Transcript d - Computer Science and Engineering

Chapter 1
Introduction
A note on the use of these ppt slides:
We’re making these slides freely available to all (faculty, students, readers).
They’re in PowerPoint form so you see the animations; and can add, modify,
and delete slides (including this one) and slide content to suit your needs.
They obviously represent a lot of work on our part. In return for use, we only
ask the following:
 If you use these slides (e.g., in a class) that you mention their source
(after all, we’d like people to use our book!)
 If you post any slides on a www site, that you note that they are adapted
from (or perhaps identical to) our slides, and note our copyright of this
material.
Computer
Networking: A Top
Down Approach
6th edition
Jim Kurose, Keith Ross
Addison-Wesley
March 2012
Thanks and enjoy! JFK/KWR
All material copyright 1996-2012
J.F Kurose and K.W. Ross, All Rights Reserved
Introduction 1-1
University of Nevada – Reno
Computer Science & Engineering Department
Fall 2015
CPE 400 / 600
Computer Communication Networks
Lecture 2
Prof. Shamik Sengupta
Office SEM 204
[email protected]
http://www.cse.unr.edu/~shamik/
Introduction 1-2
Intro to Computer Networking
What is computer network: “nuts and bolts” view
PC
1.
server
wireless
laptop
cellular
handheld
Numerous connected
Mobile network
computing devices: hosts
Global ISP
= end systems
 running network apps
2. communication links
fiber, copper,
radio, satellite
 transmission rate
= bandwidth
3. routers: forward
packets (chunks of
data)
access
points
wired
links
router
Home network
Regional ISP

Institutional network
1-4
Uses of Computer Networks
•
•
•
1-5
Business Networks
Home Networks
Mobile Networks
Example Network Applications (1)
A network with two clients and one server
(typical client-server connection)
1-6
Example Network Applications (2)
The client-server model involves requests and
replies over the public/private network
Example Network Applications (3)
Peer-to-peer networking: no fixed clients and servers
Example wireless network (4)
network
infrastructure
6-9
wireless hosts
 laptop, PDA, IP phone
 run applications
 may be stationary (nonmobile) or mobile

wireless does not always
mean mobility
Categorization of networks by coverage scale
•
•
•
•
•
1-10
Personal area networks (PAN)
Local area networks (LAN)
Metropolitan area networks (MAN)
Wide are networks (WAN)
The Internet (Global network)
Personal Area Network (PAN)
Bluetooth PAN configuration
Local Area Networks (LAN)
Wireless and wired LANs. (a) 802.11. (b)
Switched Ethernet.
Metropolitan Area Networks (MAN)
A metropolitan area network
Wide Area Networks (WAN)
WAN that connects three branch offices in Australia
Coverage scale (contd.)
Classification of interconnected processors by scale
A different categorization of networks
In terms of communication technology
•
•
•
Unicasting
Broadcasting
Multicasting
What is computer networking: an operational view
Any communication is all about protocol
Hi
Connection req.
Hi
Connection
reply.
Got the
time?
Get http://www.cnn.com/slide.ppt
2:00
human protocol
<file>
time
networking protocol
1-17
What is computer networking: an operational view
human protocols:
… specific msgs sent
… specific actions taken
when msgs received, or
other events
network protocols:
 machines rather than
humans
 all communication activity
governed by protocols
protocols define format,
order of msgs sent and
received among network
entities, and actions
taken on msg
transmission, receipt
1-18
Protocol “Layers”
Networks are complex!
It is not just two machines communicating!


Millions of components:
 hosts
 routers
 Access networks
 Physical links
Numerous functionalities
Question:
How to manage such vast
amount of components?
Soln: Divide functionalities
among multiple layers.
1-19
Layering of airline functionality
ticket (purchase)
ticket (complain)
ticket
baggage (check)
baggage (claim
baggage
gates (load)
gates (unload)
gate
runway (takeoff)
runway (land)
takeoff/landing
airplane routing
airplane routing
airplane routing
departure
airport
airplane routing
airplane routing
intermediate air-traffic
control centers
arrival
airport
Layers: each layer implements a service
 via its own internal-layer actions
 relying on services provided by layer below and above

1-20
Another example: Postal Service!
What are the adv. of layering?
Network is a huge complex system.


