SlideShare a Scribd company logo

5. telecomm & network security

Download as PPT, PDF
7
7wounders

This document provides an overview of telecom and network security topics including: - The OSI model and its 7 layers for network communications. - Common LAN topologies like star, bus, ring and their characteristics. - Network hardware, protocols, IP addressing schemes, subnet masking and basic firewall architectures. - Telecommunications security issues and an introduction to routing, WANs, and protocols like Ethernet, Token Ring, FDDI and Frame Relay.

EducationTechnologyBusiness
1 of 98
Downloaded 94 times
1
2
3
4
5
6
Most read
7
Most read
8
9
Most read
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
Telecom and Network Security
Telecom And Network Security Understand the OSI model Identify network hardware Understand LAN topologies Basic protocols - routing and routed Understand IP addressing scheme Understand subnet masking Understand basic firewall architectures Understand basic telecommunications security issues
Telecom and Network Security  Intro to OSI model  LAN topologies  OSI revisited • hardware • bridging,routing • routed protocols, WANs  IP addressing, subnet masks  Routing Protocols
OSI/ISO ??  OSI model developed by ISO, International Standards Organization  IEEE - Institute of Electrical and Electronics Engineers  NSA - National Security Agency  NIST - National Institute for Standards and Technology  ANSI - American National Standards Institute  CCITT - International Telegraph and Telephone Consultative Committee
OSI Reference Model  Open Systems Interconnection Reference Model  Standard model for network communications  Allows dissimilar networks to communicate  Defines 7 protocol layers (a.k.a. protocol stack)  Each layer on one workstation communicates with its respective layer on another workstation using protocols (i.e. agreed-upon communication formats)  “Mapping” each protocol to the model is useful for comparing protocols.
The OSI Layers 7 Application Provides specific services for applications such as file transfer 6 Presentation Provides data representation between systems 5 Session Establishes, maintains, manages sessions example - synchronization of data flow 4 Transport Provides end-to-end data transmission integrity 3 Network Switches and routes information units 2 Data Link Provides transfer of units of information to other end of physical link 1 Physical Transmits bit stream on physical medium Mnemonic: Please Do Not Take Sales Person Advice
Data Flow in OSI Reference Model Host 1 Host 2 Data travels down the stack 7 Applicatio Then up the receiving stack 7 Applicatio n n 6 Presentation 6 Presentation 5 Session 5 Sessio 4 Transport n 4 Transport 3 Network 3 Network 2 Data Link 2 Data Link 1 Physical 1 Physical Through the network As the data passes through each layer on the client information about that layer is added to the data.. This information is stripped off by the corresponding layer on the server.
OSI Model  Protocols required for Networking are covered in OSI model  Keep model in mind for rest of course  All layers to be explored in more detail
LAN Topologies  Star Topology  Bus Topology
LAN Topologies Cont…  Ring Topology
Star Topology  Telephone wiring is one common example  Center of star is the wire closet  Star Topology easily maintainable
Bus Topology  Basically a cable that attaches many devices  Can be a “daisy chain” configuration  Computer I/O bus is example
Tree Topology  Can be extension of bus and star topologies  Tree has no closed loops
Ring Topology  Continuous closed path between devices  A logical ring is usually a physical star  Don’t confuse logical and physical topology
Network topologies Topology Advantages Disadvantages Bus • Passive transmission medium • Channel access technique • Localized failure impact (contention) • Adaptive Utilization Star • Simplicity • Reliability of central node • Central routing • Loading of central node • No routing decisions Ring • Simplicity • Failure modes with global effect • Predictable delay • No routing decisions
LAN Access Methods  Carrier Sense Multiple Access with Collision Detection (CSMA/CD)  Talk when no one else is talking  Token  Talk when you have the token  Slotted  Similar to token, talk in free “slots”
LAN Signaling Types  Baseband  Digital signal, serial bit stream  Broadband  Analog signal  Cable TV technology
Ethernet  Bus topology  CSMA/CD  Baseband  Most common network type  IEEE 802.3  Broadcast technology - transmission stops at terminators
Token Bus  IEEE 802.4  Very large scale, expensive  Usually seen in factory automation  Used when one needs:  Multichannel capabilities of a broadband LAN  resistance to electrical interference
Token Ring  IEEE 802.5  Flow is unidirectional  Each node regenerates signal (acts as repeater)  Control passed from interface to interface by “token”  Only one node at a time can have token  4 or 16 Mbps
Fiber Distributed Data Interface (FDDI)  Dual counter rotating rings  Devices can attach to one or both rings  Single attachment station (SAS), dual (DAS)  Uses token passing  Logically and physically a ring  ANSI governed
WAN  WANs connect LANs  Generally a single data link  Links most often come from Regional Bell Operating Companies (RBOCs) or Post, Telephone, and Telegraph (PTT) agencies  Wan link contains Data Terminal Equipment (DTE) on user side and Data Circuit-Terminating Equipment (DCE) at WAN provider’s end  MAN - Metropolitan Area Network
ISDN  Integrated services digital network (ISDN) is a worldwide public network service that can provide end-to-end digital communications and fully integrate technologies  The basic rate interface (BRI) - 2B+D  The primary rate interface (PRI) - 23B+D  B channel - 64-Kbps bandwidth and are appropriate for either voice or data transmission  D channel - 16-Kbps signaling channel, is designed to control transmission of the B channel
Typical Point-to –Point WAN The Connections T1 – 1.544 Mbps of electronic information T2 - a T-carrier that can handle 6.312 Mbps or 96 voice channels. T3 - a T-carrier that can handle 44.736 Mbps or 672 voice channels. T4 - a T-carrier that can handle 274.176 Mbps or 4032 voice channels
WAN Cont…  Cable Modem and DSL  ADSL - Asymmetric Digital Subscriber Line - 144 Kbps to 1.5 Mbps  SDSL - Single Line Digital Subscriber Line - 1.544 Mbps to 2.048 Mbps  HDSL - High data rate Digital Subscriber Line - 1.544 Mbps to 42.048 Mbps  VDSL - Very high data rate Digital Subscriber Line - 13 to 52 Mbps 1.5 to 2.3 Mbps
WAN Cont…  Frame Relay and X.25 - Packet-switched technologies  Evolved from standardization work on ISDN  Designed to eliminate much of the overhead in X.25  DTE - Data Terminal Equipment  DCE - Data Circuit-terminating Equipment  CIR - Committed Information Rate
OSI Model -Layers  Physical  Data Link  Network  Transport  Session  Presentation  Application
Physical Layer  Specifies the electrical, mechanical, procedural, and functional requirements for activating, maintaining, and deactivating the physical link between end systems  Examples of physical link characteristics include voltage levels, data rates, maximum transmission distances, and physical connectors
Physical Layer Hardware  Cabling  twisted pair  10baseT  10base2  10base5  fiber  transceivers  hubs  topology
Twisted Pair  10BaseT (10 Mbps, 100 meters w/o repeater)  Unshielded and shielded twisted pair (UTP most common)  two wires per pair, twisted in spiral  Typically 1 to 10 Mbps, up to 100Mbps possible  Noise immunity and emanations improved by shielding
Coaxial Cable  10Base2 (10 Mbps, repeater every 200 m)  ThinEthernet or Thinnet or Coax  2-50 Mbps  Needs repeaters every 200-500 meters  Terminator: 50 ohms for ethernet, 75 for TV  Flexible and rigid available, flexible most common  Noise immunity and emanations very good
Coaxial Cables, cont  Ethernet uses “T” connectors and 50 ohm terminators  Every segment must have exactly 2 terminators  Segments may be linked using repeaters, hubs
