Advanced Computer Networks IN Dec 2015
|
|
- Hilary Cook
- 8 years ago
- Views:
Transcription
1 Chair for Network Architectures and Services Technische Universität München Advanced Computer Networks IN Dec 2015 Prof. Dr.-Ing. Georg Carle Chair for Network Architectures and Services Department of Computer Science Technische Universität München
2 Chair for Network Architectures and Services Technische Universität München Network Measurements
3 Network Measurements Introduction Architecture & Mechanisms Active Measurements Passive Measurements Scenarios 3
4 Why do we measure the network? Network Provider View Manage traffic Predict future, model reality, plan network Avoid bottlenecks in advance Reduce cost Accounting Service Provider View Get information about the client Adjust service to demands Reduce load on service Accounting Client View Get the best possible service Check the service ( Do I get what I have paid for?) Researcher View Performance evaluation (e.g., could our new routing algorithm handle all this real-world traffic? ) Security view Detect malicious traffic, malicious hosts, malicious networks, 4
5 But why should we do it at all? Do we really have to? The network is well engineered Well documented protocols, mechanisms, Everything built by humans ð no unknowns (compare this to, e.g., physics: is theory on cosmic inflation phase sound? etc.) In theory, we can know everything that is going on ð There should/might be no need for measurements But: Information in a distributed multidomain network only partly available Moving target: Requirements change Growth, usage, structure changes Highly interactive system Heterogeneity in all directions The total is more than the sum of its pieces And: The network is built, driven and used by humans Detection of errors, misconfigurations, flaws, failures, misuse, 5
6 Active Measurements Methodology Probe packets exchanged between specific nodes Measurement of packet loss, one-way delay, round-trip times, packet inter-arrival time Analysis Sender Complete packet loss ð link down, invalid route, router defect Partial packet loss ð available bandwidth, level of congestion Delay = propagation time + buffer time ð distance estimation, filling level of buffers Interarrival times of packet pairs/trains ð path capacity Network Receiver 6
7 Active Measurements - Assessment Active measurements Disadvantages intrusive Additional load Network traffic is affected by the measurement Measurements are influenced by (possibly varying) network load Measurement packets may be treated differently than packets of interest (e.g. ICMP frequently treated differently to TCP/UDP packets) Advantages Straightforward Does not depend on existing traffic by active applications Allows measurement of specific parts of the network Does not require access to internal network components 7
8 Active Measurement Example: Packet pair probing Packet Pair (P-P) technique c.f. work by Jacobson & Keshav Send two equal-sized packets back-to-back Packet size: L Packet Tx time at link i: L/C i P-P dispersion = time interval between last bit of two packets Without any cross traffic, the dispersion at receiver is determined by bottleneck link (i.e., slowest link): Δ out = max L Ci = max = R i= 1,..., H Δ C.f paper Nettimer: A Tool for Measuring Bottleneck Link Bandwidth in Usenix, Kevin Lai, Mary Baker, nettimer-tool-measuring-bottleneck-link-bandwidth If two packets are sent close enough together in time to cause the packets to queue together at the bottleneck link, then the packets will arrive at the destination with the same spacing as when they exited. Δ L C in, L C i 8
9 Active Measurement Example: Traceroute Traceroute: possible anomalies due to load balancing Solution: Paris traceroute UDP TTL=3 UDP TTL=4 9
10 Recapitulation - Multipath routing: Solution Hash consistently and use packet headers as random values: Result: Packets from same TCP connection yield same hash value No reordering within one TCP connection possible 10
11 Paris Traceroute Paris traceroute Varying header fields that are within the first 28 octets TCP: sequence number UDP: checksum field This requires manipulating the payload to yield the desired checksum, as packets with an incorrect checksum are liable to be discarded. ICMP: combination of ICMP identifier and sequence number Experiment results: certain routers use first four octets after IP header combined with IP fields for load balancing 11
12 Passive Measurements Methodology Observation of existing traffic using monitoring probes in the network Measurement of traffic volume, traffic composition, packet interarrival times Different levels of granularity: packet-level, flow-level, link-level Analysis Network Measurement of network utilization for accounting and traffic engineering Monitoring Probe Measurement of quality-of-service parameters (e.g., throughput, delay) Detection of failures, traffic anomalies, flooding attacks and scans Traffic characterization with deep packet inspection 12
13 Passive Measurements - Assessment Passive measurements (or Network Monitoring) Monitoring of existing traffic ð Requires installation of monitoring probes at appropriate locations in the network Advantages Non-intrusive ð Does not affect applications Does not modify the network behavior Disadvantages Requires suitable existing (active) network traffic Limited to analysis of existing / current network behavior, situations of high load, etc. cannot be simulated/enforced Does not allow the transport of additional information (time stamps, etc.) within measured traffic 13
14 Flow-Level Passive Measurements Flow-Collector Internal Network Flow Data (e.g. encoded in IPFIX) Internet Network devices create flow data Export them to some central collector You can look at communication patterns 14
15 Flow-Level Passive Measurements Data visualisation 15
