computer security workshops
Download
Skip this Video
Download Presentation
Computer Security Workshops

Loading in 2 Seconds...

play fullscreen
1 / 21

Computer Security Workshops - PowerPoint PPT Presentation


  • 78 Views
  • Uploaded on

Computer Security Workshops. Networking 101. Reasons To Know Networking In Regard to Computer Security. To understand the flow of information on the Internet To understand the levels of activity in network traffic flow To understand the basis for vulnerabilities

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Computer Security Workshops' - howie


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
reasons to know networking in regard to computer security
Reasons To Know Networking In Regard to Computer Security
  • To understand the flow of information on the Internet
  • To understand the levels of activity in network traffic flow
  • To understand the basis for vulnerabilities
  • To understand the basis for security tools and how they work
base principle packet switching
Base Principle – Packet Switching
  • Messages broken up into packets
  • Packets are sent onto network, routed to destination, reassembled
  • Advantages (compared to circuit switching; e.g. traditional phones)
    • Better sharing of bandwidth
    • Greater overall efficiency
    • Allows more users, no greater delay
protocol layering
Protocol Layering
  • Protocol: a convention for communication between two agents (aka handshaking)
  • Motivation: Separation of functionality
    • Layers take care of particular task re: information
    • Offer services to next layer in protocol stack
    • Advantage: modularity
    • Disadvantages: possible overlap, redundancy of functionality
protocol data units
Protocol Data Units
  • Layer sends message by building a protocol data unit (PDU)
    • Take data from layer N, add additional information to meet needs of layer N-1
  • PDU handed to next lower layer
  • Lower layer now has responsibility for message
internet protocol stack
Internet Protocol Stack
  • Seven layers in Open Systems Interconnect (OSI) model
    • 7) Application
    • 6) Presentation
    • 5) Session
    • 4) Transport
    • 3) Network
    • 2) Data Link
    • 1) Physical
general layer functions
General Layer Functions
  • Segmentation / Reassembly
    • Breaking large message into standard size chunks
  • Error Control
    • How to detect or correct errors
  • Flow Control
    • Avoid overwhelming slower systems
  • Multiplexing
    • Sharing of lower-level connections
  • Connection setup
    • How to establish a virtual communication path
application layer 7
Application Layer (7)
  • Function: High-Level Application Systems and End-User Processes
  • Implemented in: Software
  • PDU: Message
  • Examples
    • ftp, http, smtp, telnet, …
presentation layer 6
Presentation Layer (6)
  • Function: Provides independence from differences in data representation by formatting and encrypting data
  • Implemented in Software
  • Examples: ASCII encoding, NFS, FTP file path/name translation
session layer 5
Session Layer (5)
  • Function: Establishes, manages and terminates connections between applications
  • Implemented in software
  • Examples: SSL, DNS, RPC
transport layer 4
Transport Layer (4)
  • Function/Service: Transport message from one system to another system
  • Implemented in: Software
  • PDU: Segment
  • Two methods
    • TCP (connection-oriented protocol)
    • UDP (connectionless protocol)
slide12
TCP
  • TCP=Transmission Control Protocol
  • Connection-Oriented Service
    • Guaranteed Delivery of Message
    • Flow Control
  • Breaks message into shorter segments
  • Advantage: More Control
  • Examples
    • http, ftp, smtp, telnet
slide13
UDP
  • UDP = User Datagram Protocol
  • Connection-less Service
    • No Guaranteed Delivery of Message
    • No Flow Control / Handshaking
    • No Overhead For Connection
  • Continuous Data Stream
  • Advantage: Faster
  • Disadvantage: Possible loss of information
  • Examples
    • Video, Voice (e.g. phone)
network layer 3
Network Layer (3)
  • Function/Service: Routing segments from host to host, through intermediate systems
    • Network Layer receives segment and destination address from Transport Layer
  • Implemented in: Hardware & Software
  • PDU: Datagram
  • Two major parts
    • IP Protocol: structure of datagram, how end systems (and routers) act on this information
    • Routing protocols: for transfer from source host to destination host
  • Examples: IP, IPX
data link layer 2
Data Link Layer (2)
  • Function/Service: Move a datagram from one node to the next in the route
  • Implemented in: Hardware
  • PDU: Frame
  • Examples:
    • Ethernet, Token Ring, FDDI, Gigabit Ethernet
physical layer 1
Physical Layer (1)
  • Function/Service: Routing physical bits from one network node to adjacent node
  • Implemented in: Hardware
  • PDU: Bits
  • Examples
    • Optical fiber, Twisted pair wire, Coaxial cable
    • Voltage levels, signaling
types of hardware software systems
Types of Hardware/Software Systems
  • End Systems / Hosts
    • Implement all layers
  • Routers/Packet Switches
    • Implement layers 1-3
    • Can implement IP protocol
  • Bridges
    • Implement layer 1-2
  • Hubs
    • Implement layer 1 only
    • Essentially repeaters
  • Firewalls
    • Packet filtering (operate at layer 3)
    • Application gateways (operate at layer 7)
internet addressing
Internet Addressing
  • 32-bit quantity that uniquely identifies internet host
  • Displayed www.xxx.yyy.zzz
  • Split into two parts: network and host
    • E.g. 198.23.168 network (198.23.168.0/24) has 256 possible hosts (last part 0-255)
  • Certain network segments reserved
    • Can be used for isolated private networks
    • 10.0.0.0 – 10.255.255.255; 172.16.0.0 – 172.31.255.255; 192.168.0.0 – 192.168.255.255
slide19
Port
  • Certain system process must respond to a particular application protocol (e.g. ftp, smtp)
  • Port is the “address” for application communication on system
    • E.g. Port 80 for http
    • E.g. Port 25 for smtp
    • E.g. Port 1521 for Oracle connections
  • Port List: http://www.iana.org/assignments/port-numbers
socket
Socket
  • Interface between the application layer and the transport layer
  • Acts as an API between application and network
  • Programmer only controls application side, plus a few transport level details
    • Transport protocol (TCP or UDP)
    • A few transport parameters (e.g. maximum buffer size)
additional information
Additional Information
  • Internet Engineering Task Force (IETF)
    • http://www.ietf.org
    • Primary documents: RFCs
      • IP: RFC 791
      • TCP: RFC 793
      • UDP: RFC 768
      • Internet Addressing: RFC 900
  • OSI Model and Information Security
    • http://www.giac.org/practical/GSEC/Damon_Reed_GSEC.pdf
ad