1. Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review Last modified 3-27-16 - jw

2. Objectives Describe the TCP/IP protocol stack Describe the TCP/IP protocol stack Explain the basic concepts of IP addressing Explain the basic concepts of IP addressing Explain the binary, octal, and hexadecimal numbering system Explain the binary, octal, and hexadecimal numbering system

3. Overview of TCP/IP Protocol Protocol Common language used by computers for speaking to each other. Common language used by computers for speaking to each other.

4. Overview of TCP/IP Transmission Control Protocol/Internet Protocol (TCP/IP) Transmission Control Protocol/Internet Protocol (TCP/IP) Most widely used open standard protocol Most widely used open standard protocol The first layered protocol model for internetwork communications was created by the DoD (Department of Defense) and DARPA (Defense Advanced Research Project Agency) in the early 1970s and is often referred to as the DoD model. The first layered protocol model for internetwork communications was created by the DoD (Department of Defense) and DARPA (Defense Advanced Research Project Agency) in the early 1970s and is often referred to as the DoD model. It defines four categories of functions that must occur for communications to be successful. It defines four categories of functions that must occur for communications to be successful.

5. Contains four different layers Application Transport Internet Network TCP/IP stack

6. Overview of TCP/IP

7. Protocol Data Units and Encapsulation The encapsulation process. The encapsulation process. As application data is passed down the protocol stack on its way to be transmitted across the network media, various protocols add information to it at each level. As application data is passed down the protocol stack on its way to be transmitted across the network media, various protocols add information to it at each level. The form that a piece of data takes at any layer is called a Protocol Data Unit (PDU). The form that a piece of data takes at any layer is called a Protocol Data Unit (PDU). During encapsulation, each succeeding layer encapsulates the PDU that it receives from the layer above in accordance with the protocol being used. During encapsulation, each succeeding layer encapsulates the PDU that it receives from the layer above in accordance with the protocol being used.

8. Protocol Data Units and Encapsulation At each stage of the process, a PDU has a different name to reflect its new appearance. At each stage of the process, a PDU has a different name to reflect its new appearance. Data - The general term for the PDU used at the Application layer Data - The general term for the PDU used at the Application layer Segment - Transport Layer PDU Segment - Transport Layer PDU Packet - Internetwork Layer PDU Packet - Internetwork Layer PDU Frame - Network Access Layer PDU Frame - Network Access Layer PDU Bits - A PDU used when physically transmitting data over the medium Bits - A PDU used when physically transmitting data over the medium

9. Protocol Data Units and Encapsulation

10. The Application Layer Front end to the lower-layer protocols Front end to the lower-layer protocols What you can see and touch – closest to the user at the keyboard What you can see and touch – closest to the user at the keyboard HTTP, FTP, SMTP, SNMP, SSH, IRC and Telnet all operate in the Application Layer HTTP, FTP, SMTP, SNMP, SSH, IRC and Telnet all operate in the Application Layer

12. The Transport Layer Encapsulates data into segments Encapsulates data into segments Segments can use TCP or UDP to reach a destination host Segments can use TCP or UDP to reach a destination host TCP is a connection oriented protocol TCP is a connection oriented protocol UDP is a connectionless oriented protocol UDP is a connectionless oriented protocol

13. TCP and UDP Transmission Control Protocol (TCP) TCP is a connection-oriented protocol, described in RFC 793. TCP is a connection-oriented protocol, described in RFC 793. TCP incurs additional overhead to gain functions. TCP incurs additional overhead to gain functions. Additional functions specified by TCP are the same order delivery, reliable delivery, and flow control. Additional functions specified by TCP are the same order delivery, reliable delivery, and flow control. Each TCP segment has 20 bytes of overhead in the header encapsulating the Application layer data, Each TCP segment has 20 bytes of overhead in the header encapsulating the Application layer data, Applications that use TCP are: Applications that use TCP are: Web Browsers Web Browsers E-mail E-mail File Transfers File Transfers http://www.uic.rsu.ru/doc/inet/tc p_stevens/tcp_tran.htm

14. TCP and UDP User Datagram Protocol (UDP) User Datagram Protocol (UDP) UDP is a connectionless protocol, described in RFC 768. UDP is a connectionless protocol, described in RFC 768. It providing for low overhead data delivery. It providing for low overhead data delivery. The pieces of communication in UDP are called datagrams. The pieces of communication in UDP are called datagrams. each UDP segment only has 8 bytes of overhead. each UDP segment only has 8 bytes of overhead. These datagrams are sent as "best effort". These datagrams are sent as "best effort". Applications that use UDP include: Applications that use UDP include: Domain Name System (DNS) Domain Name System (DNS) Video Streaming Video Streaming Voice over IP (VoIP) Voice over IP (VoIP)

15. Purpose of the Transport Layer The Transport layer provides for the segmentation of data necessary to reassemble these pieces into the various communication streams. The Transport layer provides for the segmentation of data necessary to reassemble these pieces into the various communication streams. Its primary responsibilities to accomplish this are: Its primary responsibilities to accomplish this are: Tracking the individual communication between applications on the source and destination hosts Tracking the individual communication between applications on the source and destination hosts Segmenting data and managing each piece Segmenting data and managing each piece Reassembling the segments into application data Reassembling the segments into application data Identifying the different applications Identifying the different applications

16. TCP Connection Establishment and Termination When two hosts communicate using TCP: When two hosts communicate using TCP: a connection is established before data can be exchanged. a connection is established before data can be exchanged. The host tracks each data segment within a session and exchanges information about what data is received. The host tracks each data segment within a session and exchanges information about what data is received. After the communication is completed, the sessions are closed and the connection is terminated. After the communication is completed, the sessions are closed and the connection is terminated.

17. TCP Connection Establishment and Termination To establish the connection, the hosts perform a three-way handshake. Establishes that the destination device is present on the network Establishes that the destination device is present on the network Verifies that the destination device has an active service and is accepting requests on the destination port number that the initiating client intends to use for the session Verifies that the destination device has an active service and is accepting requests on the destination port number that the initiating client intends to use for the session Informs the destination device that the source client intends to establish a communication session on that port number Informs the destination device that the source client intends to establish a communication session on that port number

18. TCP three-way handshake Computer A sends a SYN packet Computer A sends a SYN packet Computer B replies with a SYN-ACK packet Computer B replies with a SYN-ACK packet Computer A replies with an ACK packet Computer A replies with an ACK packet

19. TCP Header Format 0 1 2 3 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data | |U|A|P|R|S|F| | | Data | |U|A|P|R|S|F| | | Offset| Reserved |R|C|S|S|Y|I| Window | | Offset| Reserved |R|C|S|S|Y|I| Window | | | |G|K|H|T|N|N| | | | |G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | data | | data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ http://freesoft.org/CIE/RFC/793/19.htm

20. TCP Segment Headers Critical components: Critical components: TCP flags TCP flags Initial Sequence Number (ISN) Initial Sequence Number (ISN) Source and destination port Source and destination port Abused by hackers finding vulnerabilities Abused by hackers finding vulnerabilities

21. TCP Flags Within the TCP segment header, there are six 1-bit fields that contain control information used to manage the TCP processes. Within the TCP segment header, there are six 1-bit fields that contain control information used to manage the TCP processes. Six flags Six flags URG - Urgent pointer field significant URG - Urgent pointer field significant ACK - Acknowledgement field significant ACK - Acknowledgement field significant PSH - Push function PSH - Push function RST - Reset the connection RST - Reset the connection SYN - Synchronize sequence numbers SYN - Synchronize sequence numbers FIN - Finish Flag - No more data from sender FIN - Finish Flag - No more data from sender Flag can be set to 0 (off) or 1 (on) Flag can be set to 0 (off) or 1 (on)

22. TCP Flags Six flags mnemonic Six flags mnemonic Unskilled - URG Unskilled - URG Attackers - ACK Attackers - ACK Pester - PSH Pester - PSH Real - RST Real - RST Security - SYN Security - SYN Folks – FIN Folks – FIN Knowledge of the flags is useful for analyzing performance and port scanning techniques. Knowledge of the flags is useful for analyzing performance and port scanning techniques.

23. Initial Sequence Number (ISN) 32-bit number 32-bit number Tracks packets received Tracks packets received Enables reassembly of large packets Enables reassembly of large packets Sent on steps 1 and 2 of the TCP three- way handshake Sent on steps 1 and 2 of the TCP three- way handshake By guessing ISN values, a hacker can hijack a TCP session, gaining access to a server without logging in By guessing ISN values, a hacker can hijack a TCP session, gaining access to a server without logging in http://en.wikipedia.org/wiki/TCP_sequence_pre diction_attack

24. Initial Sequence Number (ISN) cont’d The ISN represents the starting value for the bytes that will be transmitted to the receiving application. The ISN represents the starting value for the bytes that will be transmitted to the receiving application. As data is transmitted, the sequence number is incremented by the number of bytes that have been transmitted. As data is transmitted, the sequence number is incremented by the number of bytes that have been transmitted. This enables each segment to be uniquely identified and acknowledged. This enables each segment to be uniquely identified and acknowledged. Missing segments can be identified. Missing segments can be identified.

