Distributed Denial of Service Attacks (DDoS) Christos Papadopoulos.
CS551: Computer Communications Fall 2002 Christos Papadopoulos (
-
Upload
raymond-boone -
Category
Documents
-
view
214 -
download
0
Transcript of CS551: Computer Communications Fall 2002 Christos Papadopoulos (
![Page 1: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/1.jpg)
CS551:Computer Communications
Fall 2002
Christos Papadopoulos(http://netweb.usc.edu
/cs551/)
![Page 2: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/2.jpg)
Admin Stuff
• Class web page will be complete soon– http://netweb.usc.edu/cs551/
• No class Monday (labor day)• Ns and nam tutorial on Wed
– Padma Haldar from ISI– Will host students from Tue section
• Watch out for easy first homework and possible warm-up socket programming assignment
![Page 3: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/3.jpg)
Course Topics (Tentative)
• Introduction• Design principles• Unicast routing• TCP and
congestion• Wireless systems
• Web issues• Integrated and
differentiated services
• Multicast routing• Multicast
applications• Current Topics
![Page 4: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/4.jpg)
Focus of the Class
• Protocols and mechanisms– We will not deal with how bits move
in physical media - you did this in your undergrad class
• We will deal with:– Protocol rules and algorithms– Investigate mechanism tradeoffs– Why this way and not another?
![Page 5: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/5.jpg)
The Internet, Circa 1969
![Page 6: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/6.jpg)
A Recent Internet ISP Map
![Page 7: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/7.jpg)
The Internet, on a Poster, Circa 2000
[data courtesy of UCSD’s caida]
![Page 8: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/8.jpg)
Internet Development Mantra
Quote from a t-shirt commonly worn at IETF meetings:
“We reject kings, presidents and voting. We believe in rough consensus and running code.” (Dave Clark)
![Page 9: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/9.jpg)
Glimpses of the Future?
http://www.picoweb.net/(an 8-bit web server with Ethernet)
UCB mote:an 8-bit sensor nodewith non-IP basednetworking
a sensor network(tracking the truck)
![Page 10: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/10.jpg)
Some Definitions
• Host: computer, PDA, light switch, ...• Link: path followed by bits.
– Wire or wireless.– Broadcast or switched (or both).
• Switch: moves bits between links.– Packet switching: stateless,
store&forward.– Circuit switching: stateful, cut through.
![Page 11: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/11.jpg)
Networks
…
Point-to-Point
Multiple Access
…Wireless
![Page 12: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/12.jpg)
Switched Networks
– Two or more nodes connected by a link, or
– two or more networks connected by two or more nodes
• A network can be defined recursively as...
![Page 13: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/13.jpg)
What Is the Problem?
![Page 14: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/14.jpg)
What Is the Problem?
![Page 15: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/15.jpg)
But What to Scale?Always define what kind of“scale” you mean
– Number of hosts, globally routable– Network should support many link layers– Geographic distance– Many versions of software, hardware
technologies– Range of bandwidths– Different application needs (QoS, etc)– Levels of trust / administrative boundaries– Range of price points for hardware
Lots of dimensions of “scaling” to consider
![Page 16: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/16.jpg)
Applications Rule!
