Transmission Control Protocol
|
|
- Arabella Daniel
- 7 years ago
- Views:
Transcription
1 BCIS 4630 Fundamentals of IT Security Instructor: Dr. Andy Wu Transmission Control Protocol Excerpt from T. W. Ogletree, Upgrading and Repairing Networks (4/e) As we have discussed so far, the IP protocol is a protocol that can be used to make a best effort attempt to get a packet from one host to another, even when the hosts are on different networks. The Transmission Control Protocol uses IP but adds functionality that makes TCP a reliable, connectionoriented protocol. Whereas IP doesnʹt require any acknowledgment that a packet is ever received, TCP does. Whereas IP does no preliminary communication with the target system to set up any kind of session, TCP does. TCP builds on the functions that IP provides to create a session that can be used by applications for a reliable exchange of data. As stated earlier in this chapter, IP is similar to sending a letter in the mail. TCP can be compared to the ʺreturn receipt requestedʺ function which acknowledges that the letter was received by someone at the destination address. One interesting difference, however, is that TCP doesnʹt necessarily need an acknowledgment for each packet sent. Instead, it is possible for a single acknowledgment to be sent in response to more than one IP packet. TCP Provides a Reliable Connection-Oriented Session Whereas IP provides a checksum mechanism in its header to ensure that the IP header is not corrupted during transit, the TCP protocol provides checksums on the data that is transmitted. TCP also has mechanisms that regulate the flow of data to avoid problems associated with congestion. TCP also uses sequence numbers in the TCP header so that IP packets can be reassembled in the correct order on the receiving end of the communication. Examining TCP Header Information Each layer in the TCP/IP protocol stack adds information to the data it receives from a layer above it. This process is usually called encapsulation, and the added data is usually called a header. The header information is significant only to the layer that adds it, and it is added as a message is passed down the stack and stripped off at the destination as the packet is passed back up the protocol stack. Some layers also add data at the end of the packet. This is called a trailer. Earlier we looked at the makeup of the IP header. In Figure 25.6 you can see the layout of the TCP header. This header information is sometimes referred to as the TCP Protocol Data Unit. Remember that TCP is responsible for establishing a reliable connection oriented session between two applications across a network. TCP receives data (called messages) from layers above it in the protocol stack, adds its own header information, and then passes it to the IP layer, which then adds its own header information. The messages sent to TCP from applications up the stack are usually called a stream of data, because the amount of data can vary and is not limited to a set number of bytes. TCP takes these messages and, if they are too large to fit into a packet, breaks them into BCIS 4630 Fundamentals of IT Security TCP 1
2 smaller segments and sends each segment in a separate packet. The TCP layer at the receiving end reassembles these messages before passing them up to an application. Figure The TCP protocol header fields also can be used for filtering packets. Whereas most of the header information we looked at in the IP header was used for routing the packet through the Internet, the information in the TCP header is concerned with other issues, such as reliability of the connection and ordering of the messages being sent. The header fields for TCP include these: Source port This 16 bit field is used to identify the port being used by the application that is sending the data. Ports are discussed in more detail later in this chapter. Destination port This 16 bit field is used to identify the port to which the packet will be delivered on the receiving end of the connection. Sequence number This 32 bit field is used to identify where a segment fits in the larger message when a message is broken into fragments for transmission. Acknowledgment number This 32 bit field is used to indicate what the next sequence number should be. That is, this value is the next byte in the data stream that the receiver expects to receive from the sender. Data offset This 4 bit field is used to specify the number of 32 bit words that make up the header. This field is used to calculate the start of the data portion of the packet. Reserved These 6 bits were reserved for future use and, because they were never generally used, are supposed to be set to zeros. BCIS 4630 Fundamentals of IT Security TCP 2
3 URG flag When this bit is set to 1, the field titled Urgent Pointer will point to a section of the data portion of the packet that is flagged as ʺurgent.ʺ ACK flag This is the acknowledgment bit. If itʹs set to 1, the packet is an acknowledgment. If itʹs set to 0, the packet is not an acknowledgment. PSH flag If this bit is set to 1, it indicates a push function; otherwise, it is set to 0. RST flag If this bit is set to 1, it is a signal that the connection is to be reset; otherwise, it is set to 0. SYN flag If this bit is set to 1, it indicates that the sequence numbers are to be synchronized. If itʹs set to 0, the sequence numbers are not to be synchronized. FIN flag If this bit is set to 1, it specifies that the sender is finished sending information; otherwise, it is set to 0. Window This 16 bit field is used to specify how many blocks of data the receiving computer is able to accept at this time. Checksum This 16 bit field is a calculated value used to verify the integrity of both the header and the data portions of the packet. Urgent pointer If the URG flag is set, this 16 bit field points to the offset from the sequence number field into the data portion of the packet where the urgent data is stored. TCP does not use this field itself, but applications above TCP in the stack might do so. Options This field can be of variable length and is similar to the Options field in the IP header. One function this field is used for is to specify the maximum segment size. Because the Options field can vary, the header is padded with extra bits so that it will be a multiple of 32 bits. The amount of information stored in the TCP header makes it possible to use the protocol for complex communications. TCP can implement error checking, flow control, and other necessary mechanisms to ensure reliable delivery of data throughout the network. However, because of the complexity of this header, hackers can use many different methods to manipulate the TCP protocol when trying to gain access to your network or otherwise cause you problems. One interesting thing to note about the checksum field is that it is calculated based on three things: The TCP header fields The TCP data Pseudo header information BCIS 4630 Fundamentals of IT Security TCP 3
4 The pseudo header information consists of the source and destination IP addresses, one byte set to all zeros, an 8 bit protocol field, and a 16 bit field that contains the length of the TCP segment. The address and protocol fields are duplicated from the IP packet, and the length field is redundant because it also is contained in the TCP header. Because the algorithm used to calculate the checksum is based on 16 bit words, the TCP packet may be padded with a zero byte for calculation purposes only. If the checksum field contains a value of zero, this indicates that no checksum was calculated by the sender. If by some chance the value of the checksum results in a value of zero, the checksum field is set to all 1s (65,535 decimal). TCP Sessions Because TCP is a connection oriented protocol, the computers that want to communicate must first establish the conditions that will govern the session and set up the connection. TCP allows for twoway communication that is, itʹs a bidirectional, full duplex connection. Both sides can send and receive data at the same time. To set up a connection, each side must ʺopenʺ its side of the connection. On the server side this is called a passive open. The server application runs as a process on the server computer and listens for connection requests coming in for a certain port. For example, the Telnet server process typically listens for connections on port 23. By using both the IP address and a port number, the server process can uniquely identify each client that makes a connection request. Ports are discussed in more detail later in this chapter. When a client computer wants to establish a connection to a server, it goes through a process known as an active open. The server is already listening for connection requests (passive open), but the client must initiate the actual connection process by sending a request to the port number of the server application it wants to use. In Figure 25.7 (shown in the next section), the single bit field named SYN is the ʺsynchronizationʺ bit. You also can see in Figure 25.7 another field titled ACK, for the acknowledgment bit. These 2 bits are very important and are used during the process of setting up a TCP/IP session so that a reliable connection can be established between two computers on the network. Figure TCP uses a three-way handshake to establish a connection. SYN/ACK packet, ISN: BCIS 4630 Fundamentals of IT Security TCP 4
5 Setting Up a TCP Session A TCP/IP connection is made between two computers, using their addresses and, depending on the application using TCP, port numbers. The SYN and ACK bits in the TCP header are important components used to establish this initial connection. The steps involved in setting up a TCP/IP connection appear in Figure 25.7 and are listed here: The client sends a TCP segment to the server with which it wants to establish a connection. The TCP header SYN field (ʺsynchronizeʺ) is set indicating that it wants to synchronize sequence numbers so that further exchanges can be identified as belonging to this particular connection and so that the segments sent can be reassembled into the correct order and acknowledged. This first initial sequence number in the TCP header is set to an initial value chosen by the TCP software on the client computer. Additionally, the port number field in the TCP header is set to a value of the port on the server to which the client wants to connect. Port numbers can be thought of as representing the application to which the computer wants to connect. When the server receives this segment, it returns a segment to the client with the SYN field set. The serverʹs segment also contains an initial sequence number, which is chosen by its TCP software implementation. To show the client that it received the initial connection segment, the ACK bit is also set, and the acknowledgment field contains the clientʹs initial sequence number, incremented by 1. The client, upon receiving this acknowledgment from the server, sends another segment to the server, acknowledging the serverʹs initial sequence number. This is done in the same manner in which the server acknowledges the clientʹs initial sequence number. The acknowledgment field contains the serverʹs initial sequence number incremented by a value of 1. During this exchange, the 16 bit acknowledgment field is incremented by 1. You might wonder why the acknowledging computer doesnʹt just send back the same sequence number it received from the sending computer. It increments the sequence number that it received to indicate the next sequence number it expects to receive from the sending computer. Thus, during each exchange of TCP segments, each side is telling the other side what it is expecting to get from the other side during the next transmission. The sequence numbers are used to indicate the next byte in the data stream that the receiving end of the connection expects to receive. Thus, when the actual data exchange begins to take place, the sequence numbers are not simply incremented by a value of 1, but instead they are set to the actual number of bytes received (offset from the initial sequence number chosen for the connection) plus 1. Because three segments are used in this process, the connection setup is often referred to as a threeway handshake. In the last of these three steps the SYN bit is not set, because the segment is simply acknowledging the serverʹs initial sequence number. Note also that port numbers are used to indicate the application for which the connection is being set up. TCP headers donʹt need to contain the source and destination IP addresses because that information is already stored in the IP datagram that encapsulates the TCP message. BCIS 4630 Fundamentals of IT Security TCP 5
