Upload
nicholas-davis
View
64
Download
0
Embed Size (px)
Citation preview
Information Security 365/765, Fall, 2016Course Instructor, Nicholas Davis
Lecture 8, Telecommunications and Network Security
Telecommunications andTelecommunications andNetwork Security OverviewNetwork Security Overview• TCP/IP and other protocols• LAN, WAN, MAN, intranet,
extranet• Cable types and data
transmission types• Network devices and services• Communications security
management05/01/23 UNIVERSITY OF WISCONSIN 2
IP – Internet ProtocolIP – Internet ProtocolHow the Internet TalksHow the Internet Talks
A protocol (means of communication) which provides a means for routing data to its destinationThink of it this way:Data packet = contents of a postal letterIP address = an addressed envelopeNetwork = the postal system
05/01/23 UNIVERSITY OF WISCONSIN 3
TCP and UDPTCP and UDPTwo Major Protocols For Two Major Protocols For
Transmission Over IPTransmission Over IP
05/01/23 UNIVERSITY OF WISCONSIN 4
Reliabaility TCPReliabaility TCPTCP is connection-oriented protocol. When a file or message send it will get delivered unless connections fails. If connection lost, the server will request the lost part. There is no corruption while transferring a message.
05/01/23 UNIVERSITY OF WISCONSIN 5
Reliability UDPReliability UDPUDP is connectionless protocol. When you a send a data or message, you don't know if it'll get there, it could get lost on the way. There may be corruption while transferring a message.
05/01/23 UNIVERSITY OF WISCONSIN 6
Ordered Delivery TCPOrdered Delivery TCPOrdered: If you send two messages along a connection, one after the other, you know the first message will get there first. You don't have to worry about data arriving in the wrong order
05/01/23 UNIVERSITY OF WISCONSIN 7
No Ordered Delivery UDPNo Ordered Delivery UDPIf you send two messages out, you don't know what order they'll arrive in
05/01/23 UNIVERSITY OF WISCONSIN 8
TCP is a HeavyweightTCP is a HeavyweightProtocolProtocol
Heavyweight: - when the low level parts of the TCP "stream" arrive in the wrong order, resend requests have to be sent, and all the out of sequence parts have to be put back together, so requires a bit of work to piece together
05/01/23 UNIVERSITY OF WISCONSIN 9
UDP is a Lightweight UDP is a Lightweight ProtocolProtocolLightweight: No ordering of
messages, no tracking connections, etc. It's just fire and forget! This means it's a lot quicker, and the network card / OS have to do very little work to translate the data back from the packets.
05/01/23 UNIVERSITY OF WISCONSIN 10
What is Your Opinion ofWhat is Your Opinion ofWhen to Use TCP vs. UDP?When to Use TCP vs. UDP?TCP is typically slower than UDPUDP is typically less reliable than TCP
05/01/23 UNIVERSITY OF WISCONSIN 11
The TCP HandshakeThe TCP Handshake
05/01/23 UNIVERSITY OF WISCONSIN 12
Every Node on an IP Every Node on an IP NetworkNetwork
Has an IP AddressHas an IP AddressIn IPv4 there are five classes of IP addresses A-EClass A = Very large networksClass B = Medium to large size networksClass C = Small networksClass D = Reserved for multicastingClass E = Experimental and educational use05/01/23 UNIVERSITY OF WISCONSIN 13
The 5 Types of PhysicalThe 5 Types of PhysicalNetwork TopologiesNetwork Topologies
• Bus• Ring• Star• Tree• Mesh
05/01/23 UNIVERSITY OF WISCONSIN 14
Bus TopologyBus TopologyBus networks (not to be confused with the system bus of a computer) use a common backbone to connect all devices. A single cable, the backbone functions as a shared communication medium that devices attach or tap into with an interface connector. A device wanting to communicate with another device on the network sends a broadcast message onto the wire that all other devices see, but only the intended recipient actually accepts and processes the message.
05/01/23 UNIVERSITY OF WISCONSIN 15
Ring TopologyIn a ring network, every device has exactly two neighbors for communication purposes. All messages travel through a ring in the same direction (either "clockwise" or "counterclockwise"). A failure in any cable or device breaks the loop and can take down the entire network.
05/01/23 UNIVERSITY OF WISCONSIN 16
Star TopologyMany home networks use the star topology. A star network features a central connection point called a "hub node" that may be a network hub , switch or router . Devices typically connect to the hub with Unshielded Twisted Pair (UTP) Ethernet.Compared to the bus topology, a star network generally requires more cable, but a failure in any star network cable will only take down one computer's network access and not the entire LAN. (If the hub fails, however, the entire network also fails.)