25. Port Addressing: Identifying the Conversations The TCP and UDP based services keep track of the various applications that are communicating. Both TCP and UDP have header fields that can uniquely identify these applications. The TCP and UDP based services keep track of the various applications that are communicating. Both TCP and UDP have header fields that can uniquely identify these applications. These unique identifiers are the port numbers. These unique identifiers are the port numbers. In the header of each segment or datagram, there is a source and destination port. In the header of each segment or datagram, there is a source and destination port. The source port number is the number for this communication associated with the originating application on the local host. The source port number is the number for this communication associated with the originating application on the local host. The destination port number is the number for this communication associated with the destination application on the remote host. The destination port number is the number for this communication associated with the destination application on the remote host.

26. Port Addressing: Identifying the Conversations Port numbers are assigned in various ways, depending on whether the message is a request or a response. Port numbers are assigned in various ways, depending on whether the message is a request or a response. While server processes have static port numbers assigned to them, clients dynamically choose a port number for each conversation. While server processes have static port numbers assigned to them, clients dynamically choose a port number for each conversation.

27. Notice the difference in how source and destination port numbers are used with clients and servers: Client (initiating Telnet service): Destination Port = 23 (telnet) Destination Port = 23 (telnet) Source Port = 1028 (dynamically assigned) Source Port = 1028 (dynamically assigned) Server (responding to Telnet service): Destination Port = 1028 (source port of client) Destination Port = 1028 (source port of client) Source Port = 23 (telnet) Source Port = 23 (telnet) 1028 23 Client Server

28. TCP Ports Port Port Logical, not physical, component of a TCP connection Logical, not physical, component of a TCP connection Identifies the service that is running Identifies the service that is running Example: HTTP uses port 80 Example: HTTP uses port 80 A 16-bit number – 65,536 ports A 16-bit number – 65,536 ports Each TCP packet has a source and destination port Each TCP packet has a source and destination port

29. The IANA assigns port numbers Port numbers are assigned in various ways, based on three ranges: Port numbers are assigned in various ways, based on three ranges: System Ports (0-1023) System Ports (0-1023) User Ports (1024-49151) User Ports (1024-49151) Dynamic and/or Private Ports (49152- 65535) Dynamic and/or Private Ports (49152- 65535) http://www.iana.org/assignments/se rvice-names-port-numbers/service- names-port-numbers.xhtml http://www.iana.org/assignments/se rvice-names-port-numbers/service- names-port-numbers.xhtml

30. The IANA assigns port numbers Well Known Ports (Numbers 0 to 1023) - These numbers are reserved for services and applications. Well Known Ports (Numbers 0 to 1023) - These numbers are reserved for services and applications. HTTP (web server) - 80 HTTP (web server) - 80 POP3/SMTP (e-mail server) – 110/25 POP3/SMTP (e-mail server) – 110/25 Telnet – 23 Telnet – 23

31. The IANA assigns port numbers Registered Ports (Numbers 1024 to 49151) - These port numbers are assigned to user processes or applications. Registered Ports (Numbers 1024 to 49151) - These port numbers are assigned to user processes or applications. These processes are primarily individual applications that a user has chosen to install. These processes are primarily individual applications that a user has chosen to install. When not used for a server resource, these ports may also be used dynamically selected by a client as its source port. When not used for a server resource, these ports may also be used dynamically selected by a client as its source port.

32. The IANA assigns port numbers Dynamic or Private Ports (Numbers 49152 to 65535) - Also known as Ephemeral Ports, these are usually assigned dynamically to client applications when initiating a connection. Dynamic or Private Ports (Numbers 49152 to 65535) - Also known as Ephemeral Ports, these are usually assigned dynamically to client applications when initiating a connection. It is not very common for a client to connect to a service using a Dynamic or Private Port. It is not very common for a client to connect to a service using a Dynamic or Private Port.

33. The IANA assigns port numbers Using both TCP and UDP Using both TCP and UDP Some applications may use both TCP and UDP. Some applications may use both TCP and UDP. For example, the low overhead of UDP enables DNS to serve many client requests very quickly. For example, the low overhead of UDP enables DNS to serve many client requests very quickly. Sometimes, however, sending the requested information may require the reliability of TCP. Sometimes, however, sending the requested information may require the reliability of TCP.

