SlideShare ist ein Scribd-Unternehmen logo

5. telecomm & network security

Als PPT, PDF herunterladen
7
7wounders
BildungTechnologieBusiness
1 von 98
Telecom and Network Security
Telecom And Network Security Understand the OSI model Identify network hardware Understand LAN topologies Basic protocols - routing and routed Understand IP addressing scheme Understand subnet masking Understand basic firewall architectures Understand basic telecommunications security issues
Telecom and Network Security  Intro to OSI model  LAN topologies  OSI revisited • hardware • bridging,routing • routed protocols, WANs  IP addressing, subnet masks  Routing Protocols
OSI/ISO ??  OSI model developed by ISO, International Standards Organization  IEEE - Institute of Electrical and Electronics Engineers  NSA - National Security Agency  NIST - National Institute for Standards and Technology  ANSI - American National Standards Institute  CCITT - International Telegraph and Telephone Consultative Committee
OSI Reference Model  Open Systems Interconnection Reference Model  Standard model for network communications  Allows dissimilar networks to communicate  Defines 7 protocol layers (a.k.a. protocol stack)  Each layer on one workstation communicates with its respective layer on another workstation using protocols (i.e. agreed-upon communication formats)  “Mapping” each protocol to the model is useful for comparing protocols.
The OSI Layers 7 Application Provides specific services for applications such as file transfer 6 Presentation Provides data representation between systems 5 Session Establishes, maintains, manages sessions example - synchronization of data flow 4 Transport Provides end-to-end data transmission integrity 3 Network Switches and routes information units 2 Data Link Provides transfer of units of information to other end of physical link 1 Physical Transmits bit stream on physical medium Mnemonic: Please Do Not Take Sales Person Advice
Data Flow in OSI Reference Model Host 1 Host 2 Data travels down the stack 7 Applicatio Then up the receiving stack 7 Applicatio n n 6 Presentation 6 Presentation 5 Session 5 Sessio 4 Transport n 4 Transport 3 Network 3 Network 2 Data Link 2 Data Link 1 Physical 1 Physical Through the network As the data passes through each layer on the client information about that layer is added to the data.. This information is stripped off by the corresponding layer on the server.
OSI Model  Protocols required for Networking are covered in OSI model  Keep model in mind for rest of course  All layers to be explored in more detail
LAN Topologies  Star Topology  Bus Topology
LAN Topologies Cont…  Ring Topology
Star Topology  Telephone wiring is one common example  Center of star is the wire closet  Star Topology easily maintainable
Bus Topology  Basically a cable that attaches many devices  Can be a “daisy chain” configuration  Computer I/O bus is example
Tree Topology  Can be extension of bus and star topologies  Tree has no closed loops
Ring Topology  Continuous closed path between devices  A logical ring is usually a physical star  Don’t confuse logical and physical topology
Network topologies Topology Advantages Disadvantages Bus • Passive transmission medium • Channel access technique • Localized failure impact (contention) • Adaptive Utilization Star • Simplicity • Reliability of central node • Central routing • Loading of central node • No routing decisions Ring • Simplicity • Failure modes with global effect • Predictable delay • No routing decisions
LAN Access Methods  Carrier Sense Multiple Access with Collision Detection (CSMA/CD)  Talk when no one else is talking  Token  Talk when you have the token  Slotted  Similar to token, talk in free “slots”
LAN Signaling Types  Baseband  Digital signal, serial bit stream  Broadband  Analog signal  Cable TV technology
Ethernet  Bus topology  CSMA/CD  Baseband  Most common network type  IEEE 802.3  Broadcast technology - transmission stops at terminators
Token Bus  IEEE 802.4  Very large scale, expensive  Usually seen in factory automation  Used when one needs:  Multichannel capabilities of a broadband LAN  resistance to electrical interference
Token Ring  IEEE 802.5  Flow is unidirectional  Each node regenerates signal (acts as repeater)  Control passed from interface to interface by “token”  Only one node at a time can have token  4 or 16 Mbps
Fiber Distributed Data Interface (FDDI)  Dual counter rotating rings  Devices can attach to one or both rings  Single attachment station (SAS), dual (DAS)  Uses token passing  Logically and physically a ring  ANSI governed
WAN  WANs connect LANs  Generally a single data link  Links most often come from Regional Bell Operating Companies (RBOCs) or Post, Telephone, and Telegraph (PTT) agencies  Wan link contains Data Terminal Equipment (DTE) on user side and Data Circuit-Terminating Equipment (DCE) at WAN provider’s end  MAN - Metropolitan Area Network
ISDN  Integrated services digital network (ISDN) is a worldwide public network service that can provide end-to-end digital communications and fully integrate technologies  The basic rate interface (BRI) - 2B+D  The primary rate interface (PRI) - 23B+D  B channel - 64-Kbps bandwidth and are appropriate for either voice or data transmission  D channel - 16-Kbps signaling channel, is designed to control transmission of the B channel
Typical Point-to –Point WAN The Connections T1 – 1.544 Mbps of electronic information T2 - a T-carrier that can handle 6.312 Mbps or 96 voice channels. T3 - a T-carrier that can handle 44.736 Mbps or 672 voice channels. T4 - a T-carrier that can handle 274.176 Mbps or 4032 voice channels
WAN Cont…  Cable Modem and DSL  ADSL - Asymmetric Digital Subscriber Line - 144 Kbps to 1.5 Mbps  SDSL - Single Line Digital Subscriber Line - 1.544 Mbps to 2.048 Mbps  HDSL - High data rate Digital Subscriber Line - 1.544 Mbps to 42.048 Mbps  VDSL - Very high data rate Digital Subscriber Line - 13 to 52 Mbps 1.5 to 2.3 Mbps
WAN Cont…  Frame Relay and X.25 - Packet-switched technologies  Evolved from standardization work on ISDN  Designed to eliminate much of the overhead in X.25  DTE - Data Terminal Equipment  DCE - Data Circuit-terminating Equipment  CIR - Committed Information Rate
OSI Model -Layers  Physical  Data Link  Network  Transport  Session  Presentation  Application
Physical Layer  Specifies the electrical, mechanical, procedural, and functional requirements for activating, maintaining, and deactivating the physical link between end systems  Examples of physical link characteristics include voltage levels, data rates, maximum transmission distances, and physical connectors
Physical Layer Hardware  Cabling  twisted pair  10baseT  10base2  10base5  fiber  transceivers  hubs  topology
Twisted Pair  10BaseT (10 Mbps, 100 meters w/o repeater)  Unshielded and shielded twisted pair (UTP most common)  two wires per pair, twisted in spiral  Typically 1 to 10 Mbps, up to 100Mbps possible  Noise immunity and emanations improved by shielding
Coaxial Cable  10Base2 (10 Mbps, repeater every 200 m)  ThinEthernet or Thinnet or Coax  2-50 Mbps  Needs repeaters every 200-500 meters  Terminator: 50 ohms for ethernet, 75 for TV  Flexible and rigid available, flexible most common  Noise immunity and emanations very good
Coaxial Cables, cont  Ethernet uses “T” connectors and 50 ohm terminators  Every segment must have exactly 2 terminators  Segments may be linked using repeaters, hubs
Standard Ethernet  10Base5  Max of 100 taps per segment  Nonintrusive taps available (vampire tap)  Uses AUI (Attachment Unit Interface)
Fiber-Optic Cable  Consists of Outer jacket, cladding of glass, and core of glass  Fast
Transceivers  Physical devices to allow you to connect different transmission media  May include Signal Quality Error (SQE) or “heartbeat” to test collision detection mechanism on each transmission  May include “link light”, lit when connection exists
Hubs  A device which connects several other devices  Also called concentrator, repeater, or multi- station access unit (MAU)
OSI Model - Layers  Physical  Data Link  Network  Transport  Session  Presentation  Application
Data Link Layer  Provides data transport across a physical link  Data Link layer handles physical addressing, network topology, line discipline, error notification, orderly delivery of frames, and optional flow control  Bridges operate at this layer
Data Link Sub-layers  Media Access Control (MAC)  refers downward to lower layer hardware functions  Logical Link Control (LLC)  refers upward to higher layer software functions
Medium Access Control  MAC address is “physical address”, unique for LAN interface card  Also called hardware or link-layer address  The MAC address is burned into the Read Only Memory (ROM)  MAC address is 48 bit address in 12 hexadecimal digits  1st six identify vendor, provided by IEEE  2nd six unique, provided by vendor
Logical Link Control  Presents a uniform interface to upper layers  Enables upper layers to gain independence over LAN media access  upper layers use network addresses rather than MAC addresses  Provide optional connection, flow control, and sequencing services
Bridges  Device which forwards frames between data link layers associated with two separate cables  Stores source and destination addresses in table  When bridge receives a frame it attempts to find the destination address in its table  If found, frame is forwarded out appropriate port  If not found, frame is flooded on all other ports
Bridges  Can be used for filtering  Make decisions based on source and destination address, type, or combination thereof  Filtering done for security or network management reasons  Limit bandwidth hogs  Prevent sensitive data from leaving  Bridges can be for local or remote networks  Remote has “half” at each end of WAN link
Network Layer  Which path should traffic take through networks?  How do the packets know where to go?  What are protocols?  What is the difference between routed and routing protocols?
Network Layer  Only two devices which are directly connected by the same “wire” can exchange data directly  Devices not on the same network must communicate via intermediate system  Router is an intermediate system  The network layer determines the best way to transfer data. It manages device addressing and tracks the location of devices. The router operates at this layer.
Network Layer Bridge vs. Router  Bridges can only extend a single network  All devices appear to be on same “wire”  Network has finite size, dependent on topology, protocols used  Routers can connect bridged subnetworks  Routed network has no limit on size  Internet, SIPRNET
Network Layer  Provides routing and relaying  Routing: determining the path between two end systems  Relaying: moving data along that path  Addressing mechanism is required  Flow control may be required  Must handle specific features of subnetwork  Mapping between data link layer and network layer addresses
Connection-Oriented vs. Connectionless Network Layer  Connection-Oriented  provides a Virtual Circuit (VC) between two end systems (like a telephone)  3 phases - call setup, data exchange, call close  Examples include X.25, OSI CONP, IBM SNA  Ideal for traditional terminal-host networks of finite size
Connection-Oriented vs. Connectionless Network Layer  Connectionless (CL)  Each piece of data independently routed  Sometimes called “datagram” networking  Each piece of data must carry all addressing and routing info  Basis of many current LAN/WAN operations  TCP/IP, OSI CLNP, IPX/SPX  Well suited to client/server and other distributed system networks
