Professional Documents
Culture Documents
Week 08
Week 08
Week 08
Week 08
Professor Tahir Sabtain Syed
Security Through Network Technologies
2
Security Through Network Technologies
3
Security Through Network Technologies
4
Private IP addresses
5
Security Through Network Technologies (cont’d.)
Advantages of NAT
Masks IP addresses of internal devices
Allows multiple devices to share smaller number of
public IP addresses
6
Security Through Network Technologies (cont’d.)
7
Network access control framework
8
Common Network Protocols
Protocols
Rules of conduct and communication
Essential for proper communication between network
devices
Transmission Control Protocol/Internet Protocol
(TCP/IP)
Most common protocol suite used for local area
networks and the Internet
9
Common Network Protocols (cont’d.)
IP
Protocol that functions primarily at Open Systems
Interconnection (OSI) Network Layer (Layer 3)
TCP
Transport Layer (Layer 4) protocol
Establishes connections and reliable data transport
between devices
TCP/IP uses a four layer architecture
Network Interface, Internet, Transport, Application
10
OSI model vs. TCP/IP model
11
Internet Control Message Protocol (ICMP)
ICMP
One of the core protocols of TCP/IP
Used by devices to communicate updates or error
information to other devices
ICMP is commonly used by network administrators
and diagnostic tools (such as the ping command) to
test the reachability of a host and measure the round-
trip time for packets to travel from the source to the
destination and back.
12
Common ICMP code values for Type 3, Destination Unreachable
13
Simple Network Management Protocol (SNMP)
14
Simple Network Management Protocol (cont’d.)
15
Domain Name System (DNS)
DNS
A TCP/IP protocol that maps IP addresses to their
symbolic name
Database with name of each site and corresponding
IP number
Database is distributed to many different servers on
the Internet
16
Domain Name System (cont’d.)
DNS can be the focus of attacks
DNS poisoning substitutes fraudulent IP address
Can be done in local host table or external DNS server
Latest edition of DNS software prevents DNS poisoning
Zone transfer allows attacker access to network,
hardware, and operating system information
Port 53 – DNS Server zone transfers
Port 67 – Client to Server DNS traffic
17
File Transfer Protocols
TCP/IP protocols used for transferring files
File
transfer protocol (FTP)
Secure transfer protocol (SCP)
18
File Transfer Protocols (cont’d.)
FTP vulnerabilities – Ports 20 & 21
Does not use encryption
Files transferred using FTP vulnerable to man-in-the-
middle attacks
Secure transmission options over FTP – Port
115
Secure sockets layer (FTPS) encrypts commands
Secure FTP (SFTP)
19
File Transfer Protocols (cont’d.)
Secure Copy Protocol (SCP) – Port 22
Enhanced version of Remote Copy Protocol
Encrypts files and commands
File transfer cannot be interrupted and resumed
Found mainly on Linux and UNIX platforms
20
IPv6
Current version of IP protocol is version 4 (IPv4)
Developed in 1981
Number of available IP address is limited to 4.3 billion
Number of internet connected devices will grow beyond this
number
Has security weaknesses
Internet Protocol version 6 (IPv6)
Nextgeneration of IP protocol
Addresses weaknesses of IPv4
21
IPv4 and IPv6 headers
22
IPv6 (cont’d.)
IPv6 (cont’d.)
Provides enhanced security features
Cryptographic protocols
New authentication headers prevent IP packets from being
altered
23
Comparison of IPv4 and IPv6 headers 24
Telnet
Protocol that allows users to establish a text-
based, bidirectional communication session with
another device over a network.
Commonly used for remote management of devices
insecure because it transmits data, including
usernames and passwords, in plain text.
susceptible to interception and unauthorized access.
25
Telnet
Remote Administration: Telnet is often used for
remote management of network devices, routers,
switches, and servers.
Troubleshooting: Network administrators and
technicians use Telnet for troubleshooting and
diagnosing network issues by accessing remote
devices.
Telnet is often replaced with more secure alternatives,
such as Secure Shell (SSH), which encrypts the
communication between the client and server
26
NetBIOS
Network Basic Input/output System, is a networking
protocol used in early versions of Microsoft Windows
operating systems.
It provides communication services on a local area
network (LAN) and allows applications on different
computers to communicate with each other.
NetBIOS enables the identification of devices on a
network by providing a name resolution service.
Each device on the network has a NetBIOS name,
allowing applications to refer to other devices by
name rather than by IP address.
27
NetBIOS
NetBIOS operates at the session layer (Layer 5)
of the OSI model. It establishes and terminates
sessions between devices, facilitating
communication.
NetBIOS can operate in both connection-
oriented and connectionless modes. In the
connection-oriented mode, a logical connection
is established before data transfer, similar to a
traditional telephone call. In connectionless
mode, data is sent without prior setup.
28