34. Blocking Ports Helps you stop or disable services that are not needed Helps you stop or disable services that are not needed Open ports are an invitation for an attack Open ports are an invitation for an attack You can’t block all incoming and outgoing ports You can’t block all incoming and outgoing ports That would stop all networking That would stop all networking Example - Incoming ports 25 and 80 are usually open on a servers, so mail serves can receive messages and serve Web pages Example - Incoming ports 25 and 80 are usually open on a servers, so mail serves can receive messages and serve Web pages

35. Port numbers and Applications Knowing port numbers is essential to quickly determining applications Knowing port numbers is essential to quickly determining applications

36. TCP Ports (continued) Ports 20 and 21 Ports 20 and 21 File Transfer Protocol (FTP) File Transfer Protocol (FTP) Use for sharing files over the Internet Use for sharing files over the Internet Requires a logon name and password Requires a logon name and password More secure than Trivial File Transfer Protocol (TFTP) but FTP is still clear text transmission More secure than Trivial File Transfer Protocol (TFTP) but FTP is still clear text transmission

38. TCP Ports (continued) Port 23 Port 23 Telnet Telnet Older TCP/IP protocol for text-based communication Older TCP/IP protocol for text-based communication Used commonly to configure network devices Used commonly to configure network devices

39. TCP Ports (continued) Port 25 Port 25 Simple Mail Transfer Protocol (SMTP) Simple Mail Transfer Protocol (SMTP) E-mail servers listen on this port E-mail servers listen on this port

40. TCP Ports (continued) Port 53 Port 53 Domain Name Service (DNS) Domain Name Service (DNS) Helps users connect to Web sites using URLs instead of IP addresses Helps users connect to Web sites using URLs instead of IP addresses

41. TCP Ports (continued) Port 69 Port 69 Trivial File Transfer Protocol Trivial File Transfer Protocol Used for transferring configurations Used for transferring configurations

42. TCP Ports (continued) Port 80 Port 80 Hypertext Transfer Protocol (HTTP) Hypertext Transfer Protocol (HTTP) Used when connecting to a Web server Used when connecting to a Web server Port 110 Port 110 Post Office Protocol 3 (POP3) Post Office Protocol 3 (POP3) Used for retrieving e-mail Used for retrieving e-mail

43. TCP Ports (continued) Port 119 Port 119 Network News Transfer Protocol Network News Transfer Protocol For use with newsgroups For use with newsgroups Port 123 Port 123 The Network Time Protocol (NTP) is used to synchronize the clocks of computer systems data networks. The Network Time Protocol (NTP) is used to synchronize the clocks of computer systems data networks.

44. TCP Ports (continued) Port 135 Port 135 Remote Procedure Call (RPC) Remote Procedure Call (RPC) Critical for the operation of Microsoft Exchange Server and Active Directory Critical for the operation of Microsoft Exchange Server and Active Directory Port 139 Port 139 NetBIOS NetBIOS Used by Microsoft’s NetBIOS Session Service Used by Microsoft’s NetBIOS Session Service File and printer sharing File and printer sharing

45. 45 TCP Ports (continued) Port 143 Port 143 Internet Message Access Protocol 4 (IMAP4) Internet Message Access Protocol 4 (IMAP4) Used for retrieving e-mail Used for retrieving e-mail More features than POP3 More features than POP3 Port 443 Port 443 Hypertext Transfer Protocol Secure (HTTPS) Hypertext Transfer Protocol Secure (HTTPS) Used for secure communications to a Web server Used for secure communications to a Web server

46. 46 TCP Ports (continued) Port 3389 Port 3389 Remote Desktop Protocol (RDP) Remote Desktop Protocol (RDP) Proprietary protocol developed by Microsoft, which provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDPclient software for this purpose, while the other computer must run RDPserver software.

47. Demonstration Use telnet to establish connections Use telnet to establish connections Use netstat to see the connections Use netstat to see the connections Port 23 (usually Telnet) Port 23 (usually Telnet) Port 25 SMTP (blocked on COD campus???) Port 25 SMTP (blocked on COD campus???) Port 21 FTP(blocked on COD campus???) Port 21 FTP(blocked on COD campus???)

