* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Ethics, Privacy and Computer Forensics
Survey
Document related concepts
Wake-on-LAN wikipedia , lookup
Wireless security wikipedia , lookup
Computer network wikipedia , lookup
Network tap wikipedia , lookup
Asynchronous Transfer Mode wikipedia , lookup
List of wireless community networks by region wikipedia , lookup
Deep packet inspection wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Airborne Networking wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Internet protocol suite wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Transcript
Ethics, Privacy and Computer Forensics Chap 14 Network Basics For Digital Investigation Overview of Networks Imagine a long long cord …. These are networks Computer connected to a network is called host NIC – network interface card is the primary interface with a network Use hubs, routers, etc. to connect networks of computers Computers connected to the global internet use a protocol called TCP/IP Enable communication of dissimilar networks Common language of network talk An IP address is the address of a host on the network just like a phone number Overview of Networks Routers are highly susceptible to attacks because they are critical to communication Firewalls are security devices that block service and traffic destined to a certain port Network services include Telnet and FTP Hosts have logs that details network transactions and their data and time Network Technology Attached Resource Computer Network (ARCNET) Earliest network technology Developed by Datapoint Corp in 1970’s Used active and passive hubs in the topology Based on token scheme (proprietary) Speeds from 2.5 Mbps (copper) to 20 Mbps (fiber) Ethernet Most popular and accepted technology for networking Each computer has a NIC and it is connected to a central hub, switch or router Variable speeds Uses Carrier Sense Multiple Access with Collision Detection (CSMA/CD) Like people at a dinner party, when two start talking at the same time, both stop talking and then only one starts talking again A typical ARCNET configuration. Network Technology Fiber Distributed data Interface (FDDI) Encoding pulses of light Expensive but fast Data travel in only one direction Developed in mid-1980’s High Speed backbone connection between distributed LANs Dual Counter Rotating Rings: one primary, one secondary Attach up to 1000 workstations in both directions Multiple messages/tokens rotate at the same time Token Passing Token circulates on a Ring Topology Sender acquires free token, attaches message and sends downstream Receiver copies message and acknowledges same in busy token Original sender responsible for taking the message off the ring and sending a free token downstream Deterministic performance Good for factories Can calculate maximum time to get to a unit An FDDI network with primary and secondary token rings. During normal conditions, only one of the rings is used and data travels in one direction. When a station or a cable segment fails, the traffic loops to form a closed ring, moving data in the opposite direction. Network Technology Asynchronous Transfer Mode (ATM) Uses fiber optics and special equipment called ATM switches Gigbts/sec communication rate Establishes a connection first ATM switch is connected to a large network Connection-oriented protocol (over virtual paths and/or channels) Backbone Technology; switch-based; fiber based Wireless WLAN – uses RF technology WAP – Wireless Access Point – connects to wired LAN; acts as a wireless hub WLAN Adapters – wireless NICs with antennas Wireless supports peer-to-peer without WAPs IEEE 802.11g Speeds of 1-54 Mbps Uses the 2.4GHz band Is backwards compatible with IEEE 802.11b Ratified in June of 2003 802.11 Wireless Security Issues Easy to “listen” for id and password Easy to mimic in order to gain access to the wired Network Earliest Protection was WEP – Wired Equivalent Privacy – which was easy to crack WPA Wi-Fi Protected Access Replacement for WEP WPA password initiates encryption Encryption key changes every packet Much harder to crack than WEP Does not work in Ad Hoc Mode Bluetooth A wireless standard; short range Used to connect network appliances, printers, … Low Power; max speed – 1Mbps over 30 foot area or less Operates in the 2.4GHz band and can interfere with 802.11b Connects devices point to point A WLAN with two access points. Wireless standards. Multiple access points with overlapping coverage. OSI Reference Model Provides useful way to describe and think about networking Breaks networking down into series of related tasks Each aspect is conceptualized as a layer Each task can be handled separately The OSI Communications Reference Model OSI – Open Systems Interconnection Committee of ISO Reference adopted in 1978 (took 6 yrs) Resulted in very little actual product (software) Is THE standard for describing networks; the linqua franca of networking world wide Understanding Layers Layering helps clarify process of networking Groups related tasks & requirements OSI model provides theoretical frame of reference Clarifies what networks are Explains how they work OSI Reference Model Structure Breaks networked communications into even layers: Application Presentation Session Transport Network Data Link Physical OSI Reference Model Structure Each layer responsible for different aspect of data exchange Each layer puts electronic envelope around data as it sends it down layers or removes it as it travels up layers for delivery Each layer of OSI model communicates and interacts with layers immediately above and below it OSI Reference Model Structure Interface boundaries separate layers Individual layer communicates only adjacent layers “Peer layers” describes logical or virtual communication between same layer on both sending and receiving computers Relationships Among OSI Layers OSI Reference Model Structure Date is broken into packets or PDUs as it moves down stack PDU stands for protocol data unit, packet data unit, or payload data unit PDU is self-contained data structure from one layer to another At sending end, each layer adds special formatting or addressing to PDU At receiving end, each layer reads packet and strips off information added by corresponding layer at sending end Application Layer Layer 7 is top layer of OSI reference model Provides general network access Includes set of interfaces for applications to access variety of networked services such as: File transfer E-mail message handling Database query processing May also include error recovery Presentation Layer Layer 6 handles data formatting and protocol conversion Converts outgoing data to generic networked format Does data encryption and decryption Handles character set issues and graphics commands May include data compression Includes redirector software that redirects service requests across network Session Layer Layer 5 opens and closes sessions Performs data and message exchanges Monitors session identification and security Performs logout name lookup and user login and Provides synchronization services on both ends Determines which side transmits data, when, and for how long Transmits keep-alive messages to keep connection open during periods of inactivity Transport Layer Layer 4 conveys data from sender to receiver Breaks long data payloads into chunks called segments Includes error checks Re-sequences chunks into original data on receipt Handles flow control Network Layer Layer 3 addresses messages for delivery Translates logical network address into physical MAC address Decides how to route transmissions Handles packet switching, data routing, and congestion control Through fragmentation or segmentation, breaks data segments from Layer 4 into smaller data packets Reassembles data packets on receiving end Data Link Layer Layer 2 creates data frames to send to Layer 1 On receiving side, takes raw data from Layer 1 and packages into data frames Data frame is basic unit for network traffic on the wire See next slide for contents of typical data frame Performs Cyclic Redundancy Check (CRC) to verify data integrity Detects errors and discards frames containing errors Data Frame Physical Layer Layer 1 converts bits into signals for outgoing messages and signals into bits for incoming messages Manages computer’s interface to medium Instructs driver software and network interface to send data across medium Sets timing and interpretation of signals across medium Translates and screens incoming data for delivery to receiving computer Actions of Each layer of OSI Reference Model OSI in Summary The Reference Model breaks the communication process into seven distinct and independent layers Each layer’s functionality is well defined as is its interface with surrounding layers and peer layers Lower layers service upper layers in sequence Network interconnection hardware operates at various layers of the OSI model.