Standard Ethernet  10Base5  Max of 100 taps per segment  Nonintrusive taps available (vampire tap)  Uses AUI (Attachment Unit Interface)
Fiber-Optic Cable  Consists of Outer jacket, cladding of glass, and core of glass  Fast
Transceivers  Physical devices to allow you to connect different transmission media  May include Signal Quality Error (SQE) or “heartbeat” to test collision detection mechanism on each transmission  May include “link light”, lit when connection exists
Hubs  A device which connects several other devices  Also called concentrator, repeater, or multi- station access unit (MAU)
OSI Model - Layers  Physical  Data Link  Network  Transport  Session  Presentation  Application
Data Link Layer  Provides data transport across a physical link  Data Link layer handles physical addressing, network topology, line discipline, error notification, orderly delivery of frames, and optional flow control  Bridges operate at this layer
Data Link Sub-layers  Media Access Control (MAC)  refers downward to lower layer hardware functions  Logical Link Control (LLC)  refers upward to higher layer software functions
Medium Access Control  MAC address is “physical address”, unique for LAN interface card  Also called hardware or link-layer address  The MAC address is burned into the Read Only Memory (ROM)  MAC address is 48 bit address in 12 hexadecimal digits  1st six identify vendor, provided by IEEE  2nd six unique, provided by vendor
Logical Link Control  Presents a uniform interface to upper layers  Enables upper layers to gain independence over LAN media access  upper layers use network addresses rather than MAC addresses  Provide optional connection, flow control, and sequencing services
Bridges  Device which forwards frames between data link layers associated with two separate cables  Stores source and destination addresses in table  When bridge receives a frame it attempts to find the destination address in its table  If found, frame is forwarded out appropriate port  If not found, frame is flooded on all other ports
Bridges  Can be used for filtering  Make decisions based on source and destination address, type, or combination thereof  Filtering done for security or network management reasons  Limit bandwidth hogs  Prevent sensitive data from leaving  Bridges can be for local or remote networks  Remote has “half” at each end of WAN link
Network Layer  Which path should traffic take through networks?  How do the packets know where to go?  What are protocols?  What is the difference between routed and routing protocols?
Network Layer  Only two devices which are directly connected by the same “wire” can exchange data directly  Devices not on the same network must communicate via intermediate system  Router is an intermediate system  The network layer determines the best way to transfer data. It manages device addressing and tracks the location of devices. The router operates at this layer.
Network Layer Bridge vs. Router  Bridges can only extend a single network  All devices appear to be on same “wire”  Network has finite size, dependent on topology, protocols used  Routers can connect bridged subnetworks  Routed network has no limit on size  Internet, SIPRNET
Network Layer  Provides routing and relaying  Routing: determining the path between two end systems  Relaying: moving data along that path  Addressing mechanism is required  Flow control may be required  Must handle specific features of subnetwork  Mapping between data link layer and network layer addresses
Connection-Oriented vs. Connectionless Network Layer  Connection-Oriented  provides a Virtual Circuit (VC) between two end systems (like a telephone)  3 phases - call setup, data exchange, call close  Examples include X.25, OSI CONP, IBM SNA  Ideal for traditional terminal-host networks of finite size
Connection-Oriented vs. Connectionless Network Layer  Connectionless (CL)  Each piece of data independently routed  Sometimes called “datagram” networking  Each piece of data must carry all addressing and routing info  Basis of many current LAN/WAN operations  TCP/IP, OSI CLNP, IPX/SPX  Well suited to client/server and other distributed system networks
Connection-Oriented vs. Connectionless Network Layer  Arguments can be made Connection Oriented is best for many applications  Market has decided on CL networking  All mainstream developments on CL  Majority of networks now built CL  Easier to extend LAN based networks using CL WANs  We will focus on CL
Network switching  Circuit-switched  Transparent path between devices  Dedicated circuit  Phone call  Packet-switched  Data is segmented, buffered, & recombined
Network Layer Addressing  Impossible to use MAC addresses  Hierarchical scheme makes much more sense (Think postal - city, state, country)  This means routers only need to know regions (domains), not individual computers  The network address identifies the network and the host
Network Layer Addressing  Network Address - path part used by router  Host Address - specific port or device 1.1 1.2 2.1 2.2 Router 1.3 Network Host 1 1,2,3 2.3 2 1,2,3
Network Layer Addressing IP example  IP addresses are like street addresses for computers  Networks are hierarchically divided into subnets called domains  Domains are assigned IP addresses and names  Domains are represented by the network portion of the address  IP addresses and Domains are issued by InterNIC (cooperative activity between the National Science Foundation, Network Solutions, Inc. and AT&T)
Network Layer Addressing - IP  IP uses a 4 octet (32 bit) network address  The network and host portions of the address can vary in size  Normally, the network is assigned a class according to the size of the network  Class A uses 1 octet for the network  Class B uses 2 octets for the network  Class C uses 3 octets for the network  Class D is used for multicast addresses
Class A Address  Used in an inter-network that has a few networks and a large number of hosts  First octet assigned, users designate the other 3 octets (24 bits)  Up to 128 Class A Domains  Up to 16,777,216 hosts per domain This Field is 24 Bits of Fixed by IAB Variable Address 0-127 0-255 0-255 0-255
Class B Address  Used for a number of networks having a number of hosts  First 2 octets assigned, user designates the other 2 octets (16 bits)  16384 Class B Domains  Up to 65536 hosts per domain These Fields are 16 Bits of Fixed by IAB Variable Address 128-191 0-255 0-25 0-25 5 5
Class C Address  Used for networks having a small amount of hosts  First 3 octets assigned, user designates last octet (8 bits)  Up to 2,097,152 Class C Domains  Up to 256 hosts per domain These Fields are 8 Bits of Fixed by IAB Variable Address 191-223 0-255 0-255 0-255
IP Addresses  A host address of all ones is a broadcast  A host address of zero means the wire itself  These host addresses are always reserved and can never be used
Subnets & Subnet Masks  Every host on a network (i.e. same cable segment) must be configured with the same subnet ID.  First octet on class A addresses  First & second octet on class B addresses  First, second, & third octet on class C addresses  A Subnet Mask (Netmask) is a bit pattern that defines which portion of the 32 bits represents a subnet address.  Network devices use subnet masks to identify which part of the address is network and which part is host
Network Layer Routed vs. Routing Protocols  Routed Protocol - any protocol which provides enough information in its network layer address to allow the packet to reach its destination  Routing Protocol - any protocol used by routers to share routing information
Routed Protocols  IP  IPX  SMB  Appletalk  DEC/LAT
OSI Reference Model Protocol Mapping TCP/IP UDP/IP SPX/IPX Application using Application using Application using 7 Applicatio TCP/IP UDP/IP SPX/IPX n 6 Presentation 5 Session SPX 4 Transport TCP UDP 3 Network IP IP IPX 2 Data Link 1 Physical
