View
11
Download
0
Category
Preview:
Citation preview
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
1
Introduction To Internetworking
Devices
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
2
Introduction
• Internetworking
Devices are essential
to connect
– LAN to LAN
– LAN to WAN
– LAN to
internetworking
devices
– LAN to Interconnect
Segments
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
3
Need of Internetworking
Devices
• To separate/connect one corporate division with
another.
• To connect two LANs with different protocols.
• To connect a LAN to the Internet.
• To split a LAN into segments to reduce traffic
congestion.
• To provide a security wall between two different types
of users.
• To connect WLAN to LAN
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
4
Internetworking Devices
• Some of the internetworking devices are: – Cables
– Repeaters
– Hubs
– Bridges
– Switches
– Routers
– Gateways
– VPN’s
– DMZ’z
– Honey Pots
– Wireless Devices
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
5
Transmission Medium and Physical
Layer
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
6
Types of Transmission Media
Transmission Media
Guided Media Unguided Media
Twisted
Pair Cable
Coaxial
Cable
Fiber- Optic
Cable Radio Microwave Satellite
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
7
Twisted-Pair Cable
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
8
Guided Media Types
– Shielded twisted-pair (STP)
– Unshielded twisted-pair (UTP)
– Coaxial cable
– Fiber-optic cable
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
9
Shielded twisted-pair
• Shield is added to the ordinary
twisted pair telephone wires:
– Functions as a ground
• Special kind of copper
telephone wiring – Used some business
installations
• Frequently installed with two
pairs
– Eg: Modem to connect
another line
• Comes with each pair uniquely
color-coded
• Least expensive cable
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
10
Unshielded twisted-pair (UTP)
• Not shielded and thus
interfere with near
cables
• Used in LANs to bit rates
of 100Mbps and with
maximum length of 100m
• Used to connect a
computer to a network
• Two types – Coaxial cable:
– Fiber-optic cable:
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
11
UTP Connector
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
12
Coaxial cable
• Has a grounded metal cover around the signal conductor.
• Interference among cables is reduced due to the covering around signal conductor.
• Allows higher data rate transfer.
• Typically they are used at bit rates of 100 Mbps for maximum lengths of 1 km.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
13
Categories of Coaxial Cables
RG-59 75 ohms Cable TV
RG-58 50 ohms Thin Ethernet
RG-11 50 ohms Thick Ethernet
Category Impedance Use
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
14
Fiber-optic cable
• Do not interfere with nearby cables.
• Give greater security.
• Allows extremely high bit rates over long distances.
• Provide more protection from electrical damage by external equipment and greater resistance to harsh environment.
• Safer in hazardous environment
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
15
Propagation Modes of Fiber Optics
Multimode Single mode
Step index Graded Index
Mode
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
16
Applications of Guided Media
• Used in telephone lines to provide voice
and data channels.
• Local area networks , such as 10 Base-T
and 100 Base-T
• Used in
– Cable TV networks
– Traditional Ethernet LANs
– TV companies.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
17
Unguided Media Types
• Radio
• Microwave
• Satellite
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
18
Radio Waves
• Ranging in frequencies between 3KHz and
1GHz
• Omni directional.
• Propagate in the sky mode , can travel
long distances
– AM Radio
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
19
Radio Transmission
Radio Tower Home
Earth
50 KM
Atmosphere
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
20
Microwave
• Travel in straight line
• Electromagnetic waves having frequency
between 1 and 300 GHz are called as
Micro waves.
• Micro waves are unidirectional.
• Microwave propagation is line of sight.
• Cannot penetrate walls.
