Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ethics, Privacy and Computer Forensics Chap 14 Network Basics For Digital Investigation.

Published byCecily Freeman Modified over 9 years ago

Similar presentations

Presentation on theme: "Ethics, Privacy and Computer Forensics Chap 14 Network Basics For Digital Investigation."— Presentation transcript:

1 Ethics, Privacy and Computer Forensics Chap 14 Network Basics For Digital Investigation

2 Overview of Networks Imagine a long long cord …. These are networks Imagine a long long cord …. These are networks Computer connected to a network is called host Computer connected to a network is called host NIC – network interface card is the primary interface with a network NIC – network interface card is the primary interface with a network Use hubs, routers, etc. to connect networks of computers Use hubs, routers, etc. to connect networks of computers Computers connected to the global internet use a protocol called TCP/IP Computers connected to the global internet use a protocol called TCP/IP Enable communication of dissimilar networks Enable communication of dissimilar networks Common language of network talk Common language of network talk An IP address is the address of a host on the network just like a phone number An IP address is the address of a host on the network just like a phone number

3 Overview of Networks Routers are highly susceptible to attacks because they are critical to communication Routers are highly susceptible to attacks because they are critical to communication Firewalls are security devices that block service and traffic destined to a certain port Firewalls are security devices that block service and traffic destined to a certain port Network services include Telnet and FTP Network services include Telnet and FTP Hosts have logs that details network transactions and their data and time Hosts have logs that details network transactions and their data and time

4 Network Technology Attached Resource Computer Network (ARCNET) Attached Resource Computer Network (ARCNET) Earliest network technology Earliest network technology Developed by Datapoint Corp in 1970’s Developed by Datapoint Corp in 1970’s Used active and passive hubs in the topology Used active and passive hubs in the topology Based on token scheme (proprietary) Based on token scheme (proprietary) Speeds from 2.5 Mbps (copper) to 20 Mbps (fiber) Speeds from 2.5 Mbps (copper) to 20 Mbps (fiber) Ethernet Ethernet Most popular and accepted technology for networking Most popular and accepted technology for networking Each computer has a NIC and it is connected to a central hub, switch or router Each computer has a NIC and it is connected to a central hub, switch or router Variable speeds Variable speeds Uses Carrier Sense Multiple Access with Collision Detection (CSMA/CD) Uses Carrier Sense Multiple Access with Collision Detection (CSMA/CD) Like people at a dinner party, when two start talking at the same time, both stop talking and then only one starts talking again Like people at a dinner party, when two start talking at the same time, both stop talking and then only one starts talking again

5 A typical ARCNET configuration. A typical ARCNET configuration.

6 Network Technology Fiber Distributed data Interface (FDDI) Fiber Distributed data Interface (FDDI) Encoding pulses of light Encoding pulses of light Expensive but fast Expensive but fast Data travel in only one direction Data travel in only one direction Developed in mid-1980’s Developed in mid-1980’s High Speed backbone connection between distributed LANs High Speed backbone connection between distributed LANs Dual Counter Rotating Rings: one primary, one secondary Dual Counter Rotating Rings: one primary, one secondary Attach up to 1000 workstations in both directions Attach up to 1000 workstations in both directions Multiple messages/tokens rotate at the same time Multiple messages/tokens rotate at the same time

7 Token Passing Token circulates on a Ring Topology Token circulates on a Ring Topology Sender acquires free token, attaches message and sends downstream Sender acquires free token, attaches message and sends downstream Receiver copies message and acknowledges same in busy token Receiver copies message and acknowledges same in busy token Original sender responsible for taking the message off the ring and sending a free token downstream Original sender responsible for taking the message off the ring and sending a free token downstream Deterministic performance Deterministic performance Good for factories Good for factories Can calculate maximum time to get to a unit Can calculate maximum time to get to a unit

8 An FDDI network with primary and secondary token rings. During normal conditions, only one of the rings is used and data travels in one direction. When a station or a cable segment fails, the traffic loops to form a closed ring, moving data in the opposite direction.