Network-level Protocols  IPX (Internet Packet Exchange protocol)  Novell Netware & others  Works with the Session-layer protocol SPX (Sequential Packet Exchange Protocol)  NETBEUI (NetBIOS Extended User Interface)  Windows for Workgroups & Windows NT  IP (Internet Protocol)  Win NT, Win 95, Unix, etc…  Works with the Transport-layer protocols TCP (Transmission Control Protocol) and UDP (User Datagram Protocol)  SLIP (Serial-line Input Protocol) & PPP (Point-to-Point Protocol)
TCP/IP Consists of a suite of protocols (TCP & IP) Handles data in the form of packets Keeps track of packets which can be Out of order Damaged Lost Provides universal connectivity reliable full duplex stream delivery (as opposed to the unreliable UDP/IP protocol suite used by such applications as PING and DNS)
TCP/IP Cont…  Primary Services (applications) using TCP/IP  FileTransfer (FTP)  Remote Login (Telnet)  Electronic Mail (SMTP)  Currently the most widely used protocol (especially on the Internet)  Uses the IP address scheme
Routing Protocols  Distance -Vector  List of destination networks with direction and distance in hops  Link-state routing  Topology map of network identifies all routers and subnetworks  Route is determined from shortest path to destination  Routes can be manually loaded (static) or dynamically maintained
Routing Internet Management Domains  Core of Internet uses Gateway-Gateway Protocol (GGP) to exchange data between routers  Exterior Gateway Protocol (EGP) is used to exchange routing data with core and other autonomous systems  Interior Gateway Protocol (IGP) is used within autonomous systems
Routing Internet Management Domains Internet Core GGP EGP EGP IGP IGP Autonomous systems
Routing Protocols  Static routes  not a protocol  entered by hand  define a path to a network or subnet  Most secure
Routing Protocols RIP  Distance Vector  Interior Gateway Protocol  Noisy, not the most efficient  Broadcast routes every 30 seconds  Lowest cost route always best  A cost of 16 is unreachable  No security, anyone can pretend to be a router
Routing Protocols OSPF  Link-state  Interior Gateway Protocol  Routers elect “Designated Router”  All routers establish a topology database using DR as gateway between areas  Along with IGRP, a replacement for outdated RIP
Routing Protocols BGP  Border Gateway Protocol is an EGP  Can support multiple paths between autonomous systems  Can detect and suppress routing loops  Lacks security  Internet recently down because of incorrectly configured BGP on ISP router
Source Routing  Source (packet sender) can specify route a packet will traverse the network  Two types, strict and loose  Allows IP spoofing attacks  Rarely allowed across Internet
Transport Layer  TCP  UDP  IPX Service Advertising Protocol  Are UDP and TCP connectionless or connection oriented?  What is IP?  Explain the difference
Session Layer  Establishes, manages and terminates sessions between applications  coordinates service requests and responses that occur when applications communicate between different hosts  Examples include: NFS, RPC, X Window System, AppleTalk Session Protocol
Presentation Layer  Provides code formatting and conversion  For example, translates between differing text and data character representations such as EBCDIC and ASCII  Also includes data encryption  Layer 6 standards include JPEG, GIF, MPEG, MIDI
Application-layer Protocols  FTP (File Transfer Protocol)  TFTP (Trivial File Transfer Protocol)  Used by some X-Terminal systems  HTTP (HyperText Transfer Protocol)  SNMP (Simple Network Management Protocol  Helps network managers locate and correct problems in a TCP/IP network  Used to gain information from network devices such as count of packets received and routing tables  SMTP (Simple Mail Transfer Protocol)  Used by many email applications
Identification & Authentication  Identify who is connecting - userid  Authenticate who is connecting  password (static) - something you know  token (SecureID) - something you have  biometric - something you are  RADIUS, TACACS, PAP, CHAP  DIAMETER
Firewall Terms  Network address translation (NAT)  Internal addresses unreachable from external network  DMZ - De-Militarized Zone  Hosts that are directly reachable from untrusted networks  ACL - Access Control List  can be router or firewall term
Firewall Terms  Choke, Choke router  A router with packet filtering rules (ACLs) enabled  Gate, Bastion host, Dual Homed Host  A server that provides packet filtering and/or proxy services  proxy server  A server that provides application proxies
Firewall types  Packet-filtering router  Most common  Uses Access Control Lists (ACL)  Port  Source/destination address  Screened host  Packet-filtering and Bastion host  Application layer proxies  Screened subnet (DMZ)  2 packet filtering routers and bastion host(s)  Most secure
Firewall Models  Proxy servers  Intermediary  Think of bank teller  Stateful Inspection  State and context analyzed on every packet in connection
VPN – Virtual Private Network  PPTP  L2TP  IPSec  Tunnel Mode  Transport Mode  Site-to-Site VPN  Client-to-Site VPN  SSL  SSH
Intrusion Detection (IDS)  Host or network based  Context and content monitoring  Positioned at network boundaries  Basically a sniffer with the capability to detect traffic patterns known as attack signatures
Web Security  Secure sockets Layer (SSL)  Transport layer security (TCP based)  Widely used for web based applications  by convention, https:  Secure Hypertext Transfer Protocol (S-HTTP)  Less popular than SSL  Used for individual messages rather than sessions  Secure Electronic Transactions (SET)  PKI  Financial data  Supported by VISA, MasterCard, Microsoft, Netscape
IPSEC  IP Security  Set of protocols developed by IETF  Standard used to implement VPNs  Two modes  Transport Mode  encrypted payload (data), clear text header  Tunnel Mode  encrypted payload and header  IPSEC requires shared public key
Spoofing  TCP Sequence number prediction  UDP - trivial to spoof (CL)  DNS - spoof/manipulate IP/hostname pairings  Source Routing
Sniffing  Passive attack  Monitor the “wire” for all traffic - most effective in shared media networks  Sniffers used to be “hardware”, now are a standard software tool
Session Hijacking  Uses sniffer to detect sessions, get pertinent session info (sequence numbers, IP addresses)  Actively injects packets, spoofing the client side of the connection, taking over session with server  Bypasses I&A controls  Encryption is a countermeasure, stateful inspection can be a countermeasure
IP Fragmentation  Use fragmentation options in the IP header to force data in the packet to be overwritten upon reassembly  Used to circumvent packet filters  Leads to Denial of Service Attack
IDS Attacks  Insertion Attacks  Insert information to confuse pattern matching  Evasion Attacks  Trick the IDS into not detecting traffic  Example - Send a TCP RST with a TTL setting such that the packet expires prior to reaching its destination
Syn Floods  Remember the TCP handshake?  Syn, Syn-Ack, Ack  Send a lot of Syns  Don’t send Acks  Victim has a lot of open connections, can’t accept any more incoming connections  Denial of Service
Telecom/Remote Access Security  Dial up lines are favorite hacker target  War dialing  social engineering  PBX is a favorite phreaker target  blue box, gold box, etc.  Voice mail
Remote Access Security  SLIP - Serial Line Internet Protocol  PPP - Point to Point Protocol  SLIP/PPP about the same, PPP adds error checking, SLIP obsolete  PAP - Password authentication protocol  clear text password  CHAP - Challenge Handshake Auth. Prot.  Encrypted password
Remote Access Security  TACACS, TACACS+  Terminal Access Controller Access Control System  Network devices query TACACS server to verify passwords  “+” adds ability for two-factor (dynamic) passwords  Radius  Remote Auth. Dial-In User Service
RAID  Redundant Array of Inexpensive(or Independent) Disks - 7 levels  Level 0 - Data striping (spreads blocks of each file across multiple disks)  Level 1 - Provides disk mirroring  Level 3 - Same as 0, but adds a disk for error correction  Level 5 - Data striping at byte level, error correction too
?

