responsible for establishing, maintaining,
and terminating communications sessions
between two systems


Regulates whether communications are
simplex (one way only), half
-
duplex (one
way at a time), or full
-
duplex
(bidirectional)

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
38

Presentation Layer


38


Responsible for data translation and
encryption functions


For example, if one system is using standard
ASCII and another is using EBCDIC, the
Presentation layer performs the translation


Encryption can also be part of operations
performed at this level


Presentation layer encapsulates Application
layer messages prior to passing them down
to Transport layer

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
39

Application Layer


39


At Application layer, user is provided with
a number of services, most aptly called
application protocols


TCP/IP protocol suite includes
applications such as e
-
mail (SMTP and
POP), World Wide Web (HTTP and HTTPS),
file transfer (FTP and SFTP), and others

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
40

The Internet and TCP/IP


40


The Internet incorporates millions of small,
independent networks, connected by most of
the major common carriers


Most services we associate with the Internet
are based on Application layer protocols


The Internet is a physical set of networks,
while the World Wide Web (WWW) is a set of
applications that run on top of the Internet


Web uses domain name
-
based Uniform
Resource Identifiers (URIs), Uniform Resource
Locator (URL) being best
-
known type

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
41

TCP/IP


41


TCP/IP actually suite of protocols used to
facilitate communications across the
Internet


Developed before OSI reference model, it
is similar in concept but different in detail


TCP/IP model is less formal than OSI
reference model


Each of the four layers of TCP/IP model
represents a section of one or more layers
of OSI model

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
42

Application Layer


42


TCP/IP Application layer consists of utility
protocols that provide value to end user


Data from users and utilities are passed
down to Transport layer for processing


Wide variety of Application layer protocols
that support Internet users: SMTP, POP for e
-
mail, FTP for data transfer, HTTP for Web
content


Application layers on each host interact
directly with corresponding applications on
other hosts to provide requisite
communications support

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
43

Transport Layer


43


Responsible for transferring of messages,
including resolution of errors, managing
necessary fragmentation, and control of
message flow, regardless of underlying
network


Connection or connectionless messages


Connects applications through use of ports


Lowest layer of TCP/IP stack to offer any
form of reliability


TCP: connected, reliable protocol


UDP: connectionless, unreliable protocol

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
44

Internetwork Layer


44


Handles moving packets in a single
network


Examples of protocols are X.25 and
ARPANET’s Host/IMP Protocol


Internet Protocol (IP) performs task of
moving packets from source host to
destination host


IP carries data for many different upper
-
layer protocols


5/31 and 6/2

ISA 3200
---
Summer 2010

Internetwork Layer (continued)


45


Some protocols carried by IP function on
top of IP but perform other Internetwork
layer functions


All routing protocols are also part of
Network layer

Firewalls & Network Security, 2nd ed.
-

Chapter 2

Slide
45

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
46

Subnet Layers


46


TCP/IP Subnet layers include Data Link
and Physical layers


TCP/IP relies on whatever native network
subnet layers are present


For example, if user’s network is Ethernet
then IP packets are encapsulated into
Ethernet frames


No specification for Data Link layer or
Physical layer

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
47

Chapter Summary


47


Fundamental exchange of information:
sender communicates message to receiver
over some medium


Communication only occurs when
recipient is able to receive, process, and
comprehend message


Any medium may be subject to
interference: attenuation, crosstalk,
distortion, echo, impulse, jitter, white
noise

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
48

Chapter Summary (continued)


48


Some reasons to build a network:


To exchange information


To share scarce or expensive resources


To allow distributed organizations to act as if
centrally located


Networks can be categorized by:
components, size, layout or topology, media


OSI reference model allocates functions of
network communications into seven distinct
layers, each with its own functions and
protocols

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
49

Chapter Summary (continued)


49


OSI reference model layers:


Physical: puts transmissions onto media


Data Link: primary networking support layer


Network: primary layer for communications
between networks


Transport: provides reliable end
-
to
-
end transfer
of data between user applications


Session: establishes, maintains, terminates
communications sessions between two systems


Presentation: data translation and encryption


Application: provides application protocols

5/31 and 6/2

ISA 3200
---
Summer 2010

Firewalls & Network Security, 2nd ed.
-

Chapter 2


Slide
50

Chapter Summary (continued)


50


Each of four layers of TCP/IP model
represents a section of one or more layers of
OSI model


Application: consists of utility protocols that
provide value to end user


Transport: responsible for transferring
messages, regardless of underlying network


Internetwork: handles moving packets in a single
network


Subnet: includes Data Link and Physical layers,
relying on whatever native network subnet layers
are present for signal transmission

5/31 and 6/2

ISA 3200
---
Summer 2010

Demo

5/31 and 6/2

ISA 3200
---
Summer 2010


51


ipconfig

in Windows


ifconfig

in Linux/Unix


ping


nslookup

Demo

5/31 and 6/2

ISA 3200
---
Summer 2010


52


Setting up a shared folder on the host


Accessing from Windows


//
vmware
-
host/Shared Folders


Accessing from Linux


/
mnt
/
hgfs