Ethics, Privacy and
Ethics, Privacy and
Computer Forensics
Computer Forensics
Chap 14 Network Basics For Chap 14 Network Basics For
Overview of Networks
Overview of Networks
Imagine a long long cord …. These are networksImagine a long long cord …. These are networks Computer connected to a network is called hostComputer connected to a network is called host NIC – network interface card is the primary NIC – network interface card is the primary
interface with a network interface with a network
Use hubs, routers, etc. to connect networks of Use hubs, routers, etc. to connect networks of
computers computers
Computers connected to the global internet use a Computers connected to the global internet use a
protocol called TCP/IP protocol called TCP/IP
Enable communication of dissimilar networksEnable communication of dissimilar networks Common language of network talkCommon language of network talk
An IP address is the address of a host on the network An IP address is the address of a host on the network just like a phone number
Overview of Networks
Overview of Networks
Routers are highly susceptible to Routers are highly susceptible to
attacks because they are critical to attacks because they are critical to
communication communication
Firewalls are security devices that block Firewalls are security devices that block service and traffic destined to a certain service and traffic destined to a certain
port port
Network services include Telnet and FTPNetwork services include Telnet and FTP
Network Technology
Network Technology
Attached Resource Computer Network (ARCNET) Attached Resource Computer Network (ARCNET)
Earliest network technologyEarliest network technology
Developed by Datapoint Corp in 1970’sDeveloped by Datapoint Corp in 1970’s
Used active and passive hubs in the topologyUsed active and passive hubs in the topology Based on token scheme (proprietary)Based on token scheme (proprietary)
Speeds from 2.5 Mbps (copper) to 20 Mbps (fiber)Speeds from 2.5 Mbps (copper) to 20 Mbps (fiber)
EthernetEthernet
Most popular and accepted technology for networkingMost popular and accepted technology for networking
Each computer has a NIC and it is connected to a central hub, Each computer has a NIC and it is connected to a central hub,
switch or router switch or router
Variable speedsVariable speeds
Uses Carrier Sense Multiple Access with Collision Detection Uses Carrier Sense Multiple Access with Collision Detection
(CSMA/CD) (CSMA/CD)
Like people at a dinner party, when two start talking at the Like people at a dinner party, when two start talking at the
Network Technology
Network Technology
Fiber Distributed data Interface (FDDI)Fiber Distributed data Interface (FDDI)
Encoding pulses of lightEncoding pulses of light Expensive but fastExpensive but fast
Data travel in only one directionData travel in only one direction
Developed in mid-1980’sDeveloped in mid-1980’s
High Speed backbone connection between High Speed backbone connection between
distributed LANs distributed LANs
Dual Counter Rotating Rings: one primary, one Dual Counter Rotating Rings: one primary, one
secondary secondary
Token Passing
Token Passing
Token circulates on a Ring TopologyToken circulates on a Ring Topology Sender acquires free token, attaches Sender acquires free token, attaches
message and sends downstream
message and sends downstream
Receiver copies message and Receiver copies message and
acknowledges same in busy token
acknowledges same in busy token
Original sender responsible for taking the Original sender responsible for taking the message off the ring and sending a free
message off the ring and sending a free
token downstream
token downstream
Deterministic performanceDeterministic performance
Good for factoriesGood for factories
An FDDI network with primary and secondary token rings. During normal conditions, only An FDDI network with primary and secondary token rings. During normal conditions, only one of the rings is used and data travels in one direction. When a station or a cable
one of the rings is used and data travels in one direction. When a station or a cable segment fails, the traffic loops to form a closed ring, moving data in the opposite segment fails, the traffic loops to form a closed ring, moving data in the opposite direction.
