SYSLOG. Vladislav Marinov. February 18th, Jacobs University Bremen. Vladislav Marinov SYSLOG 1
|
|
- Stephany Woods
- 6 years ago
- Views:
Transcription
1 SYSLOG Vladislav Marinov Jacobs University Bremen February 18th, 2008 Vladislav Marinov SYSLOG 1
2 Have You Seen This? Feb 17 07:38:18 aerztin syslogd 1.4.1#21ubuntu3: restart. Feb 17 07:38:18 aerztin anacron[23256]: Job cron.daily terminated Feb 17 07:38:18 aerztin anacron[23256]: Normal exit (1 job run) Feb 17 07:42:50 aerztin dhclient: DHCPREQUEST on eth0 to port 67 Feb 17 07:42:50 aerztin dhclient: DHCPACK from Feb 17 07:42:50 aerztin NetworkManager: <info> DHCP daemon state is now 3 (renew) for interface eth0 Feb 17 07:42:50 aerztin dhclient: bound to renewal in 3164 seconds. Feb 17 07:56:19 aerztin -- MARK -- Feb 17 08:16:19 aerztin -- MARK -- Feb 17 08:17:01 aerztin /USR/SBIN/CRON[23439]: (root) CMD ( cd / && run-parts --report /etc/cr on.hourly) Feb 17 08:35:34 aerztin dhclient: DHCPREQUEST on eth0 to port 67 Feb 17 08:35:34 aerztin dhclient: DHCPACK from Feb 17 08:35:34 aerztin dhclient: bound to renewal in 2767 seconds. Feb 17 08:35:34 aerztin NetworkManager: <info> DHCP daemon state is now 3 (renew) for interface eth0 Feb 17 08:56:19 aerztin -- MARK -- Feb 17 09:16:19 aerztin -- MARK -- Feb 17 09:17:01 aerztin /USR/SBIN/CRON[23459]: (root) CMD ( cd / && run-parts --report /etc/cr on.hourly) Feb 17 09:21:41 aerztin dhclient: DHCPREQUEST on eth0 to port 67 Feb 17 09:21:41 aerztin dhclient: DHCPACK from Feb 17 09:21:41 aerztin dhclient: bound to renewal in 3222 seconds. Feb 17 09:21:41 aerztin NetworkManager: <info> DHCP daemon state is now 3 (renew) for interface eth0 Vladislav Marinov SYSLOG 2
3 The SYSLOG Protocol A management protocol used to convey event notification messages [4] Utilizes a layered architecture which allows to separate message content from message transport Mesages are usually recorded in /var/log/syslog on UNIX systems Vladislav Marinov SYSLOG 3
4 Overview 1 SYSLOG Architecture 2 SYSLOG Content 3 SYSLOG Transport Mappings 4 SYSLOG-SIGN Vladislav Marinov SYSLOG 4
5 SYSLOG Layers content content syslog application syslog application (originator, collector, relay) syslog transport syslog transport (transport sender, (transport receiver) ^ ^ syslog content - the management information contained in a syslog message. syslog application - handles generation, interpretation, routing and storage of syslog messages. syslog transport - puts messages on the wire and takes them off the wire. Vladislav Marinov SYSLOG 5
6 Some Definitions originator - generates syslog content to be carried in a message collector - gathers syslog content for further analysis relay - forwards messages, accepting messages from originators or other relays, and sending them to collectors or other relays transport sender passes syslog messages to a specific transport protocol transport receiver - takes syslog messages from a specific transport protocol Vladislav Marinov SYSLOG 6
7 Example Scenarios Originator ---->---- Collector Originator ---->---- Relay ---->---- Collector Originator ---->---- Relay ---->---- Collector \ \ >-- Relay ---->---- Collector Originator ---->---- Relay ----> Collector \ / \ / +->-- Relay -->--/ Vladislav Marinov SYSLOG 7
8 Overview 1 SYSLOG Architecture 2 SYSLOG Content 3 SYSLOG Transport Mappings 4 SYSLOG-SIGN Vladislav Marinov SYSLOG 8
9 SYSLOG Message Format The message is defined in ABNF format SYSLOG-MSG = HEADER SP STRUCTURED-DATA [SP MSG] SYSLOG Header Structured Data MSG Part - contains a free-form message that provides information about the event. Vladislav Marinov SYSLOG 9
10 SYSLOG Header PRI - Priority Value - shows what type of message is contained and how urgent it is VERSION - SYSLOG Protocol Version TIMESTAMP - identifies when the message was generated HOSTNAME - FQDN or IP address of the originator APP-NAME - identifies the device or application that originated the message PROCID - process name or process ID associated with a syslog system MSGID - identifies the type of message Vladislav Marinov SYSLOG 10
11 Structured Data Contains the actual data carried in the SYSLOG message Consists of a collection of SD-ELEMENT Each SD-ELEMENT has a SD-ID and a number of name-value pairs Examples: [timequality tzknown="1" issynced="1" syncaccuracy=" "] [origin ip=" " ip=" "] Vladislav Marinov SYSLOG 11