• Band is relatively wide, almost 299 GHz
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
21
Microwave
Transmitter Repeater
Receiver
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
22
Satellite Transmission
• Object that revolves around a planet in a circular path
• Man made and have been launched into orbit to carry out specific functions
• Typically between 100 and 24,000 miles away
• Purposes including data communications, scientific applications and weather analysis
• Do not have the limitations of ground based wireless transmission, such as the curvature of the Earth.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
23
Satellite Applications
• Weather
• Government
• Air Traffic Control
• Earth Observation
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
Basic elements
24
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
25
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
26
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
OSI reference
27
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
28
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
29
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
30
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
31
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
32
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
33
Security Concerns
• Easily tapped physical transmission
medium
• If a customer enables file sharing on any
drives
– Neighbors could even download copies of
their data
• Lack of continuity of service
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
34
Countermeasures
• Bundling security features in the cable modem hardware
• Data Over Cable Service Interface Specification (DOCSIS) – Authentication and packet filtering
• Consider laying the cable in transparent medium – Thereby allowing ready identification of any interference
• Prevent physical access to them
• Ensure that network access points are disabled if equipment is removed
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
35
Reference
• http://homepages.uel.ac.uk/u0115449/myweb14/Inter
networking%20Devises.htm#Cables
• http://searchnetworking.techtarget.com/dictionary/de
finition/214235/shielded-twisted-pair.html
• http://www.psu.edu
• http://www.csi.ucd.ie/Staff/jmurphy/networks/csd8_
6-intntkdevs.pdf
• http://en.wikipedia.org/wiki/Computer_networking
• http://www.uni-
koblenz.de/~ros/Rechnerorganisation/internetworking.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
36
Reference
• http://www.comp.hkbu.edu.hk/~comp2650/lecture/no
tes/Chapter1.pdf
• http://en.wikipedia.org/wiki/Cable
• http://en.wikipedia.org/wiki/Twisted_pair#Unshielded
_twisted_pair_.28UTP.29
• http://fcit.usf.edu/network/chap4/chap4.htm#UTP
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
37
Repeaters
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
38
Repeater
• Receives and simultaneous transmits
signal
• Preserve signal integrity
• Two way contact
• Generally Located at a high place
• Correct pair of frequencies
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
39
Types of Repeaters
• FM Voice
• ATV – Amateur Television
• AM and SSB
• Digipeaters
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
40
Use of repeaters
• Influence the quality of communication
on the network
• Greater Range
– Greatly enhances the ability to communicate
with distance stations
• Two way contact
– Ex: Illustrated in the next Slide
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
41
Repeaters Amplifying Weak Signals
Repeater
Sending Workstation
500 Meters
Receiving Workstation
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
42
Access Point as Repeater
Access Point
AP3
Access Point
AP1
Access Point
AP2
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
43
Modes
• Simplex
– Vice-Versa of Duplex Mode
– Stations Operate in Half-Duplex Mode
• Duplex
– Transmit and receive signals simultaneously
– Example: Repeaters
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
44
Security Issues
• Security concerns:
– Privacy
• End-to-end encryption (e.g., IPSec) can be used
– Greedy/malicious repeaters
• Client monitors channel quits if performance
becomes worse after SoftRepeater is used
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
45
Advantages and Disadvantages
• Advantage – Transparency
• LANS can be connected without any knowledge from the hosts.
– Useful for serving multiple machines in an office from one Ethernet outlet.
• Disadvantage – Not scalable
• Ethernet standard allows only 4 repeaters.
• More than 4 would introduce delays that would break contention detection.
– No Heterogeneity
• Networks connected with repeaters must have identical electrical properties.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
46
Reference
• http://www.authorstream.com/Presentation/Edolf-35588-Chapter-02-CHAPTERTWO-Objectives-Repeaters-Hubs-Advantages-Disadvantages-Network-Segmentation-Bridges-Tr-as-Entertainment-ppt-powerpoint/
• http://homepages.uel.ac.uk/u0115449/myweb14/Internetworking%20Devises.htm#Cables
• http://searchnetworking.techtarget.com/dictionary/definition/214235/shielded-twisted-pair.html
• http://homepages.uel.ac.uk/u0115449/myweb14/Internetworking%20Devises.htm#Cables
• http://www.psu.edu
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
47
Hub
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
48
Hubs
• Layer 1 devices in the OSI model.
• Hubs do not read any of the data passing
through them
• Not aware of their source or destination.
• Essentially, a hub simply receives
incoming packets
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
49
Hubs( Contd)
• Interconnects two or more workstations
• Resends the data frame out all
connecting links.
• Managed or unmanaged.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
50
Hubs (Contd..)
