Network Security Flashcards
What is a network Protocol?
A Protocol is an agreement on how to communicate Specifies the syntax, format of message, order exchanged Specifies the semantics, what they mean, specify times.
What is a Internet Protocol (IP)?
- lets computers communicate around the world.
- Has defined binary representation for transmission over the networks it uses.
- Everything is big-endian (Network byte order)
- Any IP-enabled host receiving an IP packet knows how to handle it, because of the protocol
What are the 7 layers of the OSI Model?
7 - Application
6 - Presentation
5 - Session
4 - Transport
3 - Network
2 - Data Link’
1 - Physcial
Please do not throw sausage pizza away
How are bits encoded for a single physical link?
- Voltage levels
- RF modulation
- Photon wavelengths/intensities
Tech used, Coaxial, twisted pair, RF Broadcast, Fibre
What happens in the link layer?
- Combines bits into frames
- Provides local addressing (MAC)
- Supports point-to-point and often broadcast delivery
- Can Transmits messages with the subnet
What is a subnet?
A subnet is a logical partition of an IP network into multiple, smaller
network segments.
What happens in the network layer?
- Bridges subnets for end-to-end connectivity
- Provides global addressing
- Delivery is best-effort
- Data is encapsulated in packets (packets assembly)
router is a device that implements up through Network layer (Layer 3)
⇒ connects multiple subnets
⇒ different IP addresses on each interface
What happens in the transport layer?
End-to-end communication between processes
UDP (User DatagramProtocol)
- UDP socket contains the port number and
- IP address of the destination only
- unreliable, best effort, no packet retransmission if the if it gets lost
- datagram-based (single-packet messages)
TCP (Transmission Control Protocol)
- TCP socket contains the port numbers and IP addresses of the source & destination
- reliable, keeps track of data sent/received
- retransmission of lost packets
- byte-based (messages/sessions span possibly many packets)
What happens in the application layer?
What users/processes interact with
Choice of transport depends on what is needed
- Web browsing ⇒ TCP
- Email ⇒ TCP
- Voice calls ⇒ UDP
Defines its own data formats and protocols, within TCP or UDP
- Web browsing ⇒ HTTP (Hypertext Transfer Protocol)
- Email ⇒ SMTP (Simple Mail Transfer Protocol)\
- Voice calls ⇒ RTP (Real-time Transport Protocol)
What are Network Security Threats?
- ARP Poisoning
- Sniff, Spoof,
- DNS Poisoning
- Denial of Service
What is MAC, Why is it vulnerable?
- 48 bits = 6 bytes
- Can be changed in some hardware,
- Can be simulated in software
What does ARP do?
Address Resolution Protocol
- Translate IP (logical) addresses to MAC (physical) addresses.
- Each host OS has a table of IP to MAC addresses.
What is ARP Poisoning?
Sending forged ARP replies a target system could be convinced to send frames destined for a computer to another.
What can defend against ARP Poisoning?
- Static ARP table
- Access control based on IP, MAC, and Port
- Redirect user to a registration page before allowing usage of the network.
What is a sniffing attack?
- Sniffers listen to packets on the network and pick out interesting details, e.g. passwords
- Hackers install sniffer software on compromised hosts. Tools are available for download
- Wireless Ethernet most vulnerable
- unauthorized listening
What is happening in the image?
IP Spoofing
What is a DOS attack?
denial-of-service, attacks is to prevent authorized users from accessing a resource, or to reduce the quality of service that they receive.
Destruction or Disabling
Examples:
• Formatting the hard disk
• Crashing a server
• These attacks usually exploit a bug in a system implementation.
• Hence, can be prevented by proper design and implementation.
- Flooding a web server with requests
- Flooding a communications link with packets