12 SYSLOG Message Example <66> T22:14:15.003Z mymachine.example.com evntslog - ID47 [examplesdid@0 iut="3" eventsource= "Application" eventid="1011"] BOMAn application event log entry... Informational Message coming from a system daemon The originator is mymachine.example.com Generated by the application evntslog No PROCID, MSGID is ID47 contains one SD-ELEMENT and a MSG part Vladislav Marinov SYSLOG 12
13 Overview 1 SYSLOG Architecture 2 SYSLOG Content 3 SYSLOG Transport Mappings 4 SYSLOG-SIGN Vladislav Marinov SYSLOG 13
14 UDP Transport Mapping [1] All SYSLOG implementations must implement UDP as a SYSLOG transport Involves very little overhead One SYSLOG message per datagram SYSLOD daemons listening on port UDP/514 Some concerns: Unreliable Delivery Message corruption Congestion control Sequenced delivery Sender authentication and message forgery Message observation Message Replay Vladislav Marinov SYSLOG 14
15 TLS Transport Mapping [2] Public Key Certificate A certificate is a data structure which ties a public key to an entity. The principal is usually represented as a hostname or an IP address. The certificate is signed by a trusted third party (i.e encrypted with the third party s private key) The SYSLOG entities are preconfigured with keys and certificates The originator initiates a TLS Handshake with the collector The originator and the collector exchange their certificates Both sides validate the certificate of the other side Session keys are exchanged which encrypt the following communication Vladislav Marinov SYSLOG 15
16 SYSLOG over TLS Originator Collector SYN SYN, ACK ACK TCP 3 packets CLIENT HELLO ACK SERVER HELLO CERTIFICATE CERTIFICATE REQUEST SERVER HELLO DONE TLS/TCP 6 packets ACK CERTIFICATE CERTIFICATE VERIFY KEY EXCHANGE CHANGE CIPHER SPEC CHANGE CIPHER SPEC SYSLOG ACK CLOSE NOTIFY FIN CLOSE NOTIFY FIN, ACK SYSLOG 2 packets TLS/TCP 5 packets ACK Vladislav Marinov SYSLOG 16
17 Overview 1 SYSLOG Architecture 2 SYSLOG Content 3 SYSLOG Transport Mappings 4 SYSLOG-SIGN Vladislav Marinov SYSLOG 17
18 SYSLOG-SIGN [3] Originators and collectors exchnange certificate and public key information as structured data carried over SYSLOG messages (certificate blocks) The SD-ID of certificate blocks is ssign-cert Originators create and store hashes of previously sent messages Occasionally originators send the collection of hashes as structured data carried over SYSLOG messages to the collectors (signature blocks) The SD-ID of signature blocks is ssign Messages carrying hashes are also signed by the originator to protect message integrity Vladislav Marinov SYSLOG 18
19 SYSLOG-SIGN When the collector receives the hashes from the signature blocks it can validate the previously received SYSLOG messages SYSLOG-SIGN solves the SYSLOG/UDP security problems Message Authenticity Message Replay Reliable Delivery Sequenced Delivery Message Integrity Message observation is still possible since the information is carried in plain text Message truncation will render the algorithm unusable Vladislav Marinov SYSLOG 19
20 Conclusion SYSLOG is an event notification management protocol the content of which can be easily extended Simply define new structured data elements SYSLOG allows various transport mappings SYSLOG usually runs over UDP (required mapping) SYSLOG over TLS (recommended transport) - security at the transport layer SYSLOG-SIGN - security at the application layer Vladislav Marinov SYSLOG 20
21 References A.Okmianski. Transmission of syslog messages over UDP. Internet Draft (work in progress) <draft-ietf-syslog-transport-udp-12>, Cisco Systems, Y.Ma F.Miao. TLS Transport Mapping for Syslog. Internet Draft (work in progress) < draft-ietf-syslog-transport-tls-11.tx>, Huawei Technologies, November A. Clemm J. Kelsey, J. Callas. Signed syslog Messages. Internet Draft (work in progress) <draft-ietf-syslog-sign-23.txt>, NIST, PGP Corporation, Cisco Systems, R.Gerhards. The Syslog Protocol. Internet Draft (work in progress) <draft-ietf-syslog-protocol-23>, Adiscon GmbH, Vladislav Marinov SYSLOG 21
Internet Engineering Task Force (IETF) Request for Comments: 5848 Category: Standards Track. A. Clemm Cisco Systems May 2010
