1 / 36

Ethics, Privacy and Computer Forensics

Ethics, Privacy and Computer Forensics. Chap 14 Network Basics For Digital Investigation. Overview of Networks. Imagine a long long cord …. These are networks Computer connected to a network is called host NIC – network interface card is the primary interface with a network

tauret
Download Presentation

Ethics, Privacy and Computer Forensics

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Ethics, Privacy and Computer Forensics Chap 14 Network Basics For Digital Investigation

  2. Overview of Networks • Imagine a long long cord …. These are networks • Computer connected to a network is called host • NIC – network interface card is the primary interface with a network • Use hubs, routers, etc. to connect networks of computers • Computers connected to the global internet use a protocol called TCP/IP • Enable communication of dissimilar networks • Common language of network talk • An IP address is the address of a host on the network just like a phone number

  3. Overview of Networks • Routers are highly susceptible to attacks because they are critical to communication • Firewalls are security devices that block service and traffic destined to a certain port • Network services include Telnet and FTP • Hosts have logs that details network transactions and their data and time

  4. Network Technology • Attached Resource Computer Network (ARCNET) • Earliest network technology • Developed by Datapoint Corp in 1970’s • Used active and passive hubs in the topology • Based on token scheme (proprietary) • Speeds from 2.5 Mbps (copper) to 20 Mbps (fiber) • Ethernet • Most popular and accepted technology for networking • Each computer has a NIC and it is connected to a central hub, switch or router • Variable speeds • Uses Carrier Sense Multiple Access with Collision Detection (CSMA/CD) • Like people at a dinner party, when two start talking at the same time, both stop talking and then only one starts talking again

  5. A typical ARCNET configuration.

  6. Network Technology • Fiber Distributed data Interface (FDDI) • Encoding pulses of light • Expensive but fast • Data travel in only one direction • Developed in mid-1980’s • High Speed backbone connection between distributed LANs • Dual Counter Rotating Rings: one primary, one secondary • Attach up to 1000 workstations in both directions • Multiple messages/tokens rotate at the same time

  7. Token Passing • Token circulates on a Ring Topology • Sender acquires free token, attaches message and sends downstream • Receiver copies message and acknowledges same in busy token • Original sender responsible for taking the message off the ring and sending a free token downstream • Deterministic performance • Good for factories • Can calculate maximum time to get to a unit

  8. An FDDI network with primary and secondary token rings. During normal conditions, only one of the rings is used and data travels in one direction. When a station or a cable segment fails, the traffic loops to form a closed ring, moving data in the opposite direction.

  9. Network Technology • Asynchronous Transfer Mode (ATM) • Uses fiber optics and special equipment called ATM switches • Gigbts/sec communication rate • Establishes a connection first • ATM switch is connected to a large network • Connection-oriented protocol (over virtual paths and/or channels) • Backbone Technology; switch-based; fiber based

  10. Wireless • WLAN – uses RF technology • WAP – Wireless Access Point – connects to wired LAN; acts as a wireless hub • WLAN Adapters – wireless NICs with antennas • Wireless supports peer-to-peer without WAPs

  11. IEEE 802.11g • Speeds of 1-54 Mbps • Uses the 2.4GHz band • Is backwards compatible with IEEE 802.11b • Ratified in June of 2003

  12. 802.11 Wireless Security Issues • Easy to “listen” for id and password • Easy to mimic in order to gain access to the wired Network • Earliest Protection was WEP – Wired Equivalent Privacy – which was easy to crack

  13. WPA • Wi-Fi Protected Access • Replacement for WEP • WPA password initiates encryption • Encryption key changes every packet • Much harder to crack than WEP • Does not work in Ad Hoc Mode

  14. Bluetooth • A wireless standard; short range • Used to connect network appliances, printers, … • Low Power; max speed – 1Mbps over 30 foot area or less • Operates in the 2.4GHz band and can interfere with 802.11b • Connects devices point to point

