Chap 14 EPCF.ppt 1758KB Jun 23 2011 12:13:04 PM

(1)

Ethics, Privacy and

Computer Forensics

Chap 14 Network Basics For Chap 14 Network Basics For

(2)

Overview of Networks

 Imagine a long long cord …. These are networksImagine a long long cord …. These are networks  Computer connected to a network is called hostComputer connected to a network is called host  NIC – network interface card is the primary NIC – network interface card is the primary

interface with a network interface with a network

 Use hubs, routers, etc. to connect networks of Use hubs, routers, etc. to connect networks of

computers computers

 Computers connected to the global internet use a Computers connected to the global internet use a

protocol called TCP/IP protocol called TCP/IP

 Enable communication of dissimilar networks_{Enable communication of dissimilar networks}  Common language of network talk_{Common language of network talk}

 An IP address is the address of a host on the network _{An IP address is the address of a host on the network} just like a phone number

(3)

Overview of Networks

Routers are highly susceptible to Routers are highly susceptible to

attacks because they are critical to attacks because they are critical to

communication communication

Firewalls are security devices that block Firewalls are security devices that block service and traffic destined to a certain service and traffic destined to a certain

port port

Network services include Telnet and FTPNetwork services include Telnet and FTP

(4)

Network Technology

 Attached Resource Computer Network (ARCNET) Attached Resource Computer Network (ARCNET)

 Earliest network technology_{Earliest network technology}

 Developed by Datapoint Corp in 1970’sDeveloped by Datapoint Corp in 1970’s

 Used active and passive hubs in the topology_{Used active and passive hubs in the topology}  Based on token scheme (proprietary)Based on token scheme (proprietary)

 Speeds from 2.5 Mbps (copper) to 20 Mbps (fiber)_{Speeds from 2.5 Mbps (copper) to 20 Mbps (fiber)}

 EthernetEthernet

 Most popular and accepted technology for networking_{Most popular and accepted technology for networking}

 Each computer has a NIC and it is connected to a central hub, Each computer has a NIC and it is connected to a central hub,

switch or router switch or router

 Variable speedsVariable speeds

 Uses Carrier Sense Multiple Access with Collision Detection _{Uses Carrier Sense Multiple Access with Collision Detection}

(CSMA/CD) (CSMA/CD)

 Like people at a dinner party, when two start talking at the _{Like people at a dinner party, when two start talking at the}

(5)

(6)

Network Technology

 Fiber Distributed data Interface (FDDI)Fiber Distributed data Interface (FDDI)

 Encoding pulses of lightEncoding pulses of light  Expensive but fast_{Expensive but fast}

 Data travel in only one direction_{Data travel in only one direction}

 Developed in mid-1980’sDeveloped in mid-1980’s

 High Speed backbone connection between High Speed backbone connection between

distributed LANs distributed LANs

 Dual Counter Rotating Rings: one primary, one Dual Counter Rotating Rings: one primary, one

secondary secondary

(7)

Token Passing

 Token circulates on a Ring TopologyToken circulates on a Ring Topology  Sender acquires free token, attaches Sender acquires free token, attaches

message and sends downstream

 Receiver copies message and Receiver copies message and

acknowledges same in busy token

 Original sender responsible for taking the Original sender responsible for taking the message off the ring and sending a free

message off the ring and sending a free

token downstream

 Deterministic performanceDeterministic performance

Good for factoriesGood for factories

(8)

An FDDI network with primary and secondary token rings. During normal conditions, only An FDDI network with primary and secondary token rings. During normal conditions, only one of the rings is used and data travels in one direction. When a station or a cable

one of the rings is used and data travels in one direction. When a station or a cable segment fails, the traffic loops to form a closed ring, moving data in the opposite segment fails, the traffic loops to form a closed ring, moving data in the opposite direction.