Connection-Oriented vs. Connectionless Network Layer  Arguments can be made Connection Oriented is best for many applications  Market has decided on CL networking  All mainstream developments on CL  Majority of networks now built CL  Easier to extend LAN based networks using CL WANs  We will focus on CL
Network switching  Circuit-switched  Transparent path between devices  Dedicated circuit  Phone call  Packet-switched  Data is segmented, buffered, & recombined
Network Layer Addressing  Impossible to use MAC addresses  Hierarchical scheme makes much more sense (Think postal - city, state, country)  This means routers only need to know regions (domains), not individual computers  The network address identifies the network and the host
Network Layer Addressing  Network Address - path part used by router  Host Address - specific port or device 1.1 1.2 2.1 2.2 Router 1.3 Network Host 1 1,2,3 2.3 2 1,2,3
Network Layer Addressing IP example  IP addresses are like street addresses for computers  Networks are hierarchically divided into subnets called domains  Domains are assigned IP addresses and names  Domains are represented by the network portion of the address  IP addresses and Domains are issued by InterNIC (cooperative activity between the National Science Foundation, Network Solutions, Inc. and AT&T)
Network Layer Addressing - IP  IP uses a 4 octet (32 bit) network address  The network and host portions of the address can vary in size  Normally, the network is assigned a class according to the size of the network  Class A uses 1 octet for the network  Class B uses 2 octets for the network  Class C uses 3 octets for the network  Class D is used for multicast addresses
Class A Address  Used in an inter-network that has a few networks and a large number of hosts  First octet assigned, users designate the other 3 octets (24 bits)  Up to 128 Class A Domains  Up to 16,777,216 hosts per domain This Field is 24 Bits of Fixed by IAB Variable Address 0-127 0-255 0-255 0-255
Class B Address  Used for a number of networks having a number of hosts  First 2 octets assigned, user designates the other 2 octets (16 bits)  16384 Class B Domains  Up to 65536 hosts per domain These Fields are 16 Bits of Fixed by IAB Variable Address 128-191 0-255 0-25 0-25 5 5
Class C Address  Used for networks having a small amount of hosts  First 3 octets assigned, user designates last octet (8 bits)  Up to 2,097,152 Class C Domains  Up to 256 hosts per domain These Fields are 8 Bits of Fixed by IAB Variable Address 191-223 0-255 0-255 0-255
IP Addresses  A host address of all ones is a broadcast  A host address of zero means the wire itself  These host addresses are always reserved and can never be used
Subnets & Subnet Masks  Every host on a network (i.e. same cable segment) must be configured with the same subnet ID.  First octet on class A addresses  First & second octet on class B addresses  First, second, & third octet on class C addresses  A Subnet Mask (Netmask) is a bit pattern that defines which portion of the 32 bits represents a subnet address.  Network devices use subnet masks to identify which part of the address is network and which part is host
Network Layer Routed vs. Routing Protocols  Routed Protocol - any protocol which provides enough information in its network layer address to allow the packet to reach its destination  Routing Protocol - any protocol used by routers to share routing information
Routed Protocols  IP  IPX  SMB  Appletalk  DEC/LAT
OSI Reference Model Protocol Mapping TCP/IP UDP/IP SPX/IPX Application using Application using Application using 7 Applicatio TCP/IP UDP/IP SPX/IPX n 6 Presentation 5 Session SPX 4 Transport TCP UDP 3 Network IP IP IPX 2 Data Link 1 Physical
Network-level Protocols  IPX (Internet Packet Exchange protocol)  Novell Netware & others  Works with the Session-layer protocol SPX (Sequential Packet Exchange Protocol)  NETBEUI (NetBIOS Extended User Interface)  Windows for Workgroups & Windows NT  IP (Internet Protocol)  Win NT, Win 95, Unix, etc…  Works with the Transport-layer protocols TCP (Transmission Control Protocol) and UDP (User Datagram Protocol)  SLIP (Serial-line Input Protocol) & PPP (Point-to-Point Protocol)
TCP/IP Consists of a suite of protocols (TCP & IP) Handles data in the form of packets Keeps track of packets which can be Out of order Damaged Lost Provides universal connectivity reliable full duplex stream delivery (as opposed to the unreliable UDP/IP protocol suite used by such applications as PING and DNS)
TCP/IP Cont…  Primary Services (applications) using TCP/IP  FileTransfer (FTP)  Remote Login (Telnet)  Electronic Mail (SMTP)  Currently the most widely used protocol (especially on the Internet)  Uses the IP address scheme
Routing Protocols  Distance -Vector  List of destination networks with direction and distance in hops  Link-state routing  Topology map of network identifies all routers and subnetworks  Route is determined from shortest path to destination  Routes can be manually loaded (static) or dynamically maintained
Routing Internet Management Domains  Core of Internet uses Gateway-Gateway Protocol (GGP) to exchange data between routers  Exterior Gateway Protocol (EGP) is used to exchange routing data with core and other autonomous systems  Interior Gateway Protocol (IGP) is used within autonomous systems
Routing Internet Management Domains Internet Core GGP EGP EGP IGP IGP Autonomous systems
Routing Protocols  Static routes  not a protocol  entered by hand  define a path to a network or subnet  Most secure
Routing Protocols RIP  Distance Vector  Interior Gateway Protocol  Noisy, not the most efficient  Broadcast routes every 30 seconds  Lowest cost route always best  A cost of 16 is unreachable  No security, anyone can pretend to be a router
Routing Protocols OSPF  Link-state  Interior Gateway Protocol  Routers elect “Designated Router”  All routers establish a topology database using DR as gateway between areas  Along with IGRP, a replacement for outdated RIP
Routing Protocols BGP  Border Gateway Protocol is an EGP  Can support multiple paths between autonomous systems  Can detect and suppress routing loops  Lacks security  Internet recently down because of incorrectly configured BGP on ISP router
Source Routing  Source (packet sender) can specify route a packet will traverse the network  Two types, strict and loose  Allows IP spoofing attacks  Rarely allowed across Internet
Transport Layer  TCP  UDP  IPX Service Advertising Protocol  Are UDP and TCP connectionless or connection oriented?  What is IP?  Explain the difference
Session Layer  Establishes, manages and terminates sessions between applications  coordinates service requests and responses that occur when applications communicate between different hosts  Examples include: NFS, RPC, X Window System, AppleTalk Session Protocol
Presentation Layer  Provides code formatting and conversion  For example, translates between differing text and data character representations such as EBCDIC and ASCII  Also includes data encryption  Layer 6 standards include JPEG, GIF, MPEG, MIDI
Application-layer Protocols  FTP (File Transfer Protocol)  TFTP (Trivial File Transfer Protocol)  Used by some X-Terminal systems  HTTP (HyperText Transfer Protocol)  SNMP (Simple Network Management Protocol  Helps network managers locate and correct problems in a TCP/IP network  Used to gain information from network devices such as count of packets received and routing tables  SMTP (Simple Mail Transfer Protocol)  Used by many email applications
Identification & Authentication  Identify who is connecting - userid  Authenticate who is connecting  password (static) - something you know  token (SecureID) - something you have  biometric - something you are  RADIUS, TACACS, PAP, CHAP  DIAMETER
Firewall Terms  Network address translation (NAT)  Internal addresses unreachable from external network  DMZ - De-Militarized Zone  Hosts that are directly reachable from untrusted networks  ACL - Access Control List  can be router or firewall term
Firewall Terms  Choke, Choke router  A router with packet filtering rules (ACLs) enabled  Gate, Bastion host, Dual Homed Host  A server that provides packet filtering and/or proxy services  proxy server  A server that provides application proxies
Firewall types  Packet-filtering router  Most common  Uses Access Control Lists (ACL)  Port  Source/destination address  Screened host  Packet-filtering and Bastion host  Application layer proxies  Screened subnet (DMZ)  2 packet filtering routers and bastion host(s)  Most secure
Firewall Models  Proxy servers  Intermediary  Think of bank teller  Stateful Inspection  State and context analyzed on every packet in connection
VPN – Virtual Private Network  PPTP  L2TP  IPSec  Tunnel Mode  Transport Mode  Site-to-Site VPN  Client-to-Site VPN  SSL  SSH
Intrusion Detection (IDS)  Host or network based  Context and content monitoring  Positioned at network boundaries  Basically a sniffer with the capability to detect traffic patterns known as attack signatures
Web Security  Secure sockets Layer (SSL)  Transport layer security (TCP based)  Widely used for web based applications  by convention, https:  Secure Hypertext Transfer Protocol (S-HTTP)  Less popular than SSL  Used for individual messages rather than sessions  Secure Electronic Transactions (SET)  PKI  Financial data  Supported by VISA, MasterCard, Microsoft, Netscape
IPSEC  IP Security  Set of protocols developed by IETF  Standard used to implement VPNs  Two modes  Transport Mode  encrypted payload (data), clear text header  Tunnel Mode  encrypted payload and header  IPSEC requires shared public key
Spoofing  TCP Sequence number prediction  UDP - trivial to spoof (CL)  DNS - spoof/manipulate IP/hostname pairings  Source Routing
Sniffing  Passive attack  Monitor the “wire” for all traffic - most effective in shared media networks  Sniffers used to be “hardware”, now are a standard software tool
Session Hijacking  Uses sniffer to detect sessions, get pertinent session info (sequence numbers, IP addresses)  Actively injects packets, spoofing the client side of the connection, taking over session with server  Bypasses I&A controls  Encryption is a countermeasure, stateful inspection can be a countermeasure
IP Fragmentation  Use fragmentation options in the IP header to force data in the packet to be overwritten upon reassembly  Used to circumvent packet filters  Leads to Denial of Service Attack
IDS Attacks  Insertion Attacks  Insert information to confuse pattern matching  Evasion Attacks  Trick the IDS into not detecting traffic  Example - Send a TCP RST with a TTL setting such that the packet expires prior to reaching its destination
Syn Floods  Remember the TCP handshake?  Syn, Syn-Ack, Ack  Send a lot of Syns  Don’t send Acks  Victim has a lot of open connections, can’t accept any more incoming connections  Denial of Service
Telecom/Remote Access Security  Dial up lines are favorite hacker target  War dialing  social engineering  PBX is a favorite phreaker target  blue box, gold box, etc.  Voice mail
Remote Access Security  SLIP - Serial Line Internet Protocol  PPP - Point to Point Protocol  SLIP/PPP about the same, PPP adds error checking, SLIP obsolete  PAP - Password authentication protocol  clear text password  CHAP - Challenge Handshake Auth. Prot.  Encrypted password
Remote Access Security  TACACS, TACACS+  Terminal Access Controller Access Control System  Network devices query TACACS server to verify passwords  “+” adds ability for two-factor (dynamic) passwords  Radius  Remote Auth. Dial-In User Service
RAID  Redundant Array of Inexpensive(or Independent) Disks - 7 levels  Level 0 - Data striping (spreads blocks of each file across multiple disks)  Level 1 - Provides disk mirroring  Level 3 - Same as 0, but adds a disk for error correction  Level 5 - Data striping at byte level, error correction too
?

