networking overview
play

Networking Overview CS 161: Computer Security Prof. Vern Paxson - PowerPoint PPT Presentation

Jan 07, 2024 •128 likes •725 views

Networking Overview CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman, Mobin Javed, Antonio Lupher, Paul Pearce & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ February 5, 2013 Focus For Today s Lecture

  1. Networking Overview CS 161: Computer Security Prof. Vern Paxson TAs: Jethro Beekman, Mobin Javed, Antonio Lupher, Paul Pearce & Matthias Vallentin http://inst.eecs.berkeley.edu/~cs161/ February 5, 2013

  2. Focus For Today ʼ s Lecture • Sufficient background in networking to then explore security issues in next ~3 lectures – Networking = the Internet • Complex topic with many facets – We will omit concepts/details that aren’t very security- relevant – We’ll mainly look at IP, TCP, DNS (and later DHCP) • Networking is full of abstractions – Goal is for you to develop apt mental models / analogies – ASK questions when things are unclear o (but we may skip if not ultimately relevant for security, or postpone if question itself is directly about security) 2

  3. Key Concept #1: Protocols • A protocol is an agreement on how to communicate • Includes syntax and semantics – How a communication is specified & structured o Format, order messages are sent and received – What a communication means o Actions taken when transmitting, receiving, or timer expires • E.g.: making a comment in lecture? 1.Raise your hand. 2.Wait to be called on. 3.Or: wait for speaker to pause and vocalize 4.If unrecognized (after timeout): vocalize w/ “excuse me” 3

  4. Key Concept #2: Dumb Network • Original Internet design: interior nodes (“routers”) have no knowledge* of ongoing connections going through them • Not : how you picture the telephone system works – Which internally tracks all of the active voice calls • Instead: the postal system! – Each Internet message (“packet”) self-contained – Interior “routers” look at destination address to forward – If you want smarts, build it “ end-to-end ”, not “hop-by-hop” – Buys simplicity & robustness at the cost of shifting complexity into end systems * Today’s Internet is full of hacks that violate this 4

  5. Self-Contained IP Packet Format IP = Internet Protocol 4-bit 8-bit 4-bit 16-bit Total Length (Bytes) Header Type of Service Version Length (TOS) 3-bit 16-bit Identification 13-bit Fragment Offset Header is like a is like a Header Flags letter envelope: letter envelope: 8-bit Time to contains all info contains all info 8-bit Protocol 16-bit Header Checksum Live (TTL) needed for needed for delivery delivery 32-bit Source IP Address 32-bit Destination IP Address Payload (remainder of message) . . . . .

  6. Key Concept #2: Dumb Network • Original Internet design: interior nodes (“routers”) have no knowledge* of ongoing connections going through them • Not : how you picture the telephone system works – Which internally tracks all of the active voice calls • Instead: the postal system! – Each Internet message (“packet”) self-contained – Interior routers look at destination address to forward – If you want smarts, build it “ end-to-end ”, not “hop-by-hop” – Buys simplicity & robustness at the cost of shifting complexity into end systems * Today’s Internet is full of hacks that violate this 6

  7. Key Concept #3: Layering • Internet design is strongly partitioned into layers – Each layer relies on services provided by next layer below … – … and provides services to layer above it • Analogy: – Consider structure of an Code You Write application you’ve written Run-Time Library and the “services” each System Calls layer relies on / provides Magnetic Domains } Device Drivers Fully isolated Voltage Levels / from user programs 7

  8. Internet Layering (“Protocol Stack”) Note on a point of potential confusion: these diagrams are always drawn with lower layers below higher layers … 7 Application But diagrams showing the layouts of packets 4 Transport are often the opposite , with the lower layers at the top since their headers precede those 3 (Inter)Network for higher layers Link 2 1 Physical 8

  9. Horizontal View of a Single Packet First bit transmitted Link (Inter)Network Transport Application Data: structure Layer Layer Header Layer depends on the application Header (IP) Header … 9

  10. Vertical View of a Single Packet Link Layer Header First bit transmitted (Inter)Network Layer Header (IP) Transport Layer Header Application Data: structure depends on the application . . . . . . 10 .

