itp 457 network security
Download
Skip this Video
Download Presentation
ITP 457 Network Security

Loading in 2 Seconds...

play fullscreen
1 / 23

ITP 457 Network Security - PowerPoint PPT Presentation


  • 184 Views
  • Uploaded on

ITP 457 Network Security Networking Technologies III IP, Subnets & NAT Internet Protocol( IP) IP handles end-to-end delivery Most commonly used network layer protocol All traffic on the internet uses IP Internet Protocol ( IP)

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'ITP 457 Network Security' - andrew


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
itp 457 network security

ITP 457Network Security

Networking Technologies III

IP, Subnets & NAT

internet protocol ip
Internet Protocol( IP)
  • IP handles end-to-end delivery
  • Most commonly used network layer protocol
  • All traffic on the internet uses IP
internet protocol ip3
Internet Protocol ( IP)
  • Upon receiving packet from Transport layer, IP layer generates a header
  • Header includes : source and destination IP addresses
  • Header is added to front of TCP packet to create a resulting IP packet.
  • Purpose of IP is to carry packets end to end across a network.
ip header
IP header

Source IP address

Destination IP address

Data

ip addresses
IP addresses
  • Identify each individual machine on the internet
  • 32 bits in length
  • Hackers attempt to determine all IP address in use on a target network – “network mapping”
  • Hackers generate bogus packets appearing to come from a given IP address – “IP address spoofing”
ip addresses in depth
IP Addresses in depth
  • 32 bits, with 8 bit groupings
    • E.x: 192.168.0.1
    • Each number between the dots can be between 0 and 255
    • 4 billion combinations
      • Not really
      • Allocated in groups called address blocks
        • 3 sizes, based on the class of the address
        • Class A, Class B, and Class C
class a addresses
Class A Addresses
  • Giant organizations
  • There are no more available
  • All IP addresses are of the form:

0 – 126.x.x.x

x can be between 0 and 255

  • The first octet is assigned to the owner, with the rest being freely distributable to the nodes
  • Has a 24 bit address space
  • Uses up to half of the total IP addresses available!!!
  • Who owns these???
    • Internet Service Providers
    • Large internet companies
      • Google, CNN, WB
class b addresses
Class B Addresses
  • Large Campuses or Organizations
    • Example: Colleges, including USC
  • These are running out!!!
  • All Class B Addresses are of the form:

128 - 191.x.x.x

Where x can take any number between 0 and 255

  • The first two octets are assigned to the address block owner, with the last two being freely distributable
    • Example: 128.125.x.x  USC
    • Example: 169.232.x.x  UCLA
  • 16-bit address space
  • ¼ of all IP addresses belong to Class B Addresses
class c addresses
Class C Addresses
  • Small to mid-sized businesses
  • A fair number left
  • All Class C Addresses have the following format:

192-232.x.x.x

  • The first three octets are assigned, with the last being freely distributable
    • Only 253 distributable addresses within a Class C Address
reserved addresses
Reserved Addresses
  • Private Networks (no public connections)
    • 10.x.x.x
    • 172.16.x.x
    • 192.168.x.x
  • 127.x.x.x – local network (loopback)
  • 255.255.255.255 – broadcast – sends to everyone on the network
netmasks
Netmasks
  • IP address has 2 components
    • Network address
    • Host address
  • Determined by the address and the class of the address
  • Example (Class C):
    • IP Address: 192.168.3.16
    • Network address: 192.168.3
    • Host address: 16
packet fragmentation
Packet Fragmentation
  • Various transmission media have different characteristics
  • Some require short packets others require longer packets
  • E.g. satellite – longer packets
  • Local LAN – shorter packets
packet fragmentation13
Packet Fragmentation
  • To optimize packet lengths for various communication links, IP offers network elements (routers and firewalls) the ability to slice up packets into smaller pieces, a process called fragmentation.
  • The end system’s IP layer is responsible for reassembling all fragments
  • Hackers use packet fragmentation to avoid being detected by Intrusion Detection Systems
lack of security in ip
Lack of Security in IP
  • IP version 4 does not include any security
  • All components of packets are in clear text, nothing is encrypted
  • Anything in the header or data segment can be viewed or modified by the hacker
    • TCP/UDP Hijacking
    • “Man-in-the-middle” attack
slide15
ICMP
  • ICMP – Internet Control Message Protocol
  • It is the Network Plumber
  • Its job is to transmit command and control information between networks and systems
icmp examples
ICMP examples
  • “ping” request = ICMP Echo message
  • If the “pinged” system is alive it will respond with ICMP Echo Reply Message
    • Try pinging
      • www.google.com
      • www.yahoo.com
      • www.cnn.com
    • Will they all work?
  • Some sites have disabled ping. Why?
    • Ping-of-death  a ping too big
    • Ping flooding  type of denial-of-service attack
routers and packets
Routers and packets
  • Routers
    • Transfer packets from network to network
    • They determine the path that a packet should take across the network specifying from hop to hop which network segments the packets should bounce through as they travel across the network
  • Most networks use dynamic routing
    • RIP, EIGRP
    • We will be discussing these technologies later in the course
network address translation
Network address translation
  • NAT
  • Blocks of addresses are allotted to ISP’s and organizations
    • Classes of IP Addresses
  • What happens when we have more computers than IP Addresses?
    • We have a Class C address – allows 253 computers
    • Our organization has 1000 computers
    • What do we do???
solution
Solution?
  • Reserve a range of IP addresses to build your own IP network
    • 10.x.y.z - un-routable IP addresses
    • 172.16.y.z
    • 192.168.y.z
  • How to connect these machines to Internet?
network address translation20
Network Address Translation
  • Use a gateway /router to map invalid addresses to valid IP addresses
    • Translates your local address to a routable address
    • Router receives one IP Address
      • Either dynamically assigns addresses to all the nodes behind the router, or it is assigned statically using non-routable addresses
        • If dynamic, uses DHCP (Dynamic Host Configuration Protocol)
      • When someone inside the network wants to access a computer outside the local network (the internet), the request is sent to the router, which uses NAT to send the request to the internet
nat and security
NAT and security?
  • Does NAT improve security?
    • It hides internal IP addresses from hacker
    • NAT must be combined with “firewalls” for optimum security
firewalls23
Firewalls
  • Network traffic cops
  • Tools that control the flow of traffic going between networks
  • By looking at addresses associated with traffic, firewalls determine whether connections should be transmitted or dropped
  • We will cover the setup and configuration of firewalls in great depth later in class
ad