Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Science and Engineering Computer System Security CSE 5339/7339 Session 24 November 11, 2004.

Published byErnest Bruno Collins Modified over 9 years ago

Similar presentations

Presentation on theme: "Computer Science and Engineering Computer System Security CSE 5339/7339 Session 24 November 11, 2004."— Presentation transcript:

1 Computer Science and Engineering Computer System Security CSE 5339/7339 Session 24 November 11, 2004

2 Computer Science and Engineering Contents  Network Basics (cont.)  Group Work  Security in Networks  Group Work  Allison’s presentation

3 Computer Science and Engineering Computer Network Basics  Wide Area Networks (WAN)  Metropolitan Area Network (MAN)  Local Area Network (LAN)  System or Storage Area Network (SAN)

4 Computer Science and Engineering Routing Schemes  Connection-oriented The entire message follows the same path from source to destination.  Connectionless A message is divided into packets. Packets may take different routes from source to destination Serial number

5 Computer Science and Engineering Network Performance  Gilder’s Law George Gilder projected that the total bandwidth of communication systems triples every twelve months. Ethernet: 10Mbps  10Gbps (1000 times) CPU clock frequency: 25MHz  2.5GHz (100 times)  Metcalfe's Law Robert Metcalfe projected that the value of a network is proportional to the square of the number of nodes Internet

6 Computer Science and Engineering Internet Internet is the collection of networks and routers that form a single cooperative virtual network, which spans the entire globe. The Internet relies on the combination of the Transmission Control Protocol and the Internet Protocol or TCP/IP. The majority of Internet traffic is carried using TCP/IP packets.

7 Computer Science and Engineering Country Internet Users Latest Data Population ( 2004 Est. ) % of Population United States209,518,183294,540,10071.1 % China79,500,0001,327,976,2276.0 % Japan63,884,205127,944,20049.9 % Germany45,315,16682,633,20054.8 % United Kingdom35,089,47059,157,40059.3 % South Korea29,220,00047,135,50062.0 % France22,534,96759,494,80037.9 % Brazil20,551,168183,199,60011.2 % Italy19,900,00056,153,70035.4 % Canada16,841,81132,026,60052.6 %

8 Computer Science and Engineering ISO OSI Network Model Application Presentation Session Transport Network Data Link Physical Application Presentation Session Transport Network Data Link Physical LAN Internet

9 Computer Science and Engineering Group Work (Simple example) Show how a message is sent from point A to point B on a network through the seven layers. You might want to look at the example on page 375.

10 Computer Science and Engineering Mail ftp Telnet Transmission Control Protocol (TCP) Internet Protocol (IP) Ethernet Token ring TCP/IP

11 Computer Science and Engineering TCP/IP Packets Physical Header IP Header TCP Header message

12 Computer Science and Engineering Addressing  MAC (Media Access Control) address Every host connected to a network has a network interface card (NIC) with a unique physical address.  IP address IPv4  32 bits (129.16.48.6) IPv6  128 bits

13 Computer Science and Engineering Routing  Routers  Routing Tables  Example

14 Computer Science and Engineering IP Protocol  Unreliable packet delivery service  Datagram (IPv4) Service TypeVERSHLENTOTAL LENGTH IDENTIFICATIONFLAGSFRAGMENT OFFSET TIME TO LIVEPROTOCOLHEADER CHECKSUM SOURCE ADDRESS DESTINATION ADDRESS PADDINGOPTIONS (IF ANY) DATA

15 Computer Science and Engineering Group Work Discuss possible attacks

16 Computer Science and Engineering Attacks  IP Spoofing  Teardrop attacks

17 Computer Science and Engineering ICMP (Internet Control Message Protocol)  Transmit error messages and unusual situations  Different types of ICMP have slightly different format TypeCodeCHECKSUM Unused (must be zero) DATA: Header and 1 st 64 bits of offending datagram ICMP time-exceeded message

18 Computer Science and Engineering ICMP (Echo request/reply)  Transmit error messages and unusual situations  Different types of ICMP have slightly different format TypeCodeCHECKSUM Sequence number DATA (optional) ICMP Echo Request/Reply Message Identifier

19 Computer Science and Engineering Ping of Death Attack  Denial of service attack (1 st in 1996)  Some systems did not handle oversized IP datagrams properly  An attacker construct an ICMP echo request containing 65,510 data octets and send it to victim  The total size of the resulting datagram would be larger than the 65.535 octet limit specified by IP  System would crash

20 Computer Science and Engineering SMURF  Attacker send echo request message to broadcast address  Attacker also spoofs source address in the request Intermediary Attacker Victim