(9)

Network Technology

 Asynchronous Transfer Mode (ATM)Asynchronous Transfer Mode (ATM)

Uses fiber optics and special equipment called Uses fiber optics and special equipment called ATM switches

ATM switches

Gigbts/sec communication rateGigbts/sec communication rate Establishes a connection firstEstablishes a connection first

ATM switch is connected to a large networkATM switch is connected to a large network

 Connection-oriented protocol (over virtual Connection-oriented protocol (over virtual

paths and/or channels)

 Backbone Technology; switch-based; fiber Backbone Technology; switch-based; fiber

based

(10)

Wireless

 WLAN – uses RF technologyWLAN – uses RF technology

 WAP – Wireless Access Point – WAP – Wireless Access Point –

connects to wired LAN; acts as a connects to wired LAN; acts as a

wireless hub wireless hub

 WLAN Adapters – wireless NICs with WLAN Adapters – wireless NICs with

antennas antennas

 Wireless supports peer-to-peer Wireless supports peer-to-peer

(11)

IEEE 802.11g

Speeds of 1-54 MbpsSpeeds of 1-54 Mbps

Uses the 2.4GHz bandUses the 2.4GHz band

Is backwards compatible with IEEE Is backwards compatible with IEEE

802.11b 802.11b

(12)

802.11 Wireless Security Issues

Easy to “listen” for id and passwordEasy to “listen” for id and password

Easy to mimic in order to gain access Easy to mimic in order to gain access

to the wired Network to the wired Network

Earliest Protection was WEP – Wired Earliest Protection was WEP – Wired

Equivalent Privacy – which was easy Equivalent Privacy – which was easy

(13)

WPA

Wi-Fi Protected AccessWi-Fi Protected Access

Replacement for WEPReplacement for WEP

WPA password initiates encryptionWPA password initiates encryption

Encryption key changes every packetEncryption key changes every packet

Much harder to crack than WEPMuch harder to crack than WEP

(14)

Bluetooth

A wireless standard; short rangeA wireless standard; short range

Used to connect network appliances, Used to connect network appliances,

printers, … printers, …

Low Power; max speed – 1Mbps over 30 Low Power; max speed – 1Mbps over 30

foot area or less foot area or less

Operates in the 2.4GHz band and can Operates in the 2.4GHz band and can

interfere with 802.11b interfere with 802.11b

(15)

A WLAN with two access points.

(16)

(17)

(18)

OSI Reference Model



Provides useful way to describe and

think about networking



Breaks networking down into series

of related tasks



Each aspect is conceptualized as a

layer



Each task can be handled

(19)

The OSI Communications

Reference Model

OSI – Open Systems Interconnection OSI – Open Systems Interconnection Committee of ISO

Committee of ISO

Reference adopted in 1978 (took 6 yrs)Reference adopted in 1978 (took 6 yrs) Resulted in very little actual product Resulted in very little actual product

(software)

Is THE standard for describing Is THE standard for describing networks; the

networks; the linqua francalinqua franca of of networking world wide

(20)

Understanding Layers



Layering helps clarify process of

networking



Groups related tasks &

requirements



OSI model provides theoretical

frame of reference

Clarifies what networks are Clarifies what networks are

(21)

OSI Reference Model

Structure

Breaks networked communications Breaks networked communications

into even layers:

ApplicationApplication

PresentationPresentation

SessionSession

TransportTransport

NetworkNetwork

Data LinkData Link

(22)

OSI Reference Model

Structure

Each layer responsible for different Each layer responsible for different aspect of data exchange

aspect of data exchange

Each layer puts electronic envelope Each layer puts electronic envelope

around data as it sends it down layers

or removes it as it travels up layers for

delivery

Each layer of OSI model Each layer of OSI model

communicates and interacts with

layers immediately above and below it

(23)

OSI Reference Model

Structure



Interface boundaries separate

layers



Individual layer communicates

only adjacent layers



“

Peer layers” describes logical or

virtual communication between

same layer on both sending and

receiving computers

(24)

Relationships Among

OSI Layers

(25)

