Domain4

(Chapter 11,12)
Communications & Network Security

1
 What is a Network

It is defined as a group of two or more computers linked together in order to share information

Types of network are:

LAN

MAN

WAN

2
Network types
Network type Local Area Network Metropolitan Area Wide Area Network
Network
Cost Low High Highest

N/w size Small Large Largest

Speed Fastest Slow Slowest

Number of computer Very less Moderately high Quantity is high

Transmission media Twisted pair Twisted and fiber optic Fiber optic and satellite

3
OSI Model

TCP-IP Model

4
5
 HTTP/FTP/SMTP/Telnet

ASCII/TIFF/JPEG/MPEG
NFS/SQL/RPC

TCP/UDP/SSL/TLS

IP/IPSEC/NAT

SLIP/PPP/ARP/L2TP/PPTP

NICs

6
TCP/IP Model
• Transmission Control Protocol/Internet Protocol
• Consists of only 4 layers
• Application layer, Transport layer (also known as Host-to-Host), Internet layer, and Link layer
• TCP/IP protocol suite was developed before the OSI Reference Model was created

7
Ethernet(IEEE 802.3),
Token Ring(IEEE 802.5),
ATM, FDDI, CDDI

8
Common Port numbers
Name Port No.
Telnet 23
FTP 20, 21
TFTP (Trivial file transfer protocol) 69
SMTP 25
POP3 110
IMAP (Internet message access protocol) 143
DHCP (Dynamic host configuration protocol) 67, 68
HTTP 80
SSL (Secure socket layer) 443
SSH (Secure Shell) 22
HTTPS 443
DNS 53

9
Three way handshake - TCP
• Host A sends a TCP SYNchronize packet to Host B
• Host B receives A's SYN
• Host B sends a SYNchronize-ACKnowledgement
• Host A receives B's SYN-ACK
• Host A sends ACKnowledge
• Host B receives ACK. 
TCP socket connection is ESTABLISHED.

• TCP Three Way Handshake

(SYN,SYN-ACK,ACK)

10
TCP and UDP
TCP UDP
Reliable (Guarantees delivery of data) Unreliable

It is connection oriented (follows 3-way handshake) It is connection less (no need to set up connection)

Packet size is big (Header size is 20 bytes) Packet size is small (Header size is 8 bytes)

Better for text comm. as it does re-transmission Better for multimedia streaming

Has high overhead Has low overhead

Transmits data slowly Can transmit data quickly

Does order delivery Header is simple (8 bytes long)

11
 Network address

Parts
IP Address
Host address

Types IPv4

IPv6
A numeric address

An identifier for a computer on a N/w

Mandatory for a device to have an IP address

12
IPv4 and IPv6
IPv4 IPv6

32-bit numeric address 128-bits hexadecimal address

Does not supports auto-configuration Includes auto-configuration (removes the need for both DHCP
and NAT)

Made up of 4 sets of 8 binary bits Made up of 8 sets of 16 bits

4.3 Billion addresses 340 Undecillion addresses

13
 IP Classes
CLASS DECIMAL RANGE Default Subnet Mask Supports Usage

A 1 – 127 255.0.0.0 Supports 16 million hosts Mainly given to large

on 126 networks organizations

B 128 – 191 255.255.0.0 Supports 65000 hosts on Mainly given to

16000 networks medium size
organizations

C 192 – 223 255.255.255.0 Supports 254 hosts on 2 Mainly given to small

million networks organizations

D 224 – 239 Multicast address

E 240 - 255 Used for research/development

14
IPv4 – 8 bit value of one octet

15
Common Abbreviations
ARP Address Resolution Protocol Resolves IP to MAC address
RARP Reverse Address Resolution Protocol Resolves MAC to IP address
MAC Media Access Control
IGMP Internet Group Management Protocol
ICMP Internet Control Message Protocol
CIDR Classless Inter-Domain Routing
DNP3 Distributed Network Protocol
IEDs Intelligent Electronic Devices
RTUs Remote terminal units
SSID Service set identifier
ESSID Extended service set identifier
BSSID Basic service set identifier
OSA Open system authentication
SKA Shared key authentication

16
 IP Address Range

Class Private address Range Public Address Range

A 10.0.0.0 – 10.255.255.255 1.0.0.0 – 9.255.255.255
11.0.0.0 – 126.255.255.255

B 172.16.0.0 – 172.31.255.255 128.0.0.0 – 172.15.255.255

172.32.0.0 – 191.255.255.255

C 192.168.0.0 – 192.168.255.255 192.0.0.0 – 192.167.255.255

192.169.0.0 – 223.255.255.255

Private IPs are free Public IPs are paid and very costly

Not publicly registered

17
MAC Address
• It uniquely identifies each device on
a network

• It is a 6-byte hexadecimal number

• It is burned into every NIC by its

manufacturer

• Contains numbers and alphabets

from A-F only

18
What is VoIP
• It is Voice over Internet Protocol
• It is a tunneling mechanism used to transport voice/data over a TCP/IP network
• VoIP is less expensive as compared to its competitors
• It offers a wider variety of options and features
• VoIP can be used as a direct telephone replacement on computer networks as well as mobile devices
• It is able to support video and data transmission to allow videoconferencing
• VoIP is available in both commercial and open-source options
• Skype is an example of VoIP

19
Wireless Network – IEEE 802.11
Amendment Speed Frequency

802.11 2 Mbps 2.4 GHz

802.11a 54 Mbps 5 GHz

802.11b 11 Mbps 2.4 GHz

802.11g 54 Mbps 2.4 GHz

802.11n 500-600 Mbps 2.4 and 5 GHz

802.11ac 1 Gbps 5 GHz

20
What is Network Access Control
• It is a concept of controlling access to an environment through strict adherence to and implementation of
security policy
• NAC acts as an automated detection and response system

Can be managed by:

• Firewall rules
• Access rules for files/folders – Users, Groups, Location, Applications
• Access can be easily revoked or changed
• Controlled from anywhere – inside/outside

21
Firewall
• Can be either hardware or software

• It is a network device used to filter traffic

• Designed to prevent unauthorized access from entering a private network

• Blocks unwanted traffic and permits wanted traffic

22

STATIC Packet-filtering
Firewalls
First- generation firewalls
Operate at layer 3
Also called screening
routers or common
routers
Firewall types
APPLICATION-LEVEL
Gateway Firewalls
Second-generation
firewalls
Operate at layer 7
Also called a proxy firewall
CIRCUIT-LEVEL Gateway STATEFUL Inspection
Firewalls Firewalls
Considered Third-generation firewalls
second-generation
firewalls as they modify
the previous one
Operate at layer 5 Operate at layer 3 and 4
Also known as circuit Also known as dynamic
proxies packet filtering firewalls
23
Access Control List
• It is a list of rules on what can access the
network

• ACL either allows or denies permission

24
Collisions vs. Broadcasts
Collisions Broadcasts

Collision occurs when two systems transmit data at Broadcast occurs when a single system transmits data
the same time onto a connection medium that to all possible recipients
supports only a single transmission path

Collisions should be avoided and prevent They have useful purposes from time to time

A collision domain is a group of networked systems A broadcast domain is a group of networked systems
that could cause a collision if any two (or more) of the in which all other members receive a broadcast signal
systems in that group transmitted simultaneously when one of the members of the group transmits it

Collision domains are divided by using any layer Broadcast domains are divided by using any layer 3 or
2 or higher device higher device

25
26
Types of Network Cabling
Twisted Pair cable Coaxial cable Optical fiber cable
Low bandwidth Moderately high bandwidth Very high bandwidth
Cheapest medium Moderately expensive Expensive
Installation is easy Fairly easy Difficult
Attenuation is very high Low (rate at which the signal light decreases Very low
in intensity)
Noise immunity is low More than twisted pair Highest noise immunity among all

27
Network Topologies
Ring, Bus, Star, Mesh
Hybrid
Point-to-Point, Client-Server, Point-to-Multipoint, Peer-to-Peer

28
Ring Topology

• A ring topology connects each system as points

on a circle.

• Only one system can transmit data at a time.

• If any one segment of the loop is broken, all

communication around the loop ceases

• Easy to install and troubleshoot

• Rarely used today

29
Bus Topology

• All systems on the bus can transmit data simultaneously,

which can result in collisions

• The benefit of a bus topology is that if a single segment

fails, communications on all other segments continue
uninterrupted

• Older technology, rarely used nowadays

• Very easy to install and cost effective as well

30
Star Topology

• A star topology employs a centralized connection device. This

device can be a simple hub or switch
• Each system is connected to the central hub by a dedicated
segment
• If any one segment fails, the other segments can continue to
function
• Star topology uses less cabling than other topologies

• Disadvantage is that if your Hub or Switch fails, the overall

network is down. Normally called as single point of failure

31
Mesh Topology

• A full mesh topology connects each system to

all other systems on the network

• It handles failures very efficiently

• They are expensive and rarely used in LAN

• Widely used in WAN network. Ex. Internet

• High redundancy is achieved

32
Hybrid Topologies

• Star Bus network

• Star Ring network

33
Star Bus Network

Two networks following a Star

topology and connected through a
Bus network

34
Star Ring Network
Three networks following a Star
topology and connected through a
Ring network to each other

35
Point to Point Topology
• Two hosts connected to each other using a single
cable
• Simplest form of topology

Some examples are:

• Computer A connected to Computer B

• Mainframe server connected to a workstation

• Workstation connected to a printer

36
Client Server Topology

• Client machine is directly connected to a dedicated

centralized server

• Very commonly used topology

• Administration becomes easy and streamlined

37
Point to Multipoint Topology

• A network architecture commonly used in

wireless outdoor networks

• All locations directly communicate to the

central location

38
Peer to Peer Topology
• All clients talk to each other sharing resources among
them

• Different clients can share their printer, files, scanner

and folders among themselves

• Commonly used in household and small scale

business

39
Different Cable Standards used on Network
Depending upon their …….. Speed ……. Type …….. Media

40
Cable Standard Speed (max.) Media Maximum length
10 Base – T 10 Mbps Twisted pair 15 mtrs
10 Base – 2 (thin ethernet) 10 Mbps Coaxial cable 200 mtrs
100 Base – T (fast ethernet) 100 Mbps UTP Cat 5 or > 100 mtrs
100 Base – FX 100 Mbps Fiber optic 400 mtrs (half duplex)
2 kms (full duplex)
1000 Base – T 1000 Mbps UTP Cat 5 or > 100 mtrs
10G Base – T 10 Gbps Shielded & Unshielded Twisted pair 100 mtrs
10G Base – SR Fiber optic 300 mtrs
10G Base – ER Fiber optic 40 kms
10G Base – SW Fiber optic 300 mtrs

41
LAN technologies
Ethernet Token ring FDDI (fiber distributed data
interface)

Data transfer rate is 10 mbps 4 & 16 mbps 100 mbps

Maximum coverage is 2.5 km Depends on configuration 100 km

Maximum nodes are 1024 250 500

Cheap in cost Moderately expensive Expensive

Deployed on Star or Bus topologies Used in Ring or Star N/w topologies Uses ring N/w topology

42
Some common Terminologies
Repeaters, Concentrators, and Amplifiers
• Used to strengthen the communication signal over a cable segment as well as connect network segments
that use the same protocol
• All operate at OSI layer 1
• Systems on either side of the above three are part of collision and broadcast domain

Hubs
• They are used to connect multiple systems and connect network segments that use the same protocol
• A hub is a multiport repeater
• Hubs operate at OSI layer 1
• Used to create network

43
Some common Terminologies (contd.)
Bridges
• A bridge is used to connect two networks together (even N/w of different topology, speed, cabling type)
• It forwards traffic from one network to another. Used to create network.
• Bridges operate at OSI layer 2

Switches
• Switches operate primarily at OSI layer 2
• Switches offer greater efficiency for traffic delivery
• They used to connect network segments that use the same protocol

44
Some common Terminologies (contd.)

Routers
• Routers are used to control traffic flow on networks
• They can function using statically defined routing tables, or they can employ a dynamic routing system
• Routers operate at OSI layer 3
• Routers are used to connect networks

Gateways
• A gateway connects networks that are using different network protocols
• A gateway is responsible for transferring traffic from one network to another by transforming the format of
that traffic into a form compatible with the protocol
• Gateways typically operate at OSI layer 7

45
Some common Terminologies (contd.)

Proxies
• A proxy is a form of gateway that does not translate across protocols
• Proxies serve as mediators and filters for a network
• A proxy accepts requests from clients, alters the source address of the requester, maintains a mapping of
requests to clients, and sends the altered request packets out

46
Network technologies
Baseband technology Broadband technology

It supports only a single communication channel Can support multiple simultaneous signals

Baseband is a form of digital signal Broadband is a form of analog signal

Ex. Ethernet Ex. Cable television, ISDN

It uses a direct current applied to the cable Uses frequency modulation to support numerous
channels, each supporting a distinct communication
session

47
Authentication Protocols
Used for securing logon credentials while accessing a server remotely

• PAP
• CHAP
• EAP
• RADIUS
• TACACS+
• DIAMETER

48
PAP
Password Authentication Protocol
• PAP transmits usernames and passwords in the clear text
• It offers no form of encryption
• It simply provides a means to transport the logon credentials from the client to the authentication server

49
CHAP
Challenge Handshake Authentication Protocol
• CHAP encrypts usernames and passwords
• It performs authentication using a challenge-response dialogue
• It also periodically re-authenticates the remote system throughout an established communication session to
verify a persistent identity of the remote client

50
EAP
Extensible Authentication Protocol

• EAP allows customized authentication security

solutions, such as supporting smart cards,
tokens, and biometrics

• Supports various methods of authentication

51
Dial-up Protocols
SLIP
PPP

52
SLIP
• Used to connect two computer
systems using a serial connection
such as a telephone line
• Not a secure protocol as it sends
all data in clear text during the
dial up process
• Does not provide error checking
• Uses only TCP/IP protocol
• This is an older technology and is
hardly used nowadays

