© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 1 Essential TCP/IP Network Protocols and.

Slides:



Advertisements
Similar presentations
Cisco 2 - Routers Perrine. J Page 14/30/2015 Chapter 10 TCP/IP Protocol Suite The function of the TCP/IP protocol stack is to transfer information from.
Advertisements

CCNA – Network Fundamentals
Chapter 7: Transport Layer
Lecture 7 Transport Layer
Network Services Networking for Home & Small Business.
CCNA 1 v3.1 Module 11 Review.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
1 Introduction to TCP/IP. 2 Agenda What Is TCP/IP? IP Addressing.
Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.
Chapter Overview TCP/IP Protocols IP Addressing.
1 Protocol Interaction (ISO’s Open Systems Interconnection (OSI model)) the 7 layers.
CS 350 Chapter-6. A brief history of TCP/IP 1983 TCP/IP came to ARPAnet ARPAnet and MILNET dissolved in 1990 BSD UNIX.
Chapter Eleven An Introduction to TCP/IP. Objectives To compare TCP/IP’s layered structure to OSI To review the structure of an IP address To look at.
Module 1: Reviewing the Suite of TCP/IP Protocols.
Forensic and Investigative Accounting
CHAPTER 2 PCs on the Internet Suraya Alias. The TCP/IP Suite of Protocols Internet applications – client/server applications The client requested data.
Hands-On Microsoft Windows Server 2003 Networking Chapter Three TCP/IP Architecture.
Networking Basics TCP/IP TRANSPORT and APPLICATION LAYER Version 3.0 Cisco Regional Networking Academy.
Network Protocols. Why Protocols?  Rules and procedures to govern communication Some for transferring data Some for transferring data Some for route.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 3: TCP/IP Architecture.
Chapter 9.
What is a Protocol A set of definitions and rules defining the method by which data is transferred between two or more entities or systems. The key elements.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Network Services Networking for Home and Small Businesses – Chapter.
TCP/IP. The Internet Protocol Suite is the set of communications protocols used for the Internet and other similar networks. It is commonly also known.
Huda AL_Omairl - Network 71 Protocols and Network Software.
Examining TCP/IP.
Network Services Networking for Home & Small Business.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.
Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.
1 7-Oct-15 OSI transport layer CCNA Exploration Semester 1 Chapter 4.
Component 9 – Networking and Health Information Exchange Unit 1-1 ISO Open Systems Interconnection (OSI) This material was developed by Duke University,
Introduction to Packet Accelerator (PA). Communication Models Network Access Ethernet ARP FDDI Internet IP Host-to-Host TCP UDP Application TELNET FTP.
Chap 9 TCP/IP Andres, Wen-Yuan Liao Department of Computer Science and Engineering De Lin Institute of Technology
1 LAN Protocols (Week 3, Wednesday 9/10/2003) © Abdou Illia, Fall 2003.
TCP/IP Transport and Application (Topic 6)
Chapter 6-2 the TCP/IP Layers. The four layers of the TCP/IP model are listed in Table 6-2. The layers are The four layers of the TCP/IP model are listed.
1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.
CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.
TCP/IP Honolulu Community College Cisco Academy Training Center Semester 2 Version 2.1.
1 Chapter 8 – TCP/IP Fundamentals TCP/IP Protocols IP Addressing.
TCP/IP MODEL   Short overview for OSI model;  What is TCP/IP model?;  How is divided;  The TCP/IP structure;  The Application Layer;  The Transport.
1 Chapter Overview Network Communications The OSI Reference Model.
1 Chapter Overview Network Communications The OSI Reference Model.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network, Enhanced Chapter 3: TCP/IP Architecture.
TCP =Transmission Control Protocol IP = Internet Protocol TCP/IP Protocol.
Telecommunications Essentials John R. Durrett July 5, 2005.
Hands-On Ethical Hacking and Network Defense
SWICHING & ROUTING.
Introduction to TCP/IP. Agenda What Is TCP/IP? IP Addressing.
Page 12/9/2016 Chapter 10 Intermediate TCP : TCP and UDP segments, Transport Layer Ports CCNA2 Chapter 10.
Computer Network Architecture Lecture 6: OSI Model Layers Examples 1 20/12/2012.
TCP/IP Protocol Suite ©Richard L. Goldman September 25, 2002.
Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review Last modified
Advanced Higher Computing Computer Networking Topic 1: Network Protocols and Standards.
The OSI Model. Understanding the OSI Model In early 1980s, manufacturers began to standardize networking so that networks from different manufacturers.
CITA 352 Chapter 2 TCP/IP Concepts Review. Overview of TCP/IP Protocol –Language used by computers –Transmission Control Protocol/Internet Protocol (TCP/IP)
1 14-Jun-16 S Ward Abingdon and Witney College CCNA Exploration Semester 1 OSI transport layer CCNA Exploration Semester 1 Chapter 4.
Click to edit Master subtitle style Chapter 6: Introduction to the IP Protocol.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 OSI transport layer CCNA Exploration Semester 1 – Chapter 4.
11/18/2016Basic TCP/IP Networking 1 TCP/IP Overview Basic Networking Concepts.
CompTIA Security+ Study Guide (SY0-401)
Chapter 3 Understanding the OSI Model
Understand the OSI Model Part 2
Networking for Home and Small Businesses – Chapter 6
Networking for Home and Small Businesses – Chapter 6
CompTIA Security+ Study Guide (SY0-401)
Network Models CCNA Instructor Training Course October 12-17, 2009
Networking for Home and Small Businesses – Chapter 6
OSI Reference Model Kashif Ishaq.
Presentation transcript:

© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 1 Essential TCP/IP Network Protocols and Applications

Name: Williams Obinkyereh MSc. IT, Post Masters Software Engineering DSC (Doctor of Computer Science) Student. Contacts: Phone:

Introduction Class introduction Introduction of Course Syllabus. –Course Summary –Lab Infrastructure (Mock) –Course Plan –Evaluation –Academic integrity Discussion and questions about syllabus.

© ITT Educational Services, Inc. All rights reserved.Page 4 IS3220 Information Technology Infrastructure Security Learning Objective Review essential Transmission Control Protocol/Internet Protocol (TCP/IP) behavior and applications used in IP networking

© ITT Educational Services, Inc. All rights reserved.Page 5 IS3220 Information Technology Infrastructure Security Key Concepts  TCP/IP protocol analysis using NetWitness Investigator  Differentiating clear-text from cipher-text  Essential TCP/IP characteristics  IP networking protocol behavior  Network management tools

© ITT Educational Services, Inc. All rights reserved.Page 6 IS3220 Information Technology Infrastructure Security EXPLORE: CONCEPTS

© ITT Educational Services, Inc. All rights reserved.Page 7 IS3220 Information Technology Infrastructure Security TCP/IP Networking and OSI Reference Models 7. Application 6. Presentation 5. Session 4. Transport 3. Network 2. Data link 1. Physical Application Transport Internet Network Interface

© ITT Educational Services, Inc. All rights reserved.Page 8 IS3220 Information Technology Infrastructure Security TCP/IP Protocol Suite Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), Hypertext Transfer Protocol (HTTP), Tele-network (Telnet), File Transfer Protocol (FTP) Application Transmission Control Protocol (TCP), User Datagram Protocol (UDP) Transport Internet Protocol (IP), IPSec, Internet Control Message Protocol (ICMP), Address Resolution Protocol (ARP), and Internet Group Management Protocol IGMP Internet Serial Line Internet Protocol (SLIP), Purchasing Power Parity (PPP) Network Interface

© ITT Educational Services, Inc. All rights reserved.Page 9 IS3220 Information Technology Infrastructure Security The Structure of a Packet

© ITT Educational Services, Inc. All rights reserved.Page 10 IS3220 Information Technology Infrastructure Security A Packet Moves Through the Protocol Stack

© ITT Educational Services, Inc. All rights reserved.Page 11 IS3220 Information Technology Infrastructure Security Protocol Analysis Functions of a Protocol Analyzer  Why analyze data packets? Detect network problems, such as bottlenecks Detect network intrusions Check for vulnerabilities Gather network statistics  What does a protocol analyzer do? Captures and decodes data packets traveling on a network Allows you to read and analyze them

© ITT Educational Services, Inc. All rights reserved.Page 12 IS3220 Information Technology Infrastructure Security NetWitness Investigator  Threat analysis software − Protocol Analyzer  Captures raw packets from wired and wireless interfaces  Analyzes real-time data throughout the seven layers