  11. Internet Layering (“Protocol Stack”) 7 Application 4 Transport 3 (Inter)Network Link 2 1 Physical 11

  12. Layer 1: Physical Layer 7 Application 4 Transport Encoding bits to send them over a single physical link 3 (Inter)Network e.g. patterns of Link 2 voltage levels / photon intensities / 1 Physical RF modulation 12

  13. Layer 2: Link Layer Framing and transmission of a collection of bits into individual messages sent across a 7 Application single “subnetwork” (one physical technology) 4 Transport 3 (Inter)Network Might involve multiple physical Link 2 links (e.g., modern Ethernet) 1 Physical Often technology supports broadcast transmission ( every “node” connected to subnet receives) 13

  14. Layer 3: (Inter)Network Layer (IP) Bridges multiple “subnets” to provide end-to-end internet connectivity between nodes 7 Application • Provides global addressing 4 Transport Works across different link 3 (Inter)Network technologies } Link 2 Different for each Internet “hop” 1 Physical 14

  15. Layer 4: Transport Layer End-to-end communication between processes 7 Application Different services provided: TCP = reliable byte stream 4 Transport UDP = unreliable datagrams 3 (Inter)Network ( Datagram = single packet message) Link 2 1 Physical 15

  16. Layer 7: Application Layer Communication of whatever you wish 7 Application Can use whatever transport(s) is convenient 4 Transport 3 (Inter)Network Freely structured Link 2 E.g.: 1 Physical Skype, SMTP (email), HTTP (Web), Halo, BitTorrent 16

  17. Internet Layering (“Protocol Stack”) } Implemented only at hosts, 7 Application not at interior routers 4 Transport (“dumb network”) 3 (Inter)Network Link 2 1 Physical 17

  18. Internet Layering (“Protocol Stack”) 7 Application 4 Transport } 3 (Inter)Network Link 2 Implemented everywhere 1 Physical 18

  19. Internet Layering (“Protocol Stack”) 7 Application 4 Transport } 3 (Inter)Network ~Same for each Internet “hop” } Link 2 Different for each Internet “hop” 1 Physical 19

  20. Hop-By-Hop vs. End-to-End Layers Host A communicates with Host D Host C Host D Host A Router 1 Router 2 Router 3 Router 5 Host B Host E Router 7 Router 6 Router 4 20

  21. Hop-By-Hop vs. End-to-End Layers Host A communicates with Host D Host C Host D Host A E.g., Ethernet Router 1 Router 2 Router 3 E.g., Wi-Fi Router 5 Host B Host E Router 7 Router 6 Router 4 Different Physical & Link Layers (Layers 1 & 2) 21

  22. Hop-By-Hop vs. End-to-End Layers Host A communicates with Host D Host C Host D Host A Router 1 Router 2 Router 3 Router 5 E.g., HTTP over TCP over IP Host B Host E Router 7 Router 6 Router 4 Same Network / Transport / Application Layers (3/4/7) (Routers ignore Transport & Application layers) 22

  23. Layer 3: (Inter)Network Layer (IP) Bridges multiple “subnets” to provide end-to-end internet connectivity between nodes 7 Application • Provides global addressing 4 Transport Works across different link 3 (Inter)Network technologies Link 2 1 Physical 23

  24. IP Packet Structure 4-bit 8-bit 4-bit 16-bit Total Length (Bytes) Header Type of Service Version Length (TOS) 3-bit 16-bit Identification 13-bit Fragment Offset Flags 8-bit Time to 8-bit Protocol 16-bit Header Checksum Live (TTL) 32-bit Source IP Address 32-bit Destination IP Address Options (if any) Payload