16 Network Measurements Hybrid Measurements Hybrid measurements Modification of packet flows Piggybacking Header modification Advantages Same as for passive additional information can be included (time-stamps, etc.) Disadvantages Modifying of data packets may cause problems if not used carefully 16
17 Measurement types (summary) Active Measurements Intrusive Find out what the network is capable of Changes the network state Passive Measurements (or network monitoring) Non-intrusive Find out what the current situation is Does not influence the network state (more or less) Hybrid Alter actual traffic Reduce the impact of active measurements Might introduce new bias for applications 17
18 Network Monitoring Applications of network monitoring Traffic analysis Traffic engineering Anomaly detection Accounting Resource utilization Accounting and charging Security Intrusion detection Detection of prohibited data transfers (e.g., P2P applications) Research Issues Traffic Analysis Accounting Monitoring Protection of measurement data against illegitimate use (encryption, ) Applicable law ( lawful interception, privacy laws, ) Security applications 18
19 International Telecommunication Union - ITU Technical Aspects of Lawful Interception: Lawful Interception (LI) describes the lawfully authorized interception and monitoring of telecommunications pursuant to an order of a government body, to obtain the forensics necessary for pursuing wrongdoers. LI has existed from the times of shortrange telegraphy to today s worldspanning Next-Generation Networks (NGNs). ð Basis: In accordance with local law reasonable suspicion of severe criminal offense 19
20 Lawful Interception Interfaces and Standards Vendor Specifications Cisco, others ETSI Standardisation Documents ETSI TS , Telecommunications security; Lawful Interception (LI); Requirements of law enforcement agencies ETSI TS v6.7.0, 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Handover Interface for Lawful Interception (Release 6) IETF Please note: RFC 1984, IAB and IESG Statement on Cryptographic Technology and the Internet, August 1996, RFC 2804, IAB, IESG: IETF Policy on Wiretapping, May 2000, RFC 3924, Fred Baker, Bill Foster, Chip Sharp, Cisco Architecture for Lawful Intercept in IP Networks, October 2004, 20
21 Vendor Specification on Lawful Interception Example: Cisco Service Independent Intercept (SII) Architecture 21
22 RFC 1984 Informational RFC by IAB and IESG, August 1996 The Internet Architecture Board (IAB) and the Internet Engineering Steering Group (IESG), the bodies which oversee architecture and standards for the Internet, are concerned by the need for increased protection of international commercial transactions on the Internet, and by the need to offer all Internet users an adequate degree of privacy.... The IAB and IESG are therefore disturbed to note that various governments have actual or proposed policies on access to cryptographic technology that either: (a) impose restrictions by implementing export controls; and/or (b) restrict commercial and private users to weak and inadequate mechanisms such as short cryptographic keys; and/or (c) mandate that private decryption keys should be in the hands of the government or of some other third party; and/or (d) prohibit the use of cryptology entirely, or permit it only to specially authorized organizations. We believe that such policies are against the interests of consumers and the business community, are largely irrelevant to issues of military security, and provide only a marginal or illusory benefit to law enforcement agencies,... 22
23 IETF Policy on Wiretapping RFC 2804, May 2000, by IAB and IESG The IETF has decided not to consider requirements for wiretapping as part of the process for creating and maintaining IETF standards. The IETF restates its strongly held belief, stated at greater length in [RFC 1984], that both commercial development of the Internet and adequate privacy for its users against illegal intrusion requires the wide availability of strong cryptographic technology. On the other hand, the IETF believes that mechanisms designed to facilitate or enable wiretapping, or methods of using other facilities for such purposes, should be openly described, so as to ensure the maximum review of the mechanisms and ensure that they adhere as closely as possible to their design constraints. The IETF believes that the publication of such mechanisms, and the publication of known weaknesses in such mechanisms, is a Good Thing. 23
24 Cisco Architecture for Lawful Intercept c.f RFC 3924 (Informational RFC) 24
25 RFC Cisco Architecture for Lawful Intercept Published only for informational purposes IESG Note This RFC is not a candidate for any level of Internet Standard. The IETF disclaims any knowledge of the fitness of this RFC for any purpose, and in particular notes that the decision to publish is not based on IETF review for such things as security, congestion control or inappropriate interaction with deployed protocols. The RFC Editor has chosen to publish this document at its discretion. Readers of this document should exercise caution in evaluating its value for implementation and deployment. ð Analogy: Academic community would publish of known weaknesses in the view of known adversaries publish possible (and likely applied) attacks of known adversaries develop and provide solutions to improve privacy 25
Security Considerations for Intrinsic Monitoring within IPv6 Networks: Work in Progress
Security Considerations for Intrinsic Monitoring within IPv6 Networks: Work in Progress Alan Davy and Lei Shi Telecommunication Software&Systems Group, Waterford Institute of Technology, Ireland adavy,lshi@tssg.org
More informationInternet Management and Measurements Measurements
Internet Management and Measurements Measurements Ramin Sadre, Aiko Pras Design and Analysis of Communication Systems Group University of Twente, 2010 Measurements What is being measured? Why do you measure?