Reduce the design complexity
Ease of updating the system
 change of implementation of layer’s service transparent to
rest of system
 e.g., Postal service (overnight flight or overnight ground)
Internet protocol stack

application
 support host/network applications
 Email, FTP, HTTP (HTML)


transport
application
 process-process data transfer
 TCP, UDP
transport
network
 routing of datagrams from src. to destn.
network
 IP address, routing protocols

link

physical
 data transfer between neighboring
linknetwork elements
 Ethernet
 bits “on the wire”
physical
(Compare with the Postal System!)
1-22
The TCP/IP Reference Model
1-23
ISO/OSI reference model
presentation: allow applications
to interpret meaning of data,
e.g., encryption, compression,
machine-specific conventions
 session: synchronization,
checkpointing, recovery of data
exchange

application
presentation
session
transport
network
link
physical
Introduction 1-24
Messages, Segments, Datagrams and Frames
source
message
segment
M
Ht
M
datagram Hn Ht M
frame Hl Hn Ht M
application
transport
network
link
physical
link
physical
switch
Encapsulation
destination
message
Ht
Hn Ht
Hl Hn Ht
M
M
M
M
application
transport
network
link
physical
Hn Ht
H l Hn Ht
M
M
network
link
physical
Hn Ht
M
router
1-25
University of Nevada – Reno
Computer Science & Engineering Department
Fall 2015
CPE 400 / 600
Computer Communication Networks
Lecture 3
Prof. Shamik Sengupta
Office SEM 204
[email protected]
http://www.cse.unr.edu/~shamik/
Introduction 1-26
Network core
 packet switching, circuit switching,
Network structure
Introduction 1-27
The network core


mesh of interconnected
routers
packet-switching: hosts
break application-layer
messages into packets
 forward packets from one
router to the next, across
links on path from source
to destination
 each packet transmitted at
full link capacity
Introduction 1-28
Packet-switching: store-and-forward
L bits
per packet
source
3 2 1
R bps
takes L/R seconds to
transmit (push out) L-bit
packet into link at R bps
 store and forward: entire
packet must arrive at router
before it can be transmitted
on next link
 end-end delay = 2L/R
(assuming zero propagation delay)

R bps
destination
one-hop numerical example:
 L = 7.5 Mbits
 R = 1.5 Mbps
 one-hop transmission
delay = 5 sec
more on delay shortly …
Introduction 1-29
Packet Switching: queueing delay, loss
A
C
R = 100 Mb/s
R = 1.5 Mb/s
B
D
E
queue of packets
waiting for output link
queuing and loss:

If arrival rate (in bits) to link exceeds transmission rate of
link for a period of time:
 packets will queue, wait to be transmitted on link
 packets can be dropped (lost) if memory (buffer) fills up
Introduction 1-30
Alternative core: circuit switching
end-end resources allocated
to, reserved for “call”
between source & dest:




In diagram, each link has four
circuits.
 call gets 2nd circuit in top
link and 1st circuit in right
link.
dedicated resources: no sharing
 circuit-like (guaranteed)
performance
circuit segment idle if not used
by call (no sharing)
Commonly used in traditional
telephone networks
Introduction 1-31
Circuit switching: FDM versus TDM
Example:
FDM
4 users
frequency
time
TDM
frequency
time
Introduction 1-32
Packet switching versus circuit switching
packet switching allows more users to use network!
example:
 1 Mb/s link
 each user:
• 100 kb/s when “active”
• active 10% of time
N
users
1 Mbps link
 circuit-switching:
 10 users
Introduction 1-33
Packet switching versus circuit switching
is packet switching a “clear winner?”