6 The method used to choose values for the initial sequence number can vary from one implementation of TCP to another. However, there are two important points to understand about the sequence numbers: For each connection a client makes to another computer, the initial sequence number for each connection must be unique. If the same initial sequence number were used for every connection the client made to a single server, it would be impossible to differentiate between different connections of the same application (that is, port number) between the two machines. Although the IP address and port number can uniquely identify a computer, they canʹt uniquely identify multiple applications of the same process running on the same computer. Sequence numbers are incremented for each segment exchanged and are acknowledged by the receiver so that both sides can determine that segments are being delivered reliably and not getting lost in the network. However, it is not necessary that each and every segment be acknowledged with another segment. Using a technique called sliding windows (which weʹll get to in a moment), TCP allows for a single acknowledgment of a number of segments. In Figure 25.7 another field is also shown in the first two packets that are exchanged. The Maximum Segment Size (MSS) field in the TCP header indicates the maximum number of bytes of data that the sender wants to receive in each TCP segment. This value is used to help prevent fragmentation of the TCP segment as it travels through various network devices that might have different transmission frame sizes. This value applies only to the size of the data that the TCP segment carries, and does not include the bytes that make up the TCP and IP headers. You will see this field only during the connection setup. After the application data exchange begins, this field is not used. If the client or server does not put a value into this field during the connection setup, a default value, usually 536, is used. Ending a TCP Session When the partyʹs over the application is finished sending data to another computer it tells TCP to close the connection from its side. Because the connection must be closed from each end, this is called a half close. To fully close a TCP connection, four steps are required, as opposed to the threeway handshake method used to set up the connection. Four steps are required because TCP operates as a full duplex connection that is, data can flow in both directions. Thus, each side needs to tell the other side of the connection that it has finished sending data and wants to close the connection. For example, when the client application, such as Telnet, wants to close a connection, TCP sends a segment that has the FIN bit set in the TCP header to the remote computer. The remote computer must first acknowledge this FIN segment, and does so by sending a segment to the client that has the ACK bit set. Because the connection is full duplex, the server TCP software informs the Telnet server application that the user application on the other end of the connection is finished. It then BCIS 4630 Fundamentals of IT Security TCP 6
7 sends its own FIN segment to the client, which, as you can probably guess, sends an acknowledgment segment back to the server. Although this is the general method used to close a TCP connection, another technique can be used in which one side sends a FIN segment, closing its data pipe, but the other side of the connection does not. Instead, it is possible for the other side to continue sending data until it is finished, at which time it sends the FIN segment and waits for an acknowledgment, which effectively closes the connection. A good example of this method is the Unix rsh (remote shell) utility. This utility allows a user to execute a command on a remote server. Because Unix allows for the capability to redirect input (using the < operator), a user can use rsh to execute a command on a remote server, and use the < operator on the command line to redirect the input for the command from the command line to a file. In such a situation, the clientʹs side of the connection sends the command to be executed to the remote server and then starts sending the data that is in the file. After the clientʹs side of the connection finishes sending the data contained in the file to the remote server, it instructs TCP to close its side of the connection. Yet, at the other side of the connection, the data needs to be processed by the program invoked by the rsh command. When finished, the program on the remote server sends the data back to the client and then instructs TCP to close its side of the connection. BCIS 4630 Fundamentals of IT Security TCP 7
Transport Layer Protocols
Transport Layer Protocols Version. Transport layer performs two main tasks for the application layer by using the network layer. It provides end to end communication between two applications, and implements
More informationTransport Layer. Chapter 3.4. Think about
Chapter 3.4 La 4 Transport La 1 Think about 2 How do MAC addresses differ from that of the network la? What is flat and what is hierarchical addressing? Who defines the IP Address of a device? What is
More informationOverview of TCP/IP. TCP/IP and Internet
Overview of TCP/IP System Administrators and network administrators Why networking - communication Why TCP/IP Provides interoperable communications between all types of hardware and all kinds of operating
More informationEthernet. Ethernet. Network Devices
Ethernet Babak Kia Adjunct Professor Boston University College of Engineering ENG SC757 - Advanced Microprocessor Design Ethernet Ethernet is a term used to refer to a diverse set of frame based networking
More informationICOM 5026-090: Computer Networks Chapter 6: The Transport Layer. By Dr Yi Qian Department of Electronic and Computer Engineering Fall 2006 UPRM
ICOM 5026-090: Computer Networks Chapter 6: The Transport Layer By Dr Yi Qian Department of Electronic and Computer Engineering Fall 2006 Outline The transport service Elements of transport protocols A
More informationOverview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP
Overview Securing TCP/IP Chapter 6 TCP/IP Open Systems Interconnection Model Anatomy of a Packet Internet Protocol Security (IPSec) Web Security (HTTP over TLS, Secure-HTTP) Lecturer: Pei-yih Ting 1 2
More informationComputer Networks UDP and TCP
Computer Networks UDP and TCP Saad Mneimneh Computer Science Hunter College of CUNY New York I m a system programmer specializing in TCP/IP communication protocol on UNIX systems. How can I explain a thing
More informationNetworking Test 4 Study Guide
Networking Test 4 Study Guide True/False Indicate whether the statement is true or false. 1. IPX/SPX is considered the protocol suite of the Internet, and it is the most widely used protocol suite in LANs.
