Internet Infrastructure
|
|
- Juliet Fitzgerald
- 6 years ago
- Views:
Transcription
1 Internet Infrastructure
2 Internet Infrastructure Local and inter-domain routing TCP/IP for routing and messaging BGP for routing announcements Domain Name System Find IP address from symbolic name (
3 3 2 1 Level: Tier One Tier Two Tier Three Infrastructure Quiz Match the level to its description Descriptions: 1. A network that purchases all transit from other networks. 2. A network that peers some of its network access and purchases some of it. 3. A network can reach every other network through peering. Peering: ISPs connect their networks together. Traffic is allowed to flow across a network in exchange for free access to other networks
4 Infrastructure Quiz NAME AT&T Cogent Communications CenturyLink Deutsche Telekom AG KPN International Level 3 Communications NTT Communications (America) Orange Sprint Tata Communications (America) Telecom Italia Sparkle Telefonica Global Solutions Telia Carrier Verizon Enterprise Solutions Zayo Group -----
5 TCP Protocol Stack Application Transport Application Protocol TCP Protocol Application Transport Network IP Protocol IP IP Protocol Network Link Data Link Network Access Data Link Link
6 TCP Protocol Stack: Data Formats TCP Header Application Transport (TCP,UDP) Network(IP) Message Segment Packet Application message - data TCP data TCP data TCP data IP TCP data Link Layer Frame IP Header EIT IP TCP data ETF Link (Ethernet) Header Link (Ethernet) Trailer
7 Internet Protocol: IP Routing Version Header Length Type of Service Total Length Identification Flags Fragment Offset Time to Live Protocol Header Checksum Source Address of Originating Host Destination Address of Target Host Options Padding IP Data Connectionless Unreliable Best effort Notes: src and dest ports not parts of IP hdr
8 Internet Protocol: IP Routing Alice PACKET Source Destination Office gateway Bob ISP Typical route uses several hops IP: no ordering or delivery guarantees
9 IP Protocol Functions (Summary) Routing IP host knows location of router (gateway) IP gateway must know route to other networks Fragmentation and reassembly If max-packet-size less than the user-data-size
10 IP Protocol Functions (Summary) Error reporting ICMP packet to source if packet is dropped TTL field: decremented after every hop Packet dropped if TTL=0. Prevents infinite loops.
11 IP Quiz Select all the true statements about Internet Protocol (IP). IP is a connectionless and reliable protocol. IP provides only best effort delivery, it is not guaranteed. Due the connectionless nature of IP, data corruption, packet loss, duplication, and out-of-order delivery can occur.
12 IP Authentication Client is trusted to embed correct source IP Easy to override using raw sockets Libnet: a library for formatting raw packets with arbitrary IP headers The problem: No Source IP authentication Anyone who owns their machine can send packets with arbitrary source IP, and a response will be sent back to forged source IP
13 IP Authentication Client is trusted to embed correct source IP Easy to override using raw sockets Libnet: a library for formatting raw packets with arbitrary IP headers The problem: No Source IP authentication Implications: Anonymous DoS attacks; Anonymous infection/malware attacks
14 Transmission Control Protocol Connection-oriented, preserves order Book
15 Transmission Control Protocol Sender : Break data into packets Attach packet numbers Book Mail each page
16 Transmission Control Protocol Receiver: Acknowledge receipt; lost packets are resent Reassemble packets in correct order Book Mail each page Reassembled Book
17 Transmission Control Protocol TCP Header Source port Dest port ver hlen TOS Pkt len Identification flg fragment offset TTL protocol header checksum Source IP address Destination IP address IP Header U R G SEQ Number ACK Number A P P S C S S Y K H R N Other Stuff F I N TCP Header
18 Review TCP Handshake C S Received packets with SN too far out of window are dropped SYN: SYN/ACK: ACK: SN C rand C AN C 0 SN S rand S AN S SN C +1 SN C SN C +1 AN C SN S +1 Listening Store SN C, SN S Wait Established
19 TCP Basic Security Problems 1 Network packets pass by untrusted hosts Eavesdropping, packet sniffing Especially easy when attacker controls a machine close to victim (e.g. WiFi routers) 2 TCP state easily obtained by eavesdropping Enables spoofing and session hijacking 3 Denial of Service (DoS) vulnerabilities See DDoS lesson
