1. Computer Networks CSE 434 Fall 2009 Sandeep K. S. Gupta Arizona State University http://impact.asu.edu/cse434fa09.html http://impact.asu.edu Research Experience for Undergradautes (REU)

2. HW2 due today!

3. Any Internet Jokes? Seven things to do to when your ISP goes down – http://www.jokesandhumor.com 1. Dial 911 Immediately. 2. Open the curtains to see if anything has changed over the past 2 years. 3. You mean there's something else to do? 4. Threaten your ISP with an impeachment vote. 5. Work. 6. Re-introduce yourself to your immediate family. 7. Get that kidney transplant you've been putting off.

4. Magic of the Internet “My friend Nancy and I decided to introduce her elderly mother to the magic of the Internet. Our first move was to access the popular Ask Jeeves website, and we told her it could answer any question she had. Nancy's mother was very skeptical until Nancy said, "It's true, Mom.” Think of something to ask it." As I sat with fingers poised over the keyboard, Nancy's mother thought a minute, then responded, "How is Aunt Helen feeling?" -- http://www.basicjokes.com

5. Misunderstandings about the Internet 1. Customer: "I'd like to buy the Internet. Do you know how much it is?“ 2. Customer: "Can you copy the Internet for me on this diskette?" 3. Customer: "I would like an Internet please." 4. Customer: "I just got your Internet in the mail today..." 5. Customer: "I just downloaded the Internet. How do I use it?" 6. Customer: "I don't have a computer at home. Is the Internet available in book form?" 7. Customer: "Will the Internet be open on Memorial Day tomorrow?" 8. Customer: "The Internet is running too slow. Could you reboot it please?" 9. Customer: "We're going on holiday for three months, can you suspend the Internet for us please?" 10. Customer: "I lost my Internet. I switched it off last night and turned on this morning, and it's gone. I just paid $19.95 a month, and I have lost it already. Can you send me another one?" --http://www.basicjokes.com

6. Agenda  Summary of Last Class  Security Intro  Technology News – Routers, Optical Chip Breakthrough  Layering and Encapsulation Introduction 1-6

7. Recall – Last Class  Wireless and Mobile Networks  Enable Ubiquitous connectivity  Various types: Bluetooth (PAN), WiFi (LAN), WIMAX (WAN), Cellular (WAN)  Rule of Thumb: Link Bandwidth decreases as the link length increases.  Challenges – nature of the wireless link High loss rate Hidden terminal problem  Performance  Bottleneck link (bandwidth) – e2e throughtput = throughput of the bottleneck link.  In current Internet usually the “last mile” is the bottleneck

8. Network Security

9. Introduction 1-9 Network Security  The field of network security is about:  how bad guys can attack computer networks  how we can defend networks against attacks  how to design architectures (protocols) that are immune to attacks  Internet NOT originally designed with (much) security in mind  original vision: “a group of mutually trusting users attached to a transparent network”  Internet protocol designers playing “catch-up”  Security considerations in all layers!

10. Introduction 1-10 Bad guys can put malware into hosts via Internet  Malware can get in host from a virus, worm, or trojan horse.  Spyware malware can record keystrokes, web sites visited, upload info to collection site.  Infected host can be enrolled in a botnet, used for spam and DDoS attacks.  Malware is often self-replicating: from an infected host, seeks entry into other hosts

11. Introduction 1-11 Bad guys can put malware into hosts via Internet  Trojan horse  Hidden part of some otherwise useful software  Today often on a Web page (Active-X, plugin)  Virus  infection by receiving object (e.g., e-mail attachment), actively executing  self-replicating: propagate itself to other hosts, users  Worm:  infection by passively receiving object that gets itself executed  self- replicating: propagates to other hosts, users Sapphire Worm: aggregate scans/sec in first 5 minutes of outbreak (CAIDA, UWisc data)

12. Introduction 1-12 Bad guys can attack servers and network infrastructure  Denial of service (DoS): attackers make resources (server, bandwidth) unavailable to legitimate traffic by overwhelming resource with bogus traffic 1. select target 2. break into hosts around the network (see botnet) 3. send packets toward target from compromised hosts target

13. Introduction 1-13 The bad guys can sniff packets Packet sniffing:  broadcast media (shared Ethernet, wireless)  promiscuous network interface reads/records all packets (e.g., including passwords!) passing by A B C src:B dest:A payload  Wireshark software used for end-of-chapter labs is a (free) packet-sniffer

14. Introduction 1-14 The bad guys can use false source addresses  IP spoofing: send packet with false source address A B C src:B dest:A payload

15. Introduction 1-15 The bad guys can record and playback  record-and-playback : sniff sensitive info (e.g., password), and use later  password holder is that user from system point of view A B C src:B dest:A user: B; password: foo

16. Introduction 1-16 Network Security  more throughout this course  chapter 8: focus on security  cryptographic techniques: obvious uses and not so obvious uses

