Introduction to Networking with narration
Download
Report
Transcript Introduction to Networking with narration
Chapter 7 –Security in Networks
Introduction to networks
Threats against network applications
Controls against network applications
Firewalls
Intrusion detection systems
Private e-mail
Terminal-Host Systems
Created in the 1960s
• Central host computer does all the
processing
• Terminal is dumb--only a remote screen
and keyboard
• Created in the 1960s, when
microprocessors for terminal intelligence
did not exist
Terminals
Host
PC Networks
The Most Common Platform in
Organizations
• Allows PCs to share resources
• Both Wintel (Windows/Intel) PCs and
Macintoshes
Network
Network
A Network is an Any-to-Any
Communication System
• Can connect any station to any
other
Network
Network
Each Station has a Unique Network
Address
• To connect, only need to know the
receiver’s address
• Like telephone number
DEF
ABC
MNO
“Connect to GHI”
JKL
GHI
LANs and WANs
Networks Have Different
Geographical Scopes
Local Area Networks (LANs)
• Small Office
• Office Building
• Industrial Park / University Campus
Wide Area Networks (WANs)
• Connect corporate sites or
• Connect corporate sites with sites of
customers and suppliers
Elements of a Simple LAN
Hub or Switch
Wiring
Hub or Switch connects
all stations
Wiring is standard
business telephone wiring
(4 pairs in a bundle)
Elements of a Simple LAN
Client PCs are used by
ordinary managers and
professionals; receive service
Servers provide services
to client PCs
Client PC
Server
Server
Server
Client PC
Elements of a Simple LAN
Client PC
• Begin with stand-alone PC
• Add a network interface card (NIC) to
deal with the network
• Networks have many client PCs
Server
• Most PC nets have multiple servers
Wide Area Networks
WANs Link Sites (Locations)
• Usually sites of the same organization
• Sometimes, sites of different
organizations
Site B
Site A
Site C
WAN
Client/Server Processing
Two Programs
• Client program on client machine
• Server program on server machine
• Work together to do the required
processing
Client Program
Client Machine
Server
Program
Server
Client/Server Processing
Cooperation Through Message
Exchange
• Client program sends Request
message, such as a database
retrieval request
• Server program sends a Response
message to deliver the requested Server
Program
information
or
an
explanation
for
Client Program
failure
Request
Client Machine
Response
Server
Client/Server Processing
Widely Used on the Internet
For instance, webservice
• Client program (browser) sends an
HTTP request asking for a webserver file
• Server program (webserver application
program) sends an HTTP response
message with the requested webpage
HTTP Request Message
HTTP Response Message
Client/Server Processing
On the Internet, a Single Client
Program--the Browser (also known
as the client suite)--Works with Many
Kinds of C/S server applications
• WWW, some E-mail, etc.
E-mail
Server
Browser
Webserver
Standards Organizations and
Architectures
TCP/IP Standards
• Created by the Internet Engineering Task
Force (IETF)
• Named after its two most widely known
standards, TCP and IP
TCP/IP is the architecture, while TCP and IP are
individual standards
However, these are not its only standards, even at
the transport and internet layers
• IETF standards dominate in corporations at
the application, transport, and internet
layers
However, application, transport, and internet
standards from other architectures are still used
Standards Organizations and
Architectures
OSI Standards
• Reference Model of Open Systems
Interconnection
• Created by the International
Telecommunications UnionTelecommunications Standards Sector (ITUT)
• And the International Organization for
Standardization (ISO)
• OSI standards dominate the data link and
physical layers
Other architectures specify the use of OSI
standards at these layers
OSI Reference Model
User / Application program
Layer 7
Application
Layer 6
Presentation
Layer 5
Session
Layer 4
Transport
Layer 3
Network
Layer 2
Data link
Layer 1
Physical
Physical medium
Figure 1.12 OSI Protocol Layers
TCP/IP versus OSI
Lowest Four Layers are Comparable
in Functionality
TCP/IP
OSI
Application
Application
Presentation
Session
Transport
Network
Data Link
Transport
Internet
Data Link (use
OSI)
Physical (use
OSI)
Physical
Internet Standards
Accessing the WWW from Home
App
HTTP
App
Trans
TCP
Trans
Int
IP
Int
IP
Int
DL
PPP
DL
?