• Used to tie several networking cables
together
• Creates a link between different stations
on a network
• Generally connected in star topology
– Ex: Illustrated in next slide
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
51
Hubs Star Topology
Hub
Computer
Computer
Computer
Computer
Computer
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
52
Types
• Active Hubs
– Plugged into electric power
• Passive Hub
– Merely connects to different network cable
– No signal regeneration
• Intelligent
– Typically is stackable
– Includes remote management capabilities via SNMP and virtual LAN (VLAN) support.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
53
Advantages
– Cheap
– Shared Internet Access
– Scalability
– Network Monitoring
– Backward Compatibility
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
54
Disadvantages
– Broadcast all the information to every
node connected
– Slow speed of over network
– More prone to collisions and less
reliable
– Create loops
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
55
Security Concerns
• Total computers on the network gets
infected
– Remove it from the network
– Necessary Policies
– Use Network based IDS
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
56
Reference
• http://compnetworking.about.com/od/hardwarenetworkgear/l/aa012801a.htm
• http://ist.psu.edu/faculty_pages/giles/IST220/vghs/Ch8.ppt
• http://ist.psu.edu/faculty_pages/giles/IST220/vghs/Ch8.ppt
• http://www.storrconsulting.com
• http://www.exforsys.com/tutorials/networking/star-topology.html
• http://fcit.usf.edu/Network/chap5/chap5.htm
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
57
Reference( Contd)
• http://compnetworking.about.com/od/hardwa
renetworkgear/l/aa012801a.htm
• http://answers.yahoo.com/question/index?qid
=20071122033700AA4h9YN
• http://www.ehow.com/facts_4795873_advanta
ges-disadvantages-ethernet-hubs-switches.html
• http://www.it.northwestern.edu/policies/conc
erns.html
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
58
Bridges
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
59
Bridges
• Operate at the Data Link layer of the OSI
model
• Connect two similar LANs,
– CSMA/CD LAN and a
– Token ring LAN.
• Protocol-independent
• Examines the destination MAC address
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
60
Undetected Collision
A B C
A and B might transmit short frames at the same time. They could be done
transmitting before they received the other’s frame. The transmitters do not
detect a collision, but nodes in the middle cannot receive the frame.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
61
Undetected Collision
A B
A has started to transmit a frame. The first bit of the frame has almost
reached node B.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
62
Undetected Collision
A B
B starts to transmit a frame and immediately notices a collision. A
does not know of the collision yet.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
63
Undetected Collision
A B
A must still be transmitting when the first bits of B’s aborted
transmission reaches it.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
64
A bridge interconnecting two
dissimilar LANs
Hub
CSMA/CD LAN
Bridge
CSMA/CD Frame
Token Ring Frame
Token Ring LAN
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
65
Bridge interconnecting two identical
LANs
LAN 1 LAN 2
Server
workstation Printer
Server
workstations
CSMA/CD CSMA/CD
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
66
Types
• Transparent Bridges
• Source-Routing Bridges and
• Translation Bridges
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
67
Transparent Bridges
• Observes all traffic and builds routing tables
• Two connections – Ports
– Routing table
• Found with CSMA/CD LANs – Ethernet Network
• Also called as learning bridges
• Convert one frame format to another
• Bridges that execute the spanning tree algorithm are called transparent bridges
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
68
Transparent Bridges
Bridges
Segment A
Segment B
Computer 1
Computer 2 Computer 3
Computer 4 Computer 5 Computer 6
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
69
What is Learning Bridge
• A host can be moved to another network.
• New hosts can be added at any time.
• Requires no setup information from
humans.
• One major flaw:
• Ex: Illustrated in the next slide
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
70
Problem for the transparent Bridges
Bridge A Bridge B
Host A
Host B
Network 1
Network 2
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
71
Possible Solutions
• Tell customers to avoid topologies that
include loops
• Design bridges that shorten the network
topology into something with no loops
• Spanning-Tree Algorithm
– Preserve the benefits of loops
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
72
Types of Transparent Bridge
Modes
• Store-and-Forward
– Stores the entire frame and verifies the CRC before forwarding the frame.
– If a CRC error is detected, the frame is discarded.
• Cut-Through
– Forwards the frame just after it reads the destination MAC address without performing a CRC check.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
73
Source-routing Bridges
• Do not learn from watching tables
• Rely on the source of the frame transmission
– If not workstation sends discovery frame
• Employed by Token Ring networks
• IEEE 802.5 standard
• Consists of Routing information indicator
– When this is set to '1' the frame needs to be route
according to the Route Information Field.