Internet Engineering Task Force (IETF) Request for Comments: 5848 Category: Standards Track ISSN: 2070-1721 J. Kelsey NIST J. Callas PGP Corporation A. Clemm Cisco Systems May 2010 Signed Syslog Messages
More informationTransport Layer Review
Transport Layer Review Mahalingam Mississippi State University, MS October 1, 2014 Transport Layer Functions Distinguish between different application instances through port numbers Make it easy for applications
More informationRequest for Comments: 5674 Category: Standards Track Adiscon GmbH October 2009
Network Working Group Request for Comments: 5674 Category: Standards Track S. Chisholm Nortel R. Gerhards Adiscon GmbH October 2009 Alarms in Syslog Abstract This document describes how to send alarm information
More informationCategory: Standards Track Cisco Systems A. Karmakar Cisco Systems India Pvt Ltd October 2009
Network Working Group Request for Comments: 5676 Category: Standards Track J. Schoenwaelder Jacobs University Bremen A. Clemm Cisco Systems A. Karmakar Cisco Systems India Pvt Ltd October 2009 Abstract
More informationCategory: Standards Track March 2009
Network Working Group A. Okmianski Request for Comments: 5426 Cisco Systems, Inc. Category: Standards Track March 2009 Status of This Memo Transmission of Syslog Messages over UDP This document specifies
More informationCCNA R&S: Introduction to Networks. Chapter 7: The Transport Layer
CCNA R&S: Introduction to Networks Chapter 7: The Transport Layer Frank Schneemann 7.0.1.1 Introduction 7.0.1.2 Class Activity - We Need to Talk Game 7.1.1.1 Role of the Transport Layer The primary responsibilities
More informationTLS connection management & application support. Giuseppe Bianchi
TLS connection management & application support Alert Protocol TLS defines special messages to convey alert information between the involved fields Alert Protocol messages encapsulated into TLS Records
More informationTransport Layer. Gursharan Singh Tatla. Upendra Sharma. 1
Transport Layer Gursharan Singh Tatla mailme@gursharansingh.in Upendra Sharma 1 Introduction The transport layer is the fourth layer from the bottom in the OSI reference model. It is responsible for message
More informationOSI Transport Layer. Network Fundamentals Chapter 4. Version Cisco Systems, Inc. All rights reserved. Cisco Public 1
OSI Transport Layer Network Fundamentals Chapter 4 Version 4.0 1 Transport Layer Role and Services Transport layer is responsible for overall end-to-end transfer of application data 2 Transport Layer Role
More informationInternet Engineering Task Force (IETF) April 2012
Internet Engineering Task Force (IETF) Request for Comments: 6587 Category: Historic ISSN: 2070-1721 R. Gerhards Adiscon GmbH C. Lonvick Cisco Systems, Inc. April 2012 Transmission of Syslog Messages over
More informationDiscussion: Messaging
Discussion: Messaging Michael Welzl TAPS @ IETF 98 Chicago, 28.3.2017 1 From draft-gjessing-taps-minset-04 Transport features that require app knowledge + allow fall-back to TCP Sending Reliably transfer
More informationChapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,
Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls 32.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 32.2 Figure 32.1 Common structure
More informationTCP/IP Transport Layer Protocols, TCP and UDP
TCP/IP Transport Layer Protocols, TCP and UDP Learning Objectives Identify TCP header fields and operation using a Wireshark FTP session capture. Identify UDP header fields and operation using a Wireshark
More informationSSL/TLS & 3D Secure. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk SSL/TLS & 3DSec 1
SSL/TLS & 3D Secure CS 470 Introduction to Applied Cryptography Ali Aydın Selçuk CS470, A.A.Selçuk SSL/TLS & 3DSec 1 SSLv2 Brief History of SSL/TLS Released in 1995 with Netscape 1.1 Key generation algorithm
More informationUser Datagram Protocol
Topics Transport Layer TCP s three-way handshake TCP s connection termination sequence TCP s TIME_WAIT state TCP and UDP buffering by the socket layer 2 Introduction UDP is a simple, unreliable datagram
More informationTCP/IP. Chapter 5: Transport Layer TCP/IP Protocols
TCP/IP Chapter 5: Transport Layer TCP/IP Protocols 1 Objectives Understand the key features and functions of the User Datagram Protocol Explain the mechanisms that drive segmentation, reassembly, and retransmission
