karlston d'emanuele csa2150: fundamentals of network programming password removed
TRANSCRIPT
Karlston D'Emanuele
CSA2150: Fundamentals of Network Programming
Password Removed
www.uniunderground.com
Karlston D'Emanuele
Course Description
• The course consists in investigating the fundamental technology for networks.
• Some security issues related to the technologies
• Recommended Text Book:– TCP/IP Tutorial and Technical Overview. IBM
International Technical Support Organisation 2006.
http://www.redbooks.ibm.com/abstracts/gg243376.html
(Chapters 1-6 and 9)
Karlston D'Emanuele
Objectives
• Understand the underlying concept of networking
• Understanding of protocols
• Knowledge about TCP/IP
Karlston D'Emanuele
Course Outline• Introduction to Networking• The IPv4 and IPv6
– Addressing, Subnetting• Other Protocols
– ICMP, ARP, RARP, DHCP• Routing Protocols
– Distance Vector and Link-State Protocols• RIP Protocol
– RIP v1 and v2• OSPF Protocol• TCP Protocol• TCP Congestion Algorithms• Network Security• Wireless Technology
Karlston D'Emanuele
Introduction to Networking
Karlston D'Emanuele
Where are networks used?
• Internet– Internet is the widely known network.
• Home/Corporate Network– When connecting a laptop through wireless or two computers
together.
• Telephone and Mobiles– Telephone networks are the oldest networks mentioned here.
• GPS / GIS– Navigation Systems use a network of satellites and devices to
compute and communication the user location.
• Any system that connects people and resources together.
Karlston D'Emanuele
What are the main network categories?
• Local Area Networks (IEEE 802.1)– LANs are networks that are confined to a building.
• Wide Area Networks– WANs are networks that connect geographically
disperse networks together.
• Metropolitan Area Networks (IEEE 802.6)– MANs are two or more networks connected together
within a geographic distance.
• Personal Area Networks (IEEE 802.15)– A computer network used for communication among
devices close to one person.
Karlston D'Emanuele
IEEE 802• A family of standards dealing with LAN and MAN networks• Some standards:
– IEEE 802.3 Ethernet – IEEE 802.5 Token Ring – IEEE 802.6 Metropolitan Area Networks
• The standard is closed for further enhancements– IEEE 802.11 Wireless LAN (Wi-Fi certification) – IEEE 802.13 Cat.6 - 10Gb lan
• The standard is a recent standard– IEEE 802.14 Cable modems
• The standard is closed for further enhancements– IEEE 802.15 Wireless PAN
• IEEE 802.15.1 (Bluetooth certification) – IEEE 802.16 Broadband Wireless Access (WiMAX certification)
• Refer to http://www.ieee802.org/ for more information
Karlston D'Emanuele
Network Topologies
• Bus– The simplest type connection.
• Star and Extended Star networks– All computers are connected to a central device.
Bus Topology Star Topology
Karlston D'Emanuele
Network Topologies
• Ring– A bus with both ends connected together.
• Token Ring– A ring network that allows communication
through a token.– That is, only the computer currently holding
the token can communicate to the others by appending its data to the token.
Karlston D'Emanuele
Network Topologies
• Mesh– All nodes are
connected to each other.
• Partial Mesh– Network nodes are
connected at random to each other.
• Ad-hoc– Wireless connections
Karlston D'Emanuele
Network Devices
• Network Interface Cards (NICs)– Defines the data representation over the network.
• Meaning of different voltages (wired)• Different light strength (Fibre optic)
– Define the physical address (MAC1 Address)• The traditional MAC Address is 6 octets long.• The octets are divided into two parts:
– the first 3 octets are the Organisationally Unique Identifier (OUI)– The second 3 octets are NIC specific.
1MAC – Media Access Control
Karlston D'Emanuele
Network Devices
• MAC addresses– The physical address format depends whether the
devices are connected in:• An Ethernet (IEEE 802.3)• Token Ring (IEEE 802.5)• FDDI (Fiber Optic network) (IEEE 802.8)
– EUI-64 (Extended Unique Identifier – 64bits)• Firewire • IP v6 devices• Personal-Area network (IEEE 802.15)
Karlston D'Emanuele
Network Devices
• NIC card speed is calculated in bits per second– Gbps, Mbps, kbps, bps– In the early days baud was used.
• The number of signaling elements that occur each second
• Common Ethernet card speed– Giga-bit (1 Gbps)– Fast-Ethernet Card (100 Mbps)– Ethernet Card (10 Mbps)
Karlston D'Emanuele
Network Devices
• Other network devices– Router
• border device• network technology conversion
– Switches / Bridge• A switch can be Intelligent / Managed• Micro-segmentation• Bridge is the earliest and simplest implementation
of a switch
– Hub / Repeater
Karlston D'Emanuele
OSI Reference Model
• 7 layers• Rules defining a layer:
– Different abstraction– Well-defined function– Internationally standardised protocols– Boundaries should allow minimal information flow– Layers should be well sized to contain enough
information for the function and avoid making the architecture difficult to use.
• Each layer communicates with its equivalent layer on the other machine.