More informationRequirements of Voice in an IP Internetwork
Requirements of Voice in an IP Internetwork Real-Time Voice in a Best-Effort IP Internetwork This topic lists problems associated with implementation of real-time voice traffic in a best-effort IP internetwork.
More informationFinal exam review, Fall 2005 FSU (CIS-5357) Network Security
Final exam review, Fall 2005 FSU (CIS-5357) Network Security Instructor: Breno de Medeiros 1. What is an insertion attack against a NIDS? Answer: An insertion attack against a network intrusion detection
More informationChapter 9. IP Secure
Chapter 9 IP Secure 1 Network architecture is usually explained as a stack of different layers. Figure 1 explains the OSI (Open System Interconnect) model stack and IP (Internet Protocol) model stack.
More informationResearch on Errors of Utilized Bandwidth Measured by NetFlow
Research on s of Utilized Bandwidth Measured by NetFlow Haiting Zhu 1, Xiaoguo Zhang 1,2, Wei Ding 1 1 School of Computer Science and Engineering, Southeast University, Nanjing 211189, China 2 Electronic
More informationSimple Law Enforcement Monitoring
Simple Law Enforcement Monitoring Fred Baker draft-baker-slem-architecture-01.txt ftp://ftpeng.cisco.com/fred/ietf/slem.ppt ftp://ftpeng.cisco.com/fred/ietf/slem.pdf The message I wish had been found in
More informationCisco IOS Flexible NetFlow Technology
Cisco IOS Flexible NetFlow Technology Last Updated: December 2008 The Challenge: The ability to characterize IP traffic and understand the origin, the traffic destination, the time of day, the application
More informationMaster Course Computer Networks IN2097
Chair for Network Architectures and Services Prof. Carle Department of Computer Science TU München Master Course Computer Networks IN2097 Prof. Dr.-Ing. Georg Carle Christian Grothoff, Ph.D. Stephan Günther
More informationReport to WIPO SCIT Plenary Trilateral Secure Virtual Private Network Primer. February 3, 1999
Report to WIPO SCIT Plenary Trilateral Secure Virtual Private Network Primer February 3, 1999 Frame Relay Frame Relay is an international standard for high-speed access to public wide area data networks
More informationAssignment #3 Routing and Network Analysis. CIS3210 Computer Networks. University of Guelph
Assignment #3 Routing and Network Analysis CIS3210 Computer Networks University of Guelph Part I Written (50%): 1. Given the network graph diagram above where the nodes represent routers and the weights
More informationSecurity vulnerabilities in the Internet and possible solutions
Security vulnerabilities in the Internet and possible solutions 1. Introduction The foundation of today's Internet is the TCP/IP protocol suite. Since the time when these specifications were finished in
More informationInternet Infrastructure Measurement: Challenges and Tools
Internet Infrastructure Measurement: Challenges and Tools Internet Infrastructure Measurement: Challenges and Tools Outline Motivation Challenges Tools Conclusion Why Measure? Why Measure? Internet, with
More informationNetwork Intrusion Detection Systems. Beyond packet filtering
Network Intrusion Detection Systems Beyond packet filtering Goal of NIDS Detect attacks as they happen: Real-time monitoring of networks Provide information about attacks that have succeeded: Forensic
More informationPerformance Evaluation of AODV, OLSR Routing Protocol in VOIP Over Ad Hoc
(International Journal of Computer Science & Management Studies) Vol. 17, Issue 01 Performance Evaluation of AODV, OLSR Routing Protocol in VOIP Over Ad Hoc Dr. Khalid Hamid Bilal Khartoum, Sudan dr.khalidbilal@hotmail.com
More informationHP Intelligent Management Center v7.1 Network Traffic Analyzer Administrator Guide
HP Intelligent Management Center v7.1 Network Traffic Analyzer Administrator Guide Abstract This guide contains comprehensive information for network administrators, engineers, and operators working with
More informationTHE INTERNATIONAL JOURNAL OF SCIENCE & TECHNOLEDGE
THE INTERNATIONAL JOURNAL OF SCIENCE & TECHNOLEDGE Remote Path Identification using Packet Pair Technique to Strengthen the Security for Online Applications R. Abinaya PG Scholar, Department of CSE, M.A.M
More informationFlow Analysis Versus Packet Analysis. What Should You Choose?