More informationSyslog components. Facility Severity Timestamp Host Tag Message
Syslog and RSyslog What is Syslog? Syslog is a standard for message logging. It allows separation of the software that generates messages, the system that stores them, and the software that reports and
More informationCCNA Exploration Network Fundamentals. Chapter 04 OSI Transport Layer
CCNA Exploration Network Fundamentals Chapter 04 OSI Transport Layer Updated: 05/05/2008 1 4.1 Roles of the Transport Layer 2 4.1 Roles of the Transport Layer The OSI Transport layer accept data from the
More informationChapter 7 Transport Layer. 7.0 Introduction 7.1 Transport Layer Protocols 7.2 TCP and UDP 7.3 Summary
Chapter 7 Transport Layer 7.0 Introduction 7.1 Transport Layer Protocols 7.2 TCP and UDP 7.3 Summary Transport Layer Transportation of Data Role of the Transport Layer The transport layer is responsible
More informationNetwork Model. Why a Layered Model? All People Seem To Need Data Processing
Network Model Why a Layered Model? All People Seem To Need Data Processing Layers with Functions Packet Propagation Each router provides its services to support upper-layer functions. Headers (Encapsulation
More informationNetworking Technologies and Applications
Networking Technologies and Applications Rolland Vida BME TMIT Transport Protocols UDP User Datagram Protocol TCP Transport Control Protocol and many others UDP One of the core transport protocols Used
More informationWashington State University CptS 455 Sample Final Exam (corrected 12/11/2011 to say open notes) A B C
Washington State University CptS 455 Sample Final Exam (corrected 12/11/2011 to say open notes) Your name: This exam consists 13 numbered problems on 6 pages printed front and back on 3 sheets. Please
More informationMobile Transport Layer Lesson 10 Timeout Freezing, Selective Retransmission, Transaction Oriented TCP and Explicit Notification Methods
Mobile Transport Layer Lesson 10 Timeout Freezing, Selective Retransmission, Transaction Oriented TCP and Explicit Notification Methods 1 Timeout freezing of transmission (TFT) Used in situations where
More informationRequest for Comments: J. Salowey, Ed. Cisco Systems, Inc. March Transport Layer Security (TLS) Transport Mapping for Syslog
Network Working Group Request for Comments: 5425 Category: Standards Track F. Miao, Ed. Y. Ma, Ed. Huawei Technologies J. Salowey, Ed. Cisco Systems, Inc. March 2009 Transport Layer Security (TLS) Transport
More informationARP, IP, TCP, UDP. CS 166: Introduction to Computer Systems Security 4/7/18 ARP, IP, TCP, UDP 1
ARP, IP, TCP, UDP CS 166: Introduction to Computer Systems Security 4/7/18 ARP, IP, TCP, UDP 1 IP and MAC Addresses Devices on a local area network have IP addresses (network layer) MAC addresses (data
More informationDifferent Layers Lecture 20
Different Layers Lecture 20 10/15/2003 Jian Ren 1 The Network Layer 10/15/2003 Jian Ren 2 Network Layer Functions Transport packet from sending to receiving hosts Network layer protocols in every host,
More informationInternet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.
Internet Layers Application Application Transport Transport Network Network Network Network Link Link Link Link Ethernet Fiber Optics Physical Layer Wi-Fi ARP requests and responses IP: 192.168.1.1 MAC:
More informationTransport Layer. The transport layer is responsible for the delivery of a message from one process to another. RSManiaol
Transport Layer Transport Layer The transport layer is responsible for the delivery of a message from one process to another Types of Data Deliveries Client/Server Paradigm An application program on the
More informationChapter 2 Advanced TCP/IP
Tactical Perimeter Defense 2-1 Chapter 2 Advanced TCP/IP At a Glance Instructor s Manual Table of Contents Overview Objectives Teaching Tips Quick Quizzes Class Discussion Topics Additional Projects Additional
More informationECE4110 Internetwork Programming. Introduction and Overview
ECE4110 Internetwork Programming Introduction and Overview 1 EXAMPLE GENERAL NETWORK ALGORITHM Listen to wire Are signals detected Detect a preamble Yes Read Destination Address No data carrying or noise?