More Related Content

What's hot (20)

PPTX
Chapter 7 v8.0
rizwanshaikh478571
 
PPT
Lect3
tt_aljobory
 
PPTX
Ethernet - Networking presentation
Viet Nguyen
 
PPTX
EC8551 COMMUNICATION NETWORKS
GOWTHAMMS6
 
PPTX
Physical Layer
Are-Da Shalan
 
PDF
MPLS Presentation
Unni Kannan VijayaKumar
 
PPTX
Chapter 3 1-network_design_with_internet_tools - Network Design
nakomuri
 
PPTX
Network Fundamentals: Ch8 - Physical Layer
Abdelkhalik Mosa
 
PPT
Computer Network - OSI model
Manoj Kumar
 
PPT
Networking Concepts Lesson 06 - Protocols - Eric Vanderburg
Eric Vanderburg
 
PDF
The Physical Layer
adil raja
 
PPT
Networking Ethernet
SSG1631
 
PPT
Chapter8
siageoksoon
 
PPT
20CS2007 Computer Communication Networks
Kathirvel Ayyaswamy
 
PPT
Lan basic
Online
 
PPT
Connection( less & oriented)
ymghorpade
 
PDF
CS6551 COMPUTER NETWORKS
Kathirvel Ayyaswamy
 
PPTX
UNIT -03 Transmission Media and Connecting Devices
Raj vardhan
 
PDF
HIGH SPEED NETWORKS
Kathirvel Ayyaswamy
 
DOCX
Networking
Swapnil Kapate
 
Chapter 7 v8.0
rizwanshaikh478571
 
Lect3
tt_aljobory
 
Ethernet - Networking presentation
Viet Nguyen
 
EC8551 COMMUNICATION NETWORKS
GOWTHAMMS6
 
Physical Layer
Are-Da Shalan
 
MPLS Presentation
Unni Kannan VijayaKumar
 
Chapter 3 1-network_design_with_internet_tools - Network Design
nakomuri
 
Network Fundamentals: Ch8 - Physical Layer
Abdelkhalik Mosa
 
Computer Network - OSI model
Manoj Kumar
 
Networking Concepts Lesson 06 - Protocols - Eric Vanderburg
Eric Vanderburg
 
The Physical Layer
adil raja
 
Networking Ethernet
SSG1631
 
Chapter8
siageoksoon
 
20CS2007 Computer Communication Networks
Kathirvel Ayyaswamy
 
Lan basic
Online
 
Connection( less & oriented)
ymghorpade
 
CS6551 COMPUTER NETWORKS
Kathirvel Ayyaswamy
 
UNIT -03 Transmission Media and Connecting Devices
Raj vardhan
 
HIGH SPEED NETWORKS
Kathirvel Ayyaswamy
 
Networking
Swapnil Kapate
 

Viewers also liked (18)

PPT
Ims Sdp Lte Market
Marie-Paule Odini
 
PDF
Telecom security issues (Raoul Chiesa, day 1 )
ClubHack
 
PPT
Enterprise architecture for telecom sector
Soham Pablo
 
PDF
Strategyzing big data in telco industry
Parviz Iskhakov
 
PPT
Gsm security
Ali Kamil
 
PDF
37756129 gsm-call-flow
tyagi4u
 
PPTX
GSM Security
smita gupta
 
PPT
Gsm security final
Sanket Yavalkar
 
PPT
Security in GSM(2G) and UMTS(3G) Networks
Naveen Kumar
 
PPTX
Gsm architecture and call flow
Mohd Nazir Shakeel
 
PPT
A Study Of Telecom
pinki_moti
 
PPTX
Telecommunication
shahryarshahzad
 
PPTX
Telecommunication basics
Yoohyun Kim
 
ODP
John Yessis - Telecom and Security
John Yessis
 
PPT
Basic GSM Call Flows
emyl97
 
PDF
GSM Security 101 by Sushil Singh and Dheeraj Verma
OWASP Delhi
 
PPTX
Basic of telecommunication presentation
hannah05
 
PPTX
telecommunication-ppt
secomps
 
Ims Sdp Lte Market
Marie-Paule Odini
 
Telecom security issues (Raoul Chiesa, day 1 )
ClubHack
 
Enterprise architecture for telecom sector
Soham Pablo
 
Strategyzing big data in telco industry
Parviz Iskhakov
 
Gsm security
Ali Kamil
 
37756129 gsm-call-flow
tyagi4u
 
GSM Security
smita gupta
 
Gsm security final
Sanket Yavalkar
 
Security in GSM(2G) and UMTS(3G) Networks
Naveen Kumar
 
Gsm architecture and call flow
Mohd Nazir Shakeel
 
A Study Of Telecom
pinki_moti
 
Telecommunication
shahryarshahzad
 
Telecommunication basics
Yoohyun Kim
 
John Yessis - Telecom and Security
John Yessis
 
Basic GSM Call Flows
emyl97
 
GSM Security 101 by Sushil Singh and Dheeraj Verma
OWASP Delhi
 
Basic of telecommunication presentation
hannah05
 
telecommunication-ppt
secomps
 
Ad

Similar to 5. telecomm & network security (20)

PDF
Basic-networking-hardware
Isus Isusay
 
PPT
C C N A Day1
darulquthni
 
PPT
Ccna day1
Nazmi Deligözoğlu
 
PPT
Ccna day1
Sanjeev Jain
 
PDF
W-LAN (Wireless Local Area Network)
Parvesh Taneja
 
PPT
Ccna day1
Dwi Yulianto
 
PDF
Ccent notes part 1
ahmady
 
PPTX
Physical Layer of ISO-OSI model and Devices
Shahid Khan
 
PPT
Ccna introduction
Mukesh Gautam
 
PDF
Networking / Internet and Web Technologies
We Learn - A Continuous Learning Forum from Welingkar's Distance Learning Program.
 
PPT
Basic networking hardware: Switch : Router : Hub : Bridge : Gateway : Bus : C...
Soumen Santra
 
PPT
Computer networks--networking hardware
Mziaulla
 
PPTX
Computer-Networks--Networking_Hardware.pptx
ssuser86699a
 
PPT
Computer-Networks--Networking_Hardware.ppt
fermanrw
 
PPTX
Week 4 introducing network standards
Robert Almazan
 
PPT
Computer-Networks--Networking_Hardware.ppt
shelgohary
 
PDF
Technical Ethernet
Telecommunication Department, IICT, MUET
 
PPT
Computer networks--networking hardware
okelloerick
 
PPT
Introduction of computer network
Vivek Kumar Sinha
 
PPTX
Chapter 1 overview-stij3053 - Network Design
nakomuri
 
Basic-networking-hardware
Isus Isusay
 
C C N A Day1
darulquthni
 
Ccna day1
Nazmi Deligözoğlu
 
Ccna day1
Sanjeev Jain
 
W-LAN (Wireless Local Area Network)
Parvesh Taneja
 
Ccna day1
Dwi Yulianto
 
Ccent notes part 1
ahmady
 
Physical Layer of ISO-OSI model and Devices
Shahid Khan
 
Ccna introduction
Mukesh Gautam
 
Networking / Internet and Web Technologies
We Learn - A Continuous Learning Forum from Welingkar's Distance Learning Program.
 
