Chapter 7: Telecommunications and Networking Security Part A

1
Chapter 7 Telecommunications and Networking
Security (Part A)

• Overview
• OSI Reference Model
• TCP/IP
• Types of Transmission

2
Overview (1) Networking Security

• Networking is one of the more complex topics in
  the computer field
• Many technologies and concepts are involved
• networking software, protocols, services,
  devices, interoperability, installation and
  configuration, interface with software and
  devices, troubleshooting, ect.
• A security professional must understand these
  issues
• analyze these issues a few levels deeper to
  recognize fully where vulnerabilities can arise
  within networks.

3
Overview (2)Layers

• The many different types of devices, protocols,
  and security mechanisms within an environment
  provide different functionality and a layered
  approach to security
• Layers within security are important. Why?
• E.g. Many networks have routers, firewalls,
  intrusion detection systems (IDSs), antivirus
  software, and more.
• Each specializes in a certain piece of security,
  but they all should work in concert to provide a
  layered approach to security.
• Later we will see Networking model and protocols
  are also organized in layers

4
Overview (3) Complexity friend or foe

• Networking and telecommunications are complicated
  topics
• Complexity can be the enemy of security.
• To understand the components within an
  environment
• To understand their relationships to other
  components that make up the environment as a
  whole
• On the other hand, these challenging topics are
  fun to learn
• Security by obscurity good or bad ?

5
Overview (4) Telecommunication

• Telecommunications is the electrical transmission
  of data among systems
• Different transmission types analog, digital
• Different transmission media copper wires,
  coaxial cable, fiber, or airwaves
• Different networks and devices LAN,
  public-switched telephone network (PSTN),
  Asynchronous Transfer Mode (ATM) network,
  switches, and routers
• Telecommunications usually refers to telephone
  systems, service providers, and carrier services.
• In the United States, telecommunications systems
  are regulated by the Federal Communications
  Commission (FCC), which includes voice and data
  transmissions.

6
Overview (5) Models and Standards

• The main standards organizations are the
  International Telecommunication Union (ITU) and
  the International Standards Organization (ISO).
• Their models and standards have shaped our
  technology
• Why do we need standards?
• IEEE is another organization crucial to
  networking standards
• IEEE 802 project (starts in Feb 1980)

7
Overview (6)
8
Overview (7)
9
Index

• Overview
• OSI Reference Model
• TCP/IP
• Types of Transmission

10
OSI Reference Model (1)

• ISO worked to develop a protocol set that would
  be used by all vendors throughout the world to
  allow the interconnection of network devices.
• Open system interconnection (OSI) reference
  model 70 83, 84
• The actual protocol set did NOT catch on as a
  standard
• why?
• But the OSI model, was adopted and is used as an
  abstract framework to which most operating
  systems and protocols adhere.

11
OSI Reference Model (2)

• The IEEE defined a set of standards to ensure
  network interface and cabling compatibility
• Project 802 (inception on February of 1980)
• Concentrates on standards that describe a
  networks physical elements NICs, cables,
  connectors, signaling technologies, media access
  control, ect.
• IEEE 802 standards predate the OSI model
• Both were developed in collaboration and are
  compatible with one another

12
OSI Reference Model (3)

• The OSI reference model (ISO Standard 7498),
  provides important guidelines that are used by
  vendors, engineers, developers, and others.
• An open network architecture is not proprietary,
  and that can easily integrate various
  technologies and vendor implementations of those
  technologies.
• The model segments the networking tasks,
  protocols, and services into different layers.
• Each layer has its own responsibilities regarding
  how two computers communicate over a network.
• Each layer has certain functionalities, and the
  services and protocols
• Why design layers in OSI model?

13
OSI Reference Model (4)

• Layered designed in OSI model
• Reduces complexity of networked communications
  into series of interconnected tasks and
  activities
• Divide and conquer approach relationship among
  tasks persists, but each can be handled
  separately, and its issues solved independently
• With a layered approach, one part of the process
  can change, sometimes drastically, while the rest
  of the process remains unchanged
• Modularized design is an extreme powerful concept
  in many disciplines.

14
OSI Reference Model (5)

• Each layer has a special interface that allows it
  to interact with three other layers
• Communications from the interface of the layer
  above it
• Communications to the interface of the layer
  below it
• Communications with the peer layer in the
  interface of the target (virtual communication)
  packet address.
• The control functions, added by the protocols at
  each layer, are in the form of headers and
  trailers of the packet.
• A protocol at each layer has specific
  responsibilities and control functions that it
  performs and data format syntaxes that it
  expects.

15
OSI Reference Model (6)Virtual Communication
16
OSI Reference Model (7)Virtual Communication
17
OSI Reference Model (8) Protocols Protocol Stack

• Protocols are the rules and procedures for
  communicating
• For two computers to communicate, they must speak
  the same language and agree on the rules of
  communication
• When a set of protocols works cooperatively, its
  called a protocol stack (protocol suite)
• The most common protocol stack is TCP/IP, the
  Internet protocol suite
• IPX/SPX, used in older versions of Novell NetWare

18
OSI Reference Model (9)Encapsulation

• Encapsulation
• A message is constructed within a networking
  application program on one computer
• Passed down through the protocols stack. A
  protocol at each layer adds its own information
  in the format of header / trailer to the message
• De-encapsulation
• The message is then sent to the destination
  computer, and the encapsulation is reversed by
  taking the packet apart through the same steps
  used by the source computer that encapsulated it.