– If the RII is '0' the frame stays on the same LAN.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
74
Route Discovery Frame
• Technique used to find the best path between stations
– By the Transmission of broadcast discovery frames(BDF) between the source and destination stations
• Two types
– Single Route Broadcast (SRB)
– All Routes Broadcast (ARB)
• Specifically Routed Frame (SRF)
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
75
Translation or Remote Bridges
• Connect networks with different
architectures
• Takes the frame before it leaves the first
LAN
– Encapsulates the WAN headers and trailers.
• Differentiate LAN and WAN speeds
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
76
Advantages and Disadvantages
• Advantages
– Extend a network by acting as a repeater
Bridges can reduce network traffic
– Increase the available bandwidth
– No network collision
– Connect networks using different media
types and architectures
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
77
Disadvantage
• Disadvantage
– Slower than repeaters
• Bcoz more by viewing the MAC address
– More processing time
– Do not filter broadcast traffic
– More expensive than repeaters
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
78
Reference
• http://faculty.unlv.edu/jchang/Chapter7.ppt
• http://cswilliams.ncat.edu/Networks/Interconnecting.
• http://home.iitk.ac.in/~navi/sidbinetworkcourse/lectu
re6.ppt
• http://cswilliams.ncat.edu/Networks/Interconnecting.
• http://nptel.iitm.ac.in/courses/Webcourse-
contents/IIT%20Kharagpur/Computer%20networks/pdf/
M6L1.pdf
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
79
Reference
• http://cswilliams.ncat.edu/Networks/Interconnecting.
• http://www.freepatentsonline.com/4573045.html
• http://cswilliams.ncat.edu/Networks/Interconnecting.
• http://www.hill2dot0.com/wiki/index.php?title=CSMA/
CD
• http://www.freepatentsonline.com/5020020.html
• http://nptel.iitm.ac.in/courses/Webcourse-
contents/IIT%20Kharagpur/Computer%20networks/pdf/
M6L1.pdf
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
80
Reference
• http://www.freepatentsonline.com/5570365.html
• http://faculty.unlv.edu/jchang/Chapter7.ppt
• http://www.comm.utoronto.ca/~jorg/teaching/ece461
/slides/module16-lanswitchingV3.ppt
• http://www.comm.utoronto.ca/~jorg/teaching/ece461
/slides/module16-lanswitchingV3.ppt
• http://www.cisco.com/en/US/docs/internetworking/t
echnology/handbook/Transparent-Bridging.pdf
• http://www.cisco.com/en/US/docs/internetworking/t
echnology/handbook/Transparent-Bridging.pdf
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
81
Reference
• http://www.webopedia.com/TERM/T/transparent_bridge.html
• http://publiespe.espe.edu.ec/articulos/sistemas/switch/switch.htm
• http://ckp.made-it.com/bridges.html#SRB
• http://www.rhyshaden.com/tokenr.htm#Source
• http://ckp.made-it.com/bridges.html#SRB
• http://www.linktionary.com/s/source_routing.html
• http://www.cisco.com/en/US/docs/internetworking/technology/handbook/Source-Route-Bridging.pdf
• http://www.cisco.com/en/US/docs/internetworking/technology/handbook/Bridging-Basics.html
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
82
Reference
• http://www.authorstream.com/Presentation/Edolf-35588-Chapter-02-CHAPTERTWO-Objectives-Repeaters-Hubs-Advantages-Disadvantages-Network-Segmentation-Bridges-Tr-as-Entertainment-ppt-powerpoint
• http://en.wikipedia.org/wiki/Bridging_%28networking%29#Advantages_of_network_bridges
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
83
Switch
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
84
Switch
• Increase network performance
– By reducing the number of packets
transmitted to the rest of the network Like
bridges
• Operate at the Data Link layer of the OSI
model
• In an Ethernet network, computers are
usually connected directly to a switch
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
85
Switches
• It is An Intelligent device works at Data link layer device
• It works with Physical addresses (i.e. MAC addresses) and Maintains a MAC Address table.