Basic networking hardware: Switch : Router : Hub : Bridge : Gateway : Bus : C...
Soumen Santra
 
Computer networks--networking hardware
Mziaulla
 
Computer-Networks--Networking_Hardware.pptx
ssuser86699a
 
Computer-Networks--Networking_Hardware.ppt
fermanrw
 
Week 4 introducing network standards
Robert Almazan
 
Computer-Networks--Networking_Hardware.ppt
shelgohary
 
Technical Ethernet
Telecommunication Department, IICT, MUET
 
Computer networks--networking hardware
okelloerick
 
Introduction of computer network
Vivek Kumar Sinha
 
Chapter 1 overview-stij3053 - Network Design
nakomuri
 
Ad

More from 7wounders (8)

PPT
Cissp why
7wounders
 
PPT
10. law invest & ethics
7wounders
 
PPT
8. operations security
7wounders
 
PPT
7. physical sec
7wounders
 
PPT
6. cryptography
7wounders
 
PPT
3. security architecture and models
7wounders
 
PPT
2. access control
7wounders
 
PPT
1. security management practices
7wounders
 
Cissp why
7wounders
 
10. law invest & ethics
7wounders
 
8. operations security
7wounders
 
7. physical sec
7wounders
 
6. cryptography
7wounders
 
3. security architecture and models
7wounders
 
2. access control
7wounders
 
1. security management practices
7wounders
 

Recently uploaded (20)

PPTX
Orientation MOOCs on SWAYAM for Teachers
moocs1
 
PDF
TOP 10 AI TOOLS YOU MUST LEARN TO SURVIVE IN 2025 AND ABOVE
digilearnings.com
 
PPTX
Gupta Art & Architecture Temple and Sculptures.pptx
Virag Sontakke
 
PDF
Right to Information.pdf by Sapna Maurya XI D
Directorate of Education Delhi
 
PPTX
Virus sequence retrieval from NCBI database
yamunaK13
 
PPTX
VOMITINGS - NURSING MANAGEMENT.pptx
PRADEEP ABOTHU
 
PPTX
I INCLUDED THIS TOPIC IS INTELLIGENCE DEFINITION, MEANING, INDIVIDUAL DIFFERE...
parmarjuli1412
 
PPTX
GENERAL METHODS OF ISOLATION AND PURIFICATION OF MARINE__MPHARM.pptx
SHAHEEN SHABBIR
 
PPTX
FAMILY HEALTH NURSING CARE - UNIT 5 - CHN 1 - GNM 1ST YEAR.pptx
Priyanshu Anand
 
PPTX
Cybersecurity: How to Protect your Digital World from Hackers
vaidikpanda4
 
PDF
EXCRETION-STRUCTURE OF NEPHRON,URINE FORMATION
raviralanaresh2
 
PDF
Tips for Writing the Research Title with Examples
Thelma Villaflores
 
PPTX
YSPH VMOC Special Report - Measles Outbreak Southwest US 7-20-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
PPTX
THE HUMAN INTEGUMENTARY SYSTEM#MLT#BCRAPC.pptx
Subham Panja
 
PPTX
TOP 10 AI TOOLS YOU MUST LEARN TO SURVIVE IN 2025 AND ABOVE
digilearnings.com
 
PPTX
Nutrition Quiz bee for elementary 2025 1.pptx
RichellMarianoPugal
 
PDF
Module 1: Determinants of Health [Tutorial Slides]
JonathanHallett4
 
PPTX
How to Manage Resupply Subcontracting in Odoo 18
Celine George
 
PPTX
INTESTINALPARASITES OR WORM INFESTATIONS.pptx
PRADEEP ABOTHU
 
PDF
A guide to responding to Section C essay tasks for the VCE English Language E...
jpinnuck
 
Orientation MOOCs on SWAYAM for Teachers
moocs1
 
TOP 10 AI TOOLS YOU MUST LEARN TO SURVIVE IN 2025 AND ABOVE
digilearnings.com
 
Gupta Art & Architecture Temple and Sculptures.pptx
Virag Sontakke
 
Right to Information.pdf by Sapna Maurya XI D
Directorate of Education Delhi
 
Virus sequence retrieval from NCBI database
yamunaK13
 
VOMITINGS - NURSING MANAGEMENT.pptx
PRADEEP ABOTHU
 
I INCLUDED THIS TOPIC IS INTELLIGENCE DEFINITION, MEANING, INDIVIDUAL DIFFERE...
parmarjuli1412
 
GENERAL METHODS OF ISOLATION AND PURIFICATION OF MARINE__MPHARM.pptx
SHAHEEN SHABBIR
 
FAMILY HEALTH NURSING CARE - UNIT 5 - CHN 1 - GNM 1ST YEAR.pptx
Priyanshu Anand
 
Cybersecurity: How to Protect your Digital World from Hackers
vaidikpanda4
 
EXCRETION-STRUCTURE OF NEPHRON,URINE FORMATION
raviralanaresh2
 
Tips for Writing the Research Title with Examples
Thelma Villaflores
 
YSPH VMOC Special Report - Measles Outbreak Southwest US 7-20-2025.pptx
Yale School of Public Health - The Virtual Medical Operations Center (VMOC)
 
THE HUMAN INTEGUMENTARY SYSTEM#MLT#BCRAPC.pptx
Subham Panja
 
TOP 10 AI TOOLS YOU MUST LEARN TO SURVIVE IN 2025 AND ABOVE
digilearnings.com
 
Nutrition Quiz bee for elementary 2025 1.pptx
RichellMarianoPugal
 
Module 1: Determinants of Health [Tutorial Slides]
JonathanHallett4
 
How to Manage Resupply Subcontracting in Odoo 18
Celine George
 
INTESTINALPARASITES OR WORM INFESTATIONS.pptx
PRADEEP ABOTHU
 
A guide to responding to Section C essay tasks for the VCE English Language E...
jpinnuck
 