Karlston D'Emanuele
OSI Model
Layer PurposeData stages
Application Network services to applications Data
Presentation Data representation, formatting and readability
Data
Session Establish and maintain connection Data
Transport End-to-End connections, Maintain Virtual Circuits, Data reliability
Segments
Network Network addresses, best path determination, flow control
Packets
Data Link Access to media, physical addressing, reliable transfer
Frames
Physical Wires, connectors, voltages, binary transmission
Bits
Karlston D'Emanuele
TCP/IP
• 4 layers• Maps to the OSI layer
Application Application
Presentation
Session
Transport Transport
Network Internet
Data Link Host-to-network
Physical
Karlston D'Emanuele
TCP/IP – Application Layer
• Encloses all the functionality under the Application, Presentation and Session of the OSI Model.
• Presentation is handled by the application when using XML, HTML, Excel, etc.
• The TCP/IP session is also handled by an application when it attempts to connect to other computers.
Karlston D'Emanuele
TCP/IP – Sockets
• The session part of the Application layer is accessed through sockets.
• Interface between the Application and Transport layer.
• Socket = IP Address + Transport Port– Example: 127.0.0.1:80 (local webserver)
• A socket can be either:– Active: Establishing a connection.– Passive: Listening for incoming connections
Karlston D'Emanuele
TCP/IP – Application Layer
• Examples of Applications:– TELNET (virtual terminal)– FTP (File Transfer Protocol)– SMTP (Simple Mail Transfer Protocol)– DNS (Domain Name Service)– HTTP (Hyper Text Transport Protocol)
Karlston D'Emanuele
TCP/IP – Transport Layer
• Provides standard means of transferring data.
• Examples:– TCP (Transport Control Protocol)
• Connection-Oriented Protocol• Reliable connection• Packet retransmit
– UDP (User Datagram Protocol)• Connectionless Protocol• Unreliable connection
Karlston D'Emanuele
TCP/IP – Internetwork Layer
• Some components in this layer are:– IP (Internet Protocol),
• ICMP (Internet Control and Management Protocol)– Example Ping
– ARP (Address Resolution Protocol)– RARP (Reverse Address Resolution Protocol)
• Abstraction of physical addresses
Karlston D'Emanuele
TCP/IP – Internetwork Layer
• Identifies resources– It might identify more than one resource
through:• NAT (Network Address Translation)• Example:
» To hide internal devices » IIS to address multiple sites
• PAT (Port Address Translation)– Example:
» To hide internal devices and their access points
Karlston D'Emanuele
TCP/IP over Ethernet – Data Flow Example
Application
Transport
Internet
Network-to-Host
Application
Transport
Internet
Network-to-Host
Hello There!!
ABCPC2PC1
Hello There!!TCP
BA Hello There!!TCP
BA Hello There!!TCP
Karlston D'Emanuele
The Internet – URLs
• The Internet is a WAN network.
• URLs (Uniform Resource Locator) identify resources
• A URL consists of a domain and a resource identification name.
WAN
Karlston D'Emanuele
The Internet – Domain
• A domain is a name that abstracts the Internet user from remembering IP addresses.– This is done through the use of DNSes.
• A domain is subdivided into a number of components:– The zone or country location where the domain is hosted
• Example: .mt, .it, .de
– The type of resources it is providing• Example: .com, .net, .edu
– An identifier name• Example: um, cnn, ibm, etc.
– An optional resource category or sub-domain• Example: www, mail, etc.
Karlston D'Emanuele
The Internet – DNS
• Domain Name Services are similar to “phone books”.– That is, they relate names (domains) to their
number (IP Addresses)
• Managed by regional authorities.
• DNS queries use the ARP protocol.
Karlston D'Emanuele
The Internet – DNS
• How DNS works– A computer wants to communicate with server A but it
does not know where server A resides.– Thus, it sends an ARP request with “Server A” as
data.– The nearest DNS attempts to solve the address but it
doesn’t know about it, so it forwards the request to the next DNS.
• This continues until a DNS responds back
– Once a server containing the entry for “Server A” is found. It answers back with an ARP response.
– The response will consists of the IP of server A.
Karlston D'Emanuele
The Internet – DNS attacks
• DNS Spoofing– When an attacker intercepts a DNS request and
responds back with an alternative IP.– The alternative IP will direct the user to the hostile
server.
• DNS Cache Poisoning– Similar to the DNS Spoofing.– The attacker changes the actual DNS entry for the
server.
Karlston D'Emanuele
Security
• Promiscuous Mode– By default the network card filters data that
comes in using Layer 1 (Network-to-Host) information.
– Promiscuous Mode disables this feature.• All data is sent up the TCP/IP stack.• Allows packet sniffing.
– That is inspection of all packets that are passing over the network.
Karlston D'Emanuele
The need for IPv6• The IPv4 address were initially categorised mainly under 3 classes
– Class A• All addresses that start with 0• The first byte refers to the network address• The remaining 3 bytes are the host address• Private addresses: 10.0.0.0/8 and 127.0.0.0/8
– Class B• All addresses that start with 10• The first 2 bytes are the network address• The next 2 bytes are the host address• Private addresses: 172.16.0.0/12
– Class C• All addresses that start with 110• The first 3 bytes are the network address• The last byte is used as the host address• Private addresses: 192.168.0.0/16
Karlston D'Emanuele
The need for IPv6
• The classes were immediately getting exhausted
• Classes A and B were not fully used, due to the amount of wasted addresses.
• The immediate response was:– Introduction of NAT and PAT– Subnets– Classless Interdomain Routing
Karlston D'Emanuele
The need for IPv6
• IP v6 – Extends the range of addresses
• The address consists of 128bits
– More special addresses– Shorter version of writing the address– Keeps the benefits of IPv4
• DHCP• DNS• Subnets