Empfohlen

CCNA
CCNACCNA
CCNANeelotpal Dey
 
Networking Basics
Networking BasicsNetworking Basics
Networking BasicsSMC Networks Europe
 
Basic networking 07-2012
Basic networking 07-2012Basic networking 07-2012
Basic networking 07-2012Samuel Dratwa
 
Internet protocol (ip) ppt
Internet protocol (ip) pptInternet protocol (ip) ppt
Internet protocol (ip) pptDulith Kasun
 
Physical layer interface & standards
Physical layer interface & standardsPhysical layer interface & standards
Physical layer interface & standardsSrashti Vyas
 
Local Area Network – Wired LAN
Local Area Network – Wired LANLocal Area Network – Wired LAN
Local Area Network – Wired LANRaj vardhan
 
Ccna report
Ccna reportCcna report
Ccna reportSurender Singh
 
Ccna training report
Ccna training reportCcna training report
Ccna training reportTalvinder Singh
 

Empfohlen

CCNA
CCNACCNA
CCNANeelotpal Dey
 
Networking Basics
Networking BasicsNetworking Basics
Networking BasicsSMC Networks Europe
 
Basic networking 07-2012
Basic networking 07-2012Basic networking 07-2012
Basic networking 07-2012Samuel Dratwa
 
Internet protocol (ip) ppt
Internet protocol (ip) pptInternet protocol (ip) ppt
Internet protocol (ip) pptDulith Kasun
 
Physical layer interface & standards
Physical layer interface & standardsPhysical layer interface & standards
Physical layer interface & standardsSrashti Vyas
 
Local Area Network – Wired LAN
Local Area Network – Wired LANLocal Area Network – Wired LAN
Local Area Network – Wired LANRaj vardhan
 
Ccna report
Ccna reportCcna report
Ccna reportSurender Singh
 
Ccna training report
Ccna training reportCcna training report
Ccna training reportTalvinder Singh
 
Computer networks lan
Computer networks lanComputer networks lan
Computer networks lanDeepak John
 
Chapter 7 v8.0
Chapter 7 v8.0Chapter 7 v8.0
Chapter 7 v8.0rizwanshaikh478571
 
Lect3
Lect3Lect3
Lect3tt_aljobory
 
Ethernet - Networking presentation
Ethernet - Networking presentationEthernet - Networking presentation
Ethernet - Networking presentationViet Nguyen
 
EC8551 COMMUNICATION NETWORKS
EC8551 COMMUNICATION NETWORKSEC8551 COMMUNICATION NETWORKS
EC8551 COMMUNICATION NETWORKSGOWTHAMMS6
 
Physical Layer
Physical LayerPhysical Layer
Physical LayerAre-Da Shalan
 
MPLS Presentation
MPLS PresentationMPLS Presentation
MPLS PresentationUnni Kannan VijayaKumar
 
Chapter 3 1-network_design_with_internet_tools - Network Design
Chapter 3 1-network_design_with_internet_tools - Network DesignChapter 3 1-network_design_with_internet_tools - Network Design
Chapter 3 1-network_design_with_internet_tools - Network Designnakomuri
 