53
PPP
• Good replacement for SLIP

• Provided error checking and

encryption

• Most ISPs use this protocol for

their customers who access
internet through a dial-up
connection

54
55
Virtual Private Network
• It is a private communication network that uses
a public network (Internet) to establish a
remote connection

• Encrypts data when sending and decrypts data

while receiving

• Provides a dedicated link between two points

over the internet

• Ensures confidentiality and integrity but not

availability

56
Site-to-Site • Good alternative for internet leased lines
VPN
• Cost effective

• Data can be shared very easily between different location office for an
organization

57
Host-to-Site
VPN
• No additional hardware is needed at Host side to establish a connection

• VPN hardware is only required at the Site end to establish a connection

58
Host-to-Host
VPN

• It is when a connection is established between two computers over the internet

• No additional VPN hardware is required at either end

• VPN software should be there at each end to set up a connection

59
Some Common VPN Protocols

60
L2TP
• L2TP is a combination of Cisco’s
layer2 forwarding and PPTP

• Authenticates both user and

computer

• Enforces data integrity

• Prevents ‘Man-in-the-middle’
attack

61
SSL
• Protocol used to provide security
on the internet
• Uses public key encryption
• Commonly used with HTTP

Provides security in 3 ways:

1. Authenticates the server
2. Authenticates the client
3. Encrypts the data

62
TLS
• It is the latest industry standard SSL
protocol
• Successor to SSL
• Authenticates the server and the
client
• Plus encrypts the data
• Goal is to make SSL more safe and
secure
Made of 2 layers:
1. TLS Record protocol
2. TLS Handshake protocol

63
64
What is Network Address Translation (NAT)
• Translates Private IP address into Public IP address and
vice versa

• Service very commonly used in Routers

• Public IPs are provided by ISP. Very costly.

• Private IPs are free

• We can use NAT in two modes: STATIC and DYNAMIC

65
What is a Loopback Address
• It is an IP address used to create a software interface that connects to itself via TCP/IP

• The entire 127.x.x.x network is reserved for loopback use

• However, only the 127.0.0.1 address is widely used

• Also called as localhost

• No hardware is associated with it

• Loopback interface never goes down

66
WAN – Switching technologies
Packet Switching
Circuit Switching

67
Packet Switching
• All internet services use this
method
• Data packets take different routes
to their destination
• Once all packets reach their end
point they recompile themselves
• Also known as connectionless
communicating method
• Preferred for high volume network
• Not a good choice for voice
communication

68
Circuit
Switching
• All data packets take the same
route to reach their destination

• Preferred for voice communication

• Ex. Telephone lines

69
1. What is layer 4 of the OSI model?
A. Presentation
B. Network
C. Data Link
D. Transport

2. Which networking technology is based on the IEEE 802.3 standard?

A. Ethernet
B. Token Ring
C. FDDI
D. HDLC

3. Which OSI model layer manages communications in simplex, half-duplex, and fullduplex modes?
A. Application
B. Session
C. Transport
D. Physical

4. ____________ firewalls are known as third-generation firewalls.

A. Application-level gateway
B. Stateful inspection
C. Circuit-level gateway
D. Static packet-filtering

70
5. Which of the following is not true regarding firewalls?
A. They are able to log traffic information.
B. They are able to block viruses.
C. They are able to issue alarms based on suspected attacks.
D. They are unable to prevent internal attacks.

6. What function does RARP perform?

A. It is a routing protocol.
B. It converts IP addresses into MAC addresses.
C. It resolves physical addresses into logical addresses.
D. It manages multiplex streaming.

7. Which of the following IP addresses is not a private IP address as defined by RFC 1918?
A. 10.0.0.18
B. 169.254.1.119
C. 172.31.8.204
D. 192.168.6.43

8. At which OSI model layer does the IPSec protocol function?

A. Data Link
B. Transport
C. Session
D Network

71
9. When you’re designing a security system for Internet-delivered email, which of the following is least important?
A. Nonrepudiation
B. Availability
C. Message integrity
D. Access restriction

10. What is it called when email itself is used as an attack mechanism?

A. Masquerading
B. Mail-bombing
C. Spoofing
D. Smurf attack

11. Which of the following can be used to bypass even the best physical and logical security mechanisms to gain access to a
system?
A. Brute-force attacks
B. Denial of service
C. Social engineering
D. Port scanning

12. What authentication protocol offers no encryption or protection for logon credentials?
A. PAP
B. CHAP
C. SSL
D. RADIUS
72