Flow Analysis Versus Packet Analysis. What Should You Choose? www.netfort.com Flow analysis can help to determine traffic statistics overall, but it falls short when you need to analyse a specific conversation
More informationIntroduction to Network Traffic Monitoring. Evangelos Markatos. FORTH-ICS markatos@ics.forth.gr
Introduction to Network Traffic Monitoring -ICS markatos@ics.forth.gr http://www.ics.forth.gr/~markatos Institute of Computer Science (ICS) Foundation for Research and Technology Hellas () Roadmap Motivation
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationInternet Protocol: IP packet headers. vendredi 18 octobre 13
Internet Protocol: IP packet headers 1 IPv4 header V L TOS Total Length Identification F Frag TTL Proto Checksum Options Source address Destination address Data (payload) Padding V: Version (IPv4 ; IPv6)
More informationCOSC 472 Network Security
COSC 472 Network Security Instructor: Dr. Enyue (Annie) Lu Office hours: http://faculty.salisbury.edu/~ealu/schedule.htm Office room: HS114 Email: ealu@salisbury.edu Course information: http://faculty.salisbury.edu/~ealu/cosc472/cosc472.html
More informationChapter 3. TCP/IP Networks. 3.1 Internet Protocol version 4 (IPv4)
Chapter 3 TCP/IP Networks 3.1 Internet Protocol version 4 (IPv4) Internet Protocol version 4 is the fourth iteration of the Internet Protocol (IP) and it is the first version of the protocol to be widely
More informationSecurity in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity
Basic Security Requirements and Techniques Confidentiality The property that stored or transmitted information cannot be read or altered by an unauthorized party Integrity The property that any alteration
More informationCONTROL SYSTEM FOR INTERNET BANDWIDTH BASED ON JAVA TECHNOLOGY
CONTROL SYSTEM FOR INTERNET BANDWIDTH BASED ON JAVA TECHNOLOGY SEIFEDINE KADRY, KHALED SMAILI Lebanese University-Faculty of Sciences Beirut-Lebanon E-mail: skadry@gmail.com ABSTRACT This paper presents
More informationACHILLES CERTIFICATION. SIS Module SLS 1508
ACHILLES CERTIFICATION PUBLIC REPORT Final DeltaV Report SIS Module SLS 1508 Disclaimer Wurldtech Security Inc. retains the right to change information in this report without notice. Wurldtech Security
More informationRARP: Reverse Address Resolution Protocol
SFWR 4C03: Computer Networks and Computer Security January 19-22 2004 Lecturer: Kartik Krishnan Lectures 7-9 RARP: Reverse Address Resolution Protocol When a system with a local disk is bootstrapped it
More informationIntrusion Detection Systems
Intrusion Detection Systems Advanced Computer Networks 2007 Reinhard Wallner reinhard.wallner@student.tugraz.at Outline Introduction Types of IDS How works an IDS Attacks to IDS Intrusion Prevention Systems
More informationNetwork congestion control using NetFlow
Network congestion control using NetFlow Maxim A. Kolosovskiy Elena N. Kryuchkova Altai State Technical University, Russia Abstract The goal of congestion control is to avoid congestion in network elements.
More informationNetwork traffic monitoring and management. Sonia Panchen sonia.panchen@inmon.com 11 th November 2010
Network traffic monitoring and management Sonia Panchen sonia.panchen@inmon.com 11 th November 2010 Lecture outline What is network traffic management? Traffic management applications Traffic monitoring
More informationImproving our Evaluation of Transport Protocols. Sally Floyd Hamilton Institute July 29, 2005
Improving our Evaluation of Transport Protocols Sally Floyd Hamilton Institute July 29, 2005 Computer System Performance Modeling and Durable Nonsense A disconcertingly large portion of the literature
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More information17: Queue Management. Queuing. Mark Handley
17: Queue Management Mark Handley Queuing The primary purpose of a queue in an IP router is to smooth out bursty arrivals, so that the network utilization can be high. But queues add delay and cause jitter.