Network Fundamentals: Ch8 - Physical Layer
Network Fundamentals: Ch8 - Physical LayerNetwork Fundamentals: Ch8 - Physical Layer
Network Fundamentals: Ch8 - Physical LayerAbdelkhalik Mosa
 
Computer Network - OSI model
Computer Network - OSI modelComputer Network - OSI model
Computer Network - OSI modelManoj Kumar
 
Networking Concepts Lesson 06 - Protocols - Eric Vanderburg
Networking Concepts Lesson 06 - Protocols - Eric VanderburgNetworking Concepts Lesson 06 - Protocols - Eric Vanderburg
Networking Concepts Lesson 06 - Protocols - Eric VanderburgEric Vanderburg
 
The Physical Layer
The Physical LayerThe Physical Layer
The Physical Layeradil raja
 
Networking Ethernet
Networking EthernetNetworking Ethernet
Networking EthernetSSG1631
 
Chapter8
Chapter8 Chapter8
Chapter8 siageoksoon
 
20CS2007 Computer Communication Networks
20CS2007 Computer Communication Networks 20CS2007 Computer Communication Networks
20CS2007 Computer Communication Networks Kathirvel Ayyaswamy
 
Lan basic
Lan basicLan basic
Lan basicOnline
 
Connection( less & oriented)
Connection( less & oriented)Connection( less & oriented)
Connection( less & oriented)ymghorpade
 
CS6551 COMPUTER NETWORKS
CS6551 COMPUTER NETWORKSCS6551 COMPUTER NETWORKS
CS6551 COMPUTER NETWORKSKathirvel Ayyaswamy
 
UNIT -03 Transmission Media and Connecting Devices
UNIT -03 Transmission Media and Connecting Devices UNIT -03 Transmission Media and Connecting Devices
UNIT -03 Transmission Media and Connecting Devices Raj vardhan
 
HIGH SPEED NETWORKS
HIGH SPEED NETWORKSHIGH SPEED NETWORKS
HIGH SPEED NETWORKSKathirvel Ayyaswamy
 
Ims Sdp Lte Market
Ims Sdp Lte MarketIms Sdp Lte Market
Ims Sdp Lte MarketMarie-Paule Odini
 
Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) ClubHack
 

Weitere ähnliche Inhalte

Was ist angesagt?

Computer networks lan
Computer networks lanComputer networks lan
Computer networks lanDeepak John
 
Ethernet - Networking presentation
Ethernet - Networking presentationEthernet - Networking presentation
Ethernet - Networking presentationViet Nguyen
 
EC8551 COMMUNICATION NETWORKS
EC8551 COMMUNICATION NETWORKSEC8551 COMMUNICATION NETWORKS
EC8551 COMMUNICATION NETWORKSGOWTHAMMS6
 
Chapter 3 1-network_design_with_internet_tools - Network Design
Chapter 3 1-network_design_with_internet_tools - Network DesignChapter 3 1-network_design_with_internet_tools - Network Design
Chapter 3 1-network_design_with_internet_tools - Network Designnakomuri
 
Network Fundamentals: Ch8 - Physical Layer
Network Fundamentals: Ch8 - Physical LayerNetwork Fundamentals: Ch8 - Physical Layer
Network Fundamentals: Ch8 - Physical LayerAbdelkhalik Mosa
 
Computer Network - OSI model
Computer Network - OSI modelComputer Network - OSI model
Computer Network - OSI modelManoj Kumar
 
Networking Concepts Lesson 06 - Protocols - Eric Vanderburg
Networking Concepts Lesson 06 - Protocols - Eric VanderburgNetworking Concepts Lesson 06 - Protocols - Eric Vanderburg
Networking Concepts Lesson 06 - Protocols - Eric VanderburgEric Vanderburg
 
The Physical Layer
The Physical LayerThe Physical Layer
The Physical Layeradil raja
 
Networking Ethernet
Networking EthernetNetworking Ethernet
Networking EthernetSSG1631
 
20CS2007 Computer Communication Networks
20CS2007 Computer Communication Networks 20CS2007 Computer Communication Networks
20CS2007 Computer Communication Networks Kathirvel Ayyaswamy
 
Lan basic
Lan basicLan basic
Lan basicOnline
 
Connection( less & oriented)
Connection( less & oriented)Connection( less & oriented)
Connection( less & oriented)ymghorpade
 
UNIT -03 Transmission Media and Connecting Devices
UNIT -03 Transmission Media and Connecting Devices UNIT -03 Transmission Media and Connecting Devices
UNIT -03 Transmission Media and Connecting Devices Raj vardhan
 

Was ist angesagt? (20)

Computer networks lan
Computer networks lanComputer networks lan
Computer networks lan
 
Chapter 7 v8.0
Chapter 7 v8.0Chapter 7 v8.0
Chapter 7 v8.0
 
Lect3
Lect3Lect3
Lect3
 
Ethernet - Networking presentation
Ethernet - Networking presentationEthernet - Networking presentation
Ethernet - Networking presentation
 
EC8551 COMMUNICATION NETWORKS
EC8551 COMMUNICATION NETWORKSEC8551 COMMUNICATION NETWORKS
EC8551 COMMUNICATION NETWORKS
 
Physical Layer
Physical LayerPhysical Layer
Physical Layer
 
MPLS Presentation
MPLS PresentationMPLS Presentation
MPLS Presentation
 
Chapter 3 1-network_design_with_internet_tools - Network Design
Chapter 3 1-network_design_with_internet_tools - Network DesignChapter 3 1-network_design_with_internet_tools - Network Design
Chapter 3 1-network_design_with_internet_tools - Network Design
 
Network Fundamentals: Ch8 - Physical Layer
Network Fundamentals: Ch8 - Physical LayerNetwork Fundamentals: Ch8 - Physical Layer
Network Fundamentals: Ch8 - Physical Layer
 
Computer Network - OSI model
Computer Network - OSI modelComputer Network - OSI model
Computer Network - OSI model
 
Networking Concepts Lesson 06 - Protocols - Eric Vanderburg
Networking Concepts Lesson 06 - Protocols - Eric VanderburgNetworking Concepts Lesson 06 - Protocols - Eric Vanderburg
Networking Concepts Lesson 06 - Protocols - Eric Vanderburg
 
The Physical Layer
The Physical LayerThe Physical Layer
The Physical Layer
 
Networking Ethernet
Networking EthernetNetworking Ethernet
Networking Ethernet
 
Chapter8
Chapter8 Chapter8
Chapter8
 
20CS2007 Computer Communication Networks
20CS2007 Computer Communication Networks 20CS2007 Computer Communication Networks
20CS2007 Computer Communication Networks
 
Lan basic
Lan basicLan basic
Lan basic
 
Connection( less & oriented)
Connection( less & oriented)Connection( less & oriented)
Connection( less & oriented)
 
CS6551 COMPUTER NETWORKS
CS6551 COMPUTER NETWORKSCS6551 COMPUTER NETWORKS
CS6551 COMPUTER NETWORKS
 
UNIT -03 Transmission Media and Connecting Devices
UNIT -03 Transmission Media and Connecting Devices UNIT -03 Transmission Media and Connecting Devices
UNIT -03 Transmission Media and Connecting Devices
 
HIGH SPEED NETWORKS
HIGH SPEED NETWORKSHIGH SPEED NETWORKS
HIGH SPEED NETWORKS
 

Andere mochten auch

Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) ClubHack
 
Enterprise architecture for telecom sector
Enterprise architecture for telecom sectorEnterprise architecture for telecom sector
Enterprise architecture for telecom sectorSoham Pablo
 
Strategyzing big data in telco industry
Strategyzing big data in telco industryStrategyzing big data in telco industry
Strategyzing big data in telco industryParviz Iskhakov
 
Gsm security
Gsm securityGsm security
Gsm securityAli Kamil
 
37756129 gsm-call-flow
37756129 gsm-call-flow37756129 gsm-call-flow
37756129 gsm-call-flowtyagi4u
 
Security in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksSecurity in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksNaveen Kumar
 
Gsm architecture and call flow
Gsm architecture and call flowGsm architecture and call flow
Gsm architecture and call flowMohd Nazir Shakeel
 