More informationB-2 Analyzing TCP/IP Networks with Wireshark. Ray Tompkins Founder of Gearbit www.gearbit.com
B-2 Analyzing TCP/IP Networks with Wireshark June 15, 2010 Ray Tompkins Founder of Gearbit www.gearbit.com SHARKFEST 10 Stanford University June 14-17, 2010 TCP In this session we will examine the details
More information[Prof. Rupesh G Vaishnav] Page 1
Basics The function of transport layer is to provide a reliable end-to-end communications service. It also provides data transfer service for the user layers above and shield the upper layers from the
More informationHow do I get to www.randomsite.com?
Networking Primer* *caveat: this is just a brief and incomplete introduction to networking to help students without a networking background learn Network Security. How do I get to www.randomsite.com? Local
More informationCOMP 3331/9331: Computer Networks and Applications. Lab Exercise 3: TCP and UDP (Solutions)
COMP 3331/9331: Computer Networks and Applications Lab Exercise 3: TCP and UDP (Solutions) AIM To investigate the behaviour of TCP and UDP in greater detail. EXPERIMENT 1: Understanding TCP Basics Tools
More informationTCP/IP and the Internet
TCP/IP and the Internet Computer networking today is becoming more and more entwined with the internet. By far the most popular protocol set in use is TCP/IP (Transmission Control Protocol/Internet Protocol).
More informationChapter 5. Transport layer protocols
Chapter 5. Transport layer protocols This chapter provides an overview of the most important and common protocols of the TCP/IP transport layer. These include: User Datagram Protocol (UDP) Transmission
More informationIP address format: Dotted decimal notation: 10000000 00001011 00000011 00011111 128.11.3.31
IP address format: 7 24 Class A 0 Network ID Host ID 14 16 Class B 1 0 Network ID Host ID 21 8 Class C 1 1 0 Network ID Host ID 28 Class D 1 1 1 0 Multicast Address Dotted decimal notation: 10000000 00001011
More informationIP Network Layer. Datagram ID FLAG Fragment Offset. IP Datagrams. IP Addresses. IP Addresses. CSCE 515: Computer Network Programming TCP/IP
CSCE 515: Computer Network Programming TCP/IP IP Network Layer Wenyuan Xu Department of Computer Science and Engineering University of South Carolina IP Datagrams IP is the network layer packet delivery
More informationIndian Institute of Technology Kharagpur. TCP/IP Part I. Prof Indranil Sengupta Computer Science and Engineering Indian Institute of Technology
Indian Institute of Technology Kharagpur TCP/IP Part I Prof Indranil Sengupta Computer Science and Engineering Indian Institute of Technology Kharagpur Lecture 3: TCP/IP Part I On completion, the student
More informationNetwork Programming TDC 561
Network Programming TDC 561 Lecture # 1 Dr. Ehab S. Al-Shaer School of Computer Science & Telecommunication DePaul University Chicago, IL 1 Network Programming Goals of this Course: Studying, evaluating
More informationSolution of Exercise Sheet 5
Foundations of Cybersecurity (Winter 15/16) Prof. Dr. Michael Backes CISPA / Saarland University saarland university computer science Protocols = {????} Client Server IP Address =???? IP Address =????
More informationInternet Architecture and Philosophy
Internet Architecture and Philosophy Conceptually, TCP/IP provides three sets of services to the user: Application Services Reliable Transport Service Connectionless Packet Delivery Service The underlying
More informationq Connection establishment (if connection-oriented) q Data transfer q Connection release (if conn-oriented) q Addressing the transport user
Transport service characterization The Transport Layer End-to-End Protocols: UDP and TCP Connection establishment (if connection-oriented) Data transfer Reliable ( TCP) Unreliable / best effort ( UDP)
More informationCPS221 Lecture: Layered Network Architecture
CPS221 Lecture: Layered Network Architecture Objectives last revised 9/10/12 1. To discuss the OSI layered architecture model 2. To discuss the specific implementation of this model in TCP/IP Materials:
More informationIP - The Internet Protocol
Orientation IP - The Internet Protocol IP (Internet Protocol) is a Network Layer Protocol. IP s current version is Version 4 (IPv4). It is specified in RFC 891. TCP UDP Transport Layer ICMP IP IGMP Network
More informationGuide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP
Guide to Network Defense and Countermeasures Third Edition Chapter 2 TCP/IP Objectives Explain the fundamentals of TCP/IP networking Describe IPv4 packet structure and explain packet fragmentation Describe
More informationMobile IP Network Layer Lesson 02 TCP/IP Suite and IP Protocol
Mobile IP Network Layer Lesson 02 TCP/IP Suite and IP Protocol 1 TCP/IP protocol suite A suite of protocols for networking for the Internet Transmission control protocol (TCP) or User Datagram protocol
More informationDO NOT REPLICATE. Analyze IP. Given a Windows Server 2003 computer, you will use Network Monitor to view and analyze all the fields of IP.