17. Technology News: Routing Faces Dramatic Changes (George Lawton, IEEE Computer, 42(9), pp15-17, http://doi.ieeecomputersociety.org/10.1109/MC.2009.297 ). http://doi.ieeecomputersociety.org/10.1109/MC.2009.297  “Business increasingly using  networked mission-critical, real-time applications such as telephony, which raise quality-of-service (QoS) concerns and  b/w hogging technologies e.g. peer-to-peer communications, which force providers to find ways to balance network usage.”  “Vendors [Cisco, Juniper, Vyatt etc] are adding functions to routers to improve network security and performance.”  Cisco is updating software on its edge routers to send packets on paths with reduced latency and jitter for voice and video transmissions.  Vyatt (biggest-selling commercial open source router company) is implementing intrusion detection, firewalls, application accelerators, voice gateways, and antispam and antimalware filters in routers.  VoIP growth -> session boarder controllers (SBC) for handling initiation, conduct and termination of VoIP sessions with higher performance.  Making routers easier for s/w updates by 3 rd party by opening router APIs.  Trend: Open-source x-86 based router infrastructure e.g. NewMedia- NET’s DD-WRT,linux based firmware suitable for multiple wireless-LAN routers; UC Berkeley’s and XORP’s (Extensible open router platform) extensible software suite and pfSense: a FreeBSD-based firewall and router. [flexibility versus performance trade-off due to use of GP x-86 paltform]

18. Technology News: Routing Faces Dramatic Changes (George Lawton, IEEE Computer, 42(9), pp15-17, http://doi.ieeecomputersociety.org/10.1109/MC.2009.297 ). (cont.) http://doi.ieeecomputersociety.org/10.1109/MC.2009.297  New Approaches:  Flow management: Cheap memory allows routers to store information about flows and make flow based routing decisions (instead of per-packet based)  Circuit-Switching of packets across circuits provided by optical or electronic virtual LANs Virtual LANs connect geographically dispersed nodes as if part of same LAN E.g. ESnet (US DOE’s Energy Science Network), Ineternet2, Europe’s GEANT (highspeed research and ed ent). DCN (Dynamic Circuit Network): provides on-demand, dedicated optical paths to switch data between endpoints Optical networking equipment is 1/5 th the cost of traditional networking equipment – because routers are not needed! Provides high-bandwidth between supercomputers (GRID).

19. Research Promises Terabit Networks (IEEE Computer, 42(9), p19)  Australian scientist have developed an optical chip – 1 terabits per sec, reduced cost and energy-consumption  All optical Photonic integrated circuit based - chalcogenide glass thermally deposited on silica  Optical TDM  640 Gbps without error (compared to Ethernet 10Gbps – 100 Gbps).

20. ONT OLT central office optical splitter ONT optical fiber optical fibers Internet Fiber to the Home  Optical links from central office to the home  Two competing optical technologies:  Passive Optical network (PON)  Active Optical Network (PAN)  Much higher Internet rates; fiber also carries television and phone services

21. Transmission: fiber optic links  Wonderful stuff!  lots of capacity  nearly error free  very little attenuation  hard to tap  A long thin strand of very pure glass From: An Engineering Approach to Computer Networks, S. Keshav. pp 17-18. Total internal reflection.

22. More on fibers  Three types  step index (multimode)  graded index (multimode)  single mode  Multimode  cheap  use LEDs (tuned to 1300 or 1550 nm)  short distances (up to a few kilometers)  Single mode (very fine core allowing only one mode of oscillation – reduced attenuation -> higher b/w)  expensive  use lasers (tuned to 1300 or 1550 nm)  long distances (up to hundreds of kilometers) From: An Engineering Approach to Computer Networks, S. Keshav. pp 17-18.

23. Introduction 1-23 Protocol “Layers” Networks are complex!  many “pieces”:  hosts  routers  links of various media  applications  protocols  hardware, software Question: Is there any hope of organizing structure of network? Or at least our discussion of networks?

24. Introduction 1-24 Organization of air travel  a series of steps ticket (purchase) baggage (check) gates (load) runway takeoff airplane routing ticket (complain) baggage (claim) gates (unload) runway landing airplane routing

25. Introduction 1-25 ticket (purchase) baggage (check) gates (load) runway (takeoff) airplane routing departure airport arrival airport intermediate air-traffic control centers airplane routing ticket (complain) baggage (claim gates (unload) runway (land) airplane routing ticket baggage gate takeoff/landing airplane routing Layering of airline functionality Layers: each layer implements a service  via its own internal-layer actions  relying on services provided by layer below

26. Introduction 1-26 Why layering? Dealing with complex systems:  explicit structure allows identification, relationship of complex system’s pieces  layered reference model for discussion  modularization eases maintenance, updating of system  change of implementation of layer’s service transparent to rest of system  e.g., change in gate procedure doesn’t affect rest of system  layering considered harmful?

27. Introduction 1-27 Internet protocol stack  application: supporting network applications  FTP, SMTP, HTTP  transport: process-process data transfer  TCP, UDP  network: routing of datagrams from source to destination  IP, routing protocols  link: data transfer between neighboring network elements  PPP, Ethernet  physical: bits “on the wire” application transport network link physical

28. Introduction 1-28 ISO/OSI reference model  presentation: allow applications to interpret meaning of data, e.g., encryption, compression, machine- specific conventions  session: synchronization, checkpointing, recovery of data exchange  Internet stack “missing” these layers!  these services, if needed, must be implemented in application  needed? application presentation session transport network link physical

29. Introduction 1-29 source application transport network link physical HtHt HnHn M segment HtHt datagram destination application transport network link physical HtHt HnHn HlHl M HtHt HnHn M HtHt M M network link physical link physical HtHt HnHn HlHl M HtHt HnHn M HtHt HnHn M HtHt HnHn HlHl M router switch Encapsulation message M HtHt M HnHn frame HtHt HnHn HlHl M HtHt HnHn HlHl M HtHt HnHn HlHl M

30. What’s Next?  Next Class: Chapter 2  Quiz on Chapter 1 – topics covered in class.  Reading:  Chapter 2 (Ross Kurose (R&K))