A Study Of Telecom
A Study Of TelecomA Study Of Telecom
A Study Of Telecompinki_moti
 
Telecommunication basics
Telecommunication basicsTelecommunication basics
Telecommunication basicsYoohyun Kim
 
John Yessis - Telecom and Security
John Yessis - Telecom and Security John Yessis - Telecom and Security
John Yessis - Telecom and Security John Yessis
 
Basic GSM Call Flows
Basic GSM Call FlowsBasic GSM Call Flows
Basic GSM Call Flowsemyl97
 
GSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj VermaGSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj VermaOWASP Delhi
 
Basic of telecommunication presentation
Basic of telecommunication presentationBasic of telecommunication presentation
Basic of telecommunication presentationhannah05
 
telecommunication-ppt
telecommunication-ppttelecommunication-ppt
telecommunication-pptsecomps
 

Andere mochten auch (18)

Ims Sdp Lte Market
Ims Sdp Lte MarketIms Sdp Lte Market
Ims Sdp Lte Market
 
Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 )
 
Enterprise architecture for telecom sector
Enterprise architecture for telecom sectorEnterprise architecture for telecom sector
Enterprise architecture for telecom sector
 
Strategyzing big data in telco industry
Strategyzing big data in telco industryStrategyzing big data in telco industry
Strategyzing big data in telco industry
 
Gsm security
Gsm securityGsm security
Gsm security
 
37756129 gsm-call-flow
37756129 gsm-call-flow37756129 gsm-call-flow
37756129 gsm-call-flow
 
GSM Security
GSM SecurityGSM Security
GSM Security
 
Gsm security final
Gsm security finalGsm security final
Gsm security final
 
Security in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksSecurity in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) Networks
 
Gsm architecture and call flow
Gsm architecture and call flowGsm architecture and call flow
Gsm architecture and call flow
 
A Study Of Telecom
A Study Of TelecomA Study Of Telecom
A Study Of Telecom
 
Telecommunication
TelecommunicationTelecommunication
Telecommunication
 
Telecommunication basics
Telecommunication basicsTelecommunication basics
Telecommunication basics
 
John Yessis - Telecom and Security
John Yessis - Telecom and Security John Yessis - Telecom and Security
John Yessis - Telecom and Security
 
Basic GSM Call Flows
Basic GSM Call FlowsBasic GSM Call Flows
Basic GSM Call Flows
 
GSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj VermaGSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj Verma
 
Basic of telecommunication presentation
Basic of telecommunication presentationBasic of telecommunication presentation
Basic of telecommunication presentation
 
telecommunication-ppt
telecommunication-ppttelecommunication-ppt
telecommunication-ppt
 

Ähnlich wie 5. telecomm & network security

Basic-networking-hardware
Basic-networking-hardwareBasic-networking-hardware
Basic-networking-hardwareIsus Isusay
 
W-LAN (Wireless Local Area Network)
W-LAN (Wireless Local Area Network)W-LAN (Wireless Local Area Network)
W-LAN (Wireless Local Area Network)Parvesh Taneja
 
Ccent notes part 1
Ccent notes part 1Ccent notes part 1
Ccent notes part 1ahmady
 
Physical Layer of ISO-OSI model and Devices
Physical Layer of ISO-OSI model and DevicesPhysical Layer of ISO-OSI model and Devices
Physical Layer of ISO-OSI model and DevicesShahid Khan
 
Basic networking hardware: Switch : Router : Hub : Bridge : Gateway : Bus : C...
Basic networking hardware: Switch : Router : Hub : Bridge : Gateway : Bus : C...Basic networking hardware: Switch : Router : Hub : Bridge : Gateway : Bus : C...
Basic networking hardware: Switch : Router : Hub : Bridge : Gateway : Bus : C...Soumen Santra
 
Computer networks--networking hardware
Computer networks--networking hardwareComputer networks--networking hardware
Computer networks--networking hardwareMziaulla
 
Computer-Networks--Networking_Hardware.pptx
Computer-Networks--Networking_Hardware.pptxComputer-Networks--Networking_Hardware.pptx
Computer-Networks--Networking_Hardware.pptxssuser86699a
 
Week 4 introducing network standards
Week 4 introducing network standardsWeek 4 introducing network standards
Week 4 introducing network standardsRobert Almazan
 
Computer networks--networking hardware
Computer networks--networking hardwareComputer networks--networking hardware
Computer networks--networking hardwareokelloerick
 
Introduction of computer network
Introduction of computer networkIntroduction of computer network
Introduction of computer networkVivek Kumar Sinha
 
Chapter 1 overview-stij3053 - Network Design
Chapter 1 overview-stij3053 - Network DesignChapter 1 overview-stij3053 - Network Design
Chapter 1 overview-stij3053 - Network Designnakomuri
 
Introduction to networking
Introduction to networkingIntroduction to networking
Introduction to networkingMohsen Sarakbi
 
Computer Networks Lecture Notes 01
Computer Networks Lecture Notes 01Computer Networks Lecture Notes 01
Computer Networks Lecture Notes 01Sreedhar Chowdam
 

Ähnlich wie 5. telecomm & network security (20)

Basic-networking-hardware
Basic-networking-hardwareBasic-networking-hardware
Basic-networking-hardware
 
Ccna day1
Ccna day1Ccna day1
Ccna day1
 
Ccna day1
Ccna day1Ccna day1
Ccna day1
 
C C N A Day1
C C N A Day1C C N A Day1
C C N A Day1
 
W-LAN (Wireless Local Area Network)
W-LAN (Wireless Local Area Network)W-LAN (Wireless Local Area Network)
W-LAN (Wireless Local Area Network)
 
Ccna day1
Ccna day1Ccna day1
Ccna day1
 
Ccent notes part 1
Ccent notes part 1Ccent notes part 1
Ccent notes part 1
 
Physical Layer of ISO-OSI model and Devices
Physical Layer of ISO-OSI model and DevicesPhysical Layer of ISO-OSI model and Devices
Physical Layer of ISO-OSI model and Devices
 
Ccna introduction
Ccna introductionCcna introduction
Ccna introduction
 
Networking / Internet and Web Technologies
Networking / Internet and Web TechnologiesNetworking / Internet and Web Technologies
Networking / Internet and Web Technologies
 
Basic networking hardware: Switch : Router : Hub : Bridge : Gateway : Bus : C...
Basic networking hardware: Switch : Router : Hub : Bridge : Gateway : Bus : C...Basic networking hardware: Switch : Router : Hub : Bridge : Gateway : Bus : C...
Basic networking hardware: Switch : Router : Hub : Bridge : Gateway : Bus : C...
 
Computer networks--networking hardware
Computer networks--networking hardwareComputer networks--networking hardware
Computer networks--networking hardware
 
Computer-Networks--Networking_Hardware.pptx
Computer-Networks--Networking_Hardware.pptxComputer-Networks--Networking_Hardware.pptx
Computer-Networks--Networking_Hardware.pptx
 
Week 4 introducing network standards
Week 4 introducing network standardsWeek 4 introducing network standards
Week 4 introducing network standards
 
Technical Ethernet
Technical EthernetTechnical Ethernet
Technical Ethernet
 
Computer networks--networking hardware
Computer networks--networking hardwareComputer networks--networking hardware
Computer networks--networking hardware
 
Introduction of computer network
Introduction of computer networkIntroduction of computer network
Introduction of computer network
 
Chapter 1 overview-stij3053 - Network Design
Chapter 1 overview-stij3053 - Network DesignChapter 1 overview-stij3053 - Network Design
Chapter 1 overview-stij3053 - Network Design
 
Introduction to networking
Introduction to networkingIntroduction to networking
Introduction to networking
 
Computer Networks Lecture Notes 01
Computer Networks Lecture Notes 01Computer Networks Lecture Notes 01
Computer Networks Lecture Notes 01
 

Mehr von 7wounders

10. law invest & ethics
10. law invest & ethics10. law invest & ethics
10. law invest & ethics7wounders
 
8. operations security
8. operations security8. operations security
8. operations security7wounders
 
7. physical sec
7. physical sec7. physical sec
7. physical sec7wounders
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
3. security architecture and models
3. security architecture and models3. security architecture and models
3. security architecture and models7wounders
 
