Professional Documents
Culture Documents
Telecommunications
Domain #7
Physical
Datalink
Network
Transport
Session
Presentation
Application
Routing
Dynamic
RIP I
RIP II
OSPF
BGP
Cabling Type - TP
Copper-based
Two major types
UTP
Least secure
Susceptible to EMI, cross-talk, and eavesdropping
Less security than fiber or coaxial
Most commonly used today
STP
Extra outer foil shielding
Single mode
Faster speeds available but more $ and delicate
Signal Issues
Attenuation
Interference from environment
Cable runs are too long
Poor quality cable
Cross Talk
Signals radiate from a wire and interfere with
other wires
Data corruption
More of a problem with UTP
Transmission Types
Analog
Carrier signal used to move data
Signal works at different frequencies
Used in broadband networks
Digital
Discrete units of voltage
Moves data in binary representation
Cleaner signal compared to analog
Encoding Techniques
Parameter
AM
FM
Digital
Signal-tonoise ratio
Cost
Low
Moderate
High
Moderate
Moderate
High
Performance Moderate
Excellent
Excellent
over time
Installation
Adjustments No
No
required
adjustments adjustments
Synchronous or Asynchronous
Sync
Prior agreement of data TX rules
Sending system sends a clocking pulse
Stop and start bits are not required
T-lines & optical lines use synchronous
Asynchronous
Must use start/stop bits
Dial-up connections use asynchronous
Broadband or Baseband
Baseband
TX media only uses one channel
Digital signaling
Used over TP or Coax
Broadband
Multiple channels
TXs more data at one time
Can use analog signaling
Used over coax or fiber (at 100Mbps or more)
Can carry video, audio, data, and images
Plenum Cable
Polyvinyl chloride can give off dangerous
chemicals if burned
Plenum rated cable is made of safe
fluoropolymers
Should be used in dropped ceilings and
raised floorings and other ventilation areas
Number of Receivers
Unicast
One system communicates to one system
Multicast
One system communicates to many systems
Class D addresses dedicated to this
Opt-in method (webcasts, streaming video)
Broadcast
One system communicates to all systems
Destination address contains specific values
Types of Networks
Local Area Network (LAN)
Limited geographical area
Ethernet and Token Ring
Network Terms
Internet
Network of networks providing a communication
infrastructure
The web runs on top of this Internet
infrastructure
Intranet
Employs Internet technology for internal use
HTTP, web browsers, TCP/IP
Network Terms
Extranet
Intranet type of network that allows specific
entities to communicate
Usually business partners and suppliers
B2B networks
Shared DMZ area or VPN over the Internet
Network Configuration
DMZ
Network segment that is between the protected
internal network and the external (non-trusted)
network
Creates a buffer zone
Systems in DMZ will be the 1st to come under
attack and must be properly fortified
Physical Layer
Network Topologies
Physical connection of system and devices
Architectural layout of network
Choice determined by higher level technologies
that will run on it
BUS
Nodes are connected to a backbone
through drops
Linear bus one cable with no branches
Tree network with branches
Easy to extend
Single node failure affects ALL participants
Cable is the single point of failure
Ring
Interconnection of nodes in circle
Each node is dependent upon the physical
connection of the upstream node
Data travels unidirectionally
One node failure CAN affect surrounding
nodes
Used more in smaller networks
Star
All computers are connected to central
device
Central device is single point of failure
No node-to-node dependencies
Mesh
Network using many paths between points
Provides transparent rerouting when links
are down
High degree of fault tolerance
Partial Mesh Not every link is redundant
Internet is an example
Media Access
Dictates how system will access the media
Frames packets with specific headers
Different media access technologies
CSMA
Token Ring
Polling
Access Points
Connects a wireless network to a wired
network
Devices must authenticate to the AP before
gaining access to the environment
AP works on a specific frequency that the
wireless device must tune itself to
Authenticating to the AP
Station sends probe to all channels looking
for the closest AP
AP will respond with the necessary
information and a request for credentials
If WEP key is required, AP sends a
challenge to the device and device encrypts
with key and send it back
If no WEP key, could request SSID value
and MAC value
Common Attacks
War Driving
Necessary Components
Antenna (omnidirectional is best)
Sniffers (TCPDump, Ethereal)
NetStumbler, AirSnort, or WEPCrack
Network name
SSID
MAC
Channel ID
WEP (yes or no)
Wireless Countermeasures
Enable WEP
Change default SSID and dont broadcast
Implement additional authentication
Control the span of the radio waves
Place AP in DMZ
Implement VPN for wireless stations