• It works with Flooding and Unicast
• It has 1 Broadcast domain and Number of Collision domains depends upon the number of ports.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
86
Types of Switches
• Manageable switches
– IP address can be assigned and configurations
can be made.
– It has a console port .
• Unmanageable switches
– Configurations cannot be made, an IP address
cannot be assigned
– No console port
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
87
Advantages of Switches
• Increase available network bandwidth
– Reduced workload on individual computers
• Increase network performance
– Fewer frame collisions
• Unlimited number of ports and connect
directly to workstations
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
88
Disadvantage
• More expensive than bridges
• Network connectivity problems can be
difficult to trace
• Switch Broadcast traffic may be
troublesome
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
89
Reference
• http://www.authorstream.com/Presentation/Edolf-
35588-Chapter-02-CHAPTERTWO-Objectives-Repeaters-
Hubs-Advantages-Disadvantages-Network-
Segmentation-Bridges-Tr-as-Entertainment-ppt-
powerpoint
• http://faculty.unlv.edu/jchang/Chapter7.ppt
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
90
Routers
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
91
Routers
• Layer 3 device
• Logical addressing (IP Address)
• Connecting different network segments
• Best path selection
• Shares details with other routers
• Works in LAN, WAN environments
• Create collision domain
• Not pass broadcast traffic
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
92
What is Router
• A device in the network that processes and routes data between two points
• A device that routes data between networks using IP addressing
• A layer 3 device
• Hardware or software used to connect two or more networks
Internet
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
93
Advantages of Routers
• Connect different network architectures
• Uses dynamic routing techniques
– For best path or route
• Reduces network traffic
– Do not retransmit network broadcast traffic
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
94
Disadvantage
• Work only with routable network
protocols
• More expensive than bridges or repeaters
• Dynamic router communication causes
additional network overhead
• Slower than bridges or switches
– Analyze a data transmission from the
Physical through the Network layer
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
95
Reference
• http://www.networkmagazineindia.com/200105/basics
1.htm
• http://ckp.made-it.com/routers.html
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
96
Gateway Devices
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
97
Introduction
• Aim is to:
– Share an Internet connection over a LAN
– Protect the LAN from the Internet
• Also hope to:
– Require only minimal maintenance
– Provide a remote administration capability
– Provide automatic configuration for LAN
– Not interfere with Internet operation
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
98
Gateways
• Combination of hardware and software
• Translate between different protocols on
a network Latency Delay
• Internetworking system capable of joining
together two networks
• Operate at any level of the OSI model
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
99
Why gateway
• To run services, such as:
– a domain name service for local machines,
– a shared web proxy,
– a personal or business web server,
– a mail server to centralize access to your mail,
– a file server for backup or extra storage
– Web filtering
– URL filtering
– Firewall
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
100
Gateway web filtering
• Program that can screen an incoming Web page – To determine whether some or all of it should not be
displayed to the user
• The filter checks the origin or content of a Web page against a set of rules – Provided by company or person who has installed the
Web filter
• Block out pages from Web sites that are likely to include – objectionable advertising, pornographic content,
spyware, viruses, and other objectionable content.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
101
Contd..
• Secure networks from Web-based threats
• Provide reporting so that the installer can
see what kind of traffic is being filtered
and who has requested it
• Often installed as part of a proxy server
and firewall
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
102
Firewall
• Firewalls define rules for
inbound/outbound network traffic
• Integration provides centralized policy
management
• Isolates organization’s internal net from
larger Internet,
– Allowing some packets to pass, blocking
others
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
103
Firewalls: Why
• Prevent denial of service attacks: – SYN flooding: attacker establishes many bogus TCP
connections, no resources left for “real” connections.
• Prevent illegal modification/access of internal data. – e.g., attacker replaces CIA’s homepage with
something else
• Allow only authorized access to inside network
• Preventing visits to bad outside resources from internal network.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
104
Firewalls Types
• Software or a hardware offers various
services
– Packet filtering
– Proxy service
– Port filtering
• Two types
– Hardware
– Software
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
105
Hardware Firewall
• Examples includes: – PIX
– ASA
• Services offered by hardware firewall – URL filtering
– Packet filtering
– NATTING
– IPSec
– Proxy service
– VPN
• Cost high
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
106
Software Firewall
• Placed both inside and outside network
• Cost is low as compared hardware firewall
• Placing a software firewall inside the network optional but it’s mandatory to have firewall outside the network
• Offer all the services but few exceptions
• Not protect a network from: – Malwares
• Viruses
• Worms
• Trojan
– Internal threats
• Caused by disgruntled employees
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
107
URL Filtering
• Block access to non-desirable web sites to
reduce
– Security, legal and regulatory risks.
