Transcript Networking
Networking Kevin Cunningham, Ray, Stephan, Norman, Phil History - ARPANET (Advanced Research Projects Agency Network) - World's first operational packet-switching network - Became the core network of what composes the global Internet - Originally consisted of terminals in UCLA, Standford, UCSB, and the University of Utah - DoD was concerned about our ability to survive a nuclear strike due to lack of a Outline • • • • • • Kevin – Network Ray – IP'S and Packets Kelvin – Sockets Stephan – Security Norman – Hardware Phil - Conclusion Networks As We Know Them Today • A collection of computers and devices interconnected by communications channels that facilitate communications among users and allows user to share resources • Source: http://en.wikipedia.org/wiki/Computer_netw ork Purposes of a Modern Network • Facilitates communications – E-mail, IM’s, chat rooms • Sharing hardware – A set of printers to be used by a whole office • Sharing data • Sharing software – Running programs via a remote connection IP addresses And Packets IP’S And Macs • NIC has unique Mac address(physical address) • IP address is logical • IPv4 and IPv6 Packets • All info on networks travel in packets • Data in broken up and sent • Each packet can take a different bath • Allows for best path • Put back together when received • Click to edit Master text style – Second level – Third level • Fourth level – Fifth level Packet structure • Fixed length and varying length • Three main parts • o Header(most inportant) o Data o Trailer Have error checking Header • Contains all information about data being sent – Packet length – Packet number – Destination and origination • Every packet contains header • Can vary in size Other parts • Data contains the data • Trailer identifies end • Check sum error checking – – – All words in the message are XOR Receiving end preforms same opertaion and includes orginal XOR If not all zeros error occured Sockets What are sockets? - Used for client/server interaction - Mechanism for transfer of data - Socket API is provided by the OS - Interface between applications and networking and transfer protocols How do sockets work? - Server process waits for client - Server accepts and binds client - Server waits for client request - Server replies to request - Close How do sockets work? (Diagram) Link: http://publib.boulder.i bm.com/infocenter/i series/v5r4/topic/rza b6/rxab6500.gif Accepting connections - Usually threaded to listen on many ports - Client sends a connection request - Server binds the client using IP and port number - Analogous to telephone/ext Transferring Data - Sockets are identified by socket identifier, aka socket number - OS decodes packets to determine socket number, then forwards payload to application - Sockets are bidirectional - Different kinds of sockets use different protocols (TCP/UDP/etc.) Security What is it? Protection Layers of security Administrator privileges How does it work Authentication of user Firewall enforced policies What about worms and viruses? Need IPS or IDS Encryption IPS and IDS Intrusion Detection System(IDS) Network Intrusion Detection System Host-based Intrusion Detection System NIDS HIDS IPS and IDS cont... Intrusion Prevention System(IPS) Improvement of IDS Classifications NIPS – Network-based Intrusion Prevention WIPS – Wireless-based Intrusion Prevention NBA – Network Behavior Analysis HIPS – Host-based Intrusion Prevention Detection Methods Signature-based Detection Statistical Anomaly-Based Detection Stateful Protocol Analysis Detection Hardware Network Interface Card • Simply an I/O device • Sends and receives data to the network in the form of packets • Will do DMA reads/writes directly to/from main memory • Can generate headers, but this is usually done by the CPU Network Interface Card • After creating the frame or packet, the OS will create a buffer descriptor which will tell where and how large the data is • After creating the buffer descriptor, the OS will notify the NIC that it is ready • The NIC will then do a DMA read for the descriptor and then for the actual frame • The frame is then sent out to the network Network Interface Card • OS will also have the NIC keep buffer descriptors pointing to free space in main memory • When a frame is received, it will do a DMA write to main memory • It will then modify the descriptor to reflect the received data, DMA write it to memory, and notify the OS that a frame is ready Drivers • Handles the translation from standard I/O function calls to the hardware’s specific required software in order to run • Can run in both kernel and user mode • Kernel mode used mainly for speed • User mode used mainly for stability Hub • Sends all packets to all other systems connected to it • High tendency to cause data collisions – Collisions refer to when two or more systems send data over the network, requiring the nowfragmented data to be retransmitted Switch • Like a hub, connects multiple systems together to form a new network • Operates by forwarding data to specific systems on the network • May be able to be piggy-backed, but may also require crossover cables • Have unmanaged and managed modes where unmanaged refers to plug-and-play Switch • Avoids data collisions by sending data only to its intended destination as a full-duplex machine • Keeps track of MAC addresses of each connected system (nodes) in a table Router • Connects networks together and forwards traffic between them • Most have built-in switches • Performs the job of a computer which acts as a gateway (much cheaper than the computer) Router Computer Internet Computer Switch Computer Computer Computer Internet Router Switch Computer Computer Computer Internet Modern Router Computer Computer Conclusion What did we learn?