19
OSI Reference Model (10)Encapsulation
20
OSI Reference Model (11) Application layer

• Application layer does not include the actual
  applications but includes the protocols that
  support the applications.
• Application layer provides a set of interfaces
  that permit networked applications, e.g., e-mail,
  web browser, file transfer, chatting program,
  etc.
• When an application needs to send data over the
  network, it passes instructions and the data to
  the protocols that support it at the application
  layer.
• Application layer protocol processes and properly
  formats the data and passes it down to the
  presentation layer.
• E.g., Simple Mail Transfer Protocol (SMTP),
  Hypertext Transfer Protocol (HTTP), Line Printer
  Daemon (LPD), File Transfer Protocol (FTP),
  Telnet,

21
Application layer
22
Presentation layer
23
OSI Reference Model (12) Presentation layer

• Presentation layer, layer 6, receives information
  from the application layer protocols and puts it
  in a format that all computers following the OSI
  model can understand.
• Provides a common means of representing data in a
  structure that can be properly processed by the
  end system.
• Is not concerned with the meaning of data, but
  with the syntax and format of that data
• Also handles data compression and encryption
  issues. The presentation layer provides the
  necessary information for the destination
  computer.
• E.g., the sender could create a Word file in Word
  2000, while the receiver uses Open Office. The
  receiver can open this file because the
  presentation layer on the senders system
  converted the file to ASCII, and the receivers
  computer knows that it opens these types of files
  with its word processor, Open Office.

24
OSI Reference Model (13) Session layer

• The session layer, layer 5, is responsible
• for establishing a connection between
• the two applications, maintaining it
• during the transfer of data, and controlling
• the release of this connection.
• Dialog management the session layer works in
  three phases connection establishment, data
  transfer, and connection release.
• Some protocols that work at this layer Network
  File System (NFS), Structured Query Language
  (SQL), NetBIOS, and remote procedure call (RPC).

25
Transport layer
26
OSI Reference Model (14) Transport layer

• The transport layer provides end-to-end data
  transport services and establishes the logical
  connection between two communicating computers.
• Main responsibilities how much information each
  computer will send at a time, how to verify the
  integrity of the data once it is received, and
  how to determine whether a packet was lost along
  the way.
• Connection-oriented vs. Connectionless protocols
• Connection-oriented protocols, such as TCP,
  provide reliable data transmission
• Connectionless protocols, such as UDP, provide
  best-effort (unreliable) data transmission w/
  less overhead
• What are the differences between transport layer
  and session layer?

27
Network layer
28
OSI Reference Model (15) Network layer

• Network layer, layer 3, inserts information into
  the packets header so that it can be properly
  addressed and routed, and then to actually route
  the packets to their proper destination.
• IP is a common protocol working at the network
  layer,
• Internet Control Message Protocol (ICMP), Routing
  Information Protocol (RIP), Open Shortest Path
  First (OSPF), Border Gateway Protocol (BGP), and
  Internet Group Management Protocol (IGMP).

29
Data link Physical layer
30
OSI Reference Model (16) Data link layer

• The data link layer is divided into two
  functional sub-layers, the Logical Link Control
  (LLC) and the Media Access Control (MAC).
• Converts the information into bits
• Some of the protocols that work at the data link
  layer
• Serial Line Internet Protocol (SLIP),
• Point-to-Point Protocol (PPP),
• Reverse Address Resolution Protocol (RARP)
• Layer 2 Forwarding (L2F)
• Layer 2 Tunneling Protocol (L2TP)
• FDDI
• Integrated Services Digital Network (ISDN)

31
OSI Reference Model (17) Physical layer

• The physical layer, layer 1, converts bits into
  voltage for transmission.
• Specifications for the physical layer include the
  timing of voltage changes, voltage levels, and
  the physical connectors for electrical, optical,
  and mechanical transmission.
• The summary of 7-layer OSI model on page 428-430

32
Index

• Overview
• OSI Reference Model
• TCP/IP
• Types of Transmission

33
TCP / IP (1)

• What is TCP /IP ?
• TCP vs. UDP

34
TCP / IP (2)
35
TCP / IP (3)

• What is port?
• What is socket?
• What are the well-know ports?

36
TCP / IP (4)

• IP IP addressing
• IPv4 vs. IPv6 (IPng)
• IP Class vs. classless IP CIDR
• What is DNS for?

37
Index

• Overview
• OSI Reference Model
• TCP/IP
• Types of Transmission

38
Types of Transmission (1)

• Analog vs. Digital
• Definitions
• Comparison
• What is local loop (last mile)

39
Types of Transmission (2)

• Asynchronous vs. Synchronous
• Definitions
• Comparison
• Examples

40
Types of Transmission (3)

• Broadband vs. Baseband
• Definitions
• Myth on broadband
• Multiplexing FDMA, WDM, CDMA
• Examples