Review For Exam 1 (February 18, 2013) © Abdou Illia – Spring 2013.

Slides:



Advertisements
Similar presentations
TCP/IP Christopher Zacky. lolwut Decimal Numbers.
Advertisements

CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)
CCNA – Network Fundamentals
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 OSI Transport Layer Network Fundamentals – Chapter 4.
Introduction1-1 message segment datagram frame source application transport network link physical HtHt HnHn HlHl M HtHt HnHn M HtHt M M destination application.
Chapter 7 – Transport Layer Protocols
Module A.  This is a module that some teachers will cover while others will not  This module is a refresher on networking concepts, which are important.
Lesson 7 – THE BUSINESS OF NETWORKING. TCP/IP and UDP Other Internet protocols Important Internet protocols OVERVIEW.
1 TCP/IP Internetworking (February 1, 2012) © Abdou Illia – Spring 2012.
CSEE W4140 Networking Laboratory Lecture 6: TCP and UDP Jong Yul Kim
Chapter 2 Networking Overview. Figure 2.1 Generic protocol layers move data between systems.
Transport Layer TCP and UDP IS250 Spring 2010
Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.
Gursharan Singh Tatla Transport Layer 16-May
OSI Model Routing Connection-oriented/Connectionless Network Services.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
January 2009Prof. Reuven Aviv: Firewalls1 Firewalls.
1 Semester 2 Module 10 Intermediate TCP/IP Yuda college of business James Chen
1 Chapter Overview TCP/IP DoD model. 2 Network Layer Protocols Responsible for end-to-end communications on an internetwork Contrast with data-link layer.
Chabot College ELEC Ports (Layer 4).
Introduction to Networks CS587x Lecture 1 Department of Computer Science Iowa State University.
Network Architecture Models: Layered Communications School of Business Eastern Illinois University © Abdou Illia, Fall 2015 (September 14, 2015 ) Encapsulation.
1 LAN Protocols (Week 3, Wednesday 9/10/2003) © Abdou Illia, Fall 2003.
10/13/20151 TCP/IP Transmission Control Protocol Internet Protocol.
TCP: A Closer Look Transmission Control Protocol.
TCP : Transmission Control Protocol Computer Network System Sirak Kaewjamnong.
Packet Filtering Chapter 4. Learning Objectives Understand packets and packet filtering Understand approaches to packet filtering Set specific filtering.
1 The Internet and Networked Multimedia. 2 Layering  Internet protocols are designed to work in layers, with each layer building on the facilities provided.
TCP/IP Protocols Contains Five Layers
Review the key networking concepts –TCP/IP reference model –Ethernet –Switched Ethernet –IP, ARP –TCP –DNS.
CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.
CSC 600 Internetworking with TCP/IP Unit 5: IP, IP Routing, and ICMP (ch. 7, ch. 8, ch. 9, ch. 10) Dr. Cheer-Sun Yang Spring 2001.
Linux Operations and Administration Chapter Eight Network Communications.
1 Figure 3-13: Internet Protocol (IP) IP Addresses and Security  IP address spoofing: Sending a message with a false IP address (Figure 3-17)  Gives.
Introduction to TCP/IP networking. TCP/IP protocol family IP : Internet Protocol UDP : User Datagram Protocol TCP : Transmission Control Protocol.
1 CSE 5346 Spring Network Simulator Project.
Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review Last modified
CITA 352 Chapter 2 TCP/IP Concepts Review. Overview of TCP/IP Protocol –Language used by computers –Transmission Control Protocol/Internet Protocol (TCP/IP)
Cisco I Introduction to Networks Semester 1 Chapter 7 JEOPADY.
1 28-Sep-16 S Ward Abingdon and Witney College CCNA Exploration Semester 1 OSI network layer CCNA Exploration Semester 1 Chapter 5.
Chapter 5 Network and Transport Layers
Introduction To TCP/IP Networking Mr. Zeeshan Ali, Asst. Professor
Introduction to TCP/IP networking
Dr. Richard Spillman Fall 2006
Chapter 5 Network and Transport Layers
Review of TCP/IP Internetworking
The OSI Model and the TCP/IP Protocol Suite
Layered Architectures
TCP/IP Internetworking
Networking for Home and Small Businesses – Chapter 6
Standards Basics.
TCP/IP Internetworking
Overview of Networking & Operating System Security
Networking for Home and Small Businesses – Chapter 6
The OSI Model and the TCP/IP Protocol Suite
Topic 5: Communication and the Internet
CCNA 2 v3.1 Module 10 Intermediate TCP/IP
Week 5: Network Protocols Part 1
Process-to-Process Delivery:
Figure 3-23: Transmission Control Protocol (TCP) (Study Figure)
TCP/IP Protocol Suite: Review
Net 323 D: Networks Protocols
Networking for Home and Small Businesses – Chapter 6
The OSI Model and the TCP/IP Protocol Suite
Network Fundamentals – Chapter 5
Network Architecture Models: Layered Communications
Process-to-Process Delivery: UDP, TCP
ITIS 6167/8167: Network and Information Security
Transport Layer 9/22/2019.
Presentation transcript:

Review For Exam 1 (February 18, 2013) © Abdou Illia – Spring 2013

Introduction to Systems Security

The PTP framework Any security system must have 3 key elements People (users and IT staff) Technology (firewall, IDS, antivirus, etc.) Policies (Safe-Use policy, password policy, privacy policy, etc.) People are usually the weakest link

Dialog attack: Eavesdropping Intercepting confidential message being transmitted over the network Dialog Hello Client PC Bob Server Alice Hello Attacker (Eve) intercepts and reads messages

Resources Access Control

Resources Access Control Part 1

Security Goals Three main security goals: Confidentiality of communications and proprietary information Integrity of corporate data Availability of network services and resources CIA Authenticity: ensuring that the data, transactions, communications or documents are genuine. Also validating that both parties involved are who they claim to be. Non-repudiation: Ensuring that one party of a transaction cannot deny having received a transaction nor can the other party deny having sent a transaction.

What is Access Control? AAA process Authentication: supplicant sends credentials to verifier to authenticate the supplicant Authorization: what permissions the authenticated user will have What resources he or she can get to at all What he or she can do with these resources Auditing: recording what people do in log files Detecting attacks

Figure 2-3: Password Length Length In Characters Alphabetic, No Case (N=26) Alphabetic, Case (N=52) Alphanumeric: Letters & Digits (N=62) All Keyboard Characters (N=~80) 1 26 52 62 80 2 (N2) 676 2,704 3,844 6,400 4 (N4) 456,976 7,311,616 14,776,336 40,960,000 6 308,915,776 19,770,609,664 56,800,235,584 2.62144E+11 8 2.08827E+11 5.34597E+13 2.1834E+14 1.67772E+15 10 1.41167E+14 1.44555E+17 8.39299E+17 1.07374E+19 Q: Your password policy is: (a) the password must be 6 character long, (b) the password should include only decimal digits and lower case alphabetic characters. What is the maximum number of passwords the attacker would try in order to crack a password in your system?

Alternatives to password (cont.) Proximity Access Tokens Use Radio Frequency ID (RFID) technology Supplicant only has to be near a door or computer to be recognized Two-Factor Authentication Access card: 1st factor PINs for the second factor Short: 4 to 6 digits Can be short because attempts are manual Should not choose obvious combinations (1111, 1234) or important dates

Resources Access Control Part 2

MAC Filtering The Access Point could be configured to only allow mobile devices with specific MAC addresses Today, attack programs exist that could sniff MAC addresses, and then spoof them to gain access MAC Access Control List O9-2X-98-Y6-12-TR 10-U1-7Y-2J-6R-11 U1-E2-13-6D-G1-90 01-23-11-23-H1-80 …………………….. Access Point

IP Address Filtering The Access Point could be configured to only allow mobile devices with specific IP addresses Attacker could Get IP address by guessing based on companies range of IP addresses Sniff IP addresses, then spoof them to gain access IP Address Access Control List 139.67.180.1/24-139.67.180.30/24 139.67.180.75 139.67.180.80 139.67.180.110 …………………….. Access Point

Access control at EIU What is used at EIU today to control access to the WLAN?

Using Authentication server 2. Pass on Request to RADIUS Server RADIUS Server / WAP Gateway 1. Authentication Request Access Point Applicant (Lee) 4. Accept Applicant Key=XYZ 5. OK Use Key XYZ 3. Get User Lee’s Data (Optional; RADIUS Server May Store Authentication Data) Directory Server or Kerberos Server RADIUS is an AAA (Authentication, Authorization, Accounting) protocol Once user authenticated, AP assigns user individual key, avoiding shared key.