2. access control
2. access control2. access control
2. access control7wounders
 
1. security management practices
1. security management practices1. security management practices
1. security management practices7wounders
 

Mehr von 7wounders (8)

Cissp why
Cissp whyCissp why
Cissp why
 
10. law invest & ethics
10. law invest & ethics10. law invest & ethics
10. law invest & ethics
 
8. operations security
8. operations security8. operations security
8. operations security
 
7. physical sec
7. physical sec7. physical sec
7. physical sec
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
3. security architecture and models
3. security architecture and models3. security architecture and models
3. security architecture and models
 
2. access control
2. access control2. access control
2. access control
 
1. security management practices
1. security management practices1. security management practices
1. security management practices
 

Kürzlich hochgeladen

MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)lakshayb543
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...Nguyen Thanh Tu Collection
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...JojoEDelaCruz
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationRosabel UA
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxiammrhaywood
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatYousafMalik24
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Celine George
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptxmary850239
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPCeline George
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxMusic 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxleah joy valeriano
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...JhezDiaz1
 

Kürzlich hochgeladen (20)

MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
Visit to a blind student's school🧑‍🦯🧑‍🦯(community medicine)
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translation
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
Earth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice greatEarth Day Presentation wow hello nice great
Earth Day Presentation wow hello nice great
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17Field Attribute Index Feature in Odoo 17
Field Attribute Index Feature in Odoo 17
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 
4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx4.16.24 21st Century Movements for Black Lives.pptx
4.16.24 21st Century Movements for Black Lives.pptx
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
 
How to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERPHow to do quick user assign in kanban in Odoo 17 ERP
How to do quick user assign in kanban in Odoo 17 ERP
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptxMusic 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
Music 9 - 4th quarter - Vocal Music of the Romantic Period.pptx
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
ENGLISH 7_Q4_LESSON 2_ Employing a Variety of Strategies for Effective Interp...
 