More informationHigh Performance VPN Solutions Over Satellite Networks
High Performance VPN Solutions Over Satellite Networks Enhanced Packet Handling Both Accelerates And Encrypts High-Delay Satellite Circuits Characteristics of Satellite Networks? Satellite Networks have
More informationFirewalls and Intrusion Detection
Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall
More informationApplications. Network Application Performance Analysis. Laboratory. Objective. Overview
Laboratory 12 Applications Network Application Performance Analysis Objective The objective of this lab is to analyze the performance of an Internet application protocol and its relation to the underlying
More informationLimitations of Packet Measurement
Limitations of Packet Measurement Collect and process less information: Only collect packet headers, not payload Ignore single packets (aggregate) Ignore some packets (sampling) Make collection and processing
More informationCHAPTER 6 SECURE PACKET TRANSMISSION IN WIRELESS SENSOR NETWORKS USING DYNAMIC ROUTING TECHNIQUES
CHAPTER 6 SECURE PACKET TRANSMISSION IN WIRELESS SENSOR NETWORKS USING DYNAMIC ROUTING TECHNIQUES 6.1 Introduction The process of dispersive routing provides the required distribution of packets rather
More informationPerformance Evaluation of VoIP Services using Different CODECs over a UMTS Network
Performance Evaluation of VoIP Services using Different CODECs over a UMTS Network Jianguo Cao School of Electrical and Computer Engineering RMIT University Melbourne, VIC 3000 Australia Email: j.cao@student.rmit.edu.au
More informationFlow Based Traffic Analysis
Flow based Traffic Analysis Muraleedharan N C-DAC Bangalore Electronics City murali@ncb.ernet.in Challenges in Packet level traffic Analysis Network traffic grows in volume and complexity Capture and decode
More informationInternet Firewall CSIS 3230. Internet Firewall. Spring 2012 CSIS 4222. net13 1. Firewalls. Stateless Packet Filtering
Internet Firewall CSIS 3230 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 8.8: Packet filtering, firewalls, intrusion detection Ch
More informationNAT and Firewall Traversal with STUN / TURN / ICE
NAT and Firewall Traversal with STUN / TURN / ICE Simon Perreault Viagénie {mailto sip}:simon.perreault@viagenie.ca http://www.viagenie.ca Credentials Consultant in IP networking and VoIP at Viagénie.
More informationIP Network Monitoring and Measurements: Techniques and Experiences
IP Network Monitoring and Measurements: Techniques and Experiences Philippe Owezarski LAAS-CNRS Toulouse, France Owe@laas.fr 1 Outline 4 Introduction 4 Monitoring problematic 8Only based on network administration
More informationNetwork Monitoring and Management NetFlow Overview
Network Monitoring and Management NetFlow Overview These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/)
More informationEncapsulating Voice in IP Packets
Encapsulating Voice in IP Packets Major VoIP Protocols This topic defines the major VoIP protocols and matches them with the seven layers of the OSI model. Major VoIP Protocols 15 The major VoIP protocols
More informationInternet Firewall CSIS 4222. Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS 4222. net15 1. Routers can implement packet filtering
Internet Firewall CSIS 4222 A combination of hardware and software that isolates an organization s internal network from the Internet at large Ch 27: Internet Routing Ch 30: Packet filtering & firewalls
More informationNetwork Security. Chapter 9. Attack prevention, detection and response. Attack Prevention. Part I: Attack Prevention
Chair for Network Architectures and Services Department of Informatics TU München Prof. Carle Part I: Attack Prevention Network Security Chapter 9 Attack prevention, detection and response Part Part I:
More informationMaster Course Computer Networks IN2097
Chair for Network Architectures and Services Prof. Carle Department for Computer Science TU München Master Course Computer Networks IN2097 Prof. Dr.-Ing. Georg Carle Christian Grothoff, Ph.D. Chair for
More informationSaisei FlowCommand FLOW COMMAND IN ACTION. No Flow Left Behind. No other networking vendor can make this claim
Saisei FlowCommand The Saisei FlowCommand family of network performance enforcement (NPE) solutions offers a new paradigm for real-time user- and application-policy enforcement and visibility made possible
More informationA Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.