More informationChapter 12 Network Protocols
Chapter 12 Network Protocols 1 Outline Protocol: Set of defined rules to allow communication between entities Open Systems Interconnection (OSI) Transmission Control Protocol/Internetworking Protocol (TCP/IP)
More informationCisco Unified Operating System Administration Web Interface
Cisco Unified Operating System Administration Web Interface ServerGroup, page 1 Hardware, page 2 Network Configuration, page 3 Software Packages, page 4 System, page 5 IP Preferences, page 6 Ethernet Configuration,
More informationCisco Unified Operating System Administration Web Interface for Cisco Emergency Responder
Cisco Unified Operating System Administration Web Interface for Cisco Emergency Responder These topics describe the Cisco Unified Operating System (OS) Administration web interface for Cisco Emergency
More informationNT1210 Introduction to Networking. Unit 10
NT1210 Introduction to Networking Unit 10 Chapter 10, TCP/IP Transport Objectives Identify the major needs and stakeholders for computer networks and network applications. Compare and contrast the OSI
More information05 Transmission Control Protocol (TCP)
SE 4C03 Winter 2003 05 Transmission Control Protocol (TCP) Instructor: W. M. Farmer Revised: 06 February 2003 1 Interprocess Communication Problem: How can a process on one host access a service provided
More informationOSI Transport Layer. objectives
LECTURE 5 OSI Transport Layer objectives 1. Roles of the Transport Layer 1. segmentation of data 2. error detection 3. Multiplexing of upper layer application using port numbers 2. The TCP protocol Communicating
More informationTransport Level Security
2 Transport Level Security : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l12, Steve/Courses/2013/s2/css322/lectures/transport.tex,
More informationSE 4C03 Winter Final Examination Answer Key. Instructor: William M. Farmer
SE 4C03 Winter 2003 Final Examination Answer Key Instructor: William M. Farmer (1) [2 pts.] Both the source and destination IP addresses are used to route IP datagrams. Is this statement true or false?
More informationInterconnecting Networks with TCP/IP. 2000, Cisco Systems, Inc. 8-1
Interconnecting Networks with TCP/IP 2000, Cisco Systems, Inc. 8-1 Objectives Upon completion of this chapter you will be able to perform the following tasks: Identify the IP protocol stack, its protocol
More informationCCNA 1 v3.11 Module 11 TCP/IP Transport and Application Layers
CCNA 1 v3.11 Module 11 TCP/IP Transport and Application Layers 2007, Jae-sul Lee. All rights reserved. 1 Agenda 11.1 TCP/IP Transport Layer 11.2 The Application Layer What does the TCP/IP transport layer
More informationChapter 09 Network Protocols
Chapter 09 Network Protocols Copyright 2011, Dr. Dharma P. Agrawal and Dr. Qing-An Zeng. All rights reserved. 1 Outline Protocol: Set of defined rules to allow communication between entities Open Systems
More informationQUIZ: Longest Matching Prefix
QUIZ: Longest Matching Prefix A router has the following routing table: 10.50.42.0 /24 Send out on interface Z 10.50.20.0 /24 Send out on interface A 10.50.24.0 /22 Send out on interface B 10.50.20.0 /22
More informationGuide To TCP/IP, Second Edition UDP Header Source Port Number (16 bits) IP HEADER Protocol Field = 17 Destination Port Number (16 bit) 15 16
Guide To TCP/IP, Second Edition Chapter 5 Transport Layer TCP/IP Protocols Objectives Understand the key features and functions of the User Datagram Protocol (UDP) Explain the mechanisms that drive segmentation,
More informationCIT 470: Advanced Network and System Administration. Topics. System Logs. Logging
CIT 470: Advanced Network and System Administration Logging CIT 470: Advanced Network and System Administration Slide #1 1. System logs 2. Logging policies 3. Finding logs 4. Syslog 5. Syslog servers 6.