Network Technology
Network Technology
Asynchronous Transfer Mode (ATM)Asynchronous Transfer Mode (ATM)
Uses fiber optics and special equipment called Uses fiber optics and special equipment called ATM switches
ATM switches
Gigbts/sec communication rateGigbts/sec communication rate Establishes a connection firstEstablishes a connection first
ATM switch is connected to a large networkATM switch is connected to a large network
Connection-oriented protocol (over virtual Connection-oriented protocol (over virtual
paths and/or channels)
paths and/or channels)
Backbone Technology; switch-based; fiber Backbone Technology; switch-based; fiber
based
Wireless
Wireless
WLAN – uses RF technologyWLAN – uses RF technology
WAP – Wireless Access Point – WAP – Wireless Access Point –
connects to wired LAN; acts as a connects to wired LAN; acts as a
wireless hub wireless hub
WLAN Adapters – wireless NICs with WLAN Adapters – wireless NICs with
antennas antennas
Wireless supports peer-to-peer Wireless supports peer-to-peer
IEEE 802.11g
IEEE 802.11g
Speeds of 1-54 MbpsSpeeds of 1-54 Mbps
Uses the 2.4GHz bandUses the 2.4GHz band
Is backwards compatible with IEEE Is backwards compatible with IEEE
802.11b 802.11b
802.11 Wireless Security Issues
802.11 Wireless Security Issues
Easy to “listen” for id and passwordEasy to “listen” for id and password
Easy to mimic in order to gain access Easy to mimic in order to gain access
to the wired Network to the wired Network
Earliest Protection was WEP – Wired Earliest Protection was WEP – Wired
Equivalent Privacy – which was easy Equivalent Privacy – which was easy
WPA
WPA
Wi-Fi Protected AccessWi-Fi Protected Access
Replacement for WEPReplacement for WEP
WPA password initiates encryptionWPA password initiates encryption
Encryption key changes every packetEncryption key changes every packet
Much harder to crack than WEPMuch harder to crack than WEP
Bluetooth
Bluetooth
A wireless standard; short rangeA wireless standard; short range
Used to connect network appliances, Used to connect network appliances,
printers, … printers, …
Low Power; max speed – 1Mbps over 30 Low Power; max speed – 1Mbps over 30
foot area or less foot area or less
Operates in the 2.4GHz band and can Operates in the 2.4GHz band and can
interfere with 802.11b interfere with 802.11b
A WLAN with two access points.
OSI Reference Model
OSI Reference Model
Provides useful way to describe and
Provides useful way to describe and
think about networking
think about networking
Breaks networking down into series
Breaks networking down into series
of related tasks
of related tasks
Each aspect is conceptualized as a
Each aspect is conceptualized as a
layer
layer
Each task can be handled
Each task can be handled
The OSI Communications
The OSI Communications
Reference Model
Reference Model
OSI – Open Systems Interconnection OSI – Open Systems Interconnection Committee of ISO
Committee of ISO
Reference adopted in 1978 (took 6 yrs)Reference adopted in 1978 (took 6 yrs) Resulted in very little actual product Resulted in very little actual product
(software)
(software)
Is THE standard for describing Is THE standard for describing networks; the
networks; the linqua francalinqua franca of of networking world wide
Understanding Layers
Understanding Layers
Layering helps clarify process of
Layering helps clarify process of
networking
networking
Groups related tasks &
Groups related tasks &
requirements
requirements
OSI model provides theoretical
OSI model provides theoretical
frame of reference
frame of reference
Clarifies what networks are Clarifies what networks are
OSI Reference Model
OSI Reference Model
Structure
Structure
Breaks networked communications Breaks networked communications
into even layers:
into even layers:
ApplicationApplication
PresentationPresentation
SessionSession
TransportTransport
NetworkNetwork
Data LinkData Link
OSI Reference Model
OSI Reference Model
Structure
Structure
Each layer responsible for different Each layer responsible for different aspect of data exchange
aspect of data exchange
Each layer puts electronic envelope Each layer puts electronic envelope
around data as it sends it down layers
around data as it sends it down layers
or removes it as it travels up layers for
or removes it as it travels up layers for
delivery
delivery
Each layer of OSI model Each layer of OSI model
communicates and interacts with
communicates and interacts with
layers immediately above and below it
OSI Reference Model
OSI Reference Model
Structure
Structure
Interface boundaries separate
Interface boundaries separate
layers
layers
Individual layer communicates
Individual layer communicates
only adjacent layers
only adjacent layers
“
“
Peer layers” describes logical or
Peer layers” describes logical or
virtual communication between
virtual communication between
same layer on both sending and
same layer on both sending and
receiving computers
Relationships Among
Relationships Among
OSI Layers
OSI Reference Model
OSI Reference Model
Structure
Structure
Date is broken into Date is broken into packetspackets or or PDUsPDUs as it as it
moves down stack
moves down stack
PDU stands for protocol data unit, packet data unit, or PDU stands for protocol data unit, packet data unit, or
payload data unit payload data unit