5. telecomm & network security

  • 2. Telecom And Network Security Understand the OSI model Identify network hardware Understand LAN topologies Basic protocols - routing and routed Understand IP addressing scheme Understand subnet masking Understand basic firewall architectures Understand basic telecommunications security issues
  • 3. Telecom and Network Security  Intro to OSI model  LAN topologies  OSI revisited • hardware • bridging,routing • routed protocols, WANs  IP addressing, subnet masks  Routing Protocols
  • 4. OSI/ISO ??  OSI model developed by ISO, International Standards Organization  IEEE - Institute of Electrical and Electronics Engineers  NSA - National Security Agency  NIST - National Institute for Standards and Technology  ANSI - American National Standards Institute  CCITT - International Telegraph and Telephone Consultative Committee
  • 5. OSI Reference Model  Open Systems Interconnection Reference Model  Standard model for network communications  Allows dissimilar networks to communicate  Defines 7 protocol layers (a.k.a. protocol stack)  Each layer on one workstation communicates with its respective layer on another workstation using protocols (i.e. agreed-upon communication formats)  “Mapping” each protocol to the model is useful for comparing protocols.
  • 6. The OSI Layers 7 Application Provides specific services for applications such as file transfer 6 Presentation Provides data representation between systems 5 Session Establishes, maintains, manages sessions example - synchronization of data flow 4 Transport Provides end-to-end data transmission integrity 3 Network Switches and routes information units 2 Data Link Provides transfer of units of information to other end of physical link 1 Physical Transmits bit stream on physical medium Mnemonic: Please Do Not Take Sales Person Advice
  • 7. Data Flow in OSI Reference Model Host 1 Host 2 Data travels down the stack 7 Applicatio Then up the receiving stack 7 Applicatio n n 6 Presentation 6 Presentation 5 Session 5 Sessio 4 Transport n 4 Transport 3 Network 3 Network 2 Data Link 2 Data Link 1 Physical 1 Physical Through the network As the data passes through each layer on the client information about that layer is added to the data.. This information is stripped off by the corresponding layer on the server.
  • 8. OSI Model  Protocols required for Networking are covered in OSI model  Keep model in mind for rest of course  All layers to be explored in more detail
  • 9. LAN Topologies  Star Topology  Bus Topology
  • 10. LAN Topologies Cont…  Ring Topology
  • 11. Star Topology  Telephone wiring is one common example  Center of star is the wire closet  Star Topology easily maintainable
  • 12. Bus Topology  Basically a cable that attaches many devices  Can be a “daisy chain” configuration  Computer I/O bus is example
  • 13. Tree Topology  Can be extension of bus and star topologies  Tree has no closed loops
  • 14. Ring Topology  Continuous closed path between devices  A logical ring is usually a physical star  Don’t confuse logical and physical topology
  • 15. Network topologies Topology Advantages Disadvantages Bus • Passive transmission medium • Channel access technique • Localized failure impact (contention) • Adaptive Utilization Star • Simplicity • Reliability of central node • Central routing • Loading of central node • No routing decisions Ring • Simplicity • Failure modes with global effect • Predictable delay • No routing decisions
  • 16. LAN Access Methods  Carrier Sense Multiple Access with Collision Detection (CSMA/CD)  Talk when no one else is talking  Token  Talk when you have the token  Slotted  Similar to token, talk in free “slots”
  • 17. LAN Signaling Types  Baseband  Digital signal, serial bit stream  Broadband  Analog signal  Cable TV technology
  • 18. Ethernet  Bus topology  CSMA/CD  Baseband  Most common network type  IEEE 802.3  Broadcast technology - transmission stops at terminators
  • 19. Token Bus  IEEE 802.4  Very large scale, expensive  Usually seen in factory automation  Used when one needs:  Multichannel capabilities of a broadband LAN  resistance to electrical interference
  • 20. Token Ring  IEEE 802.5  Flow is unidirectional  Each node regenerates signal (acts as repeater)  Control passed from interface to interface by “token”  Only one node at a time can have token  4 or 16 Mbps
  • 21. Fiber Distributed Data Interface (FDDI)  Dual counter rotating rings  Devices can attach to one or both rings  Single attachment station (SAS), dual (DAS)  Uses token passing  Logically and physically a ring  ANSI governed
  • 22. WAN  WANs connect LANs  Generally a single data link  Links most often come from Regional Bell Operating Companies (RBOCs) or Post, Telephone, and Telegraph (PTT) agencies  Wan link contains Data Terminal Equipment (DTE) on user side and Data Circuit-Terminating Equipment (DCE) at WAN provider’s end  MAN - Metropolitan Area Network
  • 23. ISDN  Integrated services digital network (ISDN) is a worldwide public network service that can provide end-to-end digital communications and fully integrate technologies  The basic rate interface (BRI) - 2B+D  The primary rate interface (PRI) - 23B+D  B channel - 64-Kbps bandwidth and are appropriate for either voice or data transmission  D channel - 16-Kbps signaling channel, is designed to control transmission of the B channel
  • 24. Typical Point-to –Point WAN The Connections T1 – 1.544 Mbps of electronic information T2 - a T-carrier that can handle 6.312 Mbps or 96 voice channels. T3 - a T-carrier that can handle 44.736 Mbps or 672 voice channels. T4 - a T-carrier that can handle 274.176 Mbps or 4032 voice channels
  • 25. WAN Cont…  Cable Modem and DSL  ADSL - Asymmetric Digital Subscriber Line - 144 Kbps to 1.5 Mbps  SDSL - Single Line Digital Subscriber Line - 1.544 Mbps to 2.048 Mbps  HDSL - High data rate Digital Subscriber Line - 1.544 Mbps to 42.048 Mbps  VDSL - Very high data rate Digital Subscriber Line - 13 to 52 Mbps 1.5 to 2.3 Mbps
  • 26. WAN Cont…  Frame Relay and X.25 - Packet-switched technologies  Evolved from standardization work on ISDN  Designed to eliminate much of the overhead in X.25  DTE - Data Terminal Equipment  DCE - Data Circuit-terminating Equipment  CIR - Committed Information Rate
  • 27. OSI Model -Layers  Physical  Data Link  Network  Transport  Session  Presentation  Application
  • 28. Physical Layer  Specifies the electrical, mechanical, procedural, and functional requirements for activating, maintaining, and deactivating the physical link between end systems  Examples of physical link characteristics include voltage levels, data rates, maximum transmission distances, and physical connectors
  • 29. Physical Layer Hardware  Cabling  twisted pair  10baseT  10base2  10base5  fiber  transceivers  hubs  topology
  • 30. Twisted Pair  10BaseT (10 Mbps, 100 meters w/o repeater)  Unshielded and shielded twisted pair (UTP most common)  two wires per pair, twisted in spiral  Typically 1 to 10 Mbps, up to 100Mbps possible  Noise immunity and emanations improved by shielding
  • 31. Coaxial Cable  10Base2 (10 Mbps, repeater every 200 m)  ThinEthernet or Thinnet or Coax  2-50 Mbps  Needs repeaters every 200-500 meters  Terminator: 50 ohms for ethernet, 75 for TV  Flexible and rigid available, flexible most common  Noise immunity and emanations very good
  • 32. Coaxial Cables, cont  Ethernet uses “T” connectors and 50 ohm terminators  Every segment must have exactly 2 terminators  Segments may be linked using repeaters, hubs
  • 33. Standard Ethernet  10Base5  Max of 100 taps per segment  Nonintrusive taps available (vampire tap)  Uses AUI (Attachment Unit Interface)
  • 34. Fiber-Optic Cable  Consists of Outer jacket, cladding of glass, and core of glass  Fast
  • 35. Transceivers  Physical devices to allow you to connect different transmission media  May include Signal Quality Error (SQE) or “heartbeat” to test collision detection mechanism on each transmission  May include “link light”, lit when connection exists