48. Demonstration

49. Demonstration

50. Demonstration Wireshark Packet Sniffer Wireshark Packet Sniffer TCP Handshake: SYN, SYN/ACK, ACK TCP Handshake: SYN, SYN/ACK, ACK TCP Ports TCP Ports TCP Status Flags TCP Status Flags

51. User Datagram Protocol (UDP) Fast but unreliable protocol Fast but unreliable protocol Operates on transport layer Operates on transport layer Does not need to verify whether the receiver is listening Does not need to verify whether the receiver is listening Relies on higher layers of the TCP/IP stack to handle reliability problems Relies on higher layers of the TCP/IP stack to handle reliability problems Connectionless protocol Connectionless protocol

52. The Internet Layer Responsible for routing packets to their destination address Responsible for routing packets to their destination address Uses a logical address, called an IP address Uses a logical address, called an IP address IP addressing packet delivery is connectionless IP addressing packet delivery is connectionless

53. Internet Control Message Protocol (ICMP) Operates in the Internet layer of the TCP/IP stack Operates in the Internet layer of the TCP/IP stack Used to send messages related to network operations Used to send messages related to network operations Helps in troubleshooting a network Helps in troubleshooting a network Some commands include Some commands include Ping Ping Traceroute Traceroute

54. ICMP Type Codes

55. PING (Packet Internet Groper) is a diagnostic utility used to determine whether a computer is properly connected to devices/Internet. PING (Packet Internet Groper) is a diagnostic utility used to determine whether a computer is properly connected to devices/Internet. Ping – A TCP/IP Application

56. Traceroute – A TCP/IP Application Traceroute is a program that is available on many systems, and is similar to PING, except that traceroute provides more information than PING. Traceroute is a program that is available on many systems, and is similar to PING, except that traceroute provides more information than PING. Traceroute traces the path a packet takes to a destination, and is used to debug routing problems. Traceroute traces the path a packet takes to a destination, and is used to debug routing problems.

57. For more information on Ping Read the book: The Story About Ping by Marjorie Flack, Kurt Wiese See a Amazon.com customer review on next slide – very funny!

58. Review of Story of Ping on Amazon.com 8271 of 8518 people found the following review helpful: Ping! I love that duck!, January 25, 2000 Ping! I love that duck!, January 25, 2000 Reviewer: John E. Fracisco (El Segundo, CA USA) Using deft allegory, the authors have provided an insightful and intuitive explanation of one of Unix's most venerable networking utilities. Even more stunning is that they were clearly working with a very early beta of the program, as their book first appeared in 1933, years (decades!) before the operating system and network infrastructure were finalized. The book describes networking in terms even a child could understand, choosing to anthropomorphize the underlying packet structure. The ping packet is described as a duck, who, with other packets (more ducks), spends a certain period of time on the host machine (the wise-eyed boat). At the same time each day (I suspect this is scheduled under cron), the little packets (ducks) exit the host (boat) by way of a bridge (a bridge). From the bridge, the packets travel onto the internet (here embodied by the Yangtze River). The title character -- er, packet, is called Ping. Ping meanders around the river before being received by another host (another boat). He spends a brief time on the other boat, but eventually returns to his original host machine (the wise-eyed boat) somewhat the worse for wear. If you need a good, high-level overview of the ping utility, this is the book. I can't recommend it for most managers, as the technical aspects may be too overwhelming and the basic concepts too daunting. Problems With This Book As good as it is, The Story About Ping is not without its faults. There is no index, and though the ping(8) man pages cover the command line options well enough, some review of them seems to be in order. Likewise, in a book solely about Ping, I would have expected a more detailed overview of the ICMP packet structure. But even with these problems, The Story About Ping has earned a place on my bookshelf, right between Stevens' Advanced Programming in the Unix Environment, and my dog-eared copy of Dante's seminal work on MS Windows, Inferno. Who can read that passage on the Windows API ("Obscure, profound it was, and nebulous, So that by fixing on its depths my sight -- Nothing whatever I discerned therein."), without shaking their head with deep understanding. But I digress. --This text refers to the School & Library Binding edition.

59. 59 Wireshark Capture of a PING

60. 60 Overview of Numbering Systems Binary Binary Octal Octal Hexadecimal Hexadecimal

61. 61 Reviewing the Binary Numbering System Uses the number 2 as its base Uses the number 2 as its base Binary digits (bits): 0 and 1 Binary digits (bits): 0 and 1 Byte Byte Group of 8 bits Group of 8 bits Can represent 2 8 = 256 different values Can represent 2 8 = 256 different values

62. UNIX and Linux Permissions UNIX and Linux File permissions are represented with bits UNIX and Linux File permissions are represented with bits 0 means removing the permission 0 means removing the permission 1 means granting the permission 1 means granting the permission 111 (rwx) means all permissions apply 111 (rwx) means all permissions apply

63. 63 Examples of Determining Binary Values Each position represents a power of 2 value Each position represents a power of 2 value Usually the bit on the right is the less significant bit Usually the bit on the right is the less significant bit Converting 1011 to decimal Converting 1011 to decimal 1 x 2 0 = 1 1 x 2 0 = 1 1 x 2 1 = 2 1 x 2 1 = 2 0 x 2 2 = 0 0 x 2 2 = 0 1 x 2 3 = 8 1 x 2 3 = 8 1 + 2 + 8 = 11 (decimal value) 1 + 2 + 8 = 11 (decimal value)

