Networking Fundamentals Review

Networking Evolution

Network: –Two or more connected computers that share data

Paradigms: Client/server model

Mainframe model

Peer to peer

Web-based networking

Sneakernet:The transfer of files from one computer to another using a floppy disk or other removable medium

Networking Categories

Two basic categories: Server-based

Peer-to-peer

Enterprise networks Combine peer-to-peer and server-based

Network Topologies

Bus Star Ring Hybrid networks Mesh

Layers of the OSI/RM

Application All

Presentation People

Session Seem

Transport To

Network Need

Data link Data

Physical Processing

Application Layer

User interface Supports file transfer Network management Accepts requests and passes them down to the

presentation layer

Presentation Layer

Converts text from what is viewable to the user to what is understandable to the computer

Passes data to session layer

Session Layer

Establishes, manages, and terminates connections between cooperating applications

Adds traffic flow information

Transport Layer

Reliable, transparent transport between end points Supports end to end error recovery and flow

control Connection-oriented protocols reside at this layer

Network Layer

Responsible for forwarding and routing datagrams Connectionless protocols reside at this layer

Data Link Layer

Provides reliable data transfer across the physical link

Frames are transmitted with the necessary synchronization error control and flow control

Prepares information so it can be sent to the physical wire

Physical Layer

Concerned with the transmission of unstructured bit stream over a physical link

Responsible for the mechanical, electrical, and procedural characteristics to establish, maintain, and deactivate the flow of bits

Application-Layer Protocols

SMTP BOOTP FTP HTTP AFP

SNMP SMB X.500 NCP NFS

Network Management, File Transfers, User Interface

Transport-Layer Protocols

TCP SPX NWLink ATP NetBEUI

Reliable, Connection-Oriented, Error Recovery, and Flow Control

Network-Layer Protocols

IP IPX NWLink NetBEUI X.25 Ethernet

Connectionless (best effort delivery), Forwards and Routes Datagrams

Major Networking Protocols

Connection-oriented (stateful)

Connectionless (stateless)

Routable – Most protocols are routable

Nonroutable

NetBios

NetBeui

LAT

DLC

TCP/IP

Default protocol for the following network operating systems:

Windows 2000 Windows NT 4.0 UNIX NetWare 5

… plus the Internet! Computers are each identified with an IP address

and subnet mask

IPX/SPX

IPX is responsible for forwarding packets to sockets

SPX ensures reliable data delivery and manages sessions

Must identify a frame type during setup

NetBEUI

Non-routable Fast Easiest to configure and maintain Low overhead

AppleTalk

Used only on Apple Macintosh networks Divides groups of computers into zones

Common Network Components

NICs Repeaters Hubs Bridges Routers Brouters

Switches Gateways CSU/DSU Modems Patch panels Internet-in-a-box

NIC card

Network

Node

Network InterfaceCards (NICs)

NIC is the interface between the computer and the network

MAC Address Components

00 – 80 – 5F – EA – C6 – 10

Vendor Code Interface Serial Number

Node Node

Repeater

Repeaters

•Amplifies electronic signal

•Strengthens signal by re-transmitting it when segment approaches its maximum length

Node Node Node

Hub

Hubs

•Concentration point of network

•Used with a star configuration

Bridges

•Operates on the data link layer

•Reduce network traffic by dividing the network into two segments

•Recognize mac addresses rather than IP addresses

•Can connect two different topologies

Routers

•Operates on the network layer

•Forwards or route data according to routing tables

•Determine IP address needed and then most efficient route

•Conserves network bandwidth by reducing broadcasting

Switches

•Can operate at the data link and network layers

•Directs the flow of information from one node to another.

•Faster because it give each sender/receiver

the entire bandwidth of a line instead of sharing

Gateways

Network runningTCP/IP

Gateway(Protocol Converter)

Network runningIPX/SPX

•Can operate at any level of the OSI model

•Protocol converter – Appletalk to TCP/IP

CSU/DSU

CS U/ DS URouter

TelecomNetwork

Network

Channel Service Unit/Data Service Unit

•Operates at the physical layer

•Terminates physical connections

•Used for bringing T1 lines into a building

Modems

TelecomNetwork

Network

Modem Modem

Network

•Uses POTS phone line to connect to internet

•Can dial RAS connection directly to another

computer

Modem Initialization Commands

AT – Precedes most commands

ATDT – Dials the number

ATA – Answers an incoming call manually

ATH0 – Tells modem to hang up

AT&F – Resets the modem to factory defaults

ATZ – Resets modem to power up defaults

, - Pause

*70 or 1170 – Turns off call waiting

Transmission Media

Twisted pair cable Coaxial cable Fiber optic cable Wireless media

Transmission Media

Twisted pair cable UTP and STP 100 meter length maximum Twisted pair or 8 wires in 4 pairs, RJ-45 connectors Category 3 – Ethernet 10BASE-T, 10mbps nics and hubs (16mbps maximum) Category 4 – Used for token ring, generally at 16mbps (20mbps maximum) Category 5 – Ethernet 100BASE-T, 100mbps nics and hubs (155mbps maximum)

Transmission Media (cont.)