PDU is self-contained data structure from one PDU is self-contained data structure from one
layer to another
layer to another
At sending end, each layer adds special formatting or At sending end, each layer adds special formatting or
addressing to PDU addressing to PDU
At receiving end, each layer reads packet and strips At receiving end, each layer reads packet and strips
off information added by corresponding layer at off information added by corresponding layer at
Application Layer
Application Layer
Layer 7 is top layer of OSI reference Layer 7 is top layer of OSI reference
model
model
Provides general network accessProvides general network access Includes set of interfaces for Includes set of interfaces for
applications to access variety of
applications to access variety of
networked services such as:
networked services such as:
File transferFile transfer
E-mail message handlingE-mail message handling Database query processingDatabase query processing
Presentation Layer
Presentation Layer
Layer 6 handles data formatting and Layer 6 handles data formatting and protocol conversion
protocol conversion
Converts outgoing data to generic Converts outgoing data to generic networked format
networked format
Does data encryption and decryptionDoes data encryption and decryption Handles character set issues and Handles character set issues and
graphics commands
graphics commands
May include data compressionMay include data compression
Includes redirector software that redirects Includes redirector software that redirects service requests across network
Session Layer
Session Layer
Layer 5 opens and closes sessionsLayer 5 opens and closes sessions
Performs data and message exchangesPerforms data and message exchanges
Monitors session identification and securityMonitors session identification and security
Performs name lookup and user login and Performs name lookup and user login and
logout
logout
Provides synchronization services on both Provides synchronization services on both
ends
ends
Determines which side transmits data, Determines which side transmits data,
when, and for how long
when, and for how long
Transmits keep-alive messages to keep Transmits keep-alive messages to keep
connection open during periods of inactivity
Transport Layer
Transport Layer
Layer 4 conveys data from sender to Layer 4 conveys data from sender to
receiver
receiver
Breaks long data payloads into Breaks long data payloads into
chunks called segments
chunks called segments
Includes error checksIncludes error checks
Re-sequences chunks into original Re-sequences chunks into original
data on receipt
data on receipt
Network Layer
Network Layer
Layer 3 addresses messages for deliveryLayer 3 addresses messages for delivery Translates logical network address into Translates logical network address into
physical MAC address
physical MAC address
Decides how to route transmissionsDecides how to route transmissions
Handles packet switching, data routing, Handles packet switching, data routing,
and congestion control
and congestion control
Through fragmentation or segmentation, Through fragmentation or segmentation,
breaks data segments from Layer 4 into
breaks data segments from Layer 4 into
smaller data packets
smaller data packets
Data Link Layer
Data Link Layer
Layer 2Layer 2 creates data frames to send to creates data frames to send to
Layer 1
Layer 1
On receiving side, takes raw data from On receiving side, takes raw data from
Layer 1 and packages into data frames
Layer 1 and packages into data frames
Data frame is basic unit for network traffic on Data frame is basic unit for network traffic on the wire
the wire
See next slide for contents of typical data frameSee next slide for contents of typical data frame
Performs Cyclic Redundancy Check (CRC) Performs Cyclic Redundancy Check (CRC)
to verify data integrity
to verify data integrity
Detects errors and discards frames Detects errors and discards frames
containing errors
Data Frame
Physical Layer
Physical Layer
Layer 1 converts bits into signals for Layer 1 converts bits into signals for
outgoing messages and signals into bits
outgoing messages and signals into bits
for incoming messages
for incoming messages
Manages computer’s interface to mediumManages computer’s interface to medium
Instructs driver software and network Instructs driver software and network interface to send data across medium
interface to send data across medium
Sets timing and interpretation of signals Sets timing and interpretation of signals across medium
across medium
Translates and screens incoming data for Translates and screens incoming data for delivery to receiving computer
Actions of Each layer of
Actions of Each layer of
OSI Reference Model
OSI in Summary
OSI in Summary
The Reference Model breaks the The Reference Model breaks the
communication process into seven communication process into seven
distinct and independent layers distinct and independent layers
Each layer’s functionality is well Each layer’s functionality is well
defined as is its interface with defined as is its interface with
surrounding layers and peer layers surrounding layers and peer layers
Lower layers service upper layers in Lower layers service upper layers in
Network interconnection hardware operates at various layers of
Network interconnection hardware operates at various layers of
the OSI model.