5. telecomm & network security

  • 2. Telecom And Network Security Understand the OSI model Identify network hardware Understand LAN topologies Basic protocols - routing and routed Understand IP addressing scheme Understand subnet masking Understand basic firewall architectures Understand basic telecommunications security issues
  • 3. Telecom and Network Security  Intro to OSI model  LAN topologies  OSI revisited • hardware • bridging,routing • routed protocols, WANs  IP addressing, subnet masks  Routing Protocols
  • 4. OSI/ISO ??  OSI model developed by ISO, International Standards Organization  IEEE - Institute of Electrical and Electronics Engineers  NSA - National Security Agency  NIST - National Institute for Standards and Technology  ANSI - American National Standards Institute  CCITT - International Telegraph and Telephone Consultative Committee
  • 5. OSI Reference Model  Open Systems Interconnection Reference Model  Standard model for network communications  Allows dissimilar networks to communicate  Defines 7 protocol layers (a.k.a. protocol stack)  Each layer on one workstation communicates with its respective layer on another workstation using protocols (i.e. agreed-upon communication formats)  “Mapping” each protocol to the model is useful for comparing protocols.
  • 6. The OSI Layers 7 Application Provides specific services for applications such as file transfer 6 Presentation Provides data representation between systems 5 Session Establishes, maintains, manages sessions example - synchronization of data flow 4 Transport Provides end-to-end data transmission integrity 3 Network Switches and routes information units 2 Data Link Provides transfer of units of information to other end of physical link 1 Physical Transmits bit stream on physical medium Mnemonic: Please Do Not Take Sales Person Advice
  • 7. Data Flow in OSI Reference Model Host 1 Host 2 Data travels down the stack 7 Applicatio Then up the receiving stack 7 Applicatio n n 6 Presentation 6 Presentation 5 Session 5 Sessio 4 Transport n 4 Transport 3 Network 3 Network 2 Data Link 2 Data Link 1 Physical 1 Physical Through the network As the data passes through each layer on the client information about that layer is added to the data.. This information is stripped off by the corresponding layer on the server.
  • 8. OSI Model  Protocols required for Networking are covered in OSI model  Keep model in mind for rest of course  All layers to be explored in more detail
  • 9. LAN Topologies  Star Topology  Bus Topology
  • 10. LAN Topologies Cont…  Ring Topology
  • 11. Star Topology  Telephone wiring is one common example  Center of star is the wire closet  Star Topology easily maintainable
  • 12. Bus Topology  Basically a cable that attaches many devices  Can be a “daisy chain” configuration  Computer I/O bus is example
  • 13. Tree Topology  Can be extension of bus and star topologies  Tree has no closed loops
  • 14. Ring Topology  Continuous closed path between devices  A logical ring is usually a physical star  Don’t confuse logical and physical topology
  • 15. Network topologies Topology Advantages Disadvantages Bus • Passive transmission medium • Channel access technique • Localized failure impact (contention) • Adaptive Utilization Star • Simplicity • Reliability of central node • Central routing • Loading of central node • No routing decisions Ring • Simplicity • Failure modes with global effect • Predictable delay • No routing decisions
  • 16. LAN Access Methods  Carrier Sense Multiple Access with Collision Detection (CSMA/CD)  Talk when no one else is talking  Token  Talk when you have the token  Slotted  Similar to token, talk in free “slots”
  • 17. LAN Signaling Types  Baseband  Digital signal, serial bit stream  Broadband  Analog signal  Cable TV technology
  • 18. Ethernet  Bus topology  CSMA/CD  Baseband  Most common network type  IEEE 802.3  Broadcast technology - transmission stops at terminators
  • 19. Token Bus  IEEE 802.4  Very large scale, expensive  Usually seen in factory automation  Used when one needs:  Multichannel capabilities of a broadband LAN  resistance to electrical interference
  • 20. Token Ring  IEEE 802.5  Flow is unidirectional  Each node regenerates signal (acts as repeater)  Control passed from interface to interface by “token”  Only one node at a time can have token  4 or 16 Mbps
  • 21. Fiber Distributed Data Interface (FDDI)  Dual counter rotating rings  Devices can attach to one or both rings  Single attachment station (SAS), dual (DAS)  Uses token passing  Logically and physically a ring  ANSI governed
  • 22. WAN  WANs connect LANs  Generally a single data link  Links most often come from Regional Bell Operating Companies (RBOCs) or Post, Telephone, and Telegraph (PTT) agencies  Wan link contains Data Terminal Equipment (DTE) on user side and Data Circuit-Terminating Equipment (DCE) at WAN provider’s end  MAN - Metropolitan Area Network
  • 23. ISDN  Integrated services digital network (ISDN) is a worldwide public network service that can provide end-to-end digital communications and fully integrate technologies  The basic rate interface (BRI) - 2B+D  The primary rate interface (PRI) - 23B+D  B channel - 64-Kbps bandwidth and are appropriate for either voice or data transmission  D channel - 16-Kbps signaling channel, is designed to control transmission of the B channel
  • 24. Typical Point-to –Point WAN The Connections T1 – 1.544 Mbps of electronic information T2 - a T-carrier that can handle 6.312 Mbps or 96 voice channels. T3 - a T-carrier that can handle 44.736 Mbps or 672 voice channels. T4 - a T-carrier that can handle 274.176 Mbps or 4032 voice channels
  • 25. WAN Cont…  Cable Modem and DSL  ADSL - Asymmetric Digital Subscriber Line - 144 Kbps to 1.5 Mbps  SDSL - Single Line Digital Subscriber Line - 1.544 Mbps to 2.048 Mbps  HDSL - High data rate Digital Subscriber Line - 1.544 Mbps to 42.048 Mbps  VDSL - Very high data rate Digital Subscriber Line - 13 to 52 Mbps 1.5 to 2.3 Mbps
  • 26. WAN Cont…  Frame Relay and X.25 - Packet-switched technologies  Evolved from standardization work on ISDN  Designed to eliminate much of the overhead in X.25  DTE - Data Terminal Equipment  DCE - Data Circuit-terminating Equipment  CIR - Committed Information Rate
  • 27. OSI Model -Layers  Physical  Data Link  Network  Transport  Session  Presentation  Application
  • 28. Physical Layer  Specifies the electrical, mechanical, procedural, and functional requirements for activating, maintaining, and deactivating the physical link between end systems  Examples of physical link characteristics include voltage levels, data rates, maximum transmission distances, and physical connectors
  • 29. Physical Layer Hardware  Cabling  twisted pair  10baseT  10base2  10base5  fiber  transceivers  hubs  topology
  • 30. Twisted Pair  10BaseT (10 Mbps, 100 meters w/o repeater)  Unshielded and shielded twisted pair (UTP most common)  two wires per pair, twisted in spiral  Typically 1 to 10 Mbps, up to 100Mbps possible  Noise immunity and emanations improved by shielding
  • 31. Coaxial Cable  10Base2 (10 Mbps, repeater every 200 m)  ThinEthernet or Thinnet or Coax  2-50 Mbps  Needs repeaters every 200-500 meters  Terminator: 50 ohms for ethernet, 75 for TV  Flexible and rigid available, flexible most common  Noise immunity and emanations very good
  • 32. Coaxial Cables, cont  Ethernet uses “T” connectors and 50 ohm terminators  Every segment must have exactly 2 terminators  Segments may be linked using repeaters, hubs
  • 33. Standard Ethernet  10Base5  Max of 100 taps per segment  Nonintrusive taps available (vampire tap)  Uses AUI (Attachment Unit Interface)
  • 34. Fiber-Optic Cable  Consists of Outer jacket, cladding of glass, and core of glass  Fast
  • 35. Transceivers  Physical devices to allow you to connect different transmission media  May include Signal Quality Error (SQE) or “heartbeat” to test collision detection mechanism on each transmission  May include “link light”, lit when connection exists
  • 36. Hubs  A device which connects several other devices  Also called concentrator, repeater, or multi- station access unit (MAU)
  • 37. OSI Model - Layers  Physical  Data Link  Network  Transport  Session  Presentation  Application
  • 38. Data Link Layer  Provides data transport across a physical link  Data Link layer handles physical addressing, network topology, line discipline, error notification, orderly delivery of frames, and optional flow control  Bridges operate at this layer
  • 39. Data Link Sub-layers  Media Access Control (MAC)  refers downward to lower layer hardware functions  Logical Link Control (LLC)  refers upward to higher layer software functions
  • 40. Medium Access Control  MAC address is “physical address”, unique for LAN interface card  Also called hardware or link-layer address  The MAC address is burned into the Read Only Memory (ROM)  MAC address is 48 bit address in 12 hexadecimal digits  1st six identify vendor, provided by IEEE  2nd six unique, provided by vendor
  • 41. Logical Link Control  Presents a uniform interface to upper layers  Enables upper layers to gain independence over LAN media access  upper layers use network addresses rather than MAC addresses  Provide optional connection, flow control, and sequencing services
  • 42. Bridges  Device which forwards frames between data link layers associated with two separate cables  Stores source and destination addresses in table  When bridge receives a frame it attempts to find the destination address in its table  If found, frame is forwarded out appropriate port  If not found, frame is flooded on all other ports
  • 43. Bridges  Can be used for filtering  Make decisions based on source and destination address, type, or combination thereof  Filtering done for security or network management reasons  Limit bandwidth hogs  Prevent sensitive data from leaving  Bridges can be for local or remote networks  Remote has “half” at each end of WAN link
  • 44. Network Layer  Which path should traffic take through networks?  How do the packets know where to go?  What are protocols?  What is the difference between routed and routing protocols?
  • 45. Network Layer  Only two devices which are directly connected by the same “wire” can exchange data directly  Devices not on the same network must communicate via intermediate system  Router is an intermediate system  The network layer determines the best way to transfer data. It manages device addressing and tracks the location of devices. The router operates at this layer.
  • 46. Network Layer Bridge vs. Router  Bridges can only extend a single network  All devices appear to be on same “wire”  Network has finite size, dependent on topology, protocols used  Routers can connect bridged subnetworks  Routed network has no limit on size  Internet, SIPRNET
  • 47. Network Layer  Provides routing and relaying  Routing: determining the path between two end systems  Relaying: moving data along that path  Addressing mechanism is required  Flow control may be required  Must handle specific features of subnetwork  Mapping between data link layer and network layer addresses
  • 48. Connection-Oriented vs. Connectionless Network Layer  Connection-Oriented  provides a Virtual Circuit (VC) between two end systems (like a telephone)  3 phases - call setup, data exchange, call close  Examples include X.25, OSI CONP, IBM SNA  Ideal for traditional terminal-host networks of finite size
  • 49. Connection-Oriented vs. Connectionless Network Layer  Connectionless (CL)  Each piece of data independently routed  Sometimes called “datagram” networking  Each piece of data must carry all addressing and routing info  Basis of many current LAN/WAN operations  TCP/IP, OSI CLNP, IPX/SPX  Well suited to client/server and other distributed system networks
  • 50. Connection-Oriented vs. Connectionless Network Layer  Arguments can be made Connection Oriented is best for many applications  Market has decided on CL networking  All mainstream developments on CL  Majority of networks now built CL  Easier to extend LAN based networks using CL WANs  We will focus on CL