TCP/IP Internetworking

Layer Cooperation on the User PC Encapsulation on the sending machine Embedding message received from upper layer in a new message HTTP request Application HTTP req. Encapsulation of HTTP request in data field of a TCP segment Transport HTTP req. TCP-H TCP segment Internet HTTP req. TCP-H IP-H IP Packet Data Link PPP-T HTTP req. TCP-H IP-H PPP-H Frame User PC Physical

Layer Cooperation on the Web server De-encapsulation Other layers pass successive data fields (containing next-lower layer messages) up to the next-higher layer HTTP request HTTP req. Application TCP segment HTTP req. TCP-H Transport IP Packet HTTP req. TCP-H IP-H Internet Frame PPP-T HTTP req. TCP-H IP-H PPP-H Data Link Transmission media Webserver

IP Packet Bit 0 IP Version 4 Packet Bit 31 Version (4 bits) Header 0100 IP Version 4 Packet Bit 31 Version (4 bits) Header Length (4 bits) QoS (8 bits) Total Length (16 bits) Identification (16 bits) Flags Fragment Offset (13 bits) Time To Live (8 bits) Protocol (8 bits) 1=ICMP, 6=TCP,17=UDP Header Checksum (16 bits) Source IP Address (32 bits) Destination IP Address (32 bits) Options (if any) Padding Data Field QoS: Also called Type of Service, indicates the priority level the packet should have Identification tag: to help reconstruct the packet from several fragments Flags: indicates whether packet could be fragmented or not (DF: Don't fragment), indicates whether more fragments of a packet follow (MF: More Fragments or NF: No More Fragments) Fragment offset: identify which fragment this packet is attached to TTL: Indicates maximum number of hops (or routers) the packet could pass before a hop discards it. Header checksum: to check for errors in the headers only

IP Fragmentation Subnet 1 Subnet 2 When a packet arrives at a router, the router selects the port and subnet to forward the packet to If packet too large for the subnet to handle, router fragments the packet; ie. Divides packet’s data field into fragments Gives each fragment same Identification tag value, i.e. the Identification tag of original packet First fragment is given Fragment Offset value of 0 Subsequent fragments get Fragment Offset values consistent with their data’s place in original packet Last fragment’s Flag is set to “No More Fragments” Destination host reassemble fragments based on the offsets. Identification (16 bits) Flags Fragment Offset (13 bits)

Firewalls and Fragmented IP Packet Fragmentation makes it hard for firewalls to filter individual packets TCP or UDP header appears only in the first fragment Firewall might drop the first fragment, but not subsequent fragments Some firewalls drop all fragmented packets 2. Second Fragment 1. First Fragment Router TCP Data Field IP Header 4. TCP Data Field No TCP Header IP Header 5. Firewall 60.168.47.47 Can Only Filter TCP Header in First Fragment Attacker 1.34.150.37 3. TCP Header Only in First Fragment

TCP Segment Bit 0 Bit 31 Source Port Number (16 bits) Destination Port Number (16 bits) Sequence Number (32 bits) Acknowledgment Number (32 bits) Header Length (4 bits) Reserved (6 bits) Flag Fields: ACK, SYN,… (6 bits) Window Size (16 bits) TCP Checksum (16 bits) Urgent Pointer (16 bits) Data Port number: identifies sending and receiving application programs. Sequence number: Identifies segment’s place in the sequence. Allows receiving Transport layer to put arriving TCP segments in order. Acknowledgement number: identifies which segment is being acknowledged Flag fields: Six one-bit flags: ACK, SYN, FIN, RST, URG, PSH. Can be set to 0 (off) or 1 (on). e.g. SYN=1 means a request for connection/synchronization. Q: If the ACK flag is set to 1, what other field must also be set to allow the receiver know what TCP segment is being acknowledged?

TCP and use of Port numbers Source Port Number (16 bits) Destination Port Number (16 bits) TCP and use of Port numbers Port Number identify applications Well-known ports (0-1023): used by major server applications running at root authority. HTTP web service=80, Telnet=23, FTP=21, SMTP email =25 Registered ports (1024-49151): Used by client and server applications. Ephemeral/dynamic/private ports (49152-65535) Not permanently assigned by ICANN. Web server applications www:80 FTP:21 SMTP:25 Operating System Computer hardware Socket notation: IP address:Port # RAM chip HD Processor

Questions A host sends a TCP segment with source port number 25 and destination port number 49562. Is the source host a server or a client? Why? If the host is a server, what kind of service does it provide? Is the destination host a server or a client ? Why?

IP Address IPv4 addresses are 32 bit long IPv6 are 128 bit long Example: 139.67.14.54 There are 2^32 IP addresses IPv6 are 128 bit long There are 2^128 IP addresses

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.