21 Computer Science and Engineering UDP (User Datagram Protocol) CHECKSUM (optional) DATA LENGTH DESTINATION PORTSOURCE PORT  From one application to another (multiple destinations)  Port  positive integer (unique destination)

22 Computer Science and Engineering Group Work Discuss possible attacks

23 Computer Science and Engineering TCP CODE BITSHLENRESVWINDOW URGENT POINTER SEQUENCE NUMBER PADDINGOPTIONS (IF ANY) DATA CHECKSUM DESTINATION PORTSOURCE PORT Acknowledgment  Reliable delivery  TCP messages are sent inside IP datagrams

24 Computer Science and Engineering Group Work Discuss possible attacks

25 Computer Science and Engineering Wired Backbone with Mobile nodes Fixed Communication Network Fixed Host Fixed host Fixed Host Base Station Wired Backbone Mobile Host

26 Computer Science and Engineering Wireless Multi-hop Backbone Mobile Host

27 Computer Science and Engineering Hybrid backbone Fixed Communication Network Fixed Host Fixed host Fixed Host Base Station Wired Backbone Mobile Host Wireless Multi-hop Backbone Mobile Host Hybrid Backbone Mobile Host

28 Computer Science and Engineering Mobile IP (Cont.) Arbitrary Topology of Routers and Links Home Agent Mobile Host at Home Foreign Agent Mobile Host visiting A foreign subnet Home subnet Foreign subnet

Download ppt "Computer Science and Engineering Computer System Security CSE 5339/7339 Session 24 November 11, 2004."

Similar presentations

Introduction to TCP/IP

Introduction to TCP/IP
Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.

Network and Application Attacks Contributed by- Chandra Prakash Suryawanshi CISSP, CEH, SANS-GSEC, CISA, ISO 27001LI, BS 25999LA, ERM (ISB) June 2006.
CISCO NETWORKING ACADEMY Chabot College ELEC 99.05 Transport Layer (4)

CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)
ISO/OSI Model Layers Application: applications that use the network. This is were mail, browsers, ftp, etc reside Presentation: data formats, character.

ISO/OSI Model Layers Application: applications that use the network. This is were mail, browsers, ftp, etc reside Presentation: data formats, character.
IP Protocol - Introduction Dr. Farid Farahmand. Introduction TDM transport networks are not sufficient for data communications Low utilization TDM networks.

IP Protocol - Introduction Dr. Farid Farahmand. Introduction TDM transport networks are not sufficient for data communications Low utilization TDM networks.
Department of Computer Engineering University of California at Santa Cruz Networking Systems (1) Hai Tao.

Department of Computer Engineering University of California at Santa Cruz Networking Systems (1) Hai Tao.
Networking Theory (Part 1). Introduction Overview of the basic concepts of networking Also discusses essential topics of networking theory.

Networking Theory (Part 1). Introduction Overview of the basic concepts of networking Also discusses essential topics of networking theory.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Introduction To Networking

Introduction To Networking
04/26/2004CSCI 315 Operating Systems Design1 Computer Networks.

04/26/2004CSCI 315 Operating Systems Design1 Computer Networks.
Review on Networking Technologies Linda Wu (CMPT 471 2003-3)

Review on Networking Technologies Linda Wu (CMPT )
OSI Model 7 Layers 7. Application Layer 6. Presentation Layer

OSI Model 7 Layers 7. Application Layer 6. Presentation Layer
Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.

Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.
COMPUTER NETWORKS.

COMPUTER NETWORKS.
CS 356 Systems Security Spring 2015 Dr. Indrajit Ray

CS 356 Systems Security Spring Dr. Indrajit Ray
NETWORKING CONCEPTS. TCP/IP The TCPIIP protocol suite was developed prior to the OSI model TCP/IP protocol suite was defined as having four layers: Host-to-network,

NETWORKING CONCEPTS. TCP/IP The TCPIIP protocol suite was developed prior to the OSI model TCP/IP protocol suite was defined as having four layers: Host-to-network,
1.  A protocol is a set of rules that governs the communications between computers on a network.  Functions of protocols:  Addressing  Data Packet.

1.  A protocol is a set of rules that governs the communications between computers on a network.  Functions of protocols:  Addressing  Data Packet.
The Network Layer. Network Projects Must utilize sockets programming –Client and Server –Any platform Please submit one page proposal Can work individually.

The Network Layer. Network Projects Must utilize sockets programming –Client and Server –Any platform Please submit one page proposal Can work individually.
Network Protocols.

Network Protocols.
Page 19/13/2015 Chapter 8 Some conditions that must be met for host to host communication over an internetwork: a default gateway must be properly configured.

Page 19/13/2015 Chapter 8 Some conditions that must be met for host to host communication over an internetwork: a default gateway must be properly configured.

Similar presentations

Ads by Google