Networking_Refresher.ppt

“Almost” everything you need to know about networking!

Mahdi Nasereddin

Before we start

Information Security Development Conference 2006David Rowan, Senior Vice President and Director of

Enterprise Technology Risk Management, Sun Trust Banks, Inc.

• “Policy is Corporate Law” – reviewed by 75 people• HR Enforcement of Security Policy• “No Assumption of Privacy”• 50% of security problems are internal!!• Passwords

Update on Information Security Development Conference 2006 (Cont.)David Rowan, Senior Vice President and Director of

Enterprise Technology Risk Management, Sun Trust Banks, Inc.

• Risk choices:– Accept it

– Mitigate it

– Insurance

– Avoid it

• “Certifications will get you interviewed,Character and skill will get you hiredLeadership will get you promoted”

• Phishing sites (7 sites/day, 2 hrs/site to bring it down)

Update on Information Security Development Conference 2006 (Cont.)

PasswordsA lot of research in this area Interesting site (Passfaces)

The Basics

Hub? Switches?

Collision Domains? Routers?

Broadcast Domains?

Networking Basics

Internetworking ModelsThe OSI model

• IMPORTANT: Reference Model• “A Reference Model is a conceptual blueprint of how

communications should take place”• Created by ISO (International Organization for

Standardization) in the 1970s to allow computer systems made by different vendors to communicate with each other

Open Systems Interconnection (OSI)

7. Application

6. Presentation

5. Session

4. Transport

3. Network

2. Data Link

1. Physical

• Provides user interface• Initiates services• Transfer data into standard format

before transmission

• Keeps data different applications’ data separate

• Control the data exchange

• Error Correction• Reliable or unreliable delivery

• Logical addressing for data packets

• Routing is performed in this layer

• Moves bits between devices• Specifies voltages, cables, and

cables

• NIC software function• How data in packaged• Error detection “Not Correction”

Wit

hin

the e

nd

Sta

tion

s End

to e

nd t

ransm

issi

on

Advantages of using the OSI model

Allows multiple-vendor development through standardization

Prevents changes in one layer from affecting other layers

Data Encapsulation

TCP/IP “DoD Model”

Process/Application Layer Protocols

Telnet “Virtual terminal” File Transfer Protocol “FTP” Trivial File Transfer Protocol “TFTP” Network File System “NFS” Simple Mail Transfer Protocol “SMTP” Line Printer Daemon “LPD” X Windows Simple Network Management Protocol “SNMP” Domain Name Service “DNS” Dynamic Host Configuration Protocol “DHCP”

The Transport Layer “Host to Host”

Layer 4 of the OSI model It segments and reassemble data into a data

stream Examples of transport layer protocols:

TCPUDP

Transport Layer Concepts

Flow Control Data integrity is ensured by maintaining flow control Flow control prevents the sender from overflowing

the receiver. Flow control is established using

1. Connection oriented communication

2. Windowing

3. Acknowledgements

Connection-Oriented Communication

Please stop!! My buffer is full!!

Windowing

Transport Layer Protocols

Transmission Control Protocol “TCP”

ACK, SYN, RESET, PUSH, URG, and FIN “See Page 31”

Transport Layer Protocols

User Datagram Protocol “UDP”

TCP versus UDP

TCP UDP

Sequenced Not sequenced

Reliable Not reliable

Connection Oriented Connectionless

Virtual circuit Low overhead

Three-way handshake No acknowledgement

Windowing flow control No flow control

Active participant(client)

Passive participant(server)

SYN, SequenceNum = x

SYN + ACK, SequenceNum = y,

ACK, Acknowledgment = y + 1

Acknowledgment = x + 1

3 way handshake

Port Numbers

Used by TCP and UDP to communicate with upper layers keep track if different conversations crossing the network simultaneously

Sender port number start at 1024

Port Numbers to remember

Port Application

21 ftp

23 telnet

53 DNS

69 TFTP

110 POP3

80 HTTP

The Network Layer “Internet”

Layer 3 of the OSI model, which handles data routing and addressing.

The network layer keeps track of the network devices and determines the best way to move data.

It uses IP or IPX address

IP Addressing

IP address x.x.x.x Net Mask

The Network Layer

Routing Table Network Addresses Interface Metric

Packets used in the network layer Data packets

• Routed protocols (examples: IP and IPX)

Route updates• Routing protocols (examples: OSPF, and RIP)

Routing

IP Routing is the process of moving packets from one network to another network.

To be able to route packets a router needs to know “at least” the following: Destination address Neighborhood routers Possible routes to all remote networks Best route to each remote network How to maintain and verify routing information

Routing

Static versus Dynamic Routing

Static routing: The administrator has to enter the routing table MANUALLY!

Dynamic routing: routers update each others routing tables automatically

More About Routing

Routers by default will not forward any broadcast or multicast packets

Routers use the logical address in the network layer header to determine where to send the packet

Routers can use access lists

Internet Layer Protocols

Internet Protocol “IP” Internet Control Message Protocol “ICMP” Address Resolution Protocol “ARP” Reverse Address Resolution Protocol “RARP” DHCP “Dynamic Host Configuration Protocol”

Internet Protocol

Protocol Numbers

Protocol Protocol Number

ICMP 1

IGRP 9

IPv6 41

GRE 47

TCP 6

UDP 17

ARP

A machine has an IP but does not know the MAC Address

A table is maintained for IP to MAC translation A translation is removed after 15 minutes if no

update Broadcast is used

DHCP

Automatically assigns IP addresses

ICMP

Error reporting Examples

Host unreachable ICMP-Redirect

The Data Link Layer “Network Access”

Layer 2 of the OSI model that is responsible for data transfer across a single physical connection (or series of bridged connections, between two Network entities).

It also handles error notification. It uses the hardware address

Data Link Layers

The data link layer has 2 sublayers1. Media Access Control (MAC) 802.3:

– Defines how packets are placed on the media.

– Physical addressing is defined here.

2. Logical Link Control (LLC) 802.2:– This layer is responsible for identifying the network protocols,

and then encapsulating them

Switches are at the Data link layer. Why?

The Physical Layer “Network Access”

Layer 1 of the OSI model which concerns the mechanical, electrical and functional aspects of connections in a communications medium.

Hubs are at the Physical layer.

NAT and PAT?

Network Address Translation Port Address Translation