9 Network Technology Asynchronous Transfer Mode (ATM) Asynchronous Transfer Mode (ATM) Uses fiber optics and special equipment called ATM switches Uses fiber optics and special equipment called ATM switches Gigbts/sec communication rate Gigbts/sec communication rate Establishes a connection first Establishes a connection first ATM switch is connected to a large network ATM switch is connected to a large network Connection-oriented protocol (over virtual paths and/or channels) Connection-oriented protocol (over virtual paths and/or channels) Backbone Technology; switch-based; fiber based Backbone Technology; switch-based; fiber based

10 Wireless WLAN – uses RF technology WLAN – uses RF technology WAP – Wireless Access Point – connects to wired LAN; acts as a wireless hub WAP – Wireless Access Point – connects to wired LAN; acts as a wireless hub WLAN Adapters – wireless NICs with antennas WLAN Adapters – wireless NICs with antennas Wireless supports peer-to-peer without WAPs Wireless supports peer-to-peer without WAPs

11 IEEE 802.11g Speeds of 1-54 Mbps Speeds of 1-54 Mbps Uses the 2.4GHz band Uses the 2.4GHz band Is backwards compatible with IEEE 802.11b Is backwards compatible with IEEE 802.11b Ratified in June of 2003 Ratified in June of 2003

12 802.11 Wireless Security Issues Easy to “listen” for id and password Easy to “listen” for id and password Easy to mimic in order to gain access to the wired Network Easy to mimic in order to gain access to the wired Network Earliest Protection was WEP – Wired Equivalent Privacy – which was easy to crack Earliest Protection was WEP – Wired Equivalent Privacy – which was easy to crack

13 WPA Wi-Fi Protected Access Wi-Fi Protected Access Replacement for WEP Replacement for WEP WPA password initiates encryption WPA password initiates encryption Encryption key changes every packet Encryption key changes every packet Much harder to crack than WEP Much harder to crack than WEP Does not work in Ad Hoc Mode Does not work in Ad Hoc Mode

14 Bluetooth A wireless standard; short range A wireless standard; short range Used to connect network appliances, printers, … Used to connect network appliances, printers, … Low Power; max speed – 1Mbps over 30 foot area or less Low Power; max speed – 1Mbps over 30 foot area or less Operates in the 2.4GHz band and can interfere with 802.11b Operates in the 2.4GHz band and can interfere with 802.11b Connects devices point to point Connects devices point to point

15 A WLAN with two access points.

16 Wireless standards.

17 Multiple access points with overlapping coverage.

18 OSI Reference Model Provides useful way to describe and think about networking Provides useful way to describe and think about networking Breaks networking down into series of related tasks Breaks networking down into series of related tasks Each aspect is conceptualized as a layer Each aspect is conceptualized as a layer Each task can be handled separately Each task can be handled separately

19 The OSI Communications Reference Model OSI – Open Systems Interconnection Committee of ISO OSI – Open Systems Interconnection Committee of ISO Reference adopted in 1978 (took 6 yrs) Reference adopted in 1978 (took 6 yrs) Resulted in very little actual product (software) Resulted in very little actual product (software) Is THE standard for describing networks; the linqua franca of networking world wide Is THE standard for describing networks; the linqua franca of networking world wide

20 Understanding Layers Layering helps clarify process of networking Layering helps clarify process of networking Groups related tasks & requirements Groups related tasks & requirements OSI model provides theoretical frame of reference OSI model provides theoretical frame of reference Clarifies what networks are Clarifies what networks are Explains how they work Explains how they work

21 OSI Reference Model Structure Breaks networked communications into even layers: Breaks networked communications into even layers: Application Application Presentation Presentation Session Session Transport Transport Network Network Data Link Data Link Physical Physical