20 TCP IP Security Issues Quiz Select all the true statements: Application layer controls can protect application data, and IP addresses. IP information cannot be protected by transport layer controls. Network layer controls can protect the data within the packets as well as the IP information for each packet. Data link layer controls can protect connections comprised of multiple links
21 Random Initial Sequence Numbers Suppose initial seq. numbers (SN C, SN S ) are predictable: Attacker can create TCP session on behalf of forged source IP Breaks IP-based authentication (e.g. SPF, /etc/hosts ) Random seq. num. do not prevent attack, but make it harder
22 Random Initial Sequence Numbers TCP SYN srcip=victim Victim Attacker ACK srcip=victim AN=predicted SN S +1 Command SYN/ACK dstip=victim SN=server SN S Server thinks command is from victim IP addr
23 Example DoS Vulnerability: Reset Attacker sends a Reset packet on an open socket If correct SN S then connection will close DoS Naively, success prob. is 1/232 (32-bit seq. # s). but, many systems allow for a large window of acceptable seq. # s. Much higher success probability. Attacker can flood with RST packets until one works
24 Protocols Quiz Match the protocol with its description: B C A Protocol: Address Resolution Protocol (ARP) Open Shortest Path First (OSPF) Border Gateway Protocol (BGP) Descriptions: A. protocol designed to exchange routing and reachability information among autonomous systems (AS) B. protocol designed to map IP network addresses to the hardware addresses used by a data link protocol C. protocol uses a link state routing algorithm and falls into the group of interior routing protocols
25 Protocols Quiz ARP request message sent out IP: IP: Router or Host IP:
26 Protocols Quiz IP: Router or Host ARP reply IP: IP:
27 Protocols Quiz R1 R2 R3 R4 R5
28 Protocols Quiz Router A Router B AS 200 AS 100 AS 300 Router C
29 Routing Security: Interdomain Routing Earthlnk.net Gatech.edu BGP OSPF Autonomous System Connected group of one or more Internet Protocol prefixes under a single routing policy (aka domain)
30 Routing Protocols ARP (addr resolution protocol): IP addr eth addr Security issues: (local network attacks) Node A can confuse gateway into sending it traffic for Node B By proxying traffic, node A can read/inject packets into B s session (e.g. WiFi networks)
31 Routing Protocols BGP: routing between Autonomous Systems Security issues: unauthenticated route updates Anyone can cause entire Internet to send traffic for a victim IP to attacker s address Example: Youtube-Pakistan mishap Anyone can hijack route to victim
32 BGP [D. Wetherall]
33 BGP: Security Issues BGP path attestations are un-authenticated Anyone can inject advertisements for arbitrary routes Advertisement will propagate everywhere Used for DoS, spam, and eavesdropping (details in DDoS lecture)
34 BGP: Example path hijack Normally: Alestra (Mexico) PCCW (Texas) Qwest (DC) Feb 2013: Guadalajara Washington DC via Belarus Person browsing the Web in DC cannot tell by traceroute that HTTP Responses are routed through Moscow
35 BGP Attacks Quiz Match the attack to its characteristic: D E C B A Denial of Service Sniffing Attack: Routing to Endpoints in Malicious Networks Creating Route Instabilities Revelation of Network Topologies Characteristic: A. Unmasking the AS relationships by hacking the routing table. B. Not yet used by hackers because damage cannot be contained. It can blowback to the attacker. C. The first step is to hijack traffic from a legitimate host. D. Create a false route or kill a legitimate one. E. The attacker must control a device along the victim s communication path.
36 BGP: Security Issues Solutions: RPKI: AS obtains a certificate (ROA) from regional authority (RIR) and attaches ROA to path advertisement. Advertisements without a valid ROA are ignored. Defends against a malicious AS (but not a network attacker) SBGP: sign every hop of a path advertisement
37 S-BGP Design Overview IPsec: secure point-to-point router communication Public Key Infrastructure: authorization for all S-BGP entities Attestations: digitally-signed authorizations Address: authorization to advertise specified address blocks Route: Validation of UPDATEs based on a new path attribute, using PKI certificates and attestations
38 S-BGP Design Overview Repositories for distribution of certificates, CRLs, and address attestations Tools for ISPs to manage address attestations, process certificates & CRLs, etc.