© ITT Educational Services, Inc. All rights reserved.Page 13 IS3220 Information Technology Infrastructure Security NetWitness Investigator (cont.)  Filters by Media Access Control (MAC) address, IP address, user, and more  Supports Internet Protocol version 4 (IPv4) and Internet Protocol version 6 (IPv6)  Gets daily threat intelligence data from the SANS Internet Storm Center  Freely available

© ITT Educational Services, Inc. All rights reserved.Page 14 IS3220 Information Technology Infrastructure Security Wireshark  Network protocol analyzer  Captures Ethernet, IEEE , PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and other packets  Analyzes real-time and saved data  Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and others  Supports IPv4 and IPv6  Allows Voice over IP (VoIP) analysis  Freely available

© ITT Educational Services, Inc. All rights reserved.Page 15 IS3220 Information Technology Infrastructure Security EXPLORE: PROCESS

© ITT Educational Services, Inc. All rights reserved.Page 16 IS3220 Information Technology Infrastructure Security Packet Capture Using NetWitness Investigator Start the capture Verify capture configuration settings Network Adapter, Advanced Capture Settings, and Evidence Handling Define rules or capture Filters and alerts Select parsers to use with capture Geolocation IP (GeoIP), Search, FLEXPARSE

© ITT Educational Services, Inc. All rights reserved.Page 17 IS3220 Information Technology Infrastructure Security Trace Analysis Using NetWitness Investigator Navigation Search Select a collection. Click Navigation. Select a report. Select a group of sessions. Search for specific content. Open a collection. Click the Content Search icon. Search on keyword or regular expression.

© ITT Educational Services, Inc. All rights reserved.Page 18 IS3220 Information Technology Infrastructure Security TCP/IP Transaction Sessions  Connection-oriented Sender -Breaks data into packets -Attaches packet numbers Receiver -Acknowledges receipt; lost packets are resent -Reassembles packets in correct order

© ITT Educational Services, Inc. All rights reserved.Page 19 IS3220 Information Technology Infrastructure Security TCP Three-Way Handshake Server Host 1 - SYN 2 - SYN/ACK 3 - ACK Synchronize (SYN) Acknowledge (ACK)

© ITT Educational Services, Inc. All rights reserved.Page 20 IS3220 Information Technology Infrastructure Security TCP Connection Termination Acknowledge (ACK) Finish (FIN) Server Host 1 – ACK/FIN 2 –ACK 4 - ACK 3 –ACK/FIN

© ITT Educational Services, Inc. All rights reserved.Page 21 IS3220 Information Technology Infrastructure Security TCP Connection Reset Server Host 1 - SYN 2 –SYN/ACK 3 - RST Synchronize (SYN) Acknowledge (ACK) Reset (RST)

© ITT Educational Services, Inc. All rights reserved.Page 22 IS3220 Information Technology Infrastructure Security EXPLORE: CONTEXT

© ITT Educational Services, Inc. All rights reserved.Page 23 IS3220 Information Technology Infrastructure Security IPv4 Addressing  Assigned to computers for identification on a network  32-bit address space  Internet routing uses numeric IP addresses  Dotted decimal notation Example:  IP addresses in packet headers  A packet makes many hops between source and destination

© ITT Educational Services, Inc. All rights reserved.Page 24 IS3220 Information Technology Infrastructure Security Network Protocol Examination  Normal Packet Connecting to an FTP server Port 53 (dns) in UDP Three-way handshake completes  Packet Showing Evidence of Port Scan Series of TCP packets, part of three-way handshake Arrange segments in sequential order by source port Destination ports also in sequential order Classic TCP port scan

© ITT Educational Services, Inc. All rights reserved.Page 25 IS3220 Information Technology Infrastructure Security Clear-Text Vs Encrypted Protocols  Clear-text Protocols Are human readable FTP, Telnet, Simple Mail Transfer Protocol (SMTP), HTTP, Post Office Protocol 3 (POP3), Internet Message Access Protocol (IMAPv4), Network Basic Input/Output System (NetBIOS), Simple Network Management Protocol (SNMP)  Encrypted Protocols Are not human readable Secure Shell (SSH), SSH File Transfer Protocol (SFTP), HTTP Secure (HTTPS)

© ITT Educational Services, Inc. All rights reserved.Page 26 IS3220 Information Technology Infrastructure Security Summary  TCP/IP protocol analysis using NetWitness Investigator  Differentiating clear-text from cipher-text  Essential TCP/IP characteristics  IP networking protocol behavior  Network management tools

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.