A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money
More informationSTANDPOINT FOR QUALITY-OF-SERVICE MEASUREMENT
STANDPOINT FOR QUALITY-OF-SERVICE MEASUREMENT 1. TIMING ACCURACY The accurate multi-point measurements require accurate synchronization of clocks of the measurement devices. If for example time stamps
More informationFlexible Deterministic Packet Marking: An IP Traceback Scheme Against DDOS Attacks
Flexible Deterministic Packet Marking: An IP Traceback Scheme Against DDOS Attacks Prashil S. Waghmare PG student, Sinhgad College of Engineering, Vadgaon, Pune University, Maharashtra, India. prashil.waghmare14@gmail.com
More informationInternet Architecture and Philosophy
Internet Architecture and Philosophy Conceptually, TCP/IP provides three sets of services to the user: Application Services Reliable Transport Service Connectionless Packet Delivery Service The underlying
More informationDistributed monitoring of IP-availability
IPLU-II Seminar 08.02.2008 1 Distributed monitoring of IP-availability Jorma Kilpi, VTT February 8, 2008 IPLU-II Seminar 08.02.2008 2 Availability vs. IP-Availability In this presentation Availability
More informationProtocols. Packets. What's in an IP packet
Protocols Precise rules that govern communication between two parties TCP/IP: the basic Internet protocols IP: Internet Protocol (bottom level) all packets shipped from network to network as IP packets
More informationCISCO INFORMATION TECHNOLOGY AT WORK CASE STUDY: CISCO IOS NETFLOW TECHNOLOGY
CISCO INFORMATION TECHNOLOGY AT WORK CASE STUDY: CISCO IOS NETFLOW TECHNOLOGY CISCO INFORMATION TECHNOLOGY SEPTEMBER 2004 1 Overview Challenge To troubleshoot capacity and quality problems and to understand
More information7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?
7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk
More informationNetwork Layer: Network Layer and IP Protocol
1 Network Layer: Network Layer and IP Protocol Required reading: Garcia 7.3.3, 8.1, 8.2.1 CSE 3213, Winter 2010 Instructor: N. Vlajic 2 1. Introduction 2. Router Architecture 3. Network Layer Protocols
More informationThe ISP Column A monthly column on all things Internet
The ISP Column A monthly column on all things Internet Just How Good are You? Measuring Network Performance February 2003 Geoff Huston If you are involved in the operation of an IP network, a question
More informationNETWORK LAYER/INTERNET PROTOCOLS
CHAPTER 3 NETWORK LAYER/INTERNET PROTOCOLS You will learn about the following in this chapter: IP operation, fields and functions ICMP messages and meanings Fragmentation and reassembly of datagrams IP
More informationFIREWALLS. Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others
FIREWALLS FIREWALLS Firewall: isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others FIREWALLS: WHY Prevent denial of service attacks: SYN flooding: attacker
More informationQuestion: 3 When using Application Intelligence, Server Time may be defined as.
1 Network General - 1T6-521 Application Performance Analysis and Troubleshooting Question: 1 One component in an application turn is. A. Server response time B. Network process time C. Application response
More informationAn Introduction to VoIP Protocols
An Introduction to VoIP Protocols www.netqos.com Voice over IP (VoIP) offers the vision of a converged network carrying multiple types of traffic (voice, video, and data, to name a few). To carry out this
More informationExtracting Performance Metrics from NetFlow in Enterprise Networks
Extracting Performance Metrics from NetFlow in Enterprise Networks 2nd EMANICS Workshop on NetFlow/IPFIX Usage Jochen Kögel jochen.koegel@ikr.uni-stuttgart.de 8. October 2009 Universität Stuttgart Institute
More informationChapter 4. VoIP Metric based Traffic Engineering to Support the Service Quality over the Internet (Inter-domain IP network)
Chapter 4 VoIP Metric based Traffic Engineering to Support the Service Quality over the Internet (Inter-domain IP network) 4.1 Introduction Traffic Engineering can be defined as a task of mapping traffic
More informationIPv6 SECURITY. May 2011. The Government of the Hong Kong Special Administrative Region
IPv6 SECURITY May 2011 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without the express
More informationActive Measurements: traceroute
Active Measurements: traceroute 1 Tools: Traceroute Exploit TTL (Time to Live) feature of IP When a router receives a packet with TTL=1, packet is discarded and ICMP_time_exceeded returned to sender Operational
More informationChapter 8 Security Pt 2
Chapter 8 Security Pt 2 IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationEnhancing Flow Based Network Monitoring