39 S-BGP Design Overview AS Host1 Host2 Hostn Address blocks
40 S-BGP Overview: Address Attestation Indicates that the final AS listed in the UPDATE is authorized by the owner of those address blocks Includes identification of: owner s certificate AS to be advertising the address blocks address blocks expiration date
41 S-BGP Overview: Address Attestation Digitally signed by owner of the address blocks Used to protect BGP from erroneous UPDATEs (authenticated but misbehaving or misconfigured BGP speakers)
42 S-BGP Overview: Route Attestation Indicates that the speaker or its AS authorizes the listener s AS to use the route in the UPDATE Includes identification of: AS s or BGP speaker s certificate issued by owner of the AS the address blocks and the list of ASes in the UPDATE the neighbor expiration date
43 S-BGP Overview: Route Attestation Digitally signed by owner of the AS (or BGP speaker) distributing the UPDATE, traceable to the IANA Used to protect BGP from erroneous UPDATEs (authenticated but misbehaving or misconfigured BGP speakers)
44 S-BGP Overview: Route Attestation To validate a route from AS n, AS n+1 needs: address attestation from each organization owning an address block(s) in the NLRI address allocation certificate from each organization owning address blocks in the NLRI route attestation from every AS along the path (AS 1 to AS n ), where the route attestation for AS k specifies the NLRI and the path up to that point (AS 1 through As k-1 ) certificate for each AS or router along path (AS 1 to AS n ) to check signatures on the route attestations all the relevant CRLs must have been checked
Lecture 6. Internet Security: How the Internet works and some basic vulnerabilities. Thursday 19/11/2015
Lecture 6 Internet Security: How the Internet works and some basic vulnerabilities Thursday 19/11/2015 Agenda Internet Infrastructure: Review Basic Security Problems Security Issues in Routing Internet
More informationInternet Security: How the Internet works and some basic vulnerabilities
CS 155 Internet Security: How the Internet works and some basic vulnerabilities Dan Boneh Acknowledgments: Lecture slides are from the Computer Security course taught by Dan Boneh and John Mitchell at
More informationInternet Security: How the Internet works and some basic vulnerabilities. Slides from D.Boneh, Stanford and others
Internet Security: How the Internet works and some basic vulnerabilities Slides from D.Boneh, Stanford and others 1 Internet Infrastructure ISP Backbone ISP Local and interdomain routing TCP/IP for routing
More informationELEC5616 COMPUTER & NETWORK SECURITY
ELEC5616 COMPUTER & NETWORK SECURITY Lecture 17: Network Protocols I IP The Internet Protocol (IP) is a stateless protocol that is used to send packets from one machine to another using 32- bit addresses
More informationCS Paul Krzyzanowski
The Internet Packet switching: store-and-forward routing across multiple physical networks... across multiple organizations Computer Security 11. Network Security ISP Paul Krzyzanowski Rutgers University
More informationComputer Security. 11. Network Security. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 11. Network Security Paul Krzyzanowski Rutgers University Spring 2018 April 15, 2018 CS 419 2018 Paul Krzyzanowski 1 The Internet Packet switching: store-and-forward routing across multiple
More informationInternet Protocol and Transmission Control Protocol
Internet Protocol and Transmission Control Protocol CMSC 414 November 13, 2017 Internet Protcol Recall: 4-bit version 4-bit hdr len 8-bit type of service 16-bit total length (bytes) 8-bit TTL 16-bit identification
More informationCSc 466/566. Computer Security. 18 : Network Security Introduction
1/81 CSc 466/566 Computer Security 18 : Network Security Introduction Version: 2012/05/03 13:57:28 Department of Computer Science University of Arizona collberg@gmail.com Copyright c 2012 Christian Collberg
More informationInternet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.
Internet Layers Application Application Transport Transport Network Network Network Network Link Link Link Link Ethernet Fiber Optics Physical Layer Wi-Fi ARP requests and responses IP: 192.168.1.1 MAC:
More informationInterdomain routing CSCI 466: Networks Keith Vertanen Fall 2011
Interdomain routing CSCI 466: Networks Keith Vertanen Fall 2011 Overview Business relationships between ASes Interdomain routing using BGP Advertisements Routing policy Integration with intradomain routing
More informationDan Boneh, John Mitchell, Dawn Song. Denial of Service
Dan Boneh, John Mitchell, Dawn Song Denial of Service What is network DoS? Goal: take out a large site with little computing work How: Amplification Small number of packets big effect Two types of amplification
More informationIntroduction to TCP/IP networking
Introduction to TCP/IP networking TCP/IP protocol family IP : Internet Protocol UDP : User Datagram Protocol RTP, traceroute TCP : Transmission Control Protocol HTTP, FTP, ssh What is an internet? A set
More informationChapter 2 - Part 1. The TCP/IP Protocol: The Language of the Internet
Chapter 2 - Part 1 The TCP/IP Protocol: The Language of the Internet Protocols A protocol is a language or set of rules that two or more computers use to communicate 2 Protocol Analogy: Phone Call Parties
More informationNetwork and Security: Introduction
Network and Security: Introduction Seungwon Shin KAIST Some slides are from Dr. Srinivasan Seshan Some slides are from Dr. Nick Mckeown Network Overview Computer Network Definition A computer network or
More informationNetwork security. CSE 127 Computer Security. TCP/IP Protocol Stack. Packet Switched Network Architecture. Protocols are structured in layers
CSE 127 Computer Security Spring 2011 Intro to networking and network security Stefan Savage security First need to understand basic networking Architecture IP UDP TCP DNS And vulnerabilities in their
More informationSecurity in inter-domain routing
DD2491 p2 2011 Security in inter-domain routing Olof Hagsand KTH CSC 1 Literature Practical BGP pages Chapter 9 See reading instructions Beware of BGP Attacks (Nordström, Dovrolis) Examples of attacks
More informationDenial of Service. EJ Jung 11/08/10
Denial of Service EJ Jung 11/08/10 Pop Quiz 3 Write one thing you learned from today s reading Write one thing you liked about today s reading Write one thing you disliked about today s reading Announcements
More informationNetwork Security. Tadayoshi Kohno
CSE 484 (Winter 2011) Network Security Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others for sample slides and materials...