64. 64 Understanding Nibbles Half a byte or four bits Half a byte or four bits Helps with reading the number by separating the byte Helps with reading the number by separating the byte 1111 1010 1111 1010 Components Components High-order nibble (left side) High-order nibble (left side) Low-order nibble (right side) Low-order nibble (right side)

65. 65 Understanding Nibbles (continued) Converting 1010 1010 to decimal Converting 1010 1010 to decimal Low-order nibble Low-order nibble 1010 = 10 (base 10) 1010 = 10 (base 10) Multiply high-order nibble by 16 Multiply high-order nibble by 16 1010 = 10 x 16 = 160 (base 10) 1010 = 10 x 16 = 160 (base 10) 160 + 10 = 170 (base 10) 160 + 10 = 170 (base 10)

66. 66 Reviewing the Octal Numbering System Uses 8 as its base Uses 8 as its base Supports digits from 0 to 7 Supports digits from 0 to 7 Octal digits can be represented with three bits Octal digits can be represented with three bits Linux and Unix Permissions Linux and Unix Permissions Owner permissions (rwx) Owner permissions (rwx) Group permissions (rwx) Group permissions (rwx) Other permissions (rwx) Other permissions (rwx) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Owner Group Everyone Owner Group Everyone R – Read W – Write X – Execute

67. 67 Reviewing the Octal Numbering System Example Permissions on Linux and UNIX Example Permissions on Linux and UNIX Owner permissions (rwx) Owner permissions (rwx) Group permissions (r-x) Group permissions (r-x) Other permissions (--x) Other permissions (--x) Example: 111 101 001 Example: 111 101 001 Octal representation 751 Octal representation 751 Mac-mini:temp student$ ls -al test.txt -rwxr-x--x@ 1 student staff 29 Oct 25 12:32 test.txt Mac-mini:temp student$

68. 68 Reviewing the Octal Numbering System Mac-mini:temp student$ ls –al test*.txt -rwxr-x--x 1 student staff 29 Oct 25 12:32 test.txt -r-xr-x--- 1 student staff 29 Oct 25 12:32 test1.txt -rwxr-xr-- 1 student staff 29 Oct 25 12:32 test2.txt -rw-r--r-- 1 student staff 29 Oct 25 12:32 test3.txt Mac-mini:temp student$ Examples:

69. 69 Reviewing the Hexadecimal Numbering System Uses 16 as its base Uses 16 as its base Support numbers from 0 to 15 Support numbers from 0 to 15 Hex number consists of two characters Hex number consists of two characters Each character represents a nibble Each character represents a nibble Value contains alphabetic letters (A … F) Value contains alphabetic letters (A … F) A representing 10 and F representing 15 A representing 10 and F representing 15 Sometimes expressed with “0x” in front Sometimes expressed with “0x” in front

70. Warriors of the Net Network+ Movie Network+ Movie http://www.warriorsofthe.net/ http://www.warriorsofthe.net/

71. IP Addressing Consists of four bytes, like 172.16.122.204 Consists of four bytes, like 172.16.122.204 Two components Two components Network address Network address Host address Host address Neither portion may be all 1s or all 0s Neither portion may be all 1s or all 0s

72. IP Addressing Legacy Classes of IP Addresses Legacy Classes of IP Addresses Class A Class A Class B Class B Class C Class C Class D Class D http://en.wikipedia.org/wiki/Classful_network

73. IP Addressing (continued) Class A Class A First byte is reserved for network address First byte is reserved for network address Last three bytes are for host address Last three bytes are for host address Supports more than 16 million host computers Supports more than 16 million host computers Limited number of Class A networks Limited number of Class A networks Reserved for large corporations and governments Reserved for large corporations and governments Format: network.node.node.node Format: network.node.node.node https://en.wikipedia.org/wiki/List_of_assigned_/8 _IPv4_address_blocks https://en.wikipedia.org/wiki/List_of_assigned_/8 _IPv4_address_blocks

74. IP Addressing (continued) Class B Class B First two bytes are reserved for network address First two bytes are reserved for network address Last two bytes are for host address Last two bytes are for host address Supports more than 65,000 host computers Supports more than 65,000 host computers Assigned to large corporations and Internet Service Providers (ISPs) Assigned to large corporations and Internet Service Providers (ISPs) Format: network.network.node.node Format: network.network.node.node

75. IP Addressing (continued) Class C Class C First three bytes are reserved for network address First three bytes are reserved for network address Last byte is for host address Last byte is for host address Supports up to 254 host computers Supports up to 254 host computers Usually available for small business and home networks Usually available for small business and home networks Format: network.network.network.node Format: network.network.network.node

76. IP Addressing (continued) Class D Class D Address reserved for Multicast Traffic (one-to- many communication) Address reserved for Multicast Traffic (one-to- many communication) Commonly used for multimedia content delivery and routing protocols Commonly used for multimedia content delivery and routing protocols Address Range: 224.0.0.0 to239.255.255.255 Address Range: 224.0.0.0 to239.255.255.255

77. IP Addressing (continued) Subnetting Subnetting Each network can be assigned a subnet mask Each network can be assigned a subnet mask Helps identify the network address bits from the host address bits Helps identify the network address bits from the host address bits Class A uses a subnet mask of 255.0.0.0 Class A uses a subnet mask of 255.0.0.0 Also called /8 Also called /8 Class B uses a subnet mask of 255.255.0.0 Class B uses a subnet mask of 255.255.0.0 Also called /16 Also called /16 Class C uses a subnet mask of 255.255.255.0 Class C uses a subnet mask of 255.255.255.0 Also called /24 Also called /24

78. Planning IP Address Assignments Each network segment must have a unique network address Each network segment must have a unique network address Address cannot contain all 0s or all 1s Address cannot contain all 0s or all 1s To access computers on other networks To access computers on other networks Each computer needs IP address of gateway Each computer needs IP address of gateway

79. 79 Planning IP Address Assignments TCP/IP uses subnet mask to determine if the destination computer is on the same network or a different network TCP/IP uses subnet mask to determine if the destination computer is on the same network or a different network If destination is on a different network, it relays packet to gateway If destination is on a different network, it relays packet to gateway Gateway forwards packet to its next destination (routing) Gateway forwards packet to its next destination (routing) Packet eventually reaches destination Packet eventually reaches destination

80. Public and Private Addresses Public Addresses Public Addresses The majority of the addresses are public addresses. The majority of the addresses are public addresses. These addresses are designed to be used in the hosts that are publicly accessible from the Internet. These addresses are designed to be used in the hosts that are publicly accessible from the Internet.

81. Public and Private Addresses Private addresses Private addresses There are private blocks of addresses for internal use. There are private blocks of addresses for internal use. 10.0.0.0 to 10.255.255.255 (10.0.0.0 /8) 10.0.0.0 to 10.255.255.255 (10.0.0.0 /8) 172.16.0.0 to 172.31.255.255 (172.16.0.0 /12) 172.16.0.0 to 172.31.255.255 (172.16.0.0 /12) 192.168.0.0 to 192.168.255.255 (192.168.0.0 /16) 192.168.0.0 to 192.168.255.255 (192.168.0.0 /16) Hosts in different networks may use the same private addresses. Hosts in different networks may use the same private addresses. The hosts in the private networks use IP addresses that are unique within their networking environment. The hosts in the private networks use IP addresses that are unique within their networking environment. The router or firewall device at the perimeter of these private networks must block or translate these addresses. The router or firewall device at the perimeter of these private networks must block or translate these addresses.

82. Public and Private Addresses Network Address Translation (NAT) Network Address Translation (NAT) With services to translate private addresses to public addresses, hosts on a privately addressed network can have access to resources across the Internet. With services to translate private addresses to public addresses, hosts on a privately addressed network can have access to resources across the Internet. The NAT can be implemented at the edge of the private network. The NAT can be implemented at the edge of the private network. NAT allows the hosts in the network to "borrow" a public address for communicating to outside networks. NAT allows the hosts in the network to "borrow" a public address for communicating to outside networks.

83. Special IPv4 Addresses There are certain addresses that cannot be assigned to hosts. There are certain addresses that cannot be assigned to hosts. Loopback Loopback Network and Broadcast Network and Broadcast Default Routes Default Routes There are special addresses that can be assigned to hosts but with restrictions. There are special addresses that can be assigned to hosts but with restrictions.

84. Special IPv4 Addresses Loopback Loopback The loopback address 127.0.0.1. The loopback address 127.0.0.1. You can ping the loopback address to test the configuration of TCP/IP on the local host. You can ping the loopback address to test the configuration of TCP/IP on the local host. This also cover all addresses in 127.0.0.0 to 127.255.255.255. This also cover all addresses in 127.0.0.0 to 127.255.255.255.