Advanced TCP/IP Overview There is one primary set of protocols that runs networks and the Internet today. In this lesson, you will work with those protocols: the Transmission Control Protocol (TCP) and
More informationProtocol Data Units and Encapsulation
Chapter 2: Communicating over the 51 Protocol Units and Encapsulation For application data to travel uncorrupted from one host to another, header (or control data), which contains control and addressing
More informationBasic Networking Concepts. 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet
Basic Networking Concepts 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet 1 1. Introduction -A network can be defined as a group of computers and other devices connected
More informationTCP/IP Fundamentals. OSI Seven Layer Model & Seminar Outline
OSI Seven Layer Model & Seminar Outline TCP/IP Fundamentals This seminar will present TCP/IP communications starting from Layer 2 up to Layer 4 (TCP/IP applications cover Layers 5-7) IP Addresses Data
More informationVoice over IP. Demonstration 1: VoIP Protocols. Network Environment
Voice over IP Demonstration 1: VoIP Protocols Network Environment We use two Windows workstations from the production network, both with OpenPhone application (figure 1). The OpenH.323 project has developed
More informationEffect of Packet-Size over Network Performance
International Journal of Electronics and Computer Science Engineering 762 Available Online at www.ijecse.org ISSN: 2277-1956 Effect of Packet-Size over Network Performance Abhi U. Shah 1, Daivik H. Bhatt
More informationNetworks: IP and TCP. Internet Protocol
Networks: IP and TCP 11/1/2010 Networks: IP and TCP 1 Internet Protocol Connectionless Each packet is transported independently from other packets Unreliable Delivery on a best effort basis No acknowledgments
More informationAttack Lab: Attacks on TCP/IP Protocols
Laboratory for Computer Security Education 1 Attack Lab: Attacks on TCP/IP Protocols Copyright c 2006-2010 Wenliang Du, Syracuse University. The development of this document is funded by the National Science
More informationCS335 Sample Questions for Exam #2
CS335 Sample Questions for Exam #2.) Compare connection-oriented with connectionless protocols. What type of protocol is IP? How about TCP and UDP? Connection-oriented protocols Require a setup time to
More informationNetwork Security TCP/IP Refresher
Network Security TCP/IP Refresher What you (at least) need to know about networking! Dr. David Barrera Network Security HS 2014 Outline Network Reference Models Local Area Networks Internet Protocol (IP)
More informationComputer Networks. Chapter 5 Transport Protocols
Computer Networks Chapter 5 Transport Protocols Transport Protocol Provides end-to-end transport Hides the network details Transport protocol or service (TS) offers: Different types of services QoS Data
More informationPART OF THE PICTURE: The TCP/IP Communications Architecture
PART OF THE PICTURE: The / Communications Architecture 1 PART OF THE PICTURE: The / Communications Architecture BY WILLIAM STALLINGS The key to the success of distributed applications is that all the terminals
More informationRARP: Reverse Address Resolution Protocol
SFWR 4C03: Computer Networks and Computer Security January 19-22 2004 Lecturer: Kartik Krishnan Lectures 7-9 RARP: Reverse Address Resolution Protocol When a system with a local disk is bootstrapped it
More informationObjectives of Lecture. Network Architecture. Protocols. Contents
Objectives of Lecture Network Architecture Show how network architecture can be understood using a layered approach. Introduce the OSI seven layer reference model. Introduce the concepts of internetworking
More information2057-15. First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring
2057-15 First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring 7-25 September 2009 TCP/IP Networking Abhaya S. Induruwa Department
More informationNetworking Overview. (as usual, thanks to Dave Wagner and Vern Paxson)
Networking Overview (as usual, thanks to Dave Wagner and Vern Paxson) Focus For This Lecture Sufficient background in networking to then explore security issues in next few lectures Networking = the Internet
More informationNetwork Layer IPv4. Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS. School of Computing, UNF
Network Layer IPv4 Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing, UNF IPv4 Internet Protocol (IP) is the glue that holds the Internet together.