great for bursty data
 resource sharing
 simpler, no call setup
excessive congestion possible: packet delay and loss
 protocols needed for reliable data transfer, congestion
control
Q: How to provide circuit-like behavior?
 bandwidth guarantees needed for audio/video apps
 still an unsolved problem (will discuss about this more
later…)
Introduction 1-34
Internet structure: network of networks

End systems connect to Internet via access ISPs (Internet
Service Providers)
 Residential, company and university ISPs

Access ISPs in turn must be interconnected.
 So that any two hosts can send packets to each other

Resulting network of networks is very complex
 Evolution was driven by economics and national policies

Let’s take a stepwise approach to describe current Internet
structure
Internet structure: network of networks
Question: given millions of access ISPs, how to connect them
together?
access
net
access
net
access
net
access
net
access
net
access
net
access
net
access
net
access
net
access
net
access
net
access
net
access
net
access
net
access
net
access
net
Internet structure: network of networks
Option: connect each access ISP to every other access ISP?
access
net
access
net
access
net
access
net
access
net
access
net
access
net
connecting each access ISP
to each other directly doesn’t
scale: O(N2) connections.
access
net
access
net
access
net
access
net
access
net
access
net
access
net
access
net
access
net
Internet structure: network of networks
Option: connect each access ISP to a global transit ISP? Customer
and provider ISPs have economic agreement.
access
net
access
net
access
net
access
net
access
net
access
net
access
net
global
ISP
access
net
access
net
access
net
access
net
access
net
access
net
access
net
access
net
access
net
Internet structure: network of networks
But if one global ISP is viable business, there will be competitors
….
access
net
access
net
access
net
access
net
access
net
access
net
access
net
ISP A
access
net
access
net
access
net
ISP B
ISP C
access
net
access
net
access
net
access
net
access
net
access
net
Internet structure: network of networks
But if one global ISP is viable business, there will be competitors
…. which must be interconnected
Internet exchange point
access
access
net
net
access
net
access
net
access
net
IXP
access
net
ISP A
IXP
access
net
access
net
access
net
access
net
ISP B
ISP C
access
net
peering link
access
net
access
net
access
net
access
net
access
net
Internet structure: network of networks
… and regional networks may arise to connect access nets to
ISPS
access
net
access
net
access
net
access
net
access
net
IXP
access
net
ISP A
IXP
access
net
access
net
access
net
access
net
ISP B
ISP C
access
net
access
net
regional net
access
net
access
net
access
net
access
net
Internet structure: network of networks


roughly hierarchical
at center: “tier-1” ISPs (e.g., Verizon, Sprint, AT&T, Cable and
Wireless), national/international coverage
 treat each other as equals
Tier 1 ISP
Tier 1 ISP
1-42
Tier 1 ISP
Tier-1 ISP: e.g., Sprint
1-43
Internet structure: network of networks

“Tier-2” ISPs: smaller (often regional) ISPs
 Connect to one or more tier-1 ISPs, possibly other tier-2 ISPs
Tier-2 ISP pays
tier-1 ISP for
connectivity to
rest of Internet
 tier-2 ISP is
customer of
tier-1 provider
Tier-2 ISP
Tier-2 ISP
Tier 1 ISP
Tier 1 ISP
Tier-2 ISP
1-44
Tier 1 ISP
Tier-2 ISP
Tier-2 ISPs
also peer
privately
with each
other.
Tier-2 ISP
Internet structure: network of networks