22 OSI Reference Model Structure Each layer responsible for different aspect of data exchange Each layer responsible for different aspect of data exchange Each layer puts electronic envelope around data as it sends it down layers or removes it as it travels up layers for delivery Each layer puts electronic envelope around data as it sends it down layers or removes it as it travels up layers for delivery Each layer of OSI model communicates and interacts with layers immediately above and below it Each layer of OSI model communicates and interacts with layers immediately above and below it

23 OSI Reference Model Structure Interface boundaries separate layers Interface boundaries separate layers Individual layer communicates only adjacent layers Individual layer communicates only adjacent layers “Peer layers” describes logical or virtual communication between same layer on both sending and receiving computers “Peer layers” describes logical or virtual communication between same layer on both sending and receiving computers

24 Relationships Among OSI Layers

25 OSI Reference Model Structure Date is broken into packets or PDUs as it moves down stack Date is broken into packets or PDUs as it moves down stack PDU stands for protocol data unit, packet data unit, or payload data unit PDU stands for protocol data unit, packet data unit, or payload data unit PDU is self-contained data structure from one layer to another PDU is self-contained data structure from one layer to another At sending end, each layer adds special formatting or addressing to PDU At sending end, each layer adds special formatting or addressing to PDU At receiving end, each layer reads packet and strips off information added by corresponding layer at sending end At receiving end, each layer reads packet and strips off information added by corresponding layer at sending end

26 Application Layer Layer 7 is top layer of OSI reference model Layer 7 is top layer of OSI reference model Provides general network access Provides general network access Includes set of interfaces for applications to access variety of networked services such as: Includes set of interfaces for applications to access variety of networked services such as: File transfer File transfer E-mail message handling E-mail message handling Database query processing Database query processing May also include error recovery May also include error recovery

27 Presentation Layer Layer 6 handles data formatting and protocol conversion Layer 6 handles data formatting and protocol conversion Converts outgoing data to generic networked format Converts outgoing data to generic networked format Does data encryption and decryption Does data encryption and decryption Handles character set issues and graphics commands Handles character set issues and graphics commands May include data compression May include data compression Includes redirector software that redirects service requests across network Includes redirector software that redirects service requests across network

28 Session Layer Layer 5 opens and closes sessions Layer 5 opens and closes sessions Performs data and message exchanges Performs data and message exchanges Monitors session identification and security Monitors session identification and security Performs name lookup and user login and logout Performs name lookup and user login and logout Provides synchronization services on both ends Provides synchronization services on both ends Determines which side transmits data, when, and for how long Determines which side transmits data, when, and for how long Transmits keep-alive messages to keep connection open during periods of inactivity Transmits keep-alive messages to keep connection open during periods of inactivity

29 Transport Layer Layer 4 conveys data from sender to receiver Layer 4 conveys data from sender to receiver Breaks long data payloads into chunks called segments Breaks long data payloads into chunks called segments Includes error checks Includes error checks Re-sequences chunks into original data on receipt Re-sequences chunks into original data on receipt Handles flow control Handles flow control

30 Network Layer Layer 3 addresses messages for delivery Layer 3 addresses messages for delivery Translates logical network address into physical MAC address Translates logical network address into physical MAC address Decides how to route transmissions Decides how to route transmissions Handles packet switching, data routing, and congestion control Handles packet switching, data routing, and congestion control Through fragmentation or segmentation, breaks data segments from Layer 4 into smaller data packets Through fragmentation or segmentation, breaks data segments from Layer 4 into smaller data packets Reassembles data packets on receiving end Reassembles data packets on receiving end

31 Data Link Layer Layer 2 creates data frames to send to Layer 1 Layer 2 creates data frames to send to Layer 1 On receiving side, takes raw data from Layer 1 and packages into data frames On receiving side, takes raw data from Layer 1 and packages into data frames Data frame is basic unit for network traffic on the wire Data frame is basic unit for network traffic on the wire See next slide for contents of typical data frame See next slide for contents of typical data frame Performs Cyclic Redundancy Check (CRC) to verify data integrity Performs Cyclic Redundancy Check (CRC) to verify data integrity Detects errors and discards frames containing errors Detects errors and discards frames containing errors