More informationIP Subnetting and Addressing
Indian Institute of Technology Kharagpur IP Subnetting and Addressing Prof Indranil Sengupta Computer Science and Engineering Indian Institute of Technology Kharagpur Lecture 6: IP Subnetting and Addressing
More informationHands-on Network Traffic Analysis. 2015 Cyber Defense Boot Camp
Hands-on Network Traffic Analysis 2015 Cyber Defense Boot Camp What is this about? Prerequisite: network packet & packet analyzer: (header, data) Enveloped letters inside another envelope Exercises Basic
More informationThe OSI Model and the TCP/IP Protocol Suite
The OSI Model and the TCP/IP Protocol Suite To discuss the idea of multiple layering in data communication and networking and the interrelationship between layers. To discuss the OSI model and its layer
More information20-CS-6053-00X Network Security Spring, 2014. An Introduction To. Network Security. Week 1. January 7
20-CS-6053-00X Network Security Spring, 2014 An Introduction To Network Security Week 1 January 7 Attacks Criminal: fraud, scams, destruction; IP, ID, brand theft Privacy: surveillance, databases, traffic
More informationSession Hijacking Exploiting TCP, UDP and HTTP Sessions
Session Hijacking Exploiting TCP, UDP and HTTP Sessions Shray Kapoor shray.kapoor@gmail.com Preface With the emerging fields in e-commerce, financial and identity information are at a higher risk of being
More information(Refer Slide Time: 02:17)
Internet Technology Prof. Indranil Sengupta Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture No #06 IP Subnetting and Addressing (Not audible: (00:46)) Now,
More informationEE984 Laboratory Experiment 2: Protocol Analysis
EE984 Laboratory Experiment 2: Protocol Analysis Abstract This experiment provides an introduction to protocols used in computer communications. The equipment used comprises of four PCs connected via a
More informationAlgorithms and Techniques Used for Auto-discovery of Network Topology, Assets and Services
Algorithms and Techniques Used for Auto-discovery of Network Topology, Assets and Services CS4983 Senior Technical Report Brian Chown 0254624 Faculty of Computer Science University of New Brunswick Canada
More informationWhat is a DoS attack?
CprE 592-YG Computer and Network Forensics Log-based Signature Analysis Denial of Service Attacks - from analyst s point of view Yong Guan 3216 Coover Tel: (515) 294-8378 Email: guan@ee.iastate.edu October
More informationCourse Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.
Course Name: TCP/IP Networking Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network. TCP/IP is the globally accepted group of protocols
More informationInternet Packets. Forwarding Datagrams
Internet Packets Packets at the network layer level are called datagrams They are encapsulated in frames for delivery across physical networks Frames are packets at the data link layer Datagrams are formed
More informationSubnetting,Supernetting, VLSM & CIDR
Subnetting,Supernetting, VLSM & CIDR WHAT - IP Address Unique 32 or 128 bit Binary, used to identify a system on a Network or Internet. Network Portion Host Portion CLASSFULL ADDRESSING IP address space
More informationGuide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols
Guide to TCP/IP, Third Edition Chapter 3: Data Link and Network Layer TCP/IP Protocols Objectives Understand the role that data link protocols, such as SLIP and PPP, play for TCP/IP Distinguish among various
More informationNetwork-Oriented Software Development. Course: CSc4360/CSc6360 Instructor: Dr. Beyah Sessions: M-W, 3:00 4:40pm Lecture 2
Network-Oriented Software Development Course: CSc4360/CSc6360 Instructor: Dr. Beyah Sessions: M-W, 3:00 4:40pm Lecture 2 Topics Layering TCP/IP Layering Internet addresses and port numbers Encapsulation
More informationProtocols and Architecture. Protocol Architecture.
Protocols and Architecture Protocol Architecture. Layered structure of hardware and software to support exchange of data between systems/distributed applications Set of rules for transmission of data between
More informationAccess Control: Firewalls (1)
Access Control: Firewalls (1) World is divided in good and bad guys ---> access control (security checks) at a single point of entry/exit: in medieval castles: drawbridge in corporate buildings: security/reception
More informationEITF25 Internet Techniques and Applications L5: Wide Area Networks (WAN) Stefan Höst
EITF25 Internet Techniques and Applications L5: Wide Area Networks (WAN) Stefan Höst Data communication in reality In reality, the source and destination hosts are very seldom on the same network, for
More informationThis sequence diagram was generated with EventStudio System Designer (http://www.eventhelix.com/eventstudio).