  • 36. Hubs  A device which connects several other devices  Also called concentrator, repeater, or multi- station access unit (MAU)
  • 37. OSI Model - Layers  Physical  Data Link  Network  Transport  Session  Presentation  Application
  • 38. Data Link Layer  Provides data transport across a physical link  Data Link layer handles physical addressing, network topology, line discipline, error notification, orderly delivery of frames, and optional flow control  Bridges operate at this layer
  • 39. Data Link Sub-layers  Media Access Control (MAC)  refers downward to lower layer hardware functions  Logical Link Control (LLC)  refers upward to higher layer software functions
  • 40. Medium Access Control  MAC address is “physical address”, unique for LAN interface card  Also called hardware or link-layer address  The MAC address is burned into the Read Only Memory (ROM)  MAC address is 48 bit address in 12 hexadecimal digits  1st six identify vendor, provided by IEEE  2nd six unique, provided by vendor
  • 41. Logical Link Control  Presents a uniform interface to upper layers  Enables upper layers to gain independence over LAN media access  upper layers use network addresses rather than MAC addresses  Provide optional connection, flow control, and sequencing services
  • 42. Bridges  Device which forwards frames between data link layers associated with two separate cables  Stores source and destination addresses in table  When bridge receives a frame it attempts to find the destination address in its table  If found, frame is forwarded out appropriate port  If not found, frame is flooded on all other ports
  • 43. Bridges  Can be used for filtering  Make decisions based on source and destination address, type, or combination thereof  Filtering done for security or network management reasons  Limit bandwidth hogs  Prevent sensitive data from leaving  Bridges can be for local or remote networks  Remote has “half” at each end of WAN link
  • 44. Network Layer  Which path should traffic take through networks?  How do the packets know where to go?  What are protocols?  What is the difference between routed and routing protocols?
  • 45. Network Layer  Only two devices which are directly connected by the same “wire” can exchange data directly  Devices not on the same network must communicate via intermediate system  Router is an intermediate system  The network layer determines the best way to transfer data. It manages device addressing and tracks the location of devices. The router operates at this layer.
  • 46. Network Layer Bridge vs. Router  Bridges can only extend a single network  All devices appear to be on same “wire”  Network has finite size, dependent on topology, protocols used  Routers can connect bridged subnetworks  Routed network has no limit on size  Internet, SIPRNET
  • 47. Network Layer  Provides routing and relaying  Routing: determining the path between two end systems  Relaying: moving data along that path  Addressing mechanism is required  Flow control may be required  Must handle specific features of subnetwork  Mapping between data link layer and network layer addresses
  • 48. Connection-Oriented vs. Connectionless Network Layer  Connection-Oriented  provides a Virtual Circuit (VC) between two end systems (like a telephone)  3 phases - call setup, data exchange, call close  Examples include X.25, OSI CONP, IBM SNA  Ideal for traditional terminal-host networks of finite size
  • 49. Connection-Oriented vs. Connectionless Network Layer  Connectionless (CL)  Each piece of data independently routed  Sometimes called “datagram” networking  Each piece of data must carry all addressing and routing info  Basis of many current LAN/WAN operations  TCP/IP, OSI CLNP, IPX/SPX  Well suited to client/server and other distributed system networks
  • 50. Connection-Oriented vs. Connectionless Network Layer  Arguments can be made Connection Oriented is best for many applications  Market has decided on CL networking  All mainstream developments on CL  Majority of networks now built CL  Easier to extend LAN based networks using CL WANs  We will focus on CL
  • 51. Network switching  Circuit-switched  Transparent path between devices  Dedicated circuit  Phone call  Packet-switched  Data is segmented, buffered, & recombined
  • 52. Network Layer Addressing  Impossible to use MAC addresses  Hierarchical scheme makes much more sense (Think postal - city, state, country)  This means routers only need to know regions (domains), not individual computers  The network address identifies the network and the host
  • 53. Network Layer Addressing  Network Address - path part used by router  Host Address - specific port or device 1.1 1.2 2.1 2.2 Router 1.3 Network Host 1 1,2,3 2.3 2 1,2,3
  • 54. Network Layer Addressing IP example  IP addresses are like street addresses for computers  Networks are hierarchically divided into subnets called domains  Domains are assigned IP addresses and names  Domains are represented by the network portion of the address  IP addresses and Domains are issued by InterNIC (cooperative activity between the National Science Foundation, Network Solutions, Inc. and AT&T)
  • 55. Network Layer Addressing - IP  IP uses a 4 octet (32 bit) network address  The network and host portions of the address can vary in size  Normally, the network is assigned a class according to the size of the network  Class A uses 1 octet for the network  Class B uses 2 octets for the network  Class C uses 3 octets for the network  Class D is used for multicast addresses
  • 56. Class A Address  Used in an inter-network that has a few networks and a large number of hosts  First octet assigned, users designate the other 3 octets (24 bits)  Up to 128 Class A Domains  Up to 16,777,216 hosts per domain This Field is 24 Bits of Fixed by IAB Variable Address 0-127 0-255 0-255 0-255
  • 57. Class B Address  Used for a number of networks having a number of hosts  First 2 octets assigned, user designates the other 2 octets (16 bits)  16384 Class B Domains  Up to 65536 hosts per domain These Fields are 16 Bits of Fixed by IAB Variable Address 128-191 0-255 0-25 0-25 5 5
  • 58. Class C Address  Used for networks having a small amount of hosts  First 3 octets assigned, user designates last octet (8 bits)  Up to 2,097,152 Class C Domains  Up to 256 hosts per domain These Fields are 8 Bits of Fixed by IAB Variable Address 191-223 0-255 0-255 0-255
  • 59. IP Addresses  A host address of all ones is a broadcast  A host address of zero means the wire itself  These host addresses are always reserved and can never be used
  • 60. Subnets & Subnet Masks  Every host on a network (i.e. same cable segment) must be configured with the same subnet ID.  First octet on class A addresses  First & second octet on class B addresses  First, second, & third octet on class C addresses  A Subnet Mask (Netmask) is a bit pattern that defines which portion of the 32 bits represents a subnet address.  Network devices use subnet masks to identify which part of the address is network and which part is host
  • 61. Network Layer Routed vs. Routing Protocols  Routed Protocol - any protocol which provides enough information in its network layer address to allow the packet to reach its destination  Routing Protocol - any protocol used by routers to share routing information
  • 62. Routed Protocols  IP  IPX  SMB  Appletalk  DEC/LAT
  • 63. OSI Reference Model Protocol Mapping TCP/IP UDP/IP SPX/IPX Application using Application using Application using 7 Applicatio TCP/IP UDP/IP SPX/IPX n 6 Presentation 5 Session SPX 4 Transport TCP UDP 3 Network IP IP IPX 2 Data Link 1 Physical
  • 64. Network-level Protocols  IPX (Internet Packet Exchange protocol)  Novell Netware & others  Works with the Session-layer protocol SPX (Sequential Packet Exchange Protocol)  NETBEUI (NetBIOS Extended User Interface)  Windows for Workgroups & Windows NT  IP (Internet Protocol)  Win NT, Win 95, Unix, etc…  Works with the Transport-layer protocols TCP (Transmission Control Protocol) and UDP (User Datagram Protocol)  SLIP (Serial-line Input Protocol) & PPP (Point-to-Point Protocol)