Configure firewall for known MAC and IP
TCP/IP Suite
TCP connection oriented transport layer
protocol that provides end-to-end reliability
IP connectionless network layer protocol
that provides the routing function
Includes other secondary protocols
Countermeasures
Static ARP, active monitoring, and IDS to detect
anomalies
ARP Poisoning
Insert bogus IP to MAC addressing mapping
in remote system
Misdirect traffic to attackers computer
Ideal scenario for man-in-the-middle attack
Other Protocols
FTP
TFTP
Telnet
Repeater Device
Hub Devices
Works at the physical layer
Connects several systems and devices
Also called multipoint
repeater/concentrators
All data is broadcast
No intelligence
Bridge Device
Functions at the data link layer
Extends a LAN by connecting similar or
dissimilar LANs
Filtering capabilities
Uses the MAC address
Forwards broadcast data
Transparent Ethernet
Source Routing Token Ring
Switch Device
Transfers connection from one circuit to
another
Faster than bridges
Originally made decisions based on MAC
Major functionality takes place at Data Link
Layer
Newer switches work at the Network layer
and use IP addresses
Router Device
Gateway Device
Translates different protocols or software
formats
Mail gateways allows for different mail
applications to communicate
Data gateways allow heterogeneous
clients and servers to communicate
Security gateways firewalls and perimeter
security devices
Firewall Characteristics
Packet Filtering
Simplest and least expensive
Screens with a set of ACL
Referred to as a Layer 3 device
Access depends on network and transport
layer information
Best in low-risk environments
1st generation firewall
Stateful Firewall
Makes access decisions based on IP
addresses, protocol commands, historical
comparisons, and contents of packet
Uses a state engine and state table
Monitor connection-oriented and
connectionless protocols
Expensive and complex to administer
3rd generation firewall
Firewall Placement
Segments internal network subnets and
sections to enforce the security policy
Acts as a choke point between trusted and
untrusted entities
Creates a DMZ
Could use screened host, dual-homed, or
screened subnet
Screened Host
Usual configuration is a router filtering for a
firewall
Reduces the amount of traffic the firewall
has to work with
Screening device is a filtering router
Screened host is the firewall
Dual Homed
Two or more interfaces
One interface for each network
Allows for one firewall to create more than
one DMZ
Forwarding and routing need to be turned
off or packets would not be inspected by
firewall software
All inbound traffic directed to the Bastion
Host, then proxied, and passed to 2 nd router
Screened Subnet
Buffer zone is created by implementing two
routers or two firewalls and this creating a
single DMZ
Provides the most protection out of the
three architectures because three devices
must be compromised before attacker can
get through to the internal network.
Point-to-Point Protocol
Moves digital data over telecommunications lines
Full duplex protocol
Can use synchronous and asynchronous
Authentication through
PAP
CHAP
EAP
Authentication Protocols
Password Authentication Protocol (PAP)
Authenticates remote users
Credentials are sent in plain text
EAP Authentication
Extensible Authentication Protocol
Allows for authentication protocols to be
added to give more flexibility
Supports multiple frameworks
Developed for PPP, but now used in LAN
and wireless authentication
VPN Technologies
Tunneling involves establishing and
maintaining a logical network connection
Packets are encapsulated within IP packets
and encryption is used for security
Voluntary tunneling client manages
connection setup
Compulsory tunneling carrier provider
manages connection setup
Dedicated Lines
Physical communication lines connecting
two locations
Usually more expensive than other options
Leased from larger service providers
T1 1.544 Mbps
T3 44.736 Mbps
Cable Modems
X.25
First WAN packet-switching technology
Considered a fat protocol because of error
detection and correction overhead
Has been replaced by frame relay
Virtual circuits are used
Customers share and pay for the same
network
Frame Relay
Fastest WAN packet-switching protocol
Path set up for two locations to
communicate
Path is permanently configured (PVC)
Could be dynamically built (SVC)
Customers are offered a dedicated rate of
flow (CIR)
Inexpensive with rates from 56K to T1
Multiplexing (MUX)
Receives data from different sources and
places on one communication line
Combines two or more channels onto one
transmission medium
Two types
FDM (used by broadband)
TDM (used by T1 and T3)
PBX Considerations
Not usually included in security assessment
Compromising and reconfiguring the
telephone switch by hackers
Attackers obtaining free long distance
Disclosure of sensitive information
Phreakers (telephone hackers)