“Tier-3” ISPs and local ISPs
 last hop (“access”) network (closest to end systems)
Local and tier3 ISPs are
customers of
higher tier
ISPs
connecting
them to rest
of Internet
1-45
local
local local
Tier
3
local
ISP
ISP
ISP ISP ISP
Tier-2 ISP
Tier-2 ISP
Tier 1 ISP
Tier 1 ISP
Tier-2 ISP
local
local
ISP
ISP
Tier 1 ISP
Tier-2 ISP
local
ISP
Tier-2 ISP
local
ISP
Internet structure: network of networks

a packet passes through many networks!
local
local local
Tier
3
local
ISP
ISP
ISP ISP ISP
Tier-2 ISP
Tier-2 ISP
Tier 1 ISP
Tier 1 ISP
1-46
Tier-2 ISP
local
local
ISP
ISP
Tier 1 ISP
Tier-2 ISP
local
ISP
Tier-2 ISP
local
ISP
Delay, loss, throughput in networks
Introduction 1-47
How do loss and delay occur?
packets queue in router buffers


packet arrival rate to link (temporarily) exceeds output link
capacity
packets queue, wait for turn
packet being transmitted (delay)
A
B
packets queueing (delay)
free (available) buffers: arriving packets
dropped (loss) if no free buffers
Introduction 1-48
Four sources of packet delay
transmission
A
propagation
B
nodal
processing
queueing
dnodal = dproc + dqueue + dtrans + dprop
dproc: nodal processing
 check bit errors
 determine output link
 typically < msec
dqueue: queueing delay
 time waiting at output link
for transmission
 depends on congestion
level of router
Introduction 1-49
Four sources of packet delay
transmission
A
propagation
B
nodal
processing
queueing
dnodal = dproc + dqueue + dtrans + dprop
dtrans: transmission delay:
 L: packet length (bits)
 R: link bandwidth (bps)
 dtrans = L/R
dtrans and dprop
very different
dprop: propagation delay:
 d: length of physical link
 s: propagation speed in medium
(~2x108 m/sec)
 dprop = d/s
Introduction 1-50
Packet loss
queue (aka buffer) preceding link in buffer has finite
capacity
 packet arriving to full queue dropped (aka lost)
 lost packet may be retransmitted by previous node,
by source end system, or not at all

buffer
(waiting area)
A
packet being transmitted
B
packet arriving to
full buffer is lost
Introduction 1-51
Throughput

throughput: rate (bits/time unit) at which bits
transferred between sender/receiver
 instantaneous: rate at given point in time
 average: rate over longer period of time
server,
withbits
server
sends
file of into
F bitspipe
(fluid)
to send to client
linkpipe
capacity
that can carry
Rs bits/sec
fluid at rate
Rs bits/sec)
linkpipe
capacity
that can carry
Rc bits/sec
fluid at rate
Rc bits/sec)
Introduction 1-52
Throughput: Internet scenario

per-connection endend throughput:


min(Rc,Rs,R/10)
Rs
Rs
Rs
in practice: Rc or Rs
is often bottleneck
R
Rc
Rc
Rc
10 connections (fairly) share
backbone bottleneck link R bits/sec
Introduction 1-53
Metric Units (1)
The principal metric prefixes
1-54
Metric Units (2)
The principal metric prefixes
1-55
University of Nevada – Reno
Computer Science & Engineering Department
Fall 2015
CPE 400 / 600
Computer Communication Networks
Lecture 4
Prof. Shamik Sengupta
Office SEM 204
[email protected]
http://www.cse.unr.edu/~shamik/
Introduction 1-56
Wireshark Quick Overview
Introduction 1-57
With traffic…
HEX Window
Menu Bar
Button Bar
Status Bar
Status Bar
Simple Capture
Capture Interfaces
Capture Options
Networks under attack: security
Introduction 1-70
Security: Definition

Security is a state of well‐being of information and
infrastructures in which the possibility of theft, tampering,
and disruption of information and services is kept low or
tolerable
71
Network security

field of network security:
 how bad guys can attack computer networks
 how we can defend networks against attacks
 how to design architectures that are immune to
attacks

Internet not originally designed with (much)
security in mind
 original vision: “a group of mutually trusting users
attached to a transparent network” 
 Internet protocol designers playing “catch-up”
 security considerations in all layers!
Introduction 1-72
The Cast of Characters

Alice and Bob are the good guys

Trudy/Mallory is the bad guy
Trudy is our generic “intruder”

Who might Alice, Bob be?