  25. IP Packet Structure 4-bit 8-bit 4-bit 16-bit Total Length (Bytes) Header Type of Service Version Length (TOS) 3-bit 16-bit Identification 13-bit Fragment Offset Flags Specifies the length of the entire 8-bit Time to IP packet: bytes in this header 8-bit Protocol 16-bit Header Checksum Live (TTL) plus bytes in the Payload 32-bit Source IP Address 32-bit Destination IP Address Options (if any) Payload

  26. IP Packet Structure 4-bit 8-bit 4-bit 16-bit Total Length (Bytes) Header Type of Service Version Length (TOS) 3-bit 16-bit Identification 13-bit Fragment Offset Flags Specifies how to interpret the start of the Payload , which is 8-bit Time to 8-bit Protocol 16-bit Header Checksum the header of a Transport Live (TTL) Protocol such as TCP or UDP 32-bit Source IP Address 32-bit Destination IP Address Options (if any) Payload

  27. IP Packet Structure 4-bit 8-bit 4-bit 16-bit Total Length (Bytes) Header Type of Service Version Length (TOS) 3-bit 16-bit Identification 13-bit Fragment Offset Flags 8-bit Time to 8-bit Protocol 16-bit Header Checksum Live (TTL) 32-bit Source IP Address 32-bit Destination IP Address Options (if any) Payload

  28. IP Packet Header (Continued) • Two IP addresses – Source IP address (32 bits) – Destination IP address (32 bits) • Destination address – Unique identifier/locator for the receiving host – Allows each node to make forwarding decisions • Source address – Unique identifier/locator for the sending host – Recipient can decide whether to accept packet – Enables recipient to send a reply back to source 28

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Networking By Destiney Plaza Overview What is networking Architecture Hardware

Networking By Destiney Plaza Overview What is networking Architecture Hardware

Networking By Destiney Plaza Overview What is networking Architecture Hardware Networking Details Topologies Build your own network Networking Connection between two or more devices How do humans

1.31k views • 79 slides
Networking By Destiney Plaza Overview What is networking Architecture Hardware

Networking By Destiney Plaza Overview What is networking Architecture Hardware

Networking By Destiney Plaza Overview What is networking Architecture Hardware Networking Details Topologies Build your own network Networking Connection between two or more devices How do humans

1.06k views • 74 slides
Docker Networking Workshop Agenda 1. Detailed Overview 2. Docker Networking Evolution 3. Use

Docker Networking Workshop Agenda 1. Detailed Overview 2. Docker Networking Evolution 3. Use

Docker Networking Workshop Agenda 1. Detailed Overview 2. Docker Networking Evolution 3. Use Cases Single-host networking with the Bridge driver Multi-host networking with the Overlay driver Connecting to existing VLANs with the

1.32k views • 93 slides
CS683- Security and Privacy: Overview of Computer Networking (1/2) Karim Eldefrawy

CS683- Security and Privacy: Overview of Computer Networking (1/2) Karim Eldefrawy

CS683- Security and Privacy: Overview of Computer Networking (1/2) Karim Eldefrawy keldefrawy@usfca.edu University of San Francisco A Good Text Book (if you need one) 1/24/18 Introduction 1-2 Networking Overview: Roadmap overview : our

1.34k views • 76 slides
Using Your Network 10-07-16 Networking & You What is networking? Benefits of

Using Your Network 10-07-16 Networking & You What is networking? Benefits of

Jordan Borrell Networking & Bioengineering Program Using Your Network 10-07-16 Networking & You What is networking? Benefits of networking. Who do I network with? Family/Friends/Neighbors School Connections

395 views • 14 slides
Networking Don Porter CSE 506 Networking (2 parts) Goals: Review networking basics

Networking Don Porter CSE 506 Networking (2 parts) Goals: Review networking basics

Networking Don Porter CSE 506 Networking (2 parts) Goals: Review networking basics Discuss APIs Trace how a packet gets from the network device to the application (and back) Understand Receive livelock and NAPI 4

761 views • 48 slides
An Overview of the Bio-Networking Architecture Jun Suzuki, Ph.D. jsuzuki@ics.uci.edu