05/01/23 UNIVERSITY OF WISCONSIN 17
Tree TopologyTree TopologyCorporate NetworksCorporate Networks
Tree topologies integrate multiple star topologies together onto a bus. In its simplest form, only hub devices connect directly to the tree bus, and each hub functions as the root of a tree of devices. This bus/star hybrid approach supports future expandability of the network much better than a bus (limited in the number of devices due to the broadcast traffic it generates) or a star (limited by the number of hub connection points) alone.
05/01/23 UNIVERSITY OF WISCONSIN 18
Mesh TopologyMesh TopologyThe Larger InternetThe Larger Internet
Mesh topologies involve the concept of routes. Unlike each of the previous topologies, messages sent on a mesh network can take any of several possible paths from source to destination. (Recall that even in a ring, although two cable paths exist, messages can only travel in one direction.) Some WANs, most notably the Internet, employ mesh routing.
05/01/23 UNIVERSITY OF WISCONSIN 19
Summary ofSummary ofNetwork TopologiesNetwork Topologies
Topologies remain an important part of network design theory. You can probably build a home or small business computer network without understanding the difference between a bus design and a star design. However, each type of topology has security implications.
05/01/23 UNIVERSITY OF WISCONSIN 20
Network CablingNetwork CablingCoaxial CableCoaxial Cable
Coaxial cable, or coax (pronounced 'ko.æks), is a type of cable that has an inner conductor surrounded by a tubular insulating layer, surrounded by a tubular conducting shield. Many coaxial cables also have an insulating outer sheath or jacket.
05/01/23 UNIVERSITY OF WISCONSIN 21
Network CablingNetwork CablingTwisted PairTwisted Pair
Twisted pair cabling is a type of wiring in which two conductors of a single circuit are twisted together for the purposes of canceling out electromagnetic interference from external sources; for instance, electromagnetic radiation from unshielded twisted pair cables, and crosstalk between neighboring pairs.
05/01/23 UNIVERSITY OF WISCONSIN 22
Network CablingNetwork CablingFiber OpticFiber Optic
A technology that uses glass (or plastic) threads (fibers) to transmit data. A fiber optic cable consists of a bundle of glass threads, each of which is capable of transmitting messages modulated onto light waves. Fiber optics has several advantages over traditional metal communications lines:
05/01/23 UNIVERSITY OF WISCONSIN 23
For Better Security UseFor Better Security UseCoaxial Cable or Fiber Coaxial Cable or Fiber
OpticsOpticsSignal leakage from twisted pair cables makes them vulnerable to snooping of the data traffic
05/01/23 UNIVERSITY OF WISCONSIN 24
Beware of Signal Beware of Signal AttenuationAttenuation
(loss of signal over distance)(loss of signal over distance)
05/01/23 UNIVERSITY OF WISCONSIN 25
Assigning An IP AddressAssigning An IP AddressDHCPDHCP
Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers (i.e., a scope) configured for a given network. DHCP assigns an IP address when a system is started, for example, your cable modem at home uses DHCP
05/01/23 UNIVERSITY OF WISCONSIN 26
Assigning an IP AddressAssigning an IP AddressStaticStatic
If you feel the need to always know what your IP address is then you need a Static IP address, because it is constant. Static IP addresses are used on servers making it easy for all computers to contact them, since they will know what the address of the server is
05/01/23 UNIVERSITY OF WISCONSIN 27
Different Types of Network Different Types of Network DevicesDevices
RepeatersBridgesRoutersSwitches
05/01/23 UNIVERSITY OF WISCONSIN 28
RepeaterRepeaterIn telecommunications, a repeater is an electronic device that receives a signal and retransmits it at a higher level or higher power, or onto the other side of an obstruction, so that the signal can cover longer distances.
05/01/23 UNIVERSITY OF WISCONSIN 29
BridgeBridgeA network bridge is a network device that connects multiple network segments.
05/01/23 UNIVERSITY OF WISCONSIN 30
RouterRouterA router is a networking device, commonly specialized hardware, that forwards data packets between computer networks.
05/01/23 UNIVERSITY OF WISCONSIN 31
Network SwitchNetwork SwitchA network switch (sometimes known as a switching hub) is a computer networking device that is used to connect devices together on a computer network, by using a form of packet switching to forward data to the destination device.
05/01/23 UNIVERSITY OF WISCONSIN 32
Network GatewayNetwork GatewayIn computer networking, a gateway is a node (a router) on a TCP/IPnetwork that serves as an access point to another network. A default gateway is the node on the computer network that the network software uses when an IP address does not match any other routes in the routing table.