Client App Network Server App 25-May-13 15:32 (Page 1) This sequence diagram was generated with EventStudio System Designer (http://www.eventhelix.com/eventstudio). TCP is an end to end protocol which
More informationUnderstanding Layer 2, 3, and 4 Protocols
2 Understanding Layer 2, 3, and 4 Protocols While many of the concepts well known to traditional Layer 2 and Layer 3 networking still hold true in content switching applications, the area introduces new
More information04 Internet Protocol (IP)
SE 4C03 Winter 2007 04 Internet Protocol (IP) William M. Farmer Department of Computing and Software McMaster University 29 January 2007 Internet Protocol (IP) IP provides a connectionless packet delivery
More informationTCP Performance Management for Dummies
TCP Performance Management for Dummies Nalini Elkins Inside Products, Inc. Monday, August 8, 2011 Session Number 9285 Our SHARE Sessions Orlando 9285: TCP/IP Performance Management for Dummies Monday,
More informationUnderstanding TCP/IP. Introduction. What is an Architectural Model? APPENDIX
APPENDIX A Introduction Understanding TCP/IP To fully understand the architecture of Cisco Centri Firewall, you need to understand the TCP/IP architecture on which the Internet is based. This appendix
More informationComputer Networks/DV2 Lab
Computer Networks/DV2 Lab Room: BB 219 Additional Information: http://www.fb9dv.uni-duisburg.de/ti/en/education/teaching/ss08/netlab Equipment for each group: - 1 Server computer (OS: Windows 2000 Advanced
More informationFirewall Implementation
CS425: Computer Networks Firewall Implementation Ankit Kumar Y8088 Akshay Mittal Y8056 Ashish Gupta Y8410 Sayandeep Ghosh Y8465 October 31, 2010 under the guidance of Prof. Dheeraj Sanghi Department of
More informationNote! The problem set consists of two parts: Part I: The problem specifications pages Part II: The answer pages
Part I: The problem specifications NTNU The Norwegian University of Science and Technology Department of Telematics Note! The problem set consists of two parts: Part I: The problem specifications pages
More informationChapter 9. IP Secure
Chapter 9 IP Secure 1 Network architecture is usually explained as a stack of different layers. Figure 1 explains the OSI (Open System Interconnect) model stack and IP (Internet Protocol) model stack.
More informationcnds@napier Slide 1 Introduction cnds@napier 1 Lecture 6 (Network Layer)
Slide 1 Introduction In today s and next week s lecture we will cover two of the most important areas in networking and the Internet: IP and TCP. These cover the network and transport layer of the OSI
More informationWe will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall
Chapter 10 Firewall Firewalls are devices used to protect a local network from network based security threats while at the same time affording access to the wide area network and the internet. Basically,
More informationELEC3030 (EL336) Computer Networks. How Networks Differ. Differences that can occur at network layer, which makes internetworking difficult:
How Networks Differ Differences that can occur at network layer, which makes internetworking difficult: It is impossible to resolve all differences, and the solution is to take a simple approach (as in
More informationTransport and Network Layer
Transport and Network Layer 1 Introduction Responsible for moving messages from end-to-end in a network Closely tied together TCP/IP: most commonly used protocol o Used in Internet o Compatible with a
More informationLayer 7 Load Balancing and Content Customization
C H A P T E R 4 Layer 7 Load Balancing and Content Customization This chapter will discuss the methods and protocols involved in accomplishing a Layer 7 load-balancing solution. The reasons for and benefits
More information1 An application in BPC: a Web-Server
1 An application in BPC: a Web-Server We briefly describe our web-server case-study, dwelling in particular on some of the more advanced features of the BPC framework, such as timeouts, parametrized events,
More informationThe OSI model has seven layers. The principles that were applied to arrive at the seven layers can be briefly summarized as follows:
1.4 Reference Models Now that we have discussed layered networks in the abstract, it is time to look at some examples. In the next two sections we will discuss two important network architectures, the
More informationProtocol Rollback and Network Security
CSE 484 / CSE M 584 (Spring 2012) Protocol Rollback and Network Security Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee,
More informationFinal for ECE374 05/06/13 Solution!!
1 Final for ECE374 05/06/13 Solution!! Instructions: Put your name and student number on each sheet of paper! The exam is closed book. You have 90 minutes to complete the exam. Be a smart exam taker -
More informationNetwork Layer: Network Layer and IP Protocol
1 Network Layer: Network Layer and IP Protocol Required reading: Garcia 7.3.3, 8.1, 8.2.1 CSE 3213, Winter 2010 Instructor: N. Vlajic 2 1. Introduction 2. Router Architecture 3. Network Layer Protocols
More informationHost Fingerprinting and Firewalking With hping
Host Fingerprinting and Firewalking With hping Naveed Afzal National University Of Computer and Emerging Sciences, Lahore, Pakistan Email: 1608@nu.edu.pk Naveedafzal gmail.com Abstract: The purpose
More informationMidterm Exam CMPSCI 453: Computer Networks Fall 2011 Prof. Jim Kurose
Midterm Exam CMPSCI 453: Computer Networks Fall 2011 Prof. Jim Kurose Instructions: There are 4 questions on this exam. Please use two exam blue books answer questions 1, 2 in one book, and the remaining
More informationInternet Protocols. Background CHAPTER
CHAPTER 3 Internet Protocols Background The Internet protocols are the world s most popular open-system (nonproprietary) protocol suite because they can be used to communicate across any set of interconnected
More informationCYBER ATTACKS EXPLAINED: PACKET CRAFTING
CYBER ATTACKS EXPLAINED: PACKET CRAFTING Protect your FOSS-based IT infrastructure from packet crafting by learning more about it. In the previous articles in this series, we explored common infrastructure
More informationChapter 3. TCP/IP Networks. 3.1 Internet Protocol version 4 (IPv4)
Chapter 3 TCP/IP Networks 3.1 Internet Protocol version 4 (IPv4) Internet Protocol version 4 is the fourth iteration of the Internet Protocol (IP) and it is the first version of the protocol to be widely
More informationACHILLES CERTIFICATION. SIS Module SLS 1508
ACHILLES CERTIFICATION PUBLIC REPORT Final DeltaV Report SIS Module SLS 1508 Disclaimer Wurldtech Security Inc. retains the right to change information in this report without notice. Wurldtech Security
More informationComputer Networks Practicum 2015
Computer Networks Practicum 2015 Vrije Universiteit Amsterdam, The Netherlands http://acropolis.cs.vu.nl/ spyros/cnp/ 1 Overview This practicum consists of two parts. The first is to build a TCP implementation
More informationOSI Model. Application Presentation Session Transport Network Data Link Physical. EE156 Computer Network Architecture
OSI Model 7 6 5 4 3 2 1 Application Presentation Session Transport Network Data Link Physical Protocols Define a set of rules for communication. Specify the meaning and format of messages Define exchange
More informationHow To Design A Layered Network In A Computer Network
A Layered Approach to Computer Networks Physical Layer Data Link Layer Network Layer Transport Layer Session Layer Presentation Layer Application Layer Different layer of abstraction Different error control
More informationIntroduction To Computer Networking
Introduction To Computer Networking Alex S. 1 Introduction 1.1 Serial Lines Serial lines are generally the most basic and most common communication medium you can have between computers and/or equipment.