More informationChapter 23 Process-to-Process Delivery: UDP, TCP, and SCTP 23.1
Chapter 23 Process-to-Process Delivery: UDP, TCP, and SCTP 23.1 Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 23-1 PROCESS-TO-PROCESS DELIVERY 23.2 The transport
More informationInternet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho
Internet Security - IPSec, SSL/TLS, SRTP - 29th. Oct. 2007 Lee, Choongho chlee@mmlab.snu.ac.kr Contents Introduction IPSec SSL / TLS SRTP Conclusion 2/27 Introduction (1/2) Security Goals Confidentiality
More informationTCP /IP Fundamentals Mr. Cantu
TCP /IP Fundamentals Mr. Cantu OSI Model and TCP/IP Model Comparison TCP / IP Protocols (Application Layer) The TCP/IP subprotocols listed in this layer are services that support a number of network functions:
More informationLayer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers
Layer 4: UDP, TCP, and others based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Concepts application set transport set High-level, "Application Set" protocols deal only with how handled
More informationSimulation of TCP Layer
39 Simulation of TCP Layer Preeti Grover, M.Tech, Computer Science, Uttrakhand Technical University, Dehradun ABSTRACT The Transmission Control Protocol (TCP) represents the most deployed transport protocol
More informationLab - Using Wireshark to Examine a UDP DNS Capture
Topology Objectives Part 1: Record a PC s IP Configuration Information Part 2: Use Wireshark to Capture DNS Queries and Responses Part 3: Analyze Captured DNS or UDP Packets Background / Scenario If you
More informationNetwork and Security: Introduction
Network and Security: Introduction Seungwon Shin KAIST Some slides are from Dr. Srinivasan Seshan Some slides are from Dr. Nick Mckeown Network Overview Computer Network Definition A computer network or
More informationUNIT V. Computer Networks [10MCA32] 1
Computer Networks [10MCA32] 1 UNIT V 1. Explain the format of UDP header and UDP message queue. The User Datagram Protocol (UDP) is a end-to-end transport protocol. The issue in UDP is to identify the
More informationUDP, TCP, IP multicast
UDP, TCP, IP multicast Dan Williams In this lecture UDP (user datagram protocol) Unreliable, packet-based TCP (transmission control protocol) Reliable, connection oriented, stream-based IP multicast Process-to-Process
More informationTRANSMISSION CONTROL PROTOCOL. ETI 2506 TELECOMMUNICATION SYSTEMS Monday, 7 November 2016
TRANSMISSION CONTROL PROTOCOL ETI 2506 TELECOMMUNICATION SYSTEMS Monday, 7 November 2016 ETI 2506 - TELECOMMUNICATION SYLLABUS Principles of Telecom (IP Telephony and IP TV) - Key Issues to remember 1.
More informationCryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea
Cryptography SSL/TLS Network Security Workshop 3-5 October 2017 Port Moresby, Papua New Guinea 1 History Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent
More informationLab - Using Wireshark to Examine a UDP DNS Capture
Topology Objectives Part 1: Record a PC s IP Configuration Information Part 2: Use Wireshark to Capture DNS Queries and Responses Part 3: Analyze Captured DNS or UDP Packets Background / Scenario If you
More informationContents. Introduction. Prerequisites. Requirements. Components Used
Contents Introduction Prerequisites Requirements Components Used Background Information Configure Step 1. Use the Public CA or the Set Up CA on Windows Server 2003 Step 2. Verify Hostname and Settings
More informationComputer Networks. Lecture 9 Network and transport layers, IP, TCP, UDP protocols
Computer Networks Lecture 9 Network and transport layers, IP, TCP, UDP protocols Network layer The Network layer, or OSI Layer 3, provides services to exchange the individual pieces of data over the network
More informationTCP/IP Protocol Suite 1
TCP/IP Protocol Suite 1 Stream Control Transmission Protocol (SCTP) TCP/IP Protocol Suite 2 OBJECTIVES: To introduce SCTP as a new transport-layer protocol. To discuss SCTP services and compare them with
More information14. Internet Security (J. Kurose)
14. Internet Security (J. Kurose) 1 Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: application layer:
More informationClosed book. Closed notes. No electronic device.
414-S17 (Shankar) Exam 3 PRACTICE PROBLEMS Page 1/6 Closed book. Closed notes. No electronic device. 1. Anonymity Sender k-anonymity Receiver k-anonymity Authoritative nameserver Autonomous system BGP
More informationTransport Layer Protocols TCP
Transport Layer Protocols TCP Gail Hopkins Introduction Features of TCP Packet loss and retransmission Adaptive retransmission Flow control Three way handshake Congestion control 1 Common Networking Issues
More informationTransport Over IP. CSCI 690 Michael Hutt New York Institute of Technology
Transport Over IP CSCI 690 Michael Hutt New York Institute of Technology Transport Over IP What is a transport protocol? Choosing to use a transport protocol Ports and Addresses Datagrams UDP What is a
More informationPart II. Raj Jain. Washington University in St. Louis
Part II Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-07/ 19-1 Overview
More informationETSF10 Internet Protocols Transport Layer Protocols
ETSF10 Internet Protocols Transport Layer Protocols 2012, Part 2, Lecture 2.2 Kaan Bür, Jens Andersson Transport Layer Protocols Special Topic: Quality of Service (QoS) [ed.4 ch.24.1+5-6] [ed.5 ch.30.1-2]
More informationProcess-to-Process Delivery:
CHAPTER 23 Process-to-Process Delivery: Solutions to Review Questions and Exercises Review Questions 1. Reliability is not of primary importance in applications such as echo, daytime, BOOTP, TFTP and SNMP.