More informationnetwork security s642 computer security adam everspaugh
network security s642 adam everspaugh ace@cs.wisc.edu computer security today Announcement: HW3 to be released WiFi IP, TCP DoS, DDoS, prevention 802.11 (wifi) STA = station AP = access point BSS = basic
More informationLayer 4: UDP, TCP, and others. based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers
Layer 4: UDP, TCP, and others based on Chapter 9 of CompTIA Network+ Exam Guide, 4th ed., Mike Meyers Concepts application set transport set High-level, "Application Set" protocols deal only with how handled
More informationCS670: Network security
Cristina Nita-Rotaru CS670: Network security ARP, TCP 1: Background on network protocols OSI/ISO Model Application Presentation Session Transport Network Data Link Physical Layer Application Presentation
More informationIntroduction to Information Science and Technology 2017 Networking II. Sören Schwertfeger 师泽仁
II Sören Schwertfeger 师泽仁 Outline Review Network Layer Routing Transport Layer Applications HTTP Demos Internet: Huge network of networks Billions of hosts (computers) Internet Structure Network Edge:
More informationEC441 Fall 2018 Introduction to Computer Networking Chapter4: Network Layer Data Plane
EC441 Fall 2018 Introduction to Computer Networking Chapter4: Network Layer Data Plane This presentation is adapted from slides produced by Jim Kurose and Keith Ross for their book, Computer Networking:
More informationA Survey of BGP Security Review
A Survey of BGP Security Review Network Security Instructor:Dr. Shishir Nagaraja Submitted By: Jyoti Leeka November 16, 2011 1 Introduction to the topic and the reason for the topic being interesting Border
More informationLecture outline. Internet Routing Security Issues. Previous lecture: Effect of MinRouteAdver Timer. Recap of previous lecture
Lecture outline Internet Routing Security Issues Z. Morley Mao Lecture 3 Jan 14, 2003 Recap of last lecture, any questions? Existing routing security mechanisms - SBGP General threats to routing protocols
More informationCPSC 826 Internetworking. The Network Layer: Routing & Addressing Outline. The Network Layer
1 CPSC 826 Intering The Network Layer: Routing & Addressing Outline The Network Layer Michele Weigle Department of Computer Science Clemson University mweigle@cs.clemson.edu November 10, 2004 Network layer
More informationSingle Network: applications, client and server hosts, switches, access links, trunk links, frames, path. Review of TCP/IP Internetworking
1 Review of TCP/IP working Single Network: applications, client and server hosts, switches, access links, trunk links, frames, path Frame Path Chapter 3 Client Host Trunk Link Server Host Panko, Corporate
More informationNetwork Layer: Internet Protocol
Network Layer: Internet Protocol Motivation Heterogeneity Scale Intering IP is the glue that connects heterogeneous s giving the illusion of a homogenous one. Salient Features Each host is identified by
More informationIntroduction to IP Routing. Geoff Huston
Introduction to IP Routing Geoff Huston Routing How do packets get from A to B in the Internet? A Internet B Connectionless Forwarding Each router (switch) makes a LOCAL decision to forward the packet
More informationCSC 574 Computer and Network Security. TCP/IP Security
CSC 574 Computer and Network Security TCP/IP Security Alexandros Kapravelos kapravelos@ncsu.edu (Derived from slides by Will Enck and Micah Sherr) Network Stack, yet again Application Transport Network
More informationECE 650 Systems Programming & Engineering. Spring 2018
ECE 650 Systems Programming & Engineering Spring 2018 Networking Transport Layer Tyler Bletsch Duke University Slides are adapted from Brian Rogers (Duke) TCP/IP Model 2 Transport Layer Problem solved:
More informationHY 335 Φροντιστήριο 8 ο
HY 335 Φροντιστήριο 8 ο Χειμερινό Εξάμηνο 2009-2010 Παπακωνσταντίνου Άρτεμις artpap@csd.uoc.gr 4/12/2009 Roadmap IP: The Internet Protocol IPv4 Addressing Datagram Format Transporting a datagram from source
More informationUser Datagram Protocol
Topics Transport Layer TCP s three-way handshake TCP s connection termination sequence TCP s TIME_WAIT state TCP and UDP buffering by the socket layer 2 Introduction UDP is a simple, unreliable datagram
More informationNetwork Security Protocols and Defensive Mechanisms
CS 155 Spring 2016 Network Security Protocols and Defensive Mechanisms John Mitchell Acknowledgments: Lecture slides are from the Computer Security course thought by Dan Boneh and John Mitchell at Stanford
More informationCNT Computer and Network Security: BGP Security
CNT 5410 - Computer and Network Security: BGP Security Professor Kevin Butler Fall 2015 Internet inter-as routing: BGP BGP (Border Gateway Protocol): the de facto standard BGP provides each AS a means
More informationARP, IP, TCP, UDP. CS 166: Introduction to Computer Systems Security 4/7/18 ARP, IP, TCP, UDP 1
