Beruflich Dokumente
Kultur Dokumente
What is Networking?
Networking is connecting devices together to commutate with each other, so they can share data, files, and computing resources
Networking happens all around us to our PCs, to ATMs, cell phones, and much more
Mesh:
Switch (Layer 2)
Router (Layer 3)
Types of Networks
LAN Local Area Network
A local area network may serve as few as two or three users (for example, in a home network) or many as thousands of users.
Wireless LANs have become popular in the home due to ease of installation and the increasing popularity of laptop computers. Public businesses such as coffee shops and malls have begun to offer wireless access to their customers, sometimes for free. Large wireless network projects are being put up in many major cities.
ADDRESSING
Definition: A network address serves as a unique identifier for a computer on a network. When set up correctly, computers can determine the addresses of other computers on the network and use these addresses to send messages to each other. One of the best known form of network addressing is the Internet Protocol (IP) address. IP addresses consist of four bytes (32 bits) that uniquely identify all computers on the public Internet. Another popular form of address is the Media Access Control (MAC) address. MAC addresses are six bytes (48 bits) that manufacturers of network adapters burn into their products to uniquely identify them.
TYPES OF ADDRESSING
There are two types of addressing:
(1)- Hardware (MAC) (2)- Software (IP) (1) Hardware Address: In computer networking, a Media Access Control address (MAC address) is a unique identifier assigned to most network adapters or network interface cards (NICs) by the manufacturer for identification, and used in the Media Access Control protocol sub-layer. If assigned by the manufacturer, a MAC address usually encodes the manufacturer's registered identification number. It may also be known as an Ethernet Hardware Address (EHA), hardware address, adapter address, or physical address. There are three numbering spaces, managed by the Institute of Electrical and Electronics Engineers (IEEE), which are in common use for formulating a MAC address: Exp.= 28-4c-98-f6-50-a8
Classes of IP Address
There are Five Classes in IP Addresses Classes Ranges Subnet mask (1) Class A 0 to 126 255.0.0.0 (2) Class B 128 to 191 255.255.0.0 (3) Class C 192 to 223 255.255.255.0 (4) Class D 224 to 239 X (5) Class E 240 to 255 X
SERVER:- In information technology, a server is a computer program that provides services to other computer programs (and their users) in the same or other computers.
Domain Name A name that identifies one or more IP addresses. For example, the domain name microsoft.com represents about a dozen IP addresses. Domain names are used in URLs to identify particular Web pages. For example, in the URL http://www.pcwebopedia.com/index.html, the domain name is pcwebopedia.com. Every domain name has a suffix that indicates which top level domain (TLD) it belongs to. There are only a limited number of such domains. For example: gov - Government agencies edu - Educational institutions org - Organizations (nonprofit) mil - Military com - commercial business net - Network organizations ca - Canada th - Thailand
DNS
DNS:- Domain Name System (DNS) is a database system
that translates a computer's fully qualified domain name into an IP address. Networked computers use IP addresses to locate and connect to each other, but IP addresses can be difficult for people to remember. For example, on the web, it's much easier to remember the domain name www.innobuzz.in than it is to remember its corresponding IP address (216.18.197.164). DNS allows you to connect to another networked computer or remote service by using its user-friendly domain name rather than its numerical IP address
INTERNET:- The Internet, sometimes called simply "the Net," is a worldwide system of computer networks - a network of networks in which users at any one computer can, if they have permission, get information from any other computer (and sometimes talk directly to users at other computers). It was conceived by the Advanced Research Projects Agency (ARPA) of the U.S. government in 1969 and was first known as the ARPANET.
Point-to-Point Protocol
Introduced in 1994 and functions in the data link layer Creates the session between the user system and the ISP for transferring IP packets over a serial link Encapsulates packets in HDLC based frames Broad framing mechanism as compared to the single END character in SLIP Supports encryption of data and authentication of connection
Internet Protocol
Introduced in 1970 and functions in the network layer Data-oriented protocol used by source and destination hosts for communicating data across a packetswitched internetwork Features:
Provides universally defined addresses Allows transmission that is independent of any lower level protocol Connectionless and unreliable protocol Doesnt use acknowledgement after delivery
routing is present Routing Information Protocol Attacks Used to propagate routing information on local networks so easy for attacker to route active host Exterior Gateway Protocol Attacks Easy for the attacker to impersonate a second exterior gateway for the same autonomous system Countermeasures: Reject pre-authorized connections if source routing information was present Use paranoid gateway that can block any form of host spoofing Authenticate RIP packets in the absence of economical public-key signature schemes
Limitations:
Manual configuration of each clients MAC address on the central server
Non-IP protocol that cannot be handled with TCP/IP stack present on client computer
Supports group membership termination for quick report to routing protocol Message Types: Host Membership Report Host Membership Query Leave Group
Allows the user to exchange information, implement IP related features and perform testing Limitation: Delivery of message is not assured if encapsulated directly within a single IP datagram
Internet Control Message Protocol: Attacks and Security Measures ICMP Attacks:
Redirect Message Attacks Subnet Mask Reply Attacks Denial of Service Attacks
Security Measures:
Restrict route changes to the specified location to prevent redirect attacks Check the reply packet only at suitable time to block the subnet mask attacks Authentication mechanism9
Disadvantages:
Doesnt support acknowledgement for received data or retransmission of lost messages Doesnt offer flow control and congestion management
Countermeasures
Countermeasures
Applications that are using UDP should make their own arrangements for authentication
Protocol used to exchange files over the Internet and uses TCP for transfer
Features: Promotes sharing of files
No authentication or encryption mechanism Allows only simple ASCII or binary file transfer
Allows local and remote attackers to cause a core dump in the root directory possibly with world-readable permissions TFTP Vulnerabilities: TFTP Vulnerability Allows access to files outside the restricted directory by Linux implementations of TFTP
TELNET
Introduced in 1971 and functions in the application layer TCP based client-server protocol used on Internet and LAN connections Features: Offers user oriented command line login sessions between hosts on the Internet Allows user for remote login by opening connection to remote server Major Concepts Of Foundation:
Network Virtual Terminal (NVT) used for universal communication by all devices Avoids incompatibilities between devices by providing common base representation Symmetric operation for client and server
A Unix account has a guessable password Simple Mail Transfer Protocol: Vulnerability Allows remote attackers to execute arbitrary code via a malicious DNS response message Security Issues Use a firewall to block incoming TCP protocol network traffic Block TCP protocol network traffic on Windows Server 2000 because it handles Domain Name System (DNS) lookups
Components:
Master Agents Responds to SNMP requests made by a management station
Subagents
Implements the information and management functionality Management Stations
Provides the security based on access rights of a user of the machine View Based Access Control Model
Well control for accessing objects on a device
Directory Traversal
Allows attackers to access restricted directories and execute commands outside of the web server's root directory
MailMan Webmail
Allows remote attackers to execute arbitrary commands via shell metacharacters
Buffer Overflow
Allows remote attackers to execute arbitrary commands via a long password value in a form field
eWave
Summary
TCP/IP suite offers protocols at four different layers:
Data Link Layer
Point-to-Point Protocol Creates the session between the user
system and the ISP for transferring IP packets over a serial link
Network Layer
switched Internet Protocol is data-oriented protocol used by source and destination hosts for communicating data across a packetinternetwork Transmission Control Protocol is byte-stream connection oriented protocol providing reliable delivery
Transport Layer
Application Layer
File Transfer Protocol is used to exchange files over the Internet and uses TCP for transfer