An Overview of the Bio-Networking Architecture Jun Suzuki, Ph.D. jsuzuki@ics.uci.edu

An Overview of the Bio-Networking Architecture Jun Suzuki, Ph.D. jsuzuki@ics.uci.edu www.ics.uci.edu/~jsuzuki/ netresearch.ics.uci.edu/bionet/ Dept. of Information and Computer Science University of California, Irvine Overview

658 views • 39 slides
Social Networking (A Summary) Presented by Gerald Bauer JB Systems, LLC Networking In The

Social Networking (A Summary) Presented by Gerald Bauer JB Systems, LLC Networking In The

Social Networking (A Summary) Presented by Gerald Bauer JB Systems, LLC Networking In The Digital Age Welcome Overview: History of Networking 7 Minutes of Facebook 7 Minutes of Linked In 7 Minutes of Blogging 7 Minutes of Q&A

310 views • 30 slides
NAMED DATA NETWORKING (NDN) Named Data Networking NDN BRIEF HISTORY When the Networking was

NAMED DATA NETWORKING (NDN) Named Data Networking NDN BRIEF HISTORY When the Networking was

NAMED DATA NETWORKING (NDN) Named Data Networking NDN BRIEF HISTORY When the Networking was developed in the 60s and 70s Networking was mainly used for resource sharing. IP was the effective communication protocol in place.

484 views • 29 slides
NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3

CMPS122: COMPUTER SECURITY NETWORKING ATTACKS NETWORKING ATTACKS NOTICES Lab #2 extended to Feb. 17 @ 23:59 HW #3 due tonight NETWORKING ATTACKS LAST TIME TCP/IP networking stack Physical layer Data link layer Network

1.1k views • 61 slides
Networking 192.168.1. 101 By: Vince Disclaimer I am NOT a Networking expert you might ask

Networking 192.168.1. 101 By: Vince Disclaimer I am NOT a Networking expert you might ask

Networking 192.168.1. 101 By: Vince Disclaimer I am NOT a Networking expert you might ask questions that I dont know the answer to Networking is hard to teach but I know how to do your homeworks so that counts for something,

780 views • 52 slides
CS683 - Security and Privacy: Reviewing Computer Networking (2/2) Karim Eldefrawy

CS683 - Security and Privacy: Reviewing Computer Networking (2/2) Karim Eldefrawy

CS683 - Security and Privacy: Reviewing Computer Networking (2/2) Karim Eldefrawy keldefrawy@usfca.edu Universit of San Francisco Overview of Networking, TCP/IP Stack, ARP, IP 1 Networking Concepts Protocol Architecture (Stack or Suite)

1.59k views • 57 slides
Computer Networking NETWORKING Computer Networking Computer network is like a phone system

Computer Networking NETWORKING Computer Networking Computer network is like a phone system

Computer Networking NETWORKING Computer Networking Computer network is like a phone system for computers, data call Basic outline is surprisingly simple, complex details Worth knowing .. using all the time The details of

424 views • 6 slides
Multimedia Communications @CS.NCTU Lecture 1: Networking Overview Instructor: Kate Ching-Ju Lin (

Multimedia Communications @CS.NCTU Lecture 1: Networking Overview Instructor: Kate Ching-Ju Lin (

Multimedia Communications @CS.NCTU Lecture 1: Networking Overview Instructor: Kate Ching-Ju Lin ( ) Slides modified from Computer Networking: A Top-Down Approach 6th Edition Outline Whats the Internet? Whats a

1.19k views • 71 slides
Networking Tapping the Hidden Job Market n How are jobs

Networking Tapping the Hidden Job Market n How are jobs

Networking Tapping the Hidden Job Market n How are jobs found? n Networking Tools n Networking Guidelines n Networking Process n Networking Mee?ngs 1

576 views • 22 slides
Networking Patrick Cardwell James Lowrey Blaine Morbitzer Overview Transmission protocol

Networking Patrick Cardwell James Lowrey Blaine Morbitzer Overview Transmission protocol