ARP, IP, TCP, UDP CS 166: Introduction to Computer Systems Security 4/7/18 ARP, IP, TCP, UDP 1 IP and MAC Addresses Devices on a local area network have IP addresses (network layer) MAC addresses (data
More informationLecture 4 The Network Layer. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 4 The Network Layer Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it Network layer functions Transport packet from sending to receiving hosts Network layer protocols in every
More informationNetwork Security. Thierry Sans
Network Security Thierry Sans HTTP SMTP DNS BGP The Protocol Stack Application TCP UDP Transport IPv4 IPv6 ICMP Network ARP Link Ethernet WiFi The attacker is capable of confidentiality integrity availability
More informationCSE/EE 461 The Network Layer. Application Presentation Session Transport Network Data Link Physical
CSE/EE 461 The Network Layer Application Presentation Session Transport Network Data Link Physical This Lecture Focus: What to do when one wire isn t big enough? Point to point link Broadcast link (Ethernet
More informationnetwork security cs642 computer security adam everspaugh
network security cs642 computer security adam everspaugh ace@cs.wisc.edu today Reminder: HW3 due in one week: April 18, 2016 CIDR addressing Border Gateway Protocol Network reconnaissance via nmap Idle
More informationChapter 4: Network Layer
Mecanismes d Echange d Informations Chapter 4 Network Layer A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint
More informationUMSSIA LECTURE II: NETWORKS?
UMSSIA LECTURE II: NETWORKS? THE INTERNET ISP Backbone ISP The internet consists of end system networks connected to other networks by ISPs or Autonomous Systems (AS). ASes run routing protocols (BGP,
More informationHands-On Ethical Hacking and Network Defense
Hands-On Ethical Hacking and Network Defense Chapter 2 TCP/IP Concepts Review Last modified 1-11-17 Objectives Describe the TCP/IP protocol stack Explain the basic concepts of IP addressing Explain the
More informationComputer Science 461 Final Exam May 22, :30-3:30pm
NAME: Login name: Computer Science 461 Final Exam May 22, 2012 1:30-3:30pm This test has seven (7) questions, each worth ten points. Put your name on every page, and write out and sign the Honor Code pledge
More informationCPSC156a: The Internet Co-Evolution of Technology and Society. Lecture 4: September 16, 2003 Internet Layers and the Web
CPSC156a: The Internet Co-Evolution of Technology and Society Lecture 4: September 16, 2003 Internet Layers and the Web Layering in the IP Protocols HTTP (Web) Telnet Domain Name Service Simple Network
More informationNetwork Security. Evil ICMP, Careless TCP & Boring Security Analyses. Mohamed Sabt Univ Rennes, CNRS, IRISA Thursday, October 4th, 2018
Network Security Evil ICMP, Careless TCP & Boring Security Analyses Mohamed Sabt Univ Rennes, CNRS, IRISA Thursday, October 4th, 2018 Part I Internet Control Message Protocol (ICMP) Why ICMP No method
More informationInternetworking Part 2
CMPE 344 Computer Networks Spring 2012 Internetworking Part 2 Reading: Peterson and Davie, 3.2, 4.1 19/04/2012 1 Aim and Problems Aim: Build networks connecting millions of users around the globe spanning
More informationIP : Internet Protocol
1/20 IP : Internet Protocol Surasak Sanguanpong nguan@ku.ac.th http://www.cpe.ku.ac.th/~nguan Last updated: July 30, 1999 Agenda 2/20 IP functions IP header format Routing architecture IP layer 3/20 defines
More informationCIS 551 / TCOM 401 Computer and Network Security
CIS 551 / TCOM 401 Computer and Network Security Spring 2008 Lecture 12 2/28/08 CIS/TCOM 551 1 Announcements Reminder: Project 2 is due Friday, March 7th at 11:59 pm 2/28/08 CIS/TCOM 551 2 Internet Protocol
More informationBGP Security. Kevin s Attic for Security Research
Kevin s Attic for Security Research kevinkoo001@gmail.com Table 1. BGP Operation (1): Concept & Topology 2. BGP Operation (2): Message Exchange, Format and Path Decision Algorithm 3. Potential Attacks
More informationCSCI 1800 Cybersecurity and Interna4onal Rela4ons. Design and Opera-on of the Internet John E. Savage Brown University
CSCI 1800 Cybersecurity and Interna4onal Rela4ons Design and Opera-on of the Internet John E. Savage Brown University Outline Network security The link layer The network layer The transport layer Denial
More informationCSE 565 Computer Security Fall 2018
CSE 565 Computer Security Fall 2018 Lecture 18: Network Attacks Department of Computer Science and Engineering University at Buffalo 1 Lecture Overview Network attacks denial-of-service (DoS) attacks SYN
More informationIntroduction to Internet. Ass. Prof. J.Y. Tigli University of Nice Sophia Antipolis
Introduction to Internet Ass. Prof. J.Y. Tigli University of Nice Sophia Antipolis What about inter-networks communications? Between LANs? Ethernet?? Ethernet Example Similarities and Differences between
More informationIPv4 addressing, NAT. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley.