More informationTransport Layer TCP & UDP Week 7. Module : Computer Networks Lecturers : Lucy White Office : 324
Transport Layer TCP & UDP Week 7 Module : Computer Networks Lecturers : Lucy White lbwhite@wit.ie Office : 324 1 Purpose of the Transport Layer The Transport layer provides for the segmentation of data
More informationTSIN02 - Internetworking
Lecture 4: Transport Layer Literature: Forouzan: ch 11-12 2004 Image Coding Group, Linköpings Universitet Lecture 4: Outline Transport layer responsibilities UDP TCP 2 Transport layer in OSI model Figure
More informationTSIN02 - Internetworking
Lecture 4: Outline Literature: Lecture 4: Transport Layer Forouzan: ch 11-12 RFC? Transport layer introduction UDP TCP 2004 Image Coding Group, Linköpings Universitet 2 The Transport Layer Transport layer
More informationA Solution Framework for Private Media in Privacy Enhanced RTP Conferencing (draft-jones-perc-private-media-framework-00)
A Solution Framework for Private Media in Privacy Enhanced RTP Conferencing (draft-jones-perc-private-media-framework-00) IETF 93 / July 2015 Paul E. Jones Nermeen Ismail David Benham Cisco Agenda Security
More informationChapter 5 End-to-End Protocols
Chapter 5 End-to-End Protocols Transport layer turns the host-to-host packet delivery service of the underlying network into a process-to-process communication channel Common properties that application
More informationTITLE: OIF Control Plane Logging and Auditing with Syslog
Contribution Number: Working Group: OAM&P TITLE: OIF Control Plane Logging and Auditing with Syslog DATE: July 25, 2006 SOURCE: Tom Tarman, Sandia National Labs, tdtarma@sandia.gov Renée Esposito, Booz
More informationTransport Layer Security
CEN585 Computer and Network Security Transport Layer Security Dr. Mostafa Dahshan Department of Computer Engineering College of Computer and Information Sciences King Saud University mdahshan@ksu.edu.sa
More informationPROGRAMMING Kyriacou E. Frederick University Cyprus. Network communication examples
ACSC424 NETWORK APPLICATION PROGRAMMING Kyriacou E. Frederick University Cyprus communication examples The OSI reference model (proposed by ISO) Application A Application B 2 Application Application Presentation
More informationNetwork Security - ISA 656 IPsec IPsec Key Management (IKE)
Network Security - ISA 656 IPsec IPsec (IKE) Angelos Stavrou September 28, 2008 What is IPsec, and Why? What is IPsec, and Why? History IPsec Structure Packet Layout Header (AH) AH Layout Encapsulating
More information4.0.1 CHAPTER INTRODUCTION
4.0.1 CHAPTER INTRODUCTION Data networks and the Internet support the human network by supplying seamless, reliable communication between people - both locally and around the globe. On a single device,
More informationApplication. Transport. Network. Link. Physical
Transport Layer ELEC1200 Principles behind transport layer services Multiplexing and demultiplexing UDP TCP Reliable Data Transfer TCP Congestion Control TCP Fairness *The slides are adapted from ppt slides
More informationLecture 08: Networking services: there s no place like
Lecture 08: services: there s no place like 127.0.0.1 Hands-on Unix system administration DeCal 2012-10-15 1 / 22 About Common records Other records 2 / 22 About About Common records Other records Domain
More informationExternal Alerting for Intrusion Events
The following topics describe how to configure external alerting for intrusion events: About, page 1 Configuring SNMP Alerting for Intrusion Events, page 2 Configuring Syslog Alerting for Intrusion Events,
More informationIntroduction to Network. Topics
Introduction to Network Security Chapter 7 Transport Layer Protocols 1 TCP Layer Topics Responsible for reliable end-to-end transfer of application data. TCP vulnerabilities UDP UDP vulnerabilities DNS
More informationBut where'd that extra "s" come from, and what does it mean?
SSL/TLS While browsing Internet, some URLs start with "http://" while others start with "https://"? Perhaps the extra "s" when browsing websites that require giving over sensitive information, like paying
More informationComputer Networks and Data Systems
Computer Networks and Data Systems Transport Layer TDC463 Winter 2011/12 John Kristoff - DePaul University 1 Why a transport layer? IP gives us end-to-end connectivity doesn't it? Why, or why not, more
More informationChapter 4: Securing TCP connections
Managing and Securing Computer Networks Guy Leduc Chapter 5: Securing TCP connections Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley, March 2012. (section
More informationCIT 480: Securing Computer Systems
CIT 480: Securing Computer Systems Operating System Security CIT 480: Securing Computer Systems Slide #1 Topics 1. OS Security Features 2. Bypassing OS Security 1. Boot time security 2. BIOS security 3.
