OSI Model Routing Connection-oriented/Connectionless Network Services.
-
Upload
sabrina-haynes -
Category
Documents
-
view
230 -
download
0
Transcript of OSI Model Routing Connection-oriented/Connectionless Network Services.
Source Destination
Application Layer
Presentation Layer
Session Layer
Transport Layer
Network Layer
Data Link Layer
Physical Layer
Application Layer
Presentation Layer
Session Layer
Transport Layer
Network Layer
Data Link Layer
Physical LayerNetwork
7 - Application Layer
6 - Presentation Layer
5 - Session Layer
4 - Transport Layer
3- Network Layer
2 - Data Link Layer
1- Physical Layer
Supports transmission from services
Uses: ftp, NFS, telnetUnit: message
Provides data translation
Uses: encryption, compressionUnit: message
Maintains connectivity until task completion
Uses: RPC, netBIOSUnit: message
Partitions/reconstructs message
Uses/standards: TCP, UDPUnit: segment
Delivers from logical device to logical device
Uses/standards: IP, IPX, AppletalkUnit: packet
Delivers from physical device to device
Uses/standards: Ethernet, FDDI, T1Unit: frame
Transmits raw data through net equipment
Uses/standards: RS-232, 802.11Unit: bit
IDS
firewall
router
bridgeswitch
repeater
Source: • receive frame from data link• transmit as raw bits
Wires & connections
Signal levels
Repeaters and hubs (amplifiers/splitters)
Frame stupid
Logical link control
Destination: • checks frames for integrity
• reconstruct packet from frame(s)
Media Access Control (MAC) addresses
Bridges and switches (connect by MAC)
Source: • wraps packet within a frame• forward frame to physical layer
FrameFrame
preamble8 bytes to establish start of communication
header14 bytes including sourceMAC, destination MAC, frame length, frame type
data (payload)46 to 1500 bytes
CRC4 byte cyclic redundancy check
MAC address - 6 bytes
this machine: 00:0d:93:87:80:1000:0d:93:87:80:10
broadcast:
Packets find their way through the network
Destination: • packets received only if the logical device address matches the packet• strip away frame header & CRC
Routers select network path based on logical address of destination
Source: • wraps segment into a packet• packet must contain network (IP) address
Bridges vs. Routers
• An IPv4 address consists of 4 octets.
• The range of an octet is 0 through 255.
Class 1st Octet Subnet Mask Available Addresses
A 1 - 127
B 128 - 191
C 192 - 223
D 224 - 255 reserved for broadcast
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
10.2.2.1 10.2.2.2 10.2.2.1 10.2.3.1
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
QuickTime™ and aTIFF (LZW) decompressor
are needed to see this picture.
Handles message partitioning/reconstructing
Destination: • gathers together segments identified by their sequence numbers
Examples:TCP - Transport Control ProtocolUDP - User Datagram ProtocolSPX - for IPXATP - for AppleTalk
Source: • accepts message from session layer• partitions message into sequence of
segments (will fit into frame)
Maintains the complete “conversation”
Destination: • listens & directs from port to service• maintains service integrity (e.g. directing to proper window of web browser)
Source: • attaches proper port address
performs encryption/decryption if needed.
note: headers are added later so not encrypted
typical services: SNMP, FTP, telnet, SMTP
A router connects logical networks.
Its purpose is to route packets between subnets.
Routing is performed according to routing tables.
Four types of routers static distance vector link state label switching
Static RoutingStatic RoutingThe routing table is manually configured.The routing table is manually configured.
• simple• efficient routing• good security (if properly configured)• requires the most maintenance
Distance Vector RoutingDistance Vector RoutingThe table is built from Routing Information Protocol.The table is built from Routing Information Protocol.
• oldest, most popular, routing• tables rely upon “advertised” hop information
• distance vector used to determine “best” routes • vulnerable to spoofing
Link State RoutingLink State RoutingThe table is built from Link State Protocol.The table is built from Link State Protocol.
• LSP sends actual hop data.• LSP frames can be requested from other routers• uses some authentication (password & MD)
Label Switching RoutingLabel Switching RoutingThe table is built from Multiprotocol Label SwitchingThe table is built from Multiprotocol Label Switching
• MPLS faster by permitting by using MAC• packets include label(s) of routing info
• route efficiency (not just hop count) is used • standards?
An issue of transport layer “etiquette”
Parties must “shake hands” before communicating.
TCP handshake
Connection-oriented
source dest.
syn = , ack =
syn = , ack =
syn = , ack =
syn flood attack
Q: How could a firewall block incoming traffic & still allow acks? A:
Port/protocol Service Purpose
20 / tcp ftp data transfers file content
21 / tcp ftp transfers ftp commands
22 / tcp ssh secure shell (remote access)
23 / tcp telnet remote computer login
25 / tcp smtp email delivery
43 / tcp whois Internet domain lookup
80 / tcp http web browser
110 / tcp pop pop email service
119 / tcp nntp network news
143 / tcp imap imap email service
161 / udp snmp remote system management
443 / tcp ssl secure socket layer (tunnel)
445 / tcp smb MS network file system
593 /tcp MS-RPC
MS remote procedure call
1433 / tcp MS-SQL MS SQL server
1521 Oracle Oracle SQL server
• Ports 0-1023 statically assigned
• Ports 1024-65535 - upper ports can be dynamically assigned
• Vulnerability: dynamic port assignment
• A defense: