Presentation8 - University Of Worcester
Download
Report
Transcript Presentation8 - University Of Worcester
University of Worcester
COMP 1321
Digital Infrastructures
Week 9
Computer Networks
Presented by Lee Campbell
Learning
“If you can’t explain it simply, you don’t
understand it well enough.”
Albert Einstein (1879-1955)
Lecture Topics
Lecture topics
The wonderful world of computer networking:
An introduction to computer networks.
Establishing connectivity.
Network topology (physical and logical).
Network hardware, network interface cards (NIC),
cabling, hubs, switches and routers.
OSI model.
Today’s lecture
An Introduction to
Computer Networks
What is a computer network?
Network (n & v) : A chain of interconnected
computers, machines or operations.
[The Concise Oxford Dictionary of Current English, 1990, Clarendon Press.]
What is a computer network?
A network provides the transportation mechanism for the
exchange of data.
Allows network devices to communicate.
Computer networks were not designed with security in
mind.
The network provides an adversary/threat the means to
achieve their required objectives.
The end-points, applications and information also need to
be secured.
Google Data Centre
[http://cdn.slashgear.com/wp-content/uploads/2012/10/google-datacenter-tech-02.jpg]
[http://cdn.slashgear.com/wp-content/uploads/2012/10/google-datacenter-tech-02.jpg]
Google Data Centre
Google Youtube Data Center clip
The purpose of a computer network?
Three main purposes of a
computer network.
The purpose of a computer network?
[1] Provide connectivity:
Internal and external (the Internet).
Connecting network devices together.
The Internet of Things (IoT).
Location and mapping.
Requires physical components to provide
connectivity. Cables, routers, hubs, repeaters,
switches and power.
The purpose of a computer network?
[2] Allows communication:
Send emails, documents, files and information.
Instant messaging, blogs, social media & web sites.
Financial transactions.
Video and audio streaming.
Video and audio conferencing/broadcasting.
Controlling cars and homes?
The purpose of a computer network?
[3] Share resources:
Information (many forms), documents and files.
Banking and financial transactions.
Music, photos and videos.
Databases.
Printers.
Ideas, views and opinions.
Devices on the network
Network nodes, end-points, devices and computes:
Traditional network devices:
Terminal, mainframe, server, workstation, PC and printer.
Mobile Devices:
Notebook/laptop, smartphone, mobile phone, desktop
Phone, PDA, watch and tablet.
Internet of Things (IoT):
Freeze, cooker, heating, coffee machine, alarm system, home
automation (lights, video and music).
Others.
The Internet – UK submarine cable map (2014)
[https://gigaom.com/wp-content/uploads/sites/1/2014/01/cable-map-uk.jpg?w=708&quality=80&strip=all]]
The Internet - submarine cable map
[http://static.independent.co.uk/s3fs-public/thumbnails/image/2014/03/11/13/submarine-cable-map-2014-x.jpg]
Submarine fibre cable
[http://incept.co/img/37EQHAIMED.jpg]
Establishing
Connectivity
Comparison of the OSI and TCP/IP models
OSI Model
7
Application
6
Presentation
5
Session
4
TCP/IP Model
4
Application
Transport
3
Transport
3
Network
2
Internet
2
Data Link
1
Network Access
1
Physical
Transmission Control Protocol - SYN, SYN-ACK and ACK
Open Connection
TCB : Transmission Control Block.
Endpoint IP and PORT values, status of the connection and buffers.
Close Connection
[http://www.tcpipguide.com/free/t_TCPConnectionEstablishmentProcessTheThreeWayHandsh-3.htm]
TCP packet (Transport layer)
[http://courses.oreillyschool.com/sysadmin5/images/TCP-Header.png]
UDP packet (Transport layer)
[http://microchip.wdfiles.com/local--files/tcpip:tcp-vs-udp/TCP_UDP_headers.JPG]
IP packet (Network layer)
[http://courses.oreillyschool.com/sysadmin5/images/IP-Header.png]
TCP/IP Packet
The major TCP flags
URG (1 bit) : Indicates that the Urgent pointer field is significant
ACK (1 bit) : Indicates that the Acknowledgment field is significant. All
packets after the initial SYN packet sent by the client should have this flag
set.
PSH (1 bit): Push function. Asks to push the buffered data to the
receiving application.
RST (1 bit): Reset the connection.
SYN (1 bit): Synchronize sequence numbers. Only the first packet sent
from each end should have this flag set. Some other flags and fields
change meaning based on this flag, and some are only valid for when it is
set, and others when it is clear.
FIN (1 bit): No more data from sender.
Ethernet Frame - 802.3 (Data-link layer)
[http://core0.staticworld.net/images/idge/imported/article/nww/2008/05/01fig95-100279181-orig.jpg]
Naming and Addressing (1)
All networks need a naming system.
Names and numbers.
No duplicates.
LAN : Internal naming system (DNS, IP, Device Name).
WAN : DNS, IP and Device Name.
“Address” normally numerical.
“Name” normally letters.
[Courtesy of R.Henson]
Naming and Addressing (2)
Fulfil the required purpose:
Unique network identity for each device.
Provides destination for data to be sent to.
Provides source location for data sent.
[Courtesy of R.Henson]
Media Access Control (MAC) – Data-Link layer Naming
From first IEEE (802) spec….
use “hardware” (MAC) address of device
Data sent as “frames”
transfer very fast…
Typical MAC address:
xx.xx.xx.xx.xx.xx (where x= a hexadecimal number)
[Courtesy of R.Henson]
IP – Network Layer Naming
Originates from TCP/IP naming system:
typical IPv4 name:
x.x.x.x
where x = a number, 0 to 255 decimal.
now IPv6
IPv4 running out of unique numbers!
[Courtesy of R.Henson]
Name Resolution
DNS (Domain Name Service/System):
Domain name to IP.
IP to domain name.
• NetBIOS names
• Resolve NetBIOS name to IP address.
• WINS names (Windows Internet Name Service)
• Resolve WINS name to IP address.
• ARP protocol
• Resolves IP address to MAC address.
• Reverse ARP (vice versa).
[Courtesy of R.Henson]
Network Practical
Please do not capture packets from the University
network – only use the captured files provided in
Blackboard.
Please do not compromise University policy in regard
to network usage and access.
Wireshark is an open source tool. Please use for the
intended purpose.
HTTP Wireshark capture
Network
Topology
Network topology
We need a way of describing the physical and
logical nature of networks….
Topology (n) : The way in which constituent parts are
interrelated or arranged.
Topologies can be either physical or logical in nature.
Physical topologies describe how the physical cables
run, and how these cables connect to the network
devices. Logical topologies describe the movement of
data within the physical topology.
Five primary topologies
Bus topology
Logical or physical.
Star topology
Physical only.
Ring topology
Logical or physical.
Five primary topologies
Mesh topology (partial and fully connected)
Logical or physical.
Hybrid
Physical.
Bus topology (1)
Star topology (2)
Ring topology (3)
Mesh topology (4.1)
Fully connected mesh topology (4.2)
Hybrid topology (5)
LAN, MAN and WAN
Local Area Network (LAN):
Interconnecting network devices in a limited area, a building
or buildings.
Metropolitan Area Network (MAN):
A network that interconnects users in a geographical area or
region such as a town or city. A MAN is smaller than a WAN
but bigger than a LAN.
Wide Area Network (WAN):
A WAN spans a larger geographical area. Most WANs are
constructed from several LANs connected together.
LAN, MAN and WAN
[http://www.gta.ufrj.br/ensino/eel879/trabalhos_vf_2008_2/igorcamp/LAN_MAN_WAN.JPG]
Advantages and disadvantages of topologies
Topology
Bus
Star
Advantages
Disadvantages
Cheap and easy to install.
Difficult to reconfigure and troubleshoot.
Media failure can impact the entire
network.
Cheap and easy to install. Easy to
configure and fault tolerant.
Failure of the switch will impact the
network.
More cabling, therefore more expensive
than Bus.
Ring
Efficient and easy to install.
Difficult to install and reconfigure.
Media failure can impact the entire
network.
Mesh
Simplest for data flow. Most fault tolerant
(fully connected). Provides redundant
links.
Expensive due to the amount of cabling
required.
Hybrid
Provides a combination of the best
features.
Costly if implementing Mesh topology.
LAN and WAN topologies
Local Area Networks (LANs) usually use a Star
topology.
Wide Area Networks (WANs) usually use a Mesh
topology.
Why?
[Courtesy of R.Henson]
Network
Hardware
Physical components of a network (1)
Firewalls
[Images cursory of Cisco.]
Switches
Routers
Physical components of a network (2)
Transmission media:
Copper cable, includes twisted pair, shielded twisted pair and co-axial.
Optic fibre, radio waves and microwaves.
Coaxial cable (copper):
Thinnet – 10Base5.
Thicknet – 10Base2.
Co-ax transmits around 10Mbps.
Twisted pair (copper):
Unshielded Twisted pair (UTP).
Shielded Twisted pair (STP).
Physical components of a network (3)
[https://upload.wikimedia.org/wikipedia/commons/9/9e/Network_card.jpg]
[http://learn-networking.com/wp-content/uploads/2008/01/thicknet-thinnet1.jpg]
[http://www.digitus.info/typo3temp/pics/63af6e1734.jpg]
[http://www.brainbell.com/tutorials/Networking/images/02fig04.gif]
[http://aqyro.com/blog/wp-content/uploads/2009/12/RJ-45_test_Studio08.jpg]
Physical components of a network (4)
https://hookandy.files.wordpress.com/2011/06/fibre-connectors.jpg
ST:
SC:
FC:
LC:
MU:
ESCON:
MTRJ:
VF45:
Straight Tip
Subscriber/square/standard Connector.
Fix Connector.
Lucent/Little Connector.
Miniature Unit.
Enterprise Systems Connection.
Mechanical Transfer Registered Jack.
Volition Socket.
Physical components of a network (5)
[http://www.warrenandbrown.com.au/telecommunications/public/editor_images/61.jpg]
Physical components of a network (6)
[https://www.ira.inaf.it/Computing/tecnica/FIBRE/fiber_files/fiber%2520diag2.jpg]
[http://www.fiberonellc.com/wp-content/uploads/Singlemode-vs-]Multimode2.png]
Cables and Connectors
Types of Ethernet cabling:
Twisted pair
Unshielded twisted pair (UTP) and STP
Coaxial cable: single copper wire with braided
shield.
Fibre-optic: glass strands inside protective tubing.
Cables and Connectors
Ethernet types:
10 Mbps (Ethernet).
100 Mbps (Fast Ethernet).
1000 Mbps / 1Gbps (Gigabit Ethernet).
10000 Mbps/ 10Gps (10 Gigabit Ethernet/10GE,
10GbE or 10GigE).
Ethernet standard cable length and speed
[http://www.tardyslip.net/wp-content/uploads/2015/01/Ethernet-Cable-Length-and-Speed.jpg]
Ethernet standard cable length and speed
[http://www.belden.com/images/B29_Chart.jpg]
Cables and Connectors
[http://www.cables-solutions.com/wp-content/uploads/2014/12/common-ethernet.jpg]
Networking standards
Various network standards exist:
The Institute of Electrical and Electronics Engineers (IEEE).
Based in New Jersey, USA.
802 is a group of network standards that deals with LAN and
MAN networks.
802.3 – Wired Ethernet standard, includes LAN with
CSMA/CD.
802.11 – Wireless networking standard.
802.4 – Token bus networks.
802.16 – Broadband Wireless Access (WiMAX certification).
OSI
Model
Layered approach to networking
In 1984 the International Standards Organisation (ISO) proposed the
Open Systems Interconnection (OSI) as a seven-layer network.
The ISO model defined layers of abstraction for services, interfaces and
protocols.
Services : Addressing, flow control, reliable delivery, connection control,
error control, segmentation and reassembly, multiplexing, latency
optimisation and guaranteed delivery.
Interfaces: Provide connectivity between the layers. These are expressed
as APIs between each layer.
Protocols: Provide the rules for governing communication. Provides
addressing, initial hand-shake, final tear-down, transmission/receipt of
information, unicast, multicast and broadcast. Sending, listening and
waiting.
OSI Model
OSI Model
Description
7
Application
Defines the functions and services to run the network applications. HTTP for
example, access web page and transfer information to the web browser.
6
Presentation
Provides data conversion. Presents information in form meaningful to the
application.
5
Session
Starts, stops sessions and maintains order.
4
Transport
Responsible for delivery of streams. Provides ordered delivery, flow and error
control.
3
Network
Routes packets based on IP addresses within/between LANs and WANs.
2
Data Link
Transmits frames from host to host based on physical MAC addresses.
Records start and end of frame. Also implements flow control.
1
Physical
Binary transmission, physical characteristics, electrical and light signals, wires,
connectors, distance and data rates. Topologies, Bus, Ring, Star and Mesh.
Data Units and network devices
OSI Model
7
Application
6
Presentation
5
Session
4
Transport
Data Unit
Network Devices
Proxies
Firewalls
Data
Proxies
Segments
Firewalls
3
Network
Packets
Routers
2
Data Link
Frames
Switches
1
Physical
Bits
Repeaters
Encapsulation
AH
Data
Application
PH
AH
Data
Presentation
SH
PH
AH
Data
Session
TH
SH
PH
AH
Data
Transport
NH
TH
SH
PH
AH
Data
Network
Application
Conceptual flows
Presentation
Session
Transport
Network
Data Link
DH
NH
TH
SH
PH
AH
Data
DT
Data Link
Physical
DH
NH
TH
SH
PH
AH
Data
DH
Physical
‘Real’ flow
Network models – applications and protocols
OSI Model
TCP/IP Model
Internet
IP
PPTP
IPX/
SPX
SCTP
ICMP
IGMP
IPSec
GSM
FDDI
AppleTalk
CSMA/CD
DSL
ISDN
SONET
ATM
Frame Relay
Token Ring
Ethernet
10GBase-SR
1000Base-SX
10GBase-T
1000Base-T
100Base-TX
Physical
Network Access
10Base-T
(MAC and LLC)
10Base5
1
RARP
Data Link
10Base2
2
ARP
NTP
Network
DCCP
LDAP
3
UDP
DHCP
TCP
HTTP / HTTPS
Transport
FTP / SFTP / SCP
Transport
DNS
4
Telnet / SSH
Session
WINS
5
Application
SMTP/ POP/ IMAP
Presentation
GIF
6
JPEG
Application
NetBIOS
7
Network security taxonomy
Technical vulnerabilities exist in the design, implementation and configuration.
Organisational vulnerabilities include people, processes and procedures.
Header based
Protocol based
Sending packets out of order, sending packets too fast and not sending packets. Example,
SYN flood attack. Attacker does not respond to SYN-ACK with ACK.
Authentication based
Modify the source and destination addresses, setting invalid bits in the header and sniffing
the network to capture data. Examples DoS, DDoS and ARP broadcasts.
Host-to-Host authentication not user to system. Based on IP and MAC addresses. Use IP
spoofing and ARP poisoning.
Traffic based
Too much data is sent to a layer/s. The layer/s cannot process the volume of data. Also,
packet sniffing, almost every protocol can be sniffed.
Attacks at different layers
OSI Model
Attack
DNS poisoning, DNS zone transfer, FTP, Telnet and POP
authentication information.
7
Application
6
Presentation
5
Session
4
Transport
SYN Flooding, Session Hijack and Session Poisoning.
3
Network
Ping/ICMP flooding, IP spoofing and Routing (DV and LS).
2
Data Link
ARP spoofing, MAC flooding and VLAN hopping.
1
Physical
Wire Tapping.
Function of the Application layer (layer 7)
Interface for applications to use to gain access to network services:
Networked file transfer.
Message handling.
Database query processing.
Controls generalised network access:
Supports applications which exchange data.
Provides error & status information for applications.
If network is peer to peer:
Authenticates peer partners.
Determines if peers are ready to communicate.
[Courtesy of R.Henson]
Function of the Presentation layer (layer 6)
Responsible (sending) for converting data from:
Application-specific format
To a generic (machine-independent) format that can be passed across a
network
Receiving
for converting incoming data from a generic format to one that makes
sense to the receiving application
Also responsible for protocol conversion, encryption & decryption, and
graphics commands
The redirector (software for handling service requests) also operates at this
layer:
If a service cannot be resolved locally, it sends the request out to the
network resource that can offer the required.
[Courtesy of R.Henson]
Function of the Session layer (layer 5)
Sets up a logical connection between machines called a
“session”, which allows networked resources to communicate.
Manages the setting up of a user “session”, exchange of
information, and “tear down” as the session ends.
Manages issues such as who may transmit data at a certain
time, and for how long, also ensuring that the system doesn’t
“time out” after inactivity.
Ensures data is routed to the correct application on the local
machine.
Synchronises services between tasks at each end of the
communications channel in half duplex communications.
[Courtesy of R.Henson]
Function of the Transport layer (layer 4)
Responsibilities:
Multiplexing.
Connection management.
Transport of data.
Stream orientation.
The Transmission Control Protocol (TCP) and User
Datagram Protocol (UDP) operate at this layer.
Data units described as “segments”.
Function of the Network layer (layer 3)
Provides messages with an address for delivery (e.g. IP
address).
Translates logical network addresses/names into
physical equivalents.
Handles packet switching and routes packets to their
destination on the local network.
Controls network packet congestion.
Ensures packets conform to the network's format.
[Courtesy of R.Henson]
Function of the Network layer (layer 3)
Responsibilities:
Packet (IP) addressing and sequencing.
Determining to route from source to destination
computer.
Routers operate up to this level.
[Courtesy of R.Henson]
Function of the Data-Link layer (layer 2)
Responsible for error free physical transmission of data using frames.
May include an error recovery mechanism and also a flow control mechanism,
although this may be done at the transport layer.
Mechanism (down):
Data from the upper layer, the network layer, is converted by the data link layer
into frames. The Logical Link Control (LLC) performs this function.
Mechanism (up):
Arranges raw data bits received via the physical layer into frames, for passing on
to the network layer. The Media Access Control (MAC) performs this function.
Framing, collision resolution and management of checksums.
Naming system for devices: MAC addresses. These are physical address uniquely
assigned to the network interfaces.
Bridges and switches operate up to this layer.
[Courtesy of R.Henson]
Function of the Physical Layer (layer 1)
Responsible for communicating with the network
hardware.
Bits are converted into electrical signals and vice versa.
Issues include modulation of signals and timing.
Manages the interface between a computer and the
network medium, but cable type and speeds of
transmission are deliberately omitted to allow future
technology to be easily included.
Repeaters work only at this level.
[Courtesy of R.Henson]
Q&A
Thank You Everyone!