85. Special IPv4 Addresses Network and Broadcast Addresses Network and Broadcast Addresses Within each network the first (network) address and last (broadcast) addresses cannot be assigned to hosts. Within each network the first (network) address and last (broadcast) addresses cannot be assigned to hosts.

86. Special IPv4 Addresses Default Route Default Route The default route as 0.0.0.0. The default route as 0.0.0.0. The default route is used when a specific route is not available. The default route is used when a specific route is not available. This also covers all addresses in the 0.0.0.0 - 0.255.255.255. This also covers all addresses in the 0.0.0.0 - 0.255.255.255.

87. Special IPv4 Addresses Link-Local Addresses (APIPA) Link-Local Addresses (APIPA) The address block 169.254.0.0 to 169.254.255.255 (169.254.0.0 /16) are designated as link-local addresses. The address block 169.254.0.0 to 169.254.255.255 (169.254.0.0 /16) are designated as link-local addresses. These might be used in a small peer-to-peer network or for a host that could not automatically obtain an address from a DHCP server. These might be used in a small peer-to-peer network or for a host that could not automatically obtain an address from a DHCP server. A host must not send a packet with link-local destination address to any router for forwarding. A host must not send a packet with link-local destination address to any router for forwarding.

88. Special IPv4 Addresses TEST-NET Addresses TEST-NET Addresses The address block 192.0.2.0 to 192.0.2.255 (192.0.2.0 /24) is set aside for teaching and learning purposes. The address block 192.0.2.0 to 192.0.2.255 (192.0.2.0 /24) is set aside for teaching and learning purposes. These addresses can be used in documentation and network examples. These addresses can be used in documentation and network examples. network devices will accept these addresses in their configurations. network devices will accept these addresses in their configurations. You may often find these addresses used with the domain names example.com or example.net in RFCs, vendor, and protocol documentation. You may often find these addresses used with the domain names example.com or example.net in RFCs, vendor, and protocol documentation. Addresses within this block should not appear on the Internet. Addresses within this block should not appear on the Internet.

89. IPv4 In-Class Exercises

90. Good Network 192.168.1.101 255.255.255.0 192.168.1.1 192.168.1.102 255.255.255.0 192.168.1.1 192.168.1.103 255.255.255.0 192.168.1.1 255.255.255.0 147.144.51.1 IP Address Subnet Mask Default Gateway Hub To the Internet A B CD Network: 192.168.1.0

91. Duplicate IP Address 192.168.1.101 255.255.255.0 192.168.1.1 192.168.1.101 255.255.255.0 192.168.1.1 192.168.1.103 255.255.255.0 192.168.1.1 255.255.255.0 147.144.51.1 IP Address Subnet Mask Default Gateway Hub To the Internet A B CD Network: 192.168.1.0

92. IP Address Outside Subnet 192.168.1.101 255.255.255.0 192.168.1.1 192.168.2.102 255.255.255.0 192.168.1.1 192.168.1.103 255.255.255.0 192.168.1.1 255.255.255.0 147.144.51.1 IP Address Subnet Mask Default Gateway Hub To the Internet A B CD Network: 192.168.1.0

93. Wrong Subnet Mask 192.168.1.101 255.255.255.0 192.168.1.1 192.168.1.130 255.255.255.128 192.168.1.1 192.168.1.103 255.255.255.0 192.168.1.1 255.255.255.0 147.144.51.1 IP Address Subnet Mask Default Gateway Hub To the Internet A B CD Network: 192.168.1.0

94. Wrong Subnet Mask 192.168.1.101 255.255.255.0 192.168.1.1 192.168.1.102 255.255.128.0 192.168.1.1 192.168.1.103 255.255.255.0 192.168.1.1 255.255.255.0 147.144.51.1 IP Address Subnet Mask Default Gateway Hub To the Internet A B CD Network: 192.168.1.0

95. Wrong Default Gateway 192.168.1.101 255.255.255.0 192.168.1.1 192.168.1.102 255.255.255.0 192.168.1.101 192.168.1.103 255.255.255.0 192.168.1.1 255.255.255.0 147.144.51.1 IP Address Subnet Mask Default Gateway Hub To the Internet A B CD Network: 192.168.1.0

96. IPv6 Exercise ISP 2001:DB8::/32 Site 2 IPv6 Internet 2000::/3 2001:DB8:0002::/48 2001:DB8:0001::/48 Site 1 Only Announces the /32 Prefix 2001:DB8:0001:0001::/64 2001:DB8:0001:0002::/64 2001:DB8:0002:0001::/64 2001:DB8:0002:0002::/64 What is wrong?

97. BREAK IPv6 Next!