Enhancing Flow Based Network Monitoring Flow-based technologies such as NetFlow, sflow, J-Flow, and IPFIX are increasingly popular tools used by network operators. The tools leverage the capabilities embedded
More informationApplication Note. Windows 2000/XP TCP Tuning for High Bandwidth Networks. mguard smart mguard PCI mguard blade
Application Note Windows 2000/XP TCP Tuning for High Bandwidth Networks mguard smart mguard PCI mguard blade mguard industrial mguard delta Innominate Security Technologies AG Albert-Einstein-Str. 14 12489
More informationSignature-aware Traffic Monitoring with IPFIX 1
Signature-aware Traffic Monitoring with IPFIX 1 Youngseok Lee, Seongho Shin, and Taeck-geun Kwon Dept. of Computer Engineering, Chungnam National University, 220 Gungdong Yusonggu, Daejon, Korea, 305-764
More informationPer-Flow Queuing Allot's Approach to Bandwidth Management
White Paper Per-Flow Queuing Allot's Approach to Bandwidth Management Allot Communications, July 2006. All Rights Reserved. Table of Contents Executive Overview... 3 Understanding TCP/IP... 4 What is Bandwidth
More informationTransport layer issues in ad hoc wireless networks Dmitrij Lagutin, dlagutin@cc.hut.fi
Transport layer issues in ad hoc wireless networks Dmitrij Lagutin, dlagutin@cc.hut.fi 1. Introduction Ad hoc wireless networks pose a big challenge for transport layer protocol and transport layer protocols
More informationNetwork Management & Monitoring
Network Management & Monitoring NetFlow Overview These materials are licensed under the Creative Commons Attribution-Noncommercial 3.0 Unported license (http://creativecommons.org/licenses/by-nc/3.0/)
More informationNetFlow: What is it, why and how to use it? Miloš Zeković, milos.zekovic@soneco.rs. ICmyNet Chief Customer Officer Soneco d.o.o.
NetFlow: What is it, why and how to use it?, milos.zekovic@soneco.rs Soneco d.o.o. Serbia Agenda What is NetFlow? What are the benefits? How to deploy NetFlow? Questions 2 / 22 What is NetFlow? NetFlow
More informationArchitecture of distributed network processors: specifics of application in information security systems
Architecture of distributed network processors: specifics of application in information security systems V.Zaborovsky, Politechnical University, Sait-Petersburg, Russia vlad@neva.ru 1. Introduction Modern
More informationIP and Mobility. Requirements to a Mobile IP. Terminology in Mobile IP
IP and Mobility Chapter 2 Technical Basics: Layer Methods for Medium Access: Layer 2 Chapter Wireless Networks: Bluetooth, WLAN, WirelessMAN, WirelessWAN Mobile Telecommunication Networks: GSM, GPRS, UMTS
More informationReceiving the IP packets Decoding of the packets Digital-to-analog conversion which reproduces the original voice stream
Article VoIP Introduction Internet telephony refers to communications services voice, fax, SMS, and/or voice-messaging applications that are transported via the internet, rather than the public switched
More informationPROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES
PROTECTING INFORMATION SYSTEMS WITH FIREWALLS: REVISED GUIDELINES ON FIREWALL TECHNOLOGIES AND POLICIES Shirley Radack, Editor Computer Security Division Information Technology Laboratory National Institute
More informationAn enhanced TCP mechanism Fast-TCP in IP networks with wireless links
Wireless Networks 6 (2000) 375 379 375 An enhanced TCP mechanism Fast-TCP in IP networks with wireless links Jian Ma a, Jussi Ruutu b and Jing Wu c a Nokia China R&D Center, No. 10, He Ping Li Dong Jie,
More informationIntrusion Detection Systems
Intrusion Detection Systems Raj Jain Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Audio/Video recordings of this lecture are available at: http://www.cse.wustl.edu/~jain/cse571-07/
More informationSecurity (II) ISO 7498-2: Security Architecture of OSI Reference Model. Outline. Course Outline: Fundamental Topics. EE5723/EE4723 Spring 2012
Course Outline: Fundamental Topics System View of Network Security Network Security Model Security Threat Model & Security Services Model Overview of Network Security Security Basis: Cryptography Secret
More informationChapter 9 Firewalls and Intrusion Prevention Systems
Chapter 9 Firewalls and Intrusion Prevention Systems connectivity is essential However it creates a threat Effective means of protecting LANs Inserted between the premises network and the to establish
More informationFirewalls Netasq. Security Management by NETASQ
Firewalls Netasq Security Management by NETASQ 1. 0 M a n a g e m e n t o f t h e s e c u r i t y b y N E T A S Q 1 pyright NETASQ 2002 Security Management is handled by the ASQ, a Technology developed