Networking Patrick Cardwell James Lowrey Blaine Morbitzer Overview Transmission protocol UDP, TCP Game Networking Architecture Server/Client Interactions Client-side prediction, Interpolation, Lag Compensation

606 views • 39 slides
N e u r a l M o d e l s f o r M u l t i - S e n s o r I n t e g r

N e u r a l M o d e l s f o r M u l t i - S e n s o r I n t e g r

Department of Informatics Intelligent Robotics WS 2016/17 28.11.2016 N e u r a l M o d e l s f o r M u l t i - S e n s o r I n t e g r a t i o n i n R o b o t i c s Josip Josifovski

558 views • 18 slides
SPIE/IS&T Electronic Imaging, San Francisco, 25 January 2012 cover objects stego objects

SPIE/IS&T Electronic Imaging, San Francisco, 25 January 2012 cover objects stego objects

adk @ cs.ox.ac.uk Department of Computer Science, Oxford University pevnak @ gmail.com Agent Technology Center, Czech Technical University in Prague SPIE/IS&T Electronic Imaging, San Francisco, 25 January 2012 cover objects stego objects

336 views • 19 slides
Automatic Data Analysis in Visual Analytics Selected Methods Multimedia Information Systems 2

Automatic Data Analysis in Visual Analytics Selected Methods Multimedia Information Systems 2

Automatic Data Analysis in Visual Analytics Selected Methods Multimedia Information Systems 2 VU (SS 2015, 707.025) Vedran Sabol Know-Center March 15 th , 2016 MMIS2 - Knowledge Discovery March 15th, 2016 Vedran Sabol (KTI/TU Graz,

770 views • 62 slides
HTTP Web eb and d URLs Web page consists of objects Addressable by a URL Can be HTML

HTTP Web eb and d URLs Web page consists of objects Addressable by a URL Can be HTML

HTTP Web eb and d URLs Web page consists of objects Addressable by a URL Can be HTML file, JPEG image, Java applet, audio file, Bound to a host name and a path name within host www.someschool.edu/someDept/pic.gif path name

1.19k views • 75 slides
AMS RTI Q. Yan / IHEP V. Choukto / MIT RTI Introduction 1: RTI record each second AMS global

AMS RTI Q. Yan / IHEP V. Choukto / MIT RTI Introduction 1: RTI record each second AMS global

AMS RTI Q. Yan / IHEP V. Choukto / MIT RTI Introduction 1: RTI record each second AMS global status, which include all pass4 data taking 2: RTI mainly used for exposure time calculation for flux and detector performance 3: The class

427 views • 14 slides
MulticoreBSP for C a high-performance library for shared-memory parallel programming Albert-Jan

MulticoreBSP for C a high-performance library for shared-memory parallel programming Albert-Jan

MulticoreBSP for C a high-performance library for shared-memory parallel programming Albert-Jan Yzelman, Rob H. Bisseling, D. Roose, and K. Meerbergen. 2nd of July 2013 at the International Symposium on High-level Parallel Programming and

730 views • 53 slides
Ve Vector tor Pr Prog ogrammi ramming ng Using ing St Structural uctural Rec ecursion

Ve Vector tor Pr Prog ogrammi ramming ng Using ing St Structural uctural Rec ecursion

Ve Vector tor Pr Prog ogrammi ramming ng Using ing St Structural uctural Rec ecursion ursion An Intr An trod oduc uction on to Ve Vector ors s for Be Beginne ners rs Marco T. Morazn Seton Hall University Do you remember

929 views • 48 slides
Unit 4: Inference for numerical variables Lecture 1: Bootstrap, paired, and two sample Statistics

Unit 4: Inference for numerical variables Lecture 1: Bootstrap, paired, and two sample Statistics

Unit 4: Inference for numerical variables Lecture 1: Bootstrap, paired, and two sample Statistics 101 Thomas Leininger June 4, 2013 Bootstrap & Randomization testing Rent in Durham - bootstrap interval The dot plot below shows the

387 views • 27 slides

More recommend