IPv4 addressing, NAT http://xkcd.com/195/ Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley Some materials copyright 1996-2012 J.F Kurose and K.W. Ross, All Rights
More informationTCP/IP Protocol Suite
TCP/IP Protocol Suite Computer Networks Lecture 5 http://goo.gl/pze5o8 TCP/IP Network protocols used in the Internet also used in today's intranets TCP layer 4 protocol Together with UDP IP - layer 3 protocol
More informationCSCI-GA Operating Systems. Networking. Hubertus Franke
CSCI-GA.2250-001 Operating Systems Networking Hubertus Franke frankeh@cs.nyu.edu Source: Ganesh Sittampalam NYU TCP/IP protocol family IP : Internet Protocol UDP : User Datagram Protocol RTP, traceroute
More informationCSE/EE 461 Lecture 13 Connections and Fragmentation. TCP Connection Management
CSE/EE 461 Lecture 13 Connections and Fragmentation Tom Anderson tom@cs.washington.edu Peterson, Chapter 5.2 TCP Connection Management Setup assymetric 3-way handshake Transfer sliding window; data and
More informationLecture 5 The Network Layer part II. Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it
Lecture 5 The Network Layer part II Antonio Cianfrani DIET Department Networking Group netlab.uniroma1.it IP datagram format IP protocol version number header length (bytes) type of data max number remaining
More informationRouting on the Internet. Routing on the Internet. Hierarchical Routing. Computer Networks. Lecture 17: Inter-domain Routing and BGP
Routing on the Internet Computer Networks Lecture 17: Inter-domain Routing and BGP In the beginning there was the ARPANET: route using GGP (Gateway-to-Gateway Protocol), a distance vector routing protocol
More information20-CS Cyber Defense Overview Fall, Network Basics
20-CS-5155 6055 Cyber Defense Overview Fall, 2017 Network Basics Who Are The Attackers? Hackers: do it for fun or to alert a sysadmin Criminals: do it for monetary gain Malicious insiders: ignores perimeter
More informationLecture 4: Intradomain Routing. CS 598: Advanced Internetworking Matthew Caesar February 1, 2011
Lecture 4: Intradomain Routing CS 598: Advanced Internetworking Matthew Caesar February 1, 011 1 Robert. How can routers find paths? Robert s local DNS server 10.1.8.7 A 10.1.0.0/16 10.1.0.1 Routing Table
More informationLecture 10. Denial of Service Attacks (cont d) Thursday 24/12/2015
Lecture 10 Denial of Service Attacks (cont d) Thursday 24/12/2015 Agenda DoS Attacks (cont d) TCP DoS attacks DNS DoS attacks DoS via route hijacking DoS at higher layers Mobile Platform Security Models
More informationLecture 3. The Network Layer (cont d) Network Layer 1-1
Lecture 3 The Network Layer (cont d) Network Layer 1-1 Agenda The Network Layer (cont d) What is inside a router? Internet Protocol (IP) IPv4 fragmentation and addressing IP Address Classes and Subnets
More informationCSCD 433/533 Network Programming Fall Lecture 14 Global Address Space Autonomous Systems, BGP Protocol Routing
CSCD 433/533 Network Programming Fall 2012 Lecture 14 Global Address Space Autonomous Systems, BGP Protocol Routing 1 Topics Interdomain Routing BGP Interdomain Routing Benefits vs. Link State Routing
More informationNetworking: Network layer
control Networking: Network layer Comp Sci 3600 Security Outline control 1 2 control 3 4 5 Network layer control Outline control 1 2 control 3 4 5 Network layer purpose: control Role of the network layer
More informationIPv4. Christian Grothoff.