  • 65. TCP/IP Consists of a suite of protocols (TCP & IP) Handles data in the form of packets Keeps track of packets which can be Out of order Damaged Lost Provides universal connectivity reliable full duplex stream delivery (as opposed to the unreliable UDP/IP protocol suite used by such applications as PING and DNS)
  • 66. TCP/IP Cont…  Primary Services (applications) using TCP/IP  FileTransfer (FTP)  Remote Login (Telnet)  Electronic Mail (SMTP)  Currently the most widely used protocol (especially on the Internet)  Uses the IP address scheme
  • 67. Routing Protocols  Distance -Vector  List of destination networks with direction and distance in hops  Link-state routing  Topology map of network identifies all routers and subnetworks  Route is determined from shortest path to destination  Routes can be manually loaded (static) or dynamically maintained
  • 68. Routing Internet Management Domains  Core of Internet uses Gateway-Gateway Protocol (GGP) to exchange data between routers  Exterior Gateway Protocol (EGP) is used to exchange routing data with core and other autonomous systems  Interior Gateway Protocol (IGP) is used within autonomous systems
  • 69. Routing Internet Management Domains Internet Core GGP EGP EGP IGP IGP Autonomous systems
  • 70. Routing Protocols  Static routes  not a protocol  entered by hand  define a path to a network or subnet  Most secure
  • 71. Routing Protocols RIP  Distance Vector  Interior Gateway Protocol  Noisy, not the most efficient  Broadcast routes every 30 seconds  Lowest cost route always best  A cost of 16 is unreachable  No security, anyone can pretend to be a router
  • 72. Routing Protocols OSPF  Link-state  Interior Gateway Protocol  Routers elect “Designated Router”  All routers establish a topology database using DR as gateway between areas  Along with IGRP, a replacement for outdated RIP
  • 73. Routing Protocols BGP  Border Gateway Protocol is an EGP  Can support multiple paths between autonomous systems  Can detect and suppress routing loops  Lacks security  Internet recently down because of incorrectly configured BGP on ISP router
  • 74. Source Routing  Source (packet sender) can specify route a packet will traverse the network  Two types, strict and loose  Allows IP spoofing attacks  Rarely allowed across Internet
  • 75. Transport Layer  TCP  UDP  IPX Service Advertising Protocol  Are UDP and TCP connectionless or connection oriented?  What is IP?  Explain the difference
  • 76. Session Layer  Establishes, manages and terminates sessions between applications  coordinates service requests and responses that occur when applications communicate between different hosts  Examples include: NFS, RPC, X Window System, AppleTalk Session Protocol
  • 77. Presentation Layer  Provides code formatting and conversion  For example, translates between differing text and data character representations such as EBCDIC and ASCII  Also includes data encryption  Layer 6 standards include JPEG, GIF, MPEG, MIDI
  • 78. Application-layer Protocols  FTP (File Transfer Protocol)  TFTP (Trivial File Transfer Protocol)  Used by some X-Terminal systems  HTTP (HyperText Transfer Protocol)  SNMP (Simple Network Management Protocol  Helps network managers locate and correct problems in a TCP/IP network  Used to gain information from network devices such as count of packets received and routing tables  SMTP (Simple Mail Transfer Protocol)  Used by many email applications
  • 79. Identification & Authentication  Identify who is connecting - userid  Authenticate who is connecting  password (static) - something you know  token (SecureID) - something you have  biometric - something you are  RADIUS, TACACS, PAP, CHAP  DIAMETER
  • 80. Firewall Terms  Network address translation (NAT)  Internal addresses unreachable from external network  DMZ - De-Militarized Zone  Hosts that are directly reachable from untrusted networks  ACL - Access Control List  can be router or firewall term
  • 81. Firewall Terms  Choke, Choke router  A router with packet filtering rules (ACLs) enabled  Gate, Bastion host, Dual Homed Host  A server that provides packet filtering and/or proxy services  proxy server  A server that provides application proxies
  • 82. Firewall types  Packet-filtering router  Most common  Uses Access Control Lists (ACL)  Port  Source/destination address  Screened host  Packet-filtering and Bastion host  Application layer proxies  Screened subnet (DMZ)  2 packet filtering routers and bastion host(s)  Most secure
  • 83. Firewall Models  Proxy servers  Intermediary  Think of bank teller  Stateful Inspection  State and context analyzed on every packet in connection
  • 84. VPN – Virtual Private Network  PPTP  L2TP  IPSec  Tunnel Mode  Transport Mode  Site-to-Site VPN  Client-to-Site VPN  SSL  SSH
  • 85. Intrusion Detection (IDS)  Host or network based  Context and content monitoring  Positioned at network boundaries  Basically a sniffer with the capability to detect traffic patterns known as attack signatures
  • 86. Web Security  Secure sockets Layer (SSL)  Transport layer security (TCP based)  Widely used for web based applications  by convention, https:  Secure Hypertext Transfer Protocol (S-HTTP)  Less popular than SSL  Used for individual messages rather than sessions  Secure Electronic Transactions (SET)  PKI  Financial data  Supported by VISA, MasterCard, Microsoft, Netscape
  • 87. IPSEC  IP Security  Set of protocols developed by IETF  Standard used to implement VPNs  Two modes  Transport Mode  encrypted payload (data), clear text header  Tunnel Mode  encrypted payload and header  IPSEC requires shared public key
  • 88. Spoofing  TCP Sequence number prediction  UDP - trivial to spoof (CL)  DNS - spoof/manipulate IP/hostname pairings  Source Routing
  • 89. Sniffing  Passive attack  Monitor the “wire” for all traffic - most effective in shared media networks  Sniffers used to be “hardware”, now are a standard software tool
  • 90. Session Hijacking  Uses sniffer to detect sessions, get pertinent session info (sequence numbers, IP addresses)  Actively injects packets, spoofing the client side of the connection, taking over session with server  Bypasses I&A controls  Encryption is a countermeasure, stateful inspection can be a countermeasure
  • 91. IP Fragmentation  Use fragmentation options in the IP header to force data in the packet to be overwritten upon reassembly  Used to circumvent packet filters  Leads to Denial of Service Attack
  • 92. IDS Attacks  Insertion Attacks  Insert information to confuse pattern matching  Evasion Attacks  Trick the IDS into not detecting traffic  Example - Send a TCP RST with a TTL setting such that the packet expires prior to reaching its destination
  • 93. Syn Floods  Remember the TCP handshake?  Syn, Syn-Ack, Ack  Send a lot of Syns  Don’t send Acks  Victim has a lot of open connections, can’t accept any more incoming connections  Denial of Service
  • 94. Telecom/Remote Access Security  Dial up lines are favorite hacker target  War dialing  social engineering  PBX is a favorite phreaker target  blue box, gold box, etc.  Voice mail
  • 95. Remote Access Security  SLIP - Serial Line Internet Protocol  PPP - Point to Point Protocol  SLIP/PPP about the same, PPP adds error checking, SLIP obsolete  PAP - Password authentication protocol  clear text password  CHAP - Challenge Handshake Auth. Prot.  Encrypted password
  • 96. Remote Access Security  TACACS, TACACS+  Terminal Access Controller Access Control System  Network devices query TACACS server to verify passwords  “+” adds ability for two-factor (dynamic) passwords  Radius  Remote Auth. Dial-In User Service
  • 97. RAID  Redundant Array of Inexpensive(or Independent) Disks - 7 levels  Level 0 - Data striping (spreads blocks of each file across multiple disks)  Level 1 - Provides disk mirroring  Level 3 - Same as 0, but adds a disk for error correction  Level 5 - Data striping at byte level, error correction too
  • 98. ?

Editor's Notes