32 Data Frame

33 Physical Layer Layer 1 converts bits into signals for outgoing messages and signals into bits for incoming messages Layer 1 converts bits into signals for outgoing messages and signals into bits for incoming messages Manages computer’s interface to medium Manages computer’s interface to medium Instructs driver software and network interface to send data across medium Instructs driver software and network interface to send data across medium Sets timing and interpretation of signals across medium Sets timing and interpretation of signals across medium Translates and screens incoming data for delivery to receiving computer Translates and screens incoming data for delivery to receiving computer

34 Actions of Each layer of OSI Reference Model

35 OSI in Summary The Reference Model breaks the communication process into seven distinct and independent layers The Reference Model breaks the communication process into seven distinct and independent layers Each layer’s functionality is well defined as is its interface with surrounding layers and peer layers Each layer’s functionality is well defined as is its interface with surrounding layers and peer layers Lower layers service upper layers in sequence Lower layers service upper layers in sequence

36 Network interconnection hardware operates at various layers of the OSI model.

Download ppt "Ethics, Privacy and Computer Forensics Chap 14 Network Basics For Digital Investigation."

Similar presentations

OSI Model OSI MODEL.

OSI Model OSI MODEL.
Chapter 7 Data Link Layer

Chapter 7 Data Link Layer
LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.

LANs and WANs. 2 Chapter Contents Section A: Network Building Blocks Section B: Wired Networks Section C: Wireless Networks Section D: Using LANs Section.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Communicating over the Network Network Fundamentals – Chapter 2.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Communicating over the Network Network Fundamentals – Chapter 2.
1 Chapter 9 Computer Networks. 2 Chapter Topics OSI network layers Network Topology Media access control Addressing and routing Network hardware Network.

1 Chapter 9 Computer Networks. 2 Chapter Topics OSI network layers Network Topology Media access control Addressing and routing Network hardware Network.
Department of Computer Engineering University of California at Santa Cruz Networking Systems (1) Hai Tao.

Department of Computer Engineering University of California at Santa Cruz Networking Systems (1) Hai Tao.
OSI Model.

OSI Model.
04/26/2004CSCI 315 Operating Systems Design1 Computer Networks.

04/26/2004CSCI 315 Operating Systems Design1 Computer Networks.
Data Communications Architecture Models. What is a Protocol? For two entities to communicate successfully, they must “speak the same language”. What is.

Data Communications Architecture Models. What is a Protocol? For two entities to communicate successfully, they must “speak the same language”. What is.
11 CHAPTER ONE Introducing Networks. Objectives Identify and describe the functions of each of the seven layers of the OSI reference model Identify the.

11 CHAPTER ONE Introducing Networks. Objectives Identify and describe the functions of each of the seven layers of the OSI reference model Identify the.
Network Reference Model. 2004/05Network reference models2 Learning Objectives Understand and explain the OSI reference model Understand and explain the.

Network Reference Model. 2004/05Network reference models2 Learning Objectives Understand and explain the OSI reference model Understand and explain the.
Review on Networking Technologies Linda Wu (CMPT 471 2003-3)

Review on Networking Technologies Linda Wu (CMPT )
OSI Model 7 Layers 7. Application Layer 6. Presentation Layer

OSI Model 7 Layers 7. Application Layer 6. Presentation Layer
Chapter 2 Network Models.

Chapter 2 Network Models.
Protocol Reference Model of OSI

Protocol Reference Model of OSI
COMPUTER NETWORKS.

COMPUTER NETWORKS.
 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.

 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.
Lecturer: Tamanna Haque Nipa

Lecturer: Tamanna Haque Nipa
1 Computer Networks Course: CIS 3003 Fundamental of Information Technology.

1 Computer Networks Course: CIS 3003 Fundamental of Information Technology.
THE OSI REFERENCE MODEL Open Systems Interconnection Reference Model.

THE OSI REFERENCE MODEL Open Systems Interconnection Reference Model.

Similar presentations

Ads by Google