Introduction to cyber security – Week 4, Networking and Communications

John

9 years ago

What is the internet?

Hierarchy of individual networks – from LANs to telephone networks.
A network of networks.
Two key design factors:

No central controlling computer. All machines would have the same authority.
Information should be deliverable along any route thereby being able to bypass machines which are unavailable. No distinct route required.

How data moves

Internet traffic is split up and may take any number of routes to get to its destination.
Each “message” is broken into datagrams, or packets, which have a recipient address, sender address and serial number.
When all the packets are received by the recipient they are then reassembled according to their serial number. Any broken or lost packets are re-requested from the sender.
One envelope and contents correspond to one datagram.

Envelope, called the header, contains send and recipient addresses plus unique number, date stamp and error checking information.
Contents, called the payload, is actual information being transmitted.

Movement of data

The domain name extension does not necessarily relate to the country where the website is hosted.
Additionally, heavily used websites may also be cached locally to save heavy traffic over long connections.

Wireless networks

Wi-fi used to connect machines on a local area network (LAN).
Each connected device referred to as a station with its own transmitter and receiver.
Device needs to know the service set identifier (SSID) of the network to join. Service set refers to set or wireless devices served by wireless LAN.

Packet sniffing

When datagrams/packets move between one router and another on their way from sender to recipient it is possible for them to be copied.
Packet sniffing can be used legitimately by law enforcement or to investigate network issues. It can also be used by someone illegally by running a piece of free software.

Security risks of wireless networking

Ensuring eavesdropper cannot convert packets into original message – confidentiality.
Malicious user can interpose between sender and recipient and modify or destroy the packets, this is called man-in-the-middle attack and compromises integrity of data.
Attacker can transmit lots of data on the wireless network flooding it, this is called Denial of Service (DoS) attack and compromises availability of the network.

Encryption

Used to ensure:

confidentiality – can only be decrypted using the same key used to encrypt message.
integrity – prevent messages from being modified.
authentication – help prove identities of sender and receiver.

Encryption in wi-fi

Most common method is to share key between nodes in network.
First mechanism was Wired Equivalent Privacy (WEP) – inherently weak, able to crack in couple of minutes.
Recommended mechanism – wi-fi Protected Access 2 (WPA2).

TCP/IP protocols

Transmission Control Protocol (TCP)
- Ensures data sent reliably over internet.
- Doesn’t actually send the data, that’s IP.
- Separates data over different ports including:
  - 20 – File Transfer Protocol (FTP) – send & receive files
  - 22 – Secure Shell (SSH) – secure logins
  - 25 – Simple Mail Transfer Protocol (SMTP) – send email
  - 80 – HyperText Transfer Protocol (HTTP) – browsing web pages
- Datagram contains TCP port number.
- TCP application on recipient computer reads port number and determines application to receive information.
- TCP on sender computer waits for acknowledgement that datagram has been received, if not then it resends.
Internet Protocol (IP)
- Wraps TCP datagram in IP datagram containing sender’s and recipient’s address plus other information.
- IP receives data, removes IP datagram then TCP checks contents and reorders before passing through port to appropriate application.
- IPv4
  - Four part number, each ranging from 0 to 255, separated by a “.”.
  - Number of connectable devices nearly exhausted number of IPv4 numbers.
- IPv6
  - Can support up to 3.4 * 10³⁸ devices.
  - Slow & complex process to migrate to IPv6.
  - IPv4 to IPv6 mapping used.
- Reserved IP numbers
  - Some kept for specific users or private networks.
    - 10.0.0.0 to 10.255.255.255
    - 169.254.0.0 to 169.254.255.255
    - 172.16.0.0 to 172.16.255.255
    - 192.168.0.0 to 192.168.255.255
User Datagram Protocol (UDP)
- Used to send streaming media such as movies and video games.
- Doesn’t check for lost packets.
- Quicker than TCP.

Domain Name Servers (DNS)

Use several name servers to get from domain name to deliverable IP number.
Works from most general part of domain name back, e.g. open.ac.uk goes to a name server for UK educational institutes then to Open Universities name server.

The World Wide Web is not the internet

Internet dates back to 1982 whereas the WWW came around in 1990.
WWW made available via the HTTP protocol which uses TCP to set up connections and IP to send and receive the data.
Web pages written using HyperText Mark-up Language (HTML).

References

Three ways your personal photos are vulnerable to hackers
http://www.pcworld.com/article/209333/how_to_hijack_facebook_using_firesheep.html