• Sometimes easy to forget in this course
• Aside: What are the implications of global connectivity?– Technological issues– Societal issues– Economic issues– Security issues– etc
![Page 17: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/17.jpg)
Application Considerations
• Application input to network– Traffic data rate– Traffic pattern (bursty or constant bit
rate)– Traffic target (multipoint or single
destination, mobile or fixed)• Network service delivered to
application– Delay sensitivity– Loss sensitivity
![Page 18: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/18.jpg)
Reliable File Transfer
• Loss sensitive• Not delay sensitive relative to
round trip times• Point-to-point or multipoint• Bursty
![Page 19: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/19.jpg)
Remote Login
• Loss sensitive• Delay sensitive
– Subject to interactive constraints– Can tolerate up to several hundreds
of milliseconds
• Bursty• Point to point
![Page 20: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/20.jpg)
Network Audio
• Relatively low bandwidth– Digitized samples, packetized
• Delay variance sensitive• Loss tolerant• Possibly multipoint, long duration
sessions– Natural limit to number of
simultaneous senders
![Page 21: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/21.jpg)
Network Video
• High bandwidth• Compressed video, bursty• Loss tolerance function of compression• Delay tolerance a function of
interactivity• Possibly multipoint• Larger number of simultaneous
sources
![Page 22: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/22.jpg)
Web
• Transactional traffic– Short requests, possibly large
responses
• Loss (bug?) tolerant• Delay sensitive
– Human interactivity
• Point-to-point (multipoint is asynchronous)
![Page 23: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/23.jpg)
Disruptive Applications
• Applications that “disrupt” business as usual
• Not easy to predict: multicast case in point
• Web was arguably the first, and not many saw that coming
• Napster is the poster child• Gnutella, Kazaa, Morpheus (?)• Others? What’s next?
![Page 24: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/24.jpg)
The Global Network
![Page 25: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/25.jpg)
Getting Started
• Host configuration• Network configuration• ISP• Computers meeting computers• Computers exchanging data
![Page 26: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/26.jpg)
An ISP
• ISP needs:– a (big?) block of addresses– connections to one or more other ISPs,
peerings– multiple routers, probably at exchange points– servers for your users: mail, web, etc– servers for you: monitoring, etc– competent network admins (recommended)– an AUP (Acceptable Use Policy)– a lawyer
![Page 27: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/27.jpg)
What Is….
• Structure• Metrics• Failure modes• Functions
![Page 28: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/28.jpg)
Idealized Network Structure
Backbones
Regionals
Campus LANs
![Page 29: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/29.jpg)
How Do Computers Find Each Other?
Internet
Computer1 Computer 2
![Page 30: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/30.jpg)
What Are the Different Kinds of Addresses?
• Have domain name (e.g., www.usc.edu)– Global, human readable name
• DNS translates name to IP address (e.g. 128.125.19.146)– Global, understood by all networks
• Finally, we need local net address– e.g., Ethernet (08-00-2c-19-dc-45)– Local, works only on a particular network
![Page 31: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/31.jpg)
Domain Naming System (DNS)
Local DNS server
What’s the IP address for www.usc.edu?
Computer 1
It is 128.125.19.146
DNS address manually configured into OS
![Page 32: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/32.jpg)
Finding Ether Address:Address Resolution (ARP)
Ethernet
Broadcast: who knows the Ethernet address for 128.125.51.41?
Ethernet
Broadcast: I do, it is08-00-2c-19-dc-45
![Page 33: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/33.jpg)
Sending a Packet Through the Internet
R
R
R
RRHH
H
H
H
R
RH
R
Routers send packet to next closest point
H: Hosts
R: Routers
![Page 34: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/34.jpg)
How Do the Routers Know Where to Send Data?
• Forwarding tables at each router populated by routing protocols.
• Original internet: manually updated.• Routing protocols update tables
based on “cost.”– Exchange tables with neighbors or
everyone.– Use neighbor leading to shortest path.
![Page 35: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/35.jpg)
Network Metrics
• Bandwidth– Transmission capacity (a.k.a. How
many bits can fit in a section of a link?)
• Delay– queueing delay– Propagation delay (limited by c)
• Delay-bandwidth product– Important for control algorithms
![Page 36: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/36.jpg)
Network Failures
• Packet loss– Queue overflows– Line noise
• Node or link failures• Routing transients or failures
![Page 37: CS551: Computer Communications Fall 2002 Christos Papadopoulos (](https://reader035.fdocuments.us/reader035/viewer/2022062517/56649ec65503460f94bd2032/html5/thumbnails/37.jpg)
Engineering Trade-offs
Network can be engineered to provide:
• Reliability• Low delay• Cost
Pick any two