More informationRequest for Comments: 1788 Category: Experimental April 1995
Network Working Group W. Simpson Request for Comments: 1788 Daydreamer Category: Experimental April 1995 Status of this Memo ICMP Domain Name Messages This document defines an Experimental Protocol for
More informationINCREASE NETWORK VISIBILITY AND REDUCE SECURITY THREATS WITH IMC FLOW ANALYSIS TOOLS
WHITE PAPER INCREASE NETWORK VISIBILITY AND REDUCE SECURITY THREATS WITH IMC FLOW ANALYSIS TOOLS Network administrators and security teams can gain valuable insight into network health in real-time by
More informationVirtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN
Virtual private network Network security protocols COMP347 2006 Len Hamey Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Public internet Security protocol encrypts
More informationIntroduction to Netflow
Introduction to Netflow Mike Jager Network Startup Resource Center mike.jager@synack.co.nz These materials are licensed under the Creative Commons Attribution-NonCommercial 4.0 International license (http://creativecommons.org/licenses/by-nc/4.0/)
More informationIP addressing and forwarding Network layer
The Internet Network layer Host, router network layer functions: IP addressing and forwarding Network layer Routing protocols path selection RIP, OSPF, BGP Transport layer: TCP, UDP forwarding table IP
More informationBITAG Publishes Report: Differentiated Treatment of Internet Traffic
1550 Larimer Street, Suite 168 Denver, CO. 80202 BITAG Publishes Report: Differentiated Treatment of Internet Traffic Denver, CO (October 8, 2015): Today, the Broadband Internet Technical Advisory Group
More informationTEIN2 Measurement and Monitoring Workshop. Bruce.Morgan@aarnet.edu.au
TEIN2 Measurement and Monitoring Workshop Bruce.Morgan@aarnet.edu.au Introduction Agenda TEIN2 Topology Network Monitoring Network Measurement Day 1 Session I: Introduction 09:00-09:30 Introduction to
More informationNetworks: IP and TCP. Internet Protocol
Networks: IP and TCP 11/1/2010 Networks: IP and TCP 1 Internet Protocol Connectionless Each packet is transported independently from other packets Unreliable Delivery on a best effort basis No acknowledgments
More informationOLD VULNERABILITIES IN NEW PROTOCOLS? HEADACHES ABOUT IPV6 FRAGMENTS
OLD VULNERABILITIES IN NEW PROTOCOLS? HEADACHES ABOUT IPV6 FRAGMENTS Eric Vyncke (@evyncke) Cisco Session ID: ARCH W01 Session Classification: Advanced Agenda Status of WorldWide IPv6 Deployment IPv6 refresher:
More informationAPPLICATION NOTE 209 QUALITY OF SERVICE: KEY CONCEPTS AND TESTING NEEDS. Quality of Service Drivers. Why Test Quality of Service?
QUALITY OF SERVICE: KEY CONCEPTS AND TESTING NEEDS By Thierno Diallo, Product Specialist With the increasing demand for advanced voice and video services, the traditional best-effort delivery model is
More informationBarracuda Intrusion Detection and Prevention System
Providing complete and comprehensive real-time network protection Today s networks are constantly under attack by an ever growing number of emerging exploits and attackers using advanced evasion techniques
More informationMiddleboxes. Firewalls. Internet Ideal: Simple Network Model. Internet Reality. Middleboxes. Firewalls. Globally unique idenpfiers
Ideal: Simple Network Model Middleboxes Jennifer Rexford COS 461: Computer Networks Lectures: MW 10-10:50am in Architecture N101 hgp://www.cs.princeton.edu/courses/archive/spr12/cos461/ Globally unique
More informationAnalysis of Network Packets. C DAC Bangalore Electronics City
Analysis of Network Packets C DAC Bangalore Electronics City Agenda TCP/IP Protocol Security concerns related to Protocols Packet Analysis Signature based Analysis Anomaly based Analysis Traffic Analysis
More informationIntroduction. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross
Introduction Abusayeed Saifullah CS 5600 Computer Networks These slides are adapted from Kurose and Ross Roadmap 1.1 what is the Inter? 1.2 work edge end systems, works, links 1.3 work core packet switching,
More informationNetwork Address Translation (NAT) Good Practice Guideline
Programme NPFIT Document Record ID Key Sub-Prog / Project Infrastructure Security NPFIT-FNT-TO-IG-GPG-0011.06 Prog. Director Chris Wilber Status Approved Owner James Wood Version 2.0 Author Mike Farrell
More informationGuidance Regarding Skype and Other P2P VoIP Solutions
Guidance Regarding Skype and Other P2P VoIP Solutions Ver. 1.1 June 2012 Guidance Regarding Skype and Other P2P VoIP Solutions Scope This paper relates to the use of peer-to-peer (P2P) VoIP protocols,
More information