• Reduce malware incidents by prohibiting
access:
– Malware and phishing download sites.
• Adapt web filtering control efforts
– Allow list, deny list and database customization.
• Facilitate SSL decryption policies
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
108
Content Filtering
• Technique whereby content is blocked
– Based on analysis of its content
– Rather than its source or other criteria
• Widely used on the internet to filter
– email and
– Web access
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
109
Content filtering of email
• Methods to filter spam
• Act either
– on the content, information contained in the mail
body like subject etc » And classify, accept or reject a message
• Popular filter is the Bayesian filter
• Anti-virus methods can be classified as content
filters too
– Scan simplified versions of either the binary
attachments of mail
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
110
Content filtering methods
• Attachment - The blocking of certain types of file (e.g. executable programs).
• Bayesian – a method to detect spam
• Char-set – Examples of characters include letters, numerical digits, and
common punctuation marks
• Content-encoding
• Heuristic - Filtering based on heuristic scoring of the content based on multiple criteria.
• HTML anomalies
• Language
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
111
Contd..
• Mail header
• Mailing List
• Phrases
• Proximity
• Regular Expression
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
112
Reference
• http://www.networktutorials.info/gateway.html
• http://compnetworking.about.com/od/networkdesign/g/network-gateway.htm
• http://en.wikipedia.org/wiki/Microsoft_DNS
• http://wapedia.mobi/en/Proxy_server
• http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci863125,00.html
• http://www.untangle.com/web-filter
• http://www.paloaltonetworks.com/literature/datasheets/URL_Filtering_ds.pdf
• http://en.wikipedia.org/wiki/Content_filtering
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
113
Reference
• http://personal-firewall-software-
review.toptenreviews.com
• http://www.webopedia.com
• http://www.cisco.com
• http://searchsecurity.techtarget.com/sDefinition/0,,si
d14_gci1093128,00.html
• http://products.datamation.com/
• http://articles.techrepublic.com.com
• http://www.microsoft.com
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
114
Reference
• http://www.itmatrix.com/Solutions/WhyFirewall.aspx
• http://searchsecurity.techtarget.com/sDefinition/0,,si
d14_gci212125,00.html
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
115
VPN Devices
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
116
VPN Devices
• VPN devices provide end-to-end secure and authenticated traffic
• Occurs across shared infrastructure:
– local area network (LAN), WAN connections, or the Internet
• Categorized into three basic configuration types:
– host-to-host, host-to-gateway, and gateway-to-gateway.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
117
Basic VPN Methodology
• Application – Pretty Good Privacy (PGP)
– Secure Shell (SSH)
• Transport – Secure Sockets Layer (SSL)
• Network – IPSec not only encrypt the payload of the packet,
but they also encrypt the TCP/IP information
• Data link – Point-to-Point Protocol (PPP), which allows the
encryption of packets
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
118
VPN Security
• IPSec
• PPTP
• L2TP
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
119
VPN Solution Components
Internet ISP
DNS
Server
Server
Web
Server
www.cdac.in VPN Server
Demilitarized
Zone
Mobile
Worker
Administrator
Mobile
Worker
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
120
Advantages and Disadvantages of
VPNs
• Remote network access
• Many levels of security to a shared
network medium,
– Including improved confidentiality, integrity,
and authentication
• Offer a secure and more cost-effective
solution
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
121
Disadvantages of VPN
• Use of encryption brings about an
additional processing burden
• Most likely additional equipment that
must be purchased
• Fitting a VPN into an existing location can
also be a challenge in some environments
– Due to the additional packet overhead
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
122
Reference
• http://compnetworking.about.com/od/vpn/a/vpn_tuto
rial.htm
• Inside Network Perimeter Security – By Stephen Northcutt, Lenny Zeltser, Scott Winters, Karen Kent,
Ronald W. Ritchey
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
123
DMZ
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
124
DMZ
• Short for Demilitarized Zone
• DMZ is a field where set all the private
service to public.