OSI Reference Model

Structure

Date is broken into Date is broken into packetspackets or or PDUsPDUs as it as it

moves down stack

PDU stands for protocol data unit, packet data unit, or PDU stands for protocol data unit, packet data unit, or

payload data unit payload data unit

PDU is self-contained data structure from one PDU is self-contained data structure from one

layer to another

At sending end, each layer adds special formatting or At sending end, each layer adds special formatting or

addressing to PDU addressing to PDU

At receiving end, each layer reads packet and strips At receiving end, each layer reads packet and strips

off information added by corresponding layer at off information added by corresponding layer at

(26)

Application Layer

Layer 7 is top layer of OSI reference Layer 7 is top layer of OSI reference

model

Provides general network accessProvides general network access Includes set of interfaces for Includes set of interfaces for

applications to access variety of

networked services such as:

File transferFile transfer

E-mail message handlingE-mail message handling Database query processingDatabase query processing

(27)

Presentation Layer

Layer 6 handles data formatting and Layer 6 handles data formatting and protocol conversion

protocol conversion

Converts outgoing data to generic Converts outgoing data to generic networked format

networked format

Does data encryption and decryptionDoes data encryption and decryption Handles character set issues and Handles character set issues and

graphics commands

May include data compressionMay include data compression

Includes redirector software that redirects Includes redirector software that redirects service requests across network

(28)

Session Layer

Layer 5 opens and closes sessionsLayer 5 opens and closes sessions

Performs data and message exchangesPerforms data and message exchanges

Monitors session identification and securityMonitors session identification and security

Performs name lookup and user login and Performs name lookup and user login and

logout

Provides synchronization services on both Provides synchronization services on both

ends

Determines which side transmits data, Determines which side transmits data,

when, and for how long

Transmits keep-alive messages to keep Transmits keep-alive messages to keep

connection open during periods of inactivity

(29)

Transport Layer

Layer 4 conveys data from sender to Layer 4 conveys data from sender to

receiver

Breaks long data payloads into Breaks long data payloads into

chunks called segments

Includes error checksIncludes error checks

Re-sequences chunks into original Re-sequences chunks into original

data on receipt

(30)

Network Layer

Layer 3 addresses messages for deliveryLayer 3 addresses messages for delivery Translates logical network address into Translates logical network address into

physical MAC address

Decides how to route transmissionsDecides how to route transmissions

Handles packet switching, data routing, Handles packet switching, data routing,

and congestion control

Through fragmentation or segmentation, Through fragmentation or segmentation,

breaks data segments from Layer 4 into

smaller data packets

(31)

Data Link Layer

Layer 2Layer 2 creates data frames to send to creates data frames to send to

Layer 1

On receiving side, takes raw data from On receiving side, takes raw data from

Layer 1 and packages into data frames

Data frame is basic unit for network traffic on Data frame is basic unit for network traffic on the wire

the wire

See next slide for contents of typical data frameSee next slide for contents of typical data frame

Performs Cyclic Redundancy Check (CRC) Performs Cyclic Redundancy Check (CRC)

to verify data integrity

Detects errors and discards frames Detects errors and discards frames

containing errors

(32)

Data Frame

(33)

Physical Layer

Layer 1 converts bits into signals for Layer 1 converts bits into signals for

outgoing messages and signals into bits

for incoming messages

Manages computer’s interface to mediumManages computer’s interface to medium

Instructs driver software and network Instructs driver software and network interface to send data across medium

interface to send data across medium

Sets timing and interpretation of signals Sets timing and interpretation of signals across medium

across medium

Translates and screens incoming data for Translates and screens incoming data for delivery to receiving computer

(34)

Actions of Each layer of

OSI Reference Model

(35)

OSI in Summary

The Reference Model breaks the The Reference Model breaks the

communication process into seven communication process into seven

distinct and independent layers distinct and independent layers

Each layer’s functionality is well Each layer’s functionality is well

defined as is its interface with defined as is its interface with

surrounding layers and peer layers surrounding layers and peer layers

Lower layers service upper layers in Lower layers service upper layers in

(36)

Network interconnection hardware operates at various layers of

the OSI model.