… well, real-life Alices and Bobs
Web browser/server for electronic transactions
on-line banking client/server
DNS servers
routers exchanging routing table updates
Alice’s Online Bank

Alice opens Alice’s Online Bank (AOB)

AOB must prevent Trudy from learning Bob’s balance
 Confidentiality (prevent unauthorized reading of information)


Trudy must not be able to change Bob’s balance
Bob must not be able to improperly change his own
account balance
 Integrity (prevent unauthorized writing of information)

AOB’s information must be available when needed
 Availability (data is available in a timely manner when needed)
Alice’s Online Bank


How does Bob’s computer know that “Bob” is really
Bob and not Trudy?
When Bob logs into AOB, how does AOB know that
“Bob” is really Bob?
 Authentication (assurance that other party is the claimed one)


Bob can’t view someone else’s account info
Bob can’t install new software, etc.
 Authorization (allowing access only to permitted resources)

Bob can’t deny a transaction he requested
 Non-repudiation (protection against denial by one of the parties in
a communication)
Think Like Trudy/Mallory


Good guys must think like bad guys!
A police detective
 Must study and understand criminals

In network security





We must try to think like Trudy
We must study Trudy’s methods
We can admire Trudy’s cleverness
Often, we can’t help but laugh at Alice and Bob’s carelessness
But, we cannot act like Trudy
Terminology: Security Threats and
Attacks

A threat is a potential violation of security
 Flaws in design, implementation, and operation

An attack is any action that violates security
 Active vs. passive attacks
77
Aspects of Security

Security Attack
 Action that compromises the security of information owned
by an organization.

Security Services
 Enhance the security of data processing systems and
information transfers of an organization.
• Counter security attacks.
 Designed to prevent, detect or recover from a security
attack.
• Provide means for security services
What can the attackers do:

Put malware into hosts via Internet

malware can get in host from:

virus: self-replicating infection by receiving & executing object
(e.g., e-mail attachment)

worm: self-replicating infection by passively receiving object that
gets itself executed

spyware malware can record keystrokes, websites visited,
upload info to collection site

infected host can be enrolled in botnet, used for spam,
DDoS attacks
Introduction 1-79
Bad guys: attack server, network infrastructure
Denial of Service (DoS): attackers make resources
(server, bandwidth) unavailable to legitimate traffic
by overwhelming resource with bogus traffic
1. select target
2. break into hosts around
the network (see botnet)
3. send packets to target from
compromised hosts
target
Introduction 1-80
Bad guys can sniff packets
packet “sniffing”:
 broadcast media (shared ethernet, wireless)
 promiscuous network interface reads/records all packets
(e.g., including passwords!) passing by
C
A
src:B dest:A

payload
B
wireshark software used for labs is a (free) packetsniffer
Introduction 1-81
Bad guys can use fake addresses
IP spoofing: send packet with false source address
C
A
src:B dest:A
payload
B
… lots more on security (Chapter 8)
Introduction 1-82
What is network security about ?

It is about secure communication
 Everything is connected by the Internet



There are eavesdroppers that can listen on the
communication channels
Information is forwarded through packet switches
which can be reprogrammed to listen to or
modify data in transit
Tradeoff between security and performance
Defending Against Network Security
Attacks



Well, those all sound pretty terrible!!
So what do I do to keep my networks safe
from security attacks?
How would I even go about starting to
defend myself and others from variations
of attacks?
84
“Must Have” Characteristics of
Network Defense Solutions
1. Effective
2. Accurate
3. Cost (Cheap?)
4. Deployable
5. Complete
85
1. Effectiveness of Network Defenses

Does it stop the network security attack from
crippling my machine/network?
 If so, is it merely pushing the problem upstream?
 Or is it fundamentally solving it?

Will it only stop disruptive attacks?
 Or will it also stop degrading attacks?


Will it stop future attacks?
Will it stop any attack regardless of its
variations?
86
2. Accuracy of Defenses


Ultimately, defense mechanism usually requires
dropping some packets
That’s great, but . . .
 Is it only attack traffic that is getting dropped?
 Or is my defense system also dropping some legitimate
traffic?
• Collateral Damage: The term used to describe unintended and
undesirable consequences of a defense mechanism
– Low collateral damage is tolerable
– If the collateral damage is high enough, it’s as bad as the
attack itself
87
2. Accuracy and False alerts


Most nodes aren’t under attack most of the time
If the defense system signals an attack when there is
no attack, there may be a problem
 Known as false positives
88
3. Cost of Network Defense Systems

Defense systems must be reasonably inexpensive
 Economically, and in performance complexity

Especially when no attacks are going on
 Since that will be most of the time

Low cost important even when attacks are ongoing
 If defense system eats 95% of your CPU when defending, you would
be rather happy without the defense 
89
4. Deployability
How about defense
systems near the
attackers?
Is it good?
How about defense
systems in the core?
90
5. Last but not the least, Completeness



An ideal network defense system should handle all
kinds of attacks or at least a major subset
Systems that only handle ping floods (for example)
are of less value
Ideally, system should easily evolve to handle future
attacks
Currently, we have none.
91
Some network security
mechanisms terminology
Introduction 2-92
Firewalls
Idea: separate local network from the Internet
Trusted hosts and
networks
My
Network
Firewall
Router
Firewall Definitions
 A firewall forms a barrier
through which the traffic going
in each direction must pass
 A firewall security policy
dictates which traffic is
authorized to pass in each
direction
 Analogy:
Moat around a castle
Firewall Characteristics
Four general techniques mostly used


Service Control: Determines the types of Internet
services that can be accessed
Direction control: Determines the direction in
which particular service requests may be initiated
and allowed to flow through the firewall
 inbound or outbound
Firewall Characteristics
(contd.)

User control: Controls access to a service
according to which user is attempting to
access it
 Typically applied to users inside the firewall
perimeter

Behavior control: Controls how particular
services are used
What one can expect from Firewall

First line of defense: As a single choke point that
keeps unauthorized users out of the protected
network, prohibits potentially vulnerable services
from entering or leaving the network
 use of a single choke point simplifies security management

Monitoring, Auditing - not just for security

Logging, Network Forensic

Network address translator
What one may not expect from Firewall
Not an utopia for complete defense - In fact this is just a first line of
defense





May not protect against attacks that bypass the firewall
May not protect against internal threats (internal users)
May not protect against laptop, PDA or portable storage
device infected outside and then attached internally
May not protect against wireless communications between
local systems and outside systems
May not expect maximum network performance
Intrusion Detection System (IDS)

The implementation of IDS and its correctness is
important
 Equally important is its placement in the network topology

Depends on what type of activities you want to detect
 Internal,
 External or
 Both
Trusted hosts and
networks
My
Network
Firewall
Router
Intrusion Detection Approaches

Intrusion
normal profile
abnormal
Statistical Anomaly Detection
 Attempt to define normal or
expected behavior by using
statistical data and then detect
intrusion

90
80
70
60
50
40
activity 30
measures 20
10
0
CPU
Process
Size
pattern
matching
Rule-Based Detection
 Attempt to define proper behavior
by using a set of rules and then
detect intrusion
Intrusion
Patterns
Intrusion
activities
Security: A serious Problem
Firewall
IDS
A Traffic Cop
Detection and Alert
Problems:
Problems:
Internal Threats
False Positives
Virus Laden Programs
False Negatives
The Security Problem
Firewall
IDS
HoneyNets
An additional layer of security
Definition
A honeypot/honeynet is an information system resource
whose value lies in unauthorized or illicit use of that
resource.
• Has no production value; anything going to/from a
honeypot is likely a probe, attack or compromise
• Used for monitoring, detecting and analyzing attacks
• Does not solve a specific problem. Instead, they are
a highly flexible tool with different applications to
security.
History: Did you know?
Introduction 1-104
Internet history
1961-1972: Early packet-switching principles