  • 51. Network switching  Circuit-switched  Transparent path between devices  Dedicated circuit  Phone call  Packet-switched  Data is segmented, buffered, & recombined
  • 52. Network Layer Addressing  Impossible to use MAC addresses  Hierarchical scheme makes much more sense (Think postal - city, state, country)  This means routers only need to know regions (domains), not individual computers  The network address identifies the network and the host
  • 53. Network Layer Addressing  Network Address - path part used by router  Host Address - specific port or device 1.1 1.2 2.1 2.2 Router 1.3 Network Host 1 1,2,3 2.3 2 1,2,3
  • 54. Network Layer Addressing IP example  IP addresses are like street addresses for computers  Networks are hierarchically divided into subnets called domains  Domains are assigned IP addresses and names  Domains are represented by the network portion of the address  IP addresses and Domains are issued by InterNIC (cooperative activity between the National Science Foundation, Network Solutions, Inc. and AT&T)
  • 55. Network Layer Addressing - IP  IP uses a 4 octet (32 bit) network address  The network and host portions of the address can vary in size  Normally, the network is assigned a class according to the size of the network  Class A uses 1 octet for the network  Class B uses 2 octets for the network  Class C uses 3 octets for the network  Class D is used for multicast addresses
  • 56. Class A Address  Used in an inter-network that has a few networks and a large number of hosts  First octet assigned, users designate the other 3 octets (24 bits)  Up to 128 Class A Domains  Up to 16,777,216 hosts per domain This Field is 24 Bits of Fixed by IAB Variable Address 0-127 0-255 0-255 0-255
  • 57. Class B Address  Used for a number of networks having a number of hosts  First 2 octets assigned, user designates the other 2 octets (16 bits)  16384 Class B Domains  Up to 65536 hosts per domain These Fields are 16 Bits of Fixed by IAB Variable Address 128-191 0-255 0-25 0-25 5 5
  • 58. Class C Address  Used for networks having a small amount of hosts  First 3 octets assigned, user designates last octet (8 bits)  Up to 2,097,152 Class C Domains  Up to 256 hosts per domain These Fields are 8 Bits of Fixed by IAB Variable Address 191-223 0-255 0-255 0-255
  • 59. IP Addresses  A host address of all ones is a broadcast  A host address of zero means the wire itself  These host addresses are always reserved and can never be used
  • 60. Subnets & Subnet Masks  Every host on a network (i.e. same cable segment) must be configured with the same subnet ID.  First octet on class A addresses  First & second octet on class B addresses  First, second, & third octet on class C addresses  A Subnet Mask (Netmask) is a bit pattern that defines which portion of the 32 bits represents a subnet address.  Network devices use subnet masks to identify which part of the address is network and which part is host
  • 61. Network Layer Routed vs. Routing Protocols  Routed Protocol - any protocol which provides enough information in its network layer address to allow the packet to reach its destination  Routing Protocol - any protocol used by routers to share routing information
  • 62. Routed Protocols  IP  IPX  SMB  Appletalk  DEC/LAT
  • 63. OSI Reference Model Protocol Mapping TCP/IP UDP/IP SPX/IPX Application using Application using Application using 7 Applicatio TCP/IP UDP/IP SPX/IPX n 6 Presentation 5 Session SPX 4 Transport TCP UDP 3 Network IP IP IPX 2 Data Link 1 Physical
  • 64. Network-level Protocols  IPX (Internet Packet Exchange protocol)  Novell Netware & others  Works with the Session-layer protocol SPX (Sequential Packet Exchange Protocol)  NETBEUI (NetBIOS Extended User Interface)  Windows for Workgroups & Windows NT  IP (Internet Protocol)  Win NT, Win 95, Unix, etc…  Works with the Transport-layer protocols TCP (Transmission Control Protocol) and UDP (User Datagram Protocol)  SLIP (Serial-line Input Protocol) & PPP (Point-to-Point Protocol)
  • 65. TCP/IP Consists of a suite of protocols (TCP & IP) Handles data in the form of packets Keeps track of packets which can be Out of order Damaged Lost Provides universal connectivity reliable full duplex stream delivery (as opposed to the unreliable UDP/IP protocol suite used by such applications as PING and DNS)
  • 66. TCP/IP Cont…  Primary Services (applications) using TCP/IP  FileTransfer (FTP)  Remote Login (Telnet)  Electronic Mail (SMTP)  Currently the most widely used protocol (especially on the Internet)  Uses the IP address scheme
  • 67. Routing Protocols  Distance -Vector  List of destination networks with direction and distance in hops  Link-state routing  Topology map of network identifies all routers and subnetworks  Route is determined from shortest path to destination  Routes can be manually loaded (static) or dynamically maintained
  • 68. Routing Internet Management Domains  Core of Internet uses Gateway-Gateway Protocol (GGP) to exchange data between routers  Exterior Gateway Protocol (EGP) is used to exchange routing data with core and other autonomous systems  Interior Gateway Protocol (IGP) is used within autonomous systems
  • 69. Routing Internet Management Domains Internet Core GGP EGP EGP IGP IGP Autonomous systems
  • 70. Routing Protocols  Static routes  not a protocol  entered by hand  define a path to a network or subnet  Most secure
  • 71. Routing Protocols RIP  Distance Vector  Interior Gateway Protocol  Noisy, not the most efficient  Broadcast routes every 30 seconds  Lowest cost route always best  A cost of 16 is unreachable  No security, anyone can pretend to be a router
  • 72. Routing Protocols OSPF  Link-state  Interior Gateway Protocol  Routers elect “Designated Router”  All routers establish a topology database using DR as gateway between areas  Along with IGRP, a replacement for outdated RIP
  • 73. Routing Protocols BGP  Border Gateway Protocol is an EGP  Can support multiple paths between autonomous systems  Can detect and suppress routing loops  Lacks security  Internet recently down because of incorrectly configured BGP on ISP router
  • 74. Source Routing  Source (packet sender) can specify route a packet will traverse the network  Two types, strict and loose  Allows IP spoofing attacks  Rarely allowed across Internet
  • 75. Transport Layer  TCP  UDP  IPX Service Advertising Protocol  Are UDP and TCP connectionless or connection oriented?  What is IP?  Explain the difference
  • 76. Session Layer  Establishes, manages and terminates sessions between applications  coordinates service requests and responses that occur when applications communicate between different hosts  Examples include: NFS, RPC, X Window System, AppleTalk Session Protocol
  • 77. Presentation Layer  Provides code formatting and conversion  For example, translates between differing text and data character representations such as EBCDIC and ASCII  Also includes data encryption  Layer 6 standards include JPEG, GIF, MPEG, MIDI
  • 78. Application-layer Protocols  FTP (File Transfer Protocol)  TFTP (Trivial File Transfer Protocol)  Used by some X-Terminal systems  HTTP (HyperText Transfer Protocol)  SNMP (Simple Network Management Protocol  Helps network managers locate and correct problems in a TCP/IP network  Used to gain information from network devices such as count of packets received and routing tables  SMTP (Simple Mail Transfer Protocol)  Used by many email applications
  • 79. Identification & Authentication  Identify who is connecting - userid  Authenticate who is connecting  password (static) - something you know  token (SecureID) - something you have  biometric - something you are  RADIUS, TACACS, PAP, CHAP  DIAMETER
  • 80. Firewall Terms  Network address translation (NAT)  Internal addresses unreachable from external network  DMZ - De-Militarized Zone  Hosts that are directly reachable from untrusted networks  ACL - Access Control List  can be router or firewall term
  • 81. Firewall Terms  Choke, Choke router  A router with packet filtering rules (ACLs) enabled  Gate, Bastion host, Dual Homed Host  A server that provides packet filtering and/or proxy services  proxy server  A server that provides application proxies
  • 82. Firewall types  Packet-filtering router  Most common  Uses Access Control Lists (ACL)  Port  Source/destination address  Screened host  Packet-filtering and Bastion host  Application layer proxies  Screened subnet (DMZ)  2 packet filtering routers and bastion host(s)  Most secure
  • 83. Firewall Models  Proxy servers  Intermediary  Think of bank teller  Stateful Inspection  State and context analyzed on every packet in connection
  • 84. VPN – Virtual Private Network  PPTP  L2TP  IPSec  Tunnel Mode  Transport Mode  Site-to-Site VPN  Client-to-Site VPN  SSL  SSH
  • 85. Intrusion Detection (IDS)  Host or network based  Context and content monitoring  Positioned at network boundaries  Basically a sniffer with the capability to detect traffic patterns known as attack signatures
  • 86. Web Security  Secure sockets Layer (SSL)  Transport layer security (TCP based)  Widely used for web based applications  by convention, https:  Secure Hypertext Transfer Protocol (S-HTTP)  Less popular than SSL  Used for individual messages rather than sessions  Secure Electronic Transactions (SET)  PKI  Financial data  Supported by VISA, MasterCard, Microsoft, Netscape
  • 87. IPSEC  IP Security  Set of protocols developed by IETF  Standard used to implement VPNs  Two modes  Transport Mode  encrypted payload (data), clear text header  Tunnel Mode  encrypted payload and header  IPSEC requires shared public key
  • 88. Spoofing  TCP Sequence number prediction  UDP - trivial to spoof (CL)  DNS - spoof/manipulate IP/hostname pairings  Source Routing
  • 89. Sniffing  Passive attack  Monitor the “wire” for all traffic - most effective in shared media networks  Sniffers used to be “hardware”, now are a standard software tool
  • 90. Session Hijacking  Uses sniffer to detect sessions, get pertinent session info (sequence numbers, IP addresses)  Actively injects packets, spoofing the client side of the connection, taking over session with server  Bypasses I&A controls  Encryption is a countermeasure, stateful inspection can be a countermeasure
  • 91. IP Fragmentation  Use fragmentation options in the IP header to force data in the packet to be overwritten upon reassembly  Used to circumvent packet filters  Leads to Denial of Service Attack
  • 92. IDS Attacks  Insertion Attacks  Insert information to confuse pattern matching  Evasion Attacks  Trick the IDS into not detecting traffic  Example - Send a TCP RST with a TTL setting such that the packet expires prior to reaching its destination
  • 93. Syn Floods  Remember the TCP handshake?  Syn, Syn-Ack, Ack  Send a lot of Syns  Don’t send Acks  Victim has a lot of open connections, can’t accept any more incoming connections  Denial of Service
  • 94. Telecom/Remote Access Security  Dial up lines are favorite hacker target  War dialing  social engineering  PBX is a favorite phreaker target  blue box, gold box, etc.  Voice mail
  • 95. Remote Access Security  SLIP - Serial Line Internet Protocol  PPP - Point to Point Protocol  SLIP/PPP about the same, PPP adds error checking, SLIP obsolete  PAP - Password authentication protocol  clear text password  CHAP - Challenge Handshake Auth. Prot.  Encrypted password
  • 96. Remote Access Security  TACACS, TACACS+  Terminal Access Controller Access Control System  Network devices query TACACS server to verify passwords  “+” adds ability for two-factor (dynamic) passwords  Radius  Remote Auth. Dial-In User Service
  • 97. RAID  Redundant Array of Inexpensive(or Independent) Disks - 7 levels  Level 0 - Data striping (spreads blocks of each file across multiple disks)  Level 1 - Provides disk mirroring  Level 3 - Same as 0, but adds a disk for error correction  Level 5 - Data striping at byte level, error correction too
  • 98. ?

Hinweis der Redaktion

  1. 6