  15. A WLAN with two access points.

  16. Wireless standards.

  17. Multiple access points with overlapping coverage.

  18. OSI Reference Model • Provides useful way to describe and think about networking • Breaks networking down into series of related tasks • Each aspect is conceptualized as a layer • Each task can be handled separately

  19. The OSI Communications Reference Model • OSI – Open Systems Interconnection Committee of ISO • Reference adopted in 1978 (took 6 yrs) • Resulted in very little actual product (software) • Is THE standard for describing networks; the linqua franca of networking world wide

  20. Understanding Layers • Layering helps clarify process of networking • Groups related tasks & requirements • OSI model provides theoretical frame of reference • Clarifies what networks are • Explains how they work

  21. OSI Reference Model Structure • Breaks networked communications into even layers: • Application • Presentation • Session • Transport • Network • Data Link • Physical

  22. OSI Reference Model Structure • Each layer responsible for different aspect of data exchange • Each layer puts electronic envelope around data as it sends it down layers or removes it as it travels up layers for delivery • Each layer of OSI model communicates and interacts with layers immediately above and below it

  23. OSI Reference Model Structure • Interface boundaries separate layers • Individual layer communicates only adjacent layers • “Peer layers” describes logical or virtual communication between same layer on both sending and receiving computers

  24. Relationships Among OSI Layers

  25. OSI Reference Model Structure • Date is broken into packets or PDUs as it moves down stack • PDU stands for protocol data unit, packet data unit, or payload data unit • PDU is self-contained data structure from one layer to another • At sending end, each layer adds special formatting or addressing to PDU • At receiving end, each layer reads packet and strips off information added by corresponding layer at sending end

  26. Application Layer • Layer 7 is top layer of OSI reference model • Provides general network access • Includes set of interfaces for applications to access variety of networked services such as: • File transfer • E-mail message handling • Database query processing • May also include error recovery

  27. Presentation Layer • Layer 6 handles data formatting and protocol conversion • Converts outgoing data to generic networked format • Does data encryption and decryption • Handles character set issues and graphics commands • May include data compression • Includes redirector software that redirects service requests across network

  28. Session Layer • Layer 5 opens and closes sessions • Performs data and message exchanges • Monitors session identification and security • Performs name lookup and user login and logout • Provides synchronization services on both ends • Determines which side transmits data, when, and for how long • Transmits keep-alive messages to keep connection open during periods of inactivity

  29. Transport Layer • Layer 4 conveys data from sender to receiver • Breaks long data payloads into chunks called segments • Includes error checks • Re-sequences chunks into original data on receipt • Handles flow control

  30. Network Layer • Layer 3 addresses messages for delivery • Translates logical network address into physical MAC address • Decides how to route transmissions • Handles packet switching, data routing, and congestion control • Through fragmentation or segmentation, breaks data segments from Layer 4 into smaller data packets • Reassembles data packets on receiving end

  31. Data Link Layer • Layer 2 creates data frames to send to Layer 1 • On receiving side, takes raw data from Layer 1 and packages into data frames • Data frame is basic unit for network traffic on the wire • See next slide for contents of typical data frame • Performs Cyclic Redundancy Check (CRC) to verify data integrity • Detects errors and discards frames containing errors

  32. Data Frame

  33. Physical Layer • Layer 1 converts bits into signals for outgoing messages and signals into bits for incoming messages • Manages computer’s interface to medium • Instructs driver software and network interface to send data across medium • Sets timing and interpretation of signals across medium • Translates and screens incoming data for delivery to receiving computer

  34. Actions of Each layer of OSI Reference Model

  35. OSI in Summary • The Reference Model breaks the communication process into seven distinct and independent layers • Each layer’s functionality is well defined as is its interface with surrounding layers and peer layers • Lower layers service upper layers in sequence

  36. Network interconnection hardware operates at various layers of the OSI model.

More Related