IPv4 christian@grothoff.org http://grothoff.org/christian/ Sites need to be able to interact in one single, universal space. Tim Berners-Lee 1 The Network Layer Transports datagrams from sending to receiving
More informationLecture 8. Network Layer (cont d) Network Layer 1-1
Lecture 8 Network Layer (cont d) Network Layer 1-1 Agenda The Network Layer (cont d) What is inside a router Internet Protocol (IP) IPv4 fragmentation and addressing IP Address Classes and Subnets Network
More informationProf. Shervin Shirmohammadi SITE, University of Ottawa. Internet Protocol (IP) Lecture 2: Prof. Shervin Shirmohammadi CEG
Lecture 2: Internet Protocol (IP) Prof. Shervin Shirmohammadi SITE, University of Ottawa Prof. Shervin Shirmohammadi CEG 4185 2-1 Network Layer Provides the upper layers with independence from the data
More informationAnnouncements. No book chapter for this topic! Slides are posted online as usual Homework: Will be posted online Due 12/6
Announcements No book chapter for this topic! Slides are posted online as usual Homework: Will be posted online Due 12/6 Copyright c 2002 2017 UMaine Computer Science Department 1 / 33 1 COS 140: Foundations
More informationQUIZ: Longest Matching Prefix
QUIZ: Longest Matching Prefix A router has the following routing table: 10.50.42.0 /24 Send out on interface Z 10.50.20.0 /24 Send out on interface A 10.50.24.0 /22 Send out on interface B 10.50.20.0 /22
More informationIntroduction to Network. Topics
Introduction to Network Security Chapter 7 Transport Layer Protocols 1 TCP Layer Topics Responsible for reliable end-to-end transfer of application data. TCP vulnerabilities UDP UDP vulnerabilities DNS
More informationECE4110 Internetwork Programming. Introduction and Overview
ECE4110 Internetwork Programming Introduction and Overview 1 EXAMPLE GENERAL NETWORK ALGORITHM Listen to wire Are signals detected Detect a preamble Yes Read Destination Address No data carrying or noise?
More information6.033 Computer System Engineering
MIT OpenCourseWare http://ocw.mit.edu 6.033 Computer System Engineering Spring 2009 For information about citing these materials or our Terms of Use, visit: http://ocw.mit.edu/terms. L11: Link and Network
More informationInternet Architecture and Experimentation
Internet Architecture and Experimentation Today l Internet architecture l Principles l Experimentation A packet switched network Modern comm. networks are packet switched Data broken into packets, packet
More informationThe Network Layer. Internet solutions. Nixu Oy PL 21. (Mäkelänkatu 91) Helsinki, Finland. tel fax.
The Network Layer Nixu Oy PL 21 (Mäkelänkatu 91) 00601 Helsinki, Finland tel. +358 9 478 1011 fax. +358 9 478 1030 info@nixu.fi http://www.nixu.fi OVERVIEW The Internet Protocol IP addresses, address resolution
More informationCSCD 433/533 Advanced Networks
CSCD 433/533 Advanced Networks Lecture 2 Network Review Winter 2017 Reading: Chapter 1 1 Topics Network Topics Some Review from CSCD330 Applications Common Services Architecture OSI Model AS and Routing
More informationcs144 Midterm Review Fall 2010
cs144 Midterm Review Fall 2010 Administrivia Lab 3 in flight. Due: Thursday, Oct 28 Midterm is this Thursday, Oct 21 (during class) Remember Grading Policy: - Exam grade = max (final, (final + midterm)/2)
More informationCIS 551 / TCOM 401 Computer and Network Security. Spring 2007 Lecture 8
CIS 551 / TCOM 401 Computer and Network Security Spring 2007 Lecture 8 Announcements Reminder: Project 1 is due on tonight by midnight. Midterm 1 will be held next Thursday, Feb. 8th. Example midterms
More informationLecture 19: Network Layer Routing in the Internet
Lecture 19: Network Layer Routing in the Internet COMP 332, Spring 2018 Victoria Manfredi Acknowledgements: materials adapted from Computer Networking: A Top Down Approach 7 th edition: 1996-2016, J.F
More informationInternet. Organization Addresses TCP/IP Protocol stack Forwarding. 1. Use of a globally unique address space based on Internet Addresses
Internet Organization Addresses TCP/IP Protocol stack Forwarding Jörg Liebeherr, 1998-2003 1 What defines the Internet? 1. Use of a globally unique address space based on Internet Addresses 2. Support
More informationIP Addressing & Interdomain Routing. Next Topic
IP Addressing & Interdomain Routing Next Topic IP Addressing Hierarchy (prefixes, class A, B, C, subnets) Interdomain routing Application Presentation Session Transport Network Data Link Physical Scalability
More informationOutline. What is TCP protocol? How the TCP Protocol Works SYN Flooding Attack TCP Reset Attack TCP Session Hijacking Attack
Attacks on TCP Outline What is TCP protocol? How the TCP Protocol Works SYN Flooding Attack TCP Reset Attack TCP Session Hijacking Attack TCP Protocol Transmission Control Protocol (TCP) is a core protocol
More informationRouting and router security in an operator environment
DD2495 p4 2011 Routing and router security in an operator environment Olof Hagsand KTH CSC 1 Router lab objectives A network operator (eg ISP) needs to secure itself, its customers and its neighbors from
More informationCS61C Machine Structures Lecture 37 Networks. No Machine is an Island!