More information8.2 The Internet Protocol
TCP/IP Protocol Suite HTTP SMTP DNS RTP Distributed applications Reliable stream service TCP UDP User datagram service Best-effort connectionless packet transfer Network Interface 1 IP Network Interface
More informationLESSON 3.6. 98-366 Networking Fundamentals. Understand TCP/IP
Understand TCP/IP Lesson Overview In this lesson, you will learn about: TCP/IP Tracert Telnet Netstat Reserved addresses Local loopback IP Ping Pathping Ipconfig Protocols Anticipatory Set Experiment with
More informationChapter 3: Review of Important Networking Concepts. Magda El Zarki Dept. of CS UC Irvine elzarki@uci.edu http://www.ics.uci.
Chapter 3: Review of Important Networking Concepts Magda El Zarki Dept. of CS UC Irvine elzarki@uci.edu http://www.ics.uci.edu/~magda 1 Networking Concepts Protocol Architecture Protocol Layers Encapsulation
More informationELEN 602: Computer Communications and Networking. Socket Programming Basics
1 ELEN 602: Computer Communications and Networking Socket Programming Basics A. Introduction In the classic client-server model, the client sends out requests to the server, and the server does some processing
More informationTechnical Support Information Belkin internal use only
The fundamentals of TCP/IP networking TCP/IP (Transmission Control Protocol / Internet Protocols) is a set of networking protocols that is used for communication on the Internet and on many other networks.
More informationKap. 2. Transport - Schicht
Kap. 2 Transport - Schicht 2-2 Transport-Schicht Transport-Schicht: bietet eine logische Kommunikation zw. Anwendungen TCP: - Verbindungsorientiert mittels 3-Way-Handshake - zuverlässiger Datentransport
More informationPort Scanning. Objectives. Introduction: Port Scanning. 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap.
Port Scanning Objectives 1. Introduce the techniques of port scanning. 2. Use port scanning audit tools such as Nmap. Introduction: All machines connected to a LAN or connected to Internet via a modem
More informationTroubleshooting Tools
Troubleshooting Tools An overview of the main tools for verifying network operation from a host Fulvio Risso Mario Baldi Politecnico di Torino (Technical University of Turin) see page 2 Notes n The commands/programs
More informationFirewalls. Basic Firewall Concept. Why firewalls? Firewall goals. Two Separable Topics. Firewall Design & Architecture Issues
CS 155 May 20, 2004 Firewalls Basic Firewall Concept Separate local area net from internet Firewall John Mitchell Credit: some text, illustrations from Simon Cooper Router All packets between LAN and internet
More informationIP Firewalls. an overview of the principles
page 1 of 16 IP Firewalls an overview of the principles 0. Foreword WHY: These notes were born out of some discussions and lectures with technical security personnel. The main topics which we discussed
More informationTCP/IP Optimization for Wide Area Storage Networks. Dr. Joseph L White Juniper Networks
TCP/IP Optimization for Wide Area Storage Networks Dr. Joseph L White Juniper Networks SNIA Legal Notice The material contained in this tutorial is copyrighted by the SNIA. Member companies and individuals
More informationA PPENDIX L TCP/IP and OSI
A PPENDIX L TCP/IP and OSI William Stallings Copyright 2010 L.1 PROTOCOLS AND PROTOCOL ARCHITECTURES...2! L.2 THE TCP/IP PROTOCOL ARCHITECTURE...5! TCP/IP Layers...5! TCP and UDP...7! Operation of TCP/IP...7!
More information