1961: Kleinrock queueing theory shows
effectiveness of packetswitching
1964: Baran - packetswitching in military nets
1967: ARPAnet
conceived by Advanced
Research Projects
Agency
1969: first ARPAnet
node operational

1972:
 ARPAnet public demo
 NCP (Network Control
Protocol) first host-host
protocol
 first e-mail program
 ARPAnet has 15 nodes
Introduction 1-105
Internet history
1972-1980: Internetworking, new and proprietary nets






1970: ALOHAnet satellite
network in Hawaii
1974: Cerf and Kahn architecture for interconnecting
networks
1976: Ethernet at Xerox PARC
late70’s: proprietary
architectures: DECnet, SNA,
XNA
late 70’s: switching fixed length
packets (ATM precursor)
1979: ARPAnet has 200 nodes
Cerf and Kahn’s
internetworking principles:
 minimalism, autonomy no internal changes required
to interconnect networks
 best effort service model
 stateless routers
 decentralized control
define today’s Internet
architecture
Introduction 1-106
Internet history
1980-1990: new protocols, a proliferation of networks





1982: smtp e-mail protocol
defined
1983: deployment of TCP/IP
1983: DNS defined for nameto-IP-address translation
1985: ftp protocol defined
1988: TCP congestion
control


new national networks:
Csnet, BITnet, NSFnet,
Minitel
100,000 hosts connected
to confederation of
networks
Introduction 1-107
Internet history
1990, 2000’s: commercialization, the Web, new apps
 early
1990’s: ARPAnet
late 1990’s – 2000’s:
decommissioned
 more killer apps: instant
 1991: NSF lifts restrictions on
messaging, P2P file sharing
commercial use of NSFnet
 network security to
(decommissioned, 1995)
forefront
 early 1990s: Web
 est. 50 million host, 100
 hypertext [Bush, Nelson]
million+ users
 HTML, HTTP [Berners-Lee]  backbone links running at
Gbps
 1994: Mosaic, later Netscape
 late 1990’s: commercialization
of the Web
Introduction 1-108
Internet history
2005-present

~750 million hosts




Smartphones and tablets
Aggressive deployment of broadband access
Increasing ubiquity of high-speed wireless access
Emergence of online social networks:
 Facebook: one billion users


Service providers (Google, Microsoft) create their own
networks
 Bypass Internet, providing “instantaneous” access
to search, emai, etc.
E-commerce, universities, enterprises running their
services in “cloud” (eg, Amazon EC2)
Introduction 1-109
Early Hacking – Phreaking

In1957, a blind seven-year old, Joe Engressia Joybubbles,
discovered a whistling tone that resets trunk lines
 Blow into receiver – free phone calls
Cap’n Crunch cereal prize
Giveaway whistle produces
2600 MHz tone
The Eighties

Robert Morris worm - 1988
 Developed to measure the size of the Internet
• However, a computer could be infected multiple times
 Brought down a large fraction of the Internet
• ~ 6K computers
 Academic interest in network security
The Nineties

Kevin Mitnick
 First hacker on FBI’s Most Wanted list
 Hacked into many networks
• including FBI
 Stole intellectual property
• including 20K credit card numbers
 In 1995, caught 2nd time
• served five years in prison
The Twenties

Code Red worm
 Jul 19, 2001: infected more than 359K computers in less than
14 hours

Sapphire worm
 Jan 31, 2003: infected more than 75K computers (most in 10
minutes)

DoS attack on sco.com
 Dec 11, 2003: SYN flood of 50K packet-per-second

Nyxem/Blackworm virus
 Jan 15, 2006: infected about 1M computers within two weeks
Introduction: summary
Covered:








Internet overview
What’s a protocol?
Layering
Network edge, core, access
network
 packet-switching versus
circuit-switching
 Internet structure
Performance: loss, delay,
throughput
Wireshark Basics
Security
History
you now have:


context, overview, “feel”
of networking
more depth, detail to
follow!
Introduction 1-114