05/01/23 UNIVERSITY OF WISCONSIN 33
FirewallFirewallIn computing, a firewall is a network security system that controls the incoming and outgoing network traffic based on applied rule set. A firewall establishes a barrier between a trusted, secure internal network and another network (e.g., the Internet) that is not assumed to be secure and trusted.
Firewalls were once considered sufficient, but not anymore? Let’s talk inside threats!05/01/23 UNIVERSITY OF WISCONSIN 34
The Trickery of a HoneypotThe Trickery of a HoneypotA honey pot is a computer system on the Internet that is expressly set up to attract and "trap" people who attempt to penetrate other people's computer systems.
Looks like a vulnerable device, but is actually there to observe and collect potential attack related data
You can learn a lot from a Honeypot05/01/23 UNIVERSITY OF WISCONSIN 35
Network SegmentationNetwork SegmentationReduced congestion: Improved performance is achieved because on a segmented network there are fewer hosts per subnetwork, thus minimizing local trafficImproved security: Broadcasts will be contained to local network. Internal network structure will not be visible from outsideContaining network problems: Limiting the effect of local failures on other parts of network
05/01/23 UNIVERSITY OF WISCONSIN 36
DNS DNS Domain Naming ServiceDomain Naming Service
The DNS translates Internet domain and host names to IP addresses. DNS automatically converts the names we type in our Web browser address bar to the IP addresses of Web servers hosting those sites.
DNS implements a distributed database to store this name and address information for all public hosts on the Internet. DNS assumes IP addresses do not change (are statically assigned rather than dynamically assigned).05/01/23 UNIVERSITY OF WISCONSIN 37
DNS PoisoningDNS PoisoningDNS spoofing (or DNS cache poisoning) is a computer hacking attack, whereby data is introduced into a Domain Name System (DNS) name server's cache database, causing the name server to return an incorrect IP address, diverting traffic to another computer (often the attacker's).
05/01/23 UNIVERSITY OF WISCONSIN 38
Directory ServicesDirectory ServicesDirectory services are software programs that link directly into core databases to manage the identities and security of users on a network. They are crucial to many medium and large organizations.
05/01/23 UNIVERSITY OF WISCONSIN 39
NATNATNetwork Address Network Address
TranslationTranslationNAT (Network Address Translation or Network Address Translator) is the translation of an Internet Protocol address (IP address) used within one network to a different IP address known within another network.
05/01/23 UNIVERSITY OF WISCONSIN 40
The Corporate IntranetThe Corporate Intraneta local or restricted communications network, especially a private network created using World Wide Web software.
05/01/23 UNIVERSITY OF WISCONSIN 41
The Corporate ExtranetThe Corporate ExtranetAn intranet that can be partially accessed by authorized outside users, enabling businesses to exchange information over the Internet securely.
05/01/23 UNIVERSITY OF WISCONSIN 42
The LANThe LANA local area network (LAN) is a computer network that interconnects computers within a limited area such as a home, school, computer laboratory, or office building, using network media.
05/01/23 UNIVERSITY OF WISCONSIN 43
The MANThe MANA Metropolitan Area Network (MAN) is a large computer network that spans a metropolitan area or campus. Its geographic scope falls between a WAN and LAN. MANs provide Internet connectivity for LANs in a metropolitan region, and connect them to wider area networks like the Internet.
05/01/23 UNIVERSITY OF WISCONSIN 44
The WANThe WANA wide area network (WAN) is a computer network that spans a relatively large geographical area and consists of two or more interconnected LANs and MANs
05/01/23 UNIVERSITY OF WISCONSIN 45
Quality of ServiceQuality of ServiceQOSQOS
Quality of service (QoS) is the overall performance of a telephony or computer network, particularly the performance seen by the users of the network.Three levels of QOS are:Best Effort – We tryDifferentiated Service – We elevate above best effortGuaranteed Service – Has priority over all
05/01/23 UNIVERSITY OF WISCONSIN 46
Mobile Phone SecurityMobile Phone Security• Mobile base station impersonation• Mobile phone cloning• Encrypted over wireless portion, as well as
backhaul. What is backhaul? Backhaul is the wired portion of the network, connected to the cell phone tower, to route data to its source
• Access to Internet, bypassing corporate firewalls
• Malware threats worse than on a regular computer
• Ability to access camera is a threat05/01/23 UNIVERSITY OF WISCONSIN 47
Wireless Best PracticesWireless Best Practices• Protect your network with
password and encryption• Change default SSID (name of
network)• Disable broadcast SSID (name of
network)• Place the Access Point at the
center of the building to avoid external access
• Configure the Access Point to only allow known MAC (hardware) addresses into the network
05/01/23 UNIVERSITY OF WISCONSIN 48