Coaxial cable No concentrator is needed

Requires a terminator at each end

Thicknet - 500 meters, .5” (10BASE5)

Thinnet - 185 meters, .25” (10BASE2)

RG-58 cable, BNC connectors

Up to 255 devices can be attached to a single segment

Transmission Media (cont.)

Fiber optic cable Two strands of optical fiber, one sends, one receives, with pulses of light FDDI and ATM technologies622 mbps (100-1,000mbps), 2,000 meters Expensive and difficult to install Very secure No EMI 100BASE-FX

Wireless media

Port Numbers

Well-known port numbers 25 – SMTP

20, 21 – FTP

110 – POP

53 – DNS

80 – HTTP

Numbers can also be assigned for security purposes

Internet Addressing

Internet addresses are divided into the following parts:

Network

Host

Four fields separated by periods are a common notation for specifying addresses: – field1.field2.field3.field4 (222.41.1.25)

1 1 1 1 1 1 1 1 = 8 128 64 32 16 8 4 2 1 = 255

1 = On 0 = Off

IP Address Fields

Contain eight bits per field Range from 0 to 255 decimal

field1.field2.field3.field4

Internet Address Classes

Class A – 1-126 0

Class B – 128-191 10

Class C – 192-223 110

Class D – 224-239 1110

Class E – 240-247 11110

IP Addressing Rules

Loopback addresses - 127.0.0.1 Broadcast addresses - 255.255.255.255 Network addresses - netid.255.255.255 Special-case source addresses - 0.0.0.0

Reserved (LAN) IP Addressing

10.0.0.0 through 10.255.255.255 172.16.0.0 through 172.31.255.255 192.168.0.0 through 192.168.255.255

Subnetworks

Subnet masks – used to distinguish network and host portions of addresses efault subnet masks

Class A 255.0.0.0

Class B 255.255.0.0

Class C 255.255.255.0

IPv6 – 128 bit address instead of 32 bit

Diagnostic Tools forInternet Troubleshooting

ping tracert netstat ipconfig winipcfg arp network analyzers

Internetworking Servers

File and print HTTP Proxy Caching Mail Mailing list Media

DNS FTP News Certificate Directory Catalog Transaction

Fault Tolerance

Two primary types of drive fault tolerance:RAID

Mirroring

Duplexing

Striping with Parity

Clustering

Backups

Other Types ofData Protection

Uninterruptible Power Supply Folder replication Removable media

Classifying Hackers

Casual attacker - 99.5% Determined attacker - usually on ideological

grounds, or a disgruntled employee

Types of Attacks

Spoofing (masquerade) attacks - alters ip so it looks like it came from a trusted network

Man-in-the-middle (hijacking) attacks - capture packets sent between two hosts

Denial-of-service attacks - uses up all the system resources and crashes the system, usually with ping requests

Insider attacks – eavesdropping and snooping for information Brute-force attacks - repeated logon attempts with a dictionary

Types of Attacks

Trapdoor attacks - diagnostics programs can view and possibly execute system applications

Replay attacks - altered header info on packets to gain entrance to system

Trojan horse attacks – files placed on system by user that believes the program is a valid program, user executes

Social-engineering attacks – users tricked into giving out their personal information (this info is then used to crack passwords)

Front Door - stolen user name and password

Viruses

Virus types: Macros - Word and Excel contain macro script writing programs that used to execute commands

Executables - execute batch file

Boot sector – very hard to remove, virus attaches to the boot sector program so it runs every time the computer is started

Bios - attacks flash bios programs by overwriting the system bios and makes the system unbootable

Polymorphic (stealth) virus - changes form each time it invades a system

The Hacker Process

Stage 1—Discovery - gather info on services, ports, physical topology, and placement of services

Stage 2—Penetration - go for the weakest link Stage 3—Control - destroy evidence of activity,

obtaining root and admin access, creating new accounts, moving to other systems/servers

Defeating Attacks

Authentication - user login and password Access control - file or directory permissions granted

to users Data confidentiality - encryption Data integrity - provides protection against altered

files Nonrepudiation - can’t deny transaction occurred

Security Standards

NCSC security levels: D – minimal (MsDos)

C1 – rudimentary access control

C2 – differentiate users

B1 – varied security levels

B2 – hardware protection

B3 – security domains

A1 – verified design, rigorous mathematical proof

Key Security Organizations

Computer Emergency Response Team (CERT) Computer Security Resource and Response Center

(CSRC) at the National Institute of Standards and Technology (NIST)

Computer Incident Advisory Capability (CIAC) at the Department of Energy (DOE)

Encryption

Encryption always uses algorithms, text strings that scramble and de-scramble information

Symmetric-key encryption Asymmetric-key encryption One-way encryption (hash encryption)