More informationConnectionless and Connection-Oriented Protocols OSI Layer 4 Common feature: Multiplexing Using. The Transmission Control Protocol (TCP)
Lecture (07) OSI layer 4 protocols TCP/UDP protocols By: Dr. Ahmed ElShafee ١ Dr. Ahmed ElShafee, ACU Fall2014, Computer Networks II Introduction Most data-link protocols notice errors then discard frames
More informationn Understand EC-Council s scanning methodology n Describe scan types and the objectives of scanning
Outline n Understand EC-Council s scanning methodology n Describe scan types and the objectives of scanning n Understand the use of various scanning and enumeration tools Chapter #3: n Describe TCP communication
More informationECE 435 Network Engineering Lecture 15
ECE 435 Network Engineering Lecture 15 Vince Weaver http://web.eece.maine.edu/~vweaver vincent.weaver@maine.edu 26 October 2016 Announcements HW#5 due HW#6 posted Broadcasts on the MBONE 1 The Transport
More informationTransport Layer Marcos Vieira
Transport Layer 2014 Marcos Vieira Transport Layer Transport protocols sit on top of network layer and provide Application-level multiplexing ( ports ) Error detection, reliability, etc. UDP User Datagram
More informationUNIT IV TRANSPORT LAYER
Transport Layer UNIT IV TRANSPORT LAYER Congestion Control and Quality of Service Ref: Data Communication & Networking, 4 th edition, Forouzan IV-1 DATA TRAFFIC The main focus of congestion control and
More informationNever Lose a Syslog Message
Never Lose a Syslog Message Alexander Bluhm bluhm@openbsd.org September 24, 2017 Agenda 1 Motivation 2 Starting Position 3 Local Improvements 4 Remote Logging 5 Conclusion Why reliable logging? system
More informationUnderstanding the Network: A practical Guide to Internetworking Michael J. Martin
Understanding the Network: A practical Guide to Internetworking 0735709777 Michael J. Martin Copyright 2001 by New Riders Publishing Warning and Disclaimer: Every effort has been made to make this book
More informationIntroduction to TCP/IP networking
Introduction to TCP/IP networking TCP/IP protocol family IP : Internet Protocol UDP : User Datagram Protocol RTP, traceroute TCP : Transmission Control Protocol HTTP, FTP, ssh What is an internet? A set
More informationCMPE 80N: Introduction to Networking and the Internet
CMPE 80N: Introduction to Networking and the Internet Katia Obraczka Computer Engineering UCSC Baskin Engineering Lecture 11 CMPE 80N Fall'10 1 Announcements Forum #2 due on 11.05. CMPE 80N Fall'10 2 Last
More informationSIP Compliance APPENDIX
APPENDIX E This appendix describes Cisco SIP proxy server (Cisco SPS) compliance with the Internet Engineering Task Force (IETF) definition of Session Initiation Protocol (SIP) as described in the following
More informationLecture 20 Overview. Last Lecture. This Lecture. Next Lecture. Transport Control Protocol (1) Transport Control Protocol (2) Source: chapters 23, 24
Lecture 20 Overview Last Lecture Transport Control Protocol (1) This Lecture Transport Control Protocol (2) Source: chapters 23, 24 Next Lecture Internet Applications Source: chapter 26 COSC244 & TELE202
More informationSolving HTTP Problems With Code and Protocols NATASHA ROONEY
Solving HTTP Problems With Code and Protocols NATASHA ROONEY Web HTTP TLS TCP IP 7. Application Data HTTP / IMAP 6. Data Presentation, Encryption SSL / TLS 5. Session and connection management - 4. Transport
More informationComputer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography
Chapter 7: Network security 15-441 Computer Networking Network Security: Cryptography, Authentication, Integrity Foundations: what is security? cryptography authentication message integrity key distribution
More informationData & Computer Communication
Basic Networking Concepts A network is a system of computers and other devices (such as printers and modems) that are connected in such a way that they can exchange data. A bridge is a device that connects
More informationCCNA 1 Chapter 7 v5.0 Exam Answers 2013
CCNA 1 Chapter 7 v5.0 Exam Answers 2013 1 A PC is downloading a large file from a server. The TCP window is 1000 bytes. The server is sending the file using 100-byte segments. How many segments will the
More informationProtocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.
P2 Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE 802.11i, IEEE 802.1X P2.2 IP Security IPsec transport mode (host-to-host), ESP and
More information