DL
Phy
Modem
Phy
?
Phy
User PC
Router
Webserver
Indirect Communication
Application programs on
different machines cannot
communicate directly
• They are on different machines!
Browser
HTTP Request
Web App
Trans
Trans
Int
Int
DL
DL
Phy
Phy
User PC
Webserver
Layer Cooperation on the
Source Host
Application layer process passes
HTTP-request to transport layer
process
Application
HTTP Request
Transport
Internet
Data Link
User PC
Physical
Layer Cooperation on the
Source Host
Transport layer makes TCP
segments
• HTTP message is the data field
• Adds TCP header fields shown earlier
• Transport process “encapsulates”
HTTP request within a TCP segment
TCP Segment
HTTP Request
Data
Field
TCP-H
TCP
Header
Layer Cooperation on the Source Host
Transport layer process passes the
TCP segment down to the internet
layer process
Application
Transport
TCP segment
Internet
Data Link
User PC
Physical
Layer Cooperation on the Source Host
The internet layer process passes the
IP packet to the data link layer
process
• Internet layer messages are called
packets
Application
Transport
Internet
IP packet
Data Link
User PC
Physical
Layer Cooperation on the Source Host
The data link layer process passes the
PPP frame to the physical layer
process, which delivers it to the
physical layer process on the first
router, one bit at a time (no message
at the physical layer)
Application
Transport
Internet
Data Link
User PC
PPP frame
Physical (10110 …)
To first
router
Layer Cooperation on the Source Host
Recap: Adding Headers and Trailers:
Application
HTTP msg
Transport
HTTP msg
TCP-H
Internet
HTTP msg
TCP-H IP-H
HTTP msg
TCP-H IP-H PPP-H
Data Link
User PC
PPP-T
Physical
Protocols
A protocol is a standard for
communication between peer
processes, that is, processes at the
same layer, but on different machines
• TCP, IP, and PPP all have “protocol” as
their final “P;” they are all protocols
• TCP (Transmission Control Protocol) is
the protocol governing communication
between transport layer processes on
two hosts
Message
Trans
TCP
Trans
Domain Name System (DNS)
Only IP addresses are official
• e.g., 128.171.17.13
• These are 32-bit binary numbers
• Only they fit into the 32-bit
destination and source address fields
of the IP headers
IP Packet
32-bit Source and Destination Addresses (110011...)
Domain Name System (DNS)
Users typically only know host names
• e.g., voyager.cba.hawaii.edu
• More easily remembered, but
• Will not fit into the address fields of an
IP packet
IP Packet
NO
voyager.cba.hawaii.edu
Internet and Data Link Layer Addresses
Each host and router on a subnet
needs a data link layer address to
specify its address on the subnet
• This address appears in the data link
layer frame sent on a subnet
• For instance, 48-bit 802.3 MAC layer
frame addresses for LANs
Subnet DA
DL Frame for Subnet
Addresses
Each host and router also needs an
IP address at the internet layer to
designate its position in the overall
Internet
Subnet
128.171.17.13
Subnet
Subnet
IPv6
Current version of the Internet Protocol is
Version 4 (v4)
• Earlier versions were not implemented
The next version will be Version 6 (v6)
• No v5 was implemented
• Informally called IPng (Next Generation)
IPv6 is Already Defined
• Continuing improvements in v4 may delay its
adoption
IPv6
IPv6 will raise the size of the internet
address from 32 bits to 128 bits
• Now running out of IP addresses
• Will solve the problem
• But current work-arounds are delaying
the need for IPv6 addresses