CS61C Machine Structures Lecture 37 Networks April 24, 2006 John Wawrzynek Page 1 No Machine is an Island! Computer Processor (active) Control ( brain ) Datapath ( brawn ) Memory (passive) (where programs,
More informationDesign and development of the reactive BGP peering in softwaredefined routing exchanges
Design and development of the reactive BGP peering in softwaredefined routing exchanges LECTURER: HAO-PING LIU ADVISOR: CHU-SING YANG (Email: alen6516@gmail.com) 1 Introduction Traditional network devices
More informationTopics for This Week
Topics for This Week Routing Protocols in the Internet OSPF, BGP More on IP Fragmentation and Reassembly ICMP Readings Sections 5.6.4-5.6.5 1 Hierarchical Routing aggregate routers into regions, autonomous
More informationAdministrivia CSC458 Lecture 4 Bridging LANs and IP. Last Time. This Time -- Switching (a.k.a. Bridging)
Administrivia CSC458 Lecture 4 Bridging LANs and IP Homework: # 1 due today # 2 out today and due in two weeks Readings: Chapters 3 and 4 Project: # 2 due next week Tutorial today: Joe Lim on project 2
More informationReview of Internet Architecture and Protocols
Review of Internet Architecture and Protocols Professor Guevara Noubir Northeastern University noubir@ccs.neu.edu Lecture Reference Textbook: (source of some diagrams) Computer Networks: A Systems Approach,
More informationChapter 12 Network Protocols
Chapter 12 Network Protocols 1 Outline Protocol: Set of defined rules to allow communication between entities Open Systems Interconnection (OSI) Transmission Control Protocol/Internetworking Protocol (TCP/IP)
More informationChapter 09 Network Protocols
Chapter 09 Network Protocols Copyright 2011, Dr. Dharma P. Agrawal and Dr. Qing-An Zeng. All rights reserved. 1 Outline Protocol: Set of defined rules to allow communication between entities Open Systems
More informationPosition of IP and other network-layer protocols in TCP/IP protocol suite
Position of IP and other network-layer protocols in TCP/IP protocol suite IPv4 is an unreliable datagram protocol a best-effort delivery service. The term best-effort means that IPv4 packets can be corrupted,
More informationYour favorite blog :www.vijay-jotani.weebly.com (popularly known as VIJAY JOTANI S BLOG..now in facebook.join ON FB VIJAY
VISIT: Course Code : MCS-042 Course Title : Data Communication and Computer Network Assignment Number : MCA (4)/042/Assign/2014-15 Maximum Marks : 100 Weightage : 25% Last Dates for Submission : 15 th
More informationCSE 127: Computer Security Network Security. Kirill Levchenko
CSE 127: Computer Security Network Security Kirill Levchenko November 28, 2017 Network Security Original TCP/IP design: Trusted network and hosts Hosts and networks administered by mutually trusted parties
More informationCSC 401 Data and Computer Communications Networks
CSC 401 Data and Computer Communications Networks Network Layer IPv4, Format and Addressing,, IPv6 Prof. Lina Battestilli Fall 2017 Chapter 4 Outline Network Layer: Data Plane 4.1 Overview of Network layer
More informationCSEP 561 Internetworking. David Wetherall
CSEP 561 Internetworking David Wetherall djw@cs.washington.edu Internetworking t Focus: Joining multiple, different networks into one larger network Forwarding models Application Heterogeneity Transport
More informationIntroduction to computer networking
edge core Introduction to computer networking Comp Sci 3600 Security Outline edge core 1 2 edge 3 core 4 5 6 The edge core Outline edge core 1 2 edge 3 core 4 5 6 edge core Billions of connected computing
More informationNetwork layer Network Layer 4-1
Network layer 1 Network layer transport segment from sending to receiving host on sending side puts segments into datagrams on rcving side, delivers segments to transport layer network layer protocols
More informationNo book chapter for this topic! Slides are posted online as usual Homework: Will be posted online Due 12/6
Announcements No book chapter for this topic! Slides are posted online as usual Homework: Will be posted online Due 12/6 Copyright c 2002 2017 UMaine School of Computing and Information S 1 / 33 COS 140:
More informationECE 158A: Lecture 7. Fall 2015
ECE 158A: Lecture 7 Fall 2015 Outline We have discussed IP shortest path routing Now we have a closer look at the IP addressing mechanism We are still at the networking layer, we will examine: IP Headers
More informationRouting Protocols --- Exterior Gateway Protocol
Content Routing Protocols --- Exterior Gateway Protocol Linda Wu (CMPT 471 23-3) Limiting router interaction Autonomous system BGP protocol BGP messages Other issues on BGP Reference: chapter 15 Notes-13
More information