• For security concern, firewall products
provide LAN Interface and DMZ Internet
for Intranet.
• The field of DMZ is for public user can
share resource with Intranet.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
125
DMZ
Internet
Internal network
Firewall
Server
Web
Server webmail.cdac.i
n
DMZ
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
126
Honeypots
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
127
Honeypots
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
128
Introduction
• It is a highly flexible computer system on
the Internet
• It is expressly set up to attract and trap
people who attempts to penetrate other
people computer
• They are used for misdirection,
prevention, detection and information
gathering
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
129
Honeypot
• Trap set to detect, deflect, or counteract attempts at unauthorized use of information systems
• Consists of a computer, data, or a network site that appears to be part of a network, but is actually remote, unprotected, and monitored – And which seems to contain information or a resource of value
to attackers.
• Valuable surveillance and early-warning tool
• Not see any legitimate traffic – No production
• Whatever they capture can then be surmised as malicious or unauthorized
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
130
Honeypot (Contd)
• Can carry risks to a network, and must be
handled with care
• Victim hosts are an active network
counter-intrusion tool
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
131
Purpose
• Distract attackers from the valuable
resources of network
• Provide early warning about new attacks
and intrusion attempts
• Used to know the attackers techniques
and methods
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
132
Types
• Production Honeypots
• Research Honeypots
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
133
Production Honeypots
– Easy to use, capture only limited information, and
are used primarily by companies
– Placed inside the production network with other
production servers by organization to improve their
overall state of security
– Easier to deploy
– Give less information about the attacks or attackers
than research honeypots
– Purpose of a production honeypot is to help mitigate
risk in an organization
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
134
Research Honeypots
• Run by a volunteer, non-profit research organization or an educational institution – To gather information about the motives and tactics of the
Blackhat community targeting different networks
• Do not add direct value to a specific organization – Research the threats organizations face, and
– to learn how to better protect against those threats
• Complex to deploy and maintain
• Capture extensive information, and are used primarily by – research, military, or government organizations.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
135
Reference
• http://en.wikipedia.org/wiki/Honeypot_%28computing
%29
• http://www.honeypots.net/
• http://www.tracking-
hackers.com/papers/honeypots.html
• http://www.infinitel00p.com/library/honeypot.pdf
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
136
Wireless Devices
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
137
Wireless Devices
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
138
What is Wireless?
• Physically
– Communication without wires
• Technically
– Transmission of signals through Electro
magnetic waves.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
139
Why Deploy Wireless?
• Unlicensed bands.
• Cost savings over wire line.
• Cannot run wire to locations needed.
• To enable customers to bring their own
laptop, therefore
– reducing the cost of owning many PCs
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
140
Other Applications
• Bluetooth
– Short range(upto 10 mtrs),
– Low bandwidth communication.
– Works in 2.4 GHz band.
– Data rate up to 1 Mbps.
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
141
Modes of Operation
• Ad-hoc
• Infrastructure
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
142
Infrastructure Mode
• Requires a Basic Service Set (BSS), or a
Wireless Access Point
• Access point has to allow wireless
computers to the wired network
• Most corporate uses WLAN this mode as
they require access to wired network
• Services like Printers and File servers
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
143
Ad-hoc Mode
• Peer-to-Peer Wireless Networking
• Have multiple wireless clients connecting
to each other
• Also known as Independent Basic Service
Set (IBSS)
• Can communicate with other wireless
computers
Information Security Education and Awareness
Centre for Development of Advanced Computing
Hyderabad
144
Reference
• http://escarpment.net/
• Wireless Information Devices and the Mobile Internet Charles Davies Psion CTO
• http://www.authorstream.com/
• http://www.spamlaws.com/wc-networking.html
• http://compnetworking.about.com/cs/wirelessfaqs/f/adhocwireless.htm
• http://www.webopedia.com/TERM/A/ad_hoc_mode.html
• http://compnetworking.about.com/cs/wireless/f/infrawireless.htm
Recommended