Networking 101 - University of New MexicoNetworking class that's very valuable, this is just enough...
Transcript of Networking 101 - University of New MexicoNetworking class that's very valuable, this is just enough...
Networking 101
“5-minute University”
● We're just going to cover the basic technologies that make up the Internet
● There's a lot more content in a Computer Networking class that's very valuable, this is just enough material to be able to talk about cybersecurity issues
● Hopefully not boring for students that already took CS 485/ECE 440/CS 585
Network of two machines
10.0.8.1 10.0.8.2
IP address: identifies the machine on the network.Local (10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12) vs. Internet routable (e.g., 64.106.21.143).
● What stops me from saying my IP address is something else (e.g., an IP that belongs to someone else) on the same network as me?
man manman ifconfigifconfig | less
ARP: Address Resolution Protocol
● MAC (media access control) address (e.g., “c4:02:32:6b:00:00”) is supposed to be unique to the network interface– Also called a hardware address
(from http://chrissanders.org/packet-captures/)
● What stops me from saying my hardware address is something else?
CIDR
● Classless Inter-Domain Routing
● /27 has a net mask of 255.255.255.224
From Wikipedia
Some notation
● 192.168.55.0/24● 10.0.9.0/24● 10.0.8.0/24
Network of networks
192.168.55.1 192.168.55.2
10.0.8.1 10.0.8.2
10.0.9.1
10.0.9.2
192.168.55.3
IP (Internet Protocol) routing
Graphic by Danny Adams
● What stops me from saying my IP address is one from a network on the other side of the world?
tracepath -n uchicago.eduroute -narp -n
TCP/IP
● TCP = Transport Control Protocol● Port: a number that identifies a process or service on the remote
machine● Socket: a way for a process on one machine to communicate with a
process on another machine– Can be identified by two port:ipaddress tuples
● TCP is connection-oriented, packets can be lost and retransmitted, delivered out of order, etc.– Compare to UDP, which is the User Datagram Protocol
● See http.pcap example from https://wiki.wireshark.org/SampleCaptures#HyperText_Transport_Protocol_.28HTTP.29
screenCtrl+A then C to CreateCtrl+A then N for Nexthost www.cs.unm.edu
nc 64.106.20.27 80(in other terminal...)netstat -tpn | less
DNS maps hostnames to IPs and vice versa
host 64.106.20.60host wiki.cs.unm.edu
man dig
BGP = Border Gateway Protocol
● A path vector protocol that is a lot like a distance vector protocol– Tell your neighbors what routes you know about
● BGP is how Autonomous Systems (ASes) route packets on the Internet
Network Insecurity
● ARP, IP, everything else can be spoofed● Man-in-the-middle: router pretends to be the host, can do
anything– Almost every time you connect to public Wifi
– Another example: China's Great Cannon
● Man-on-the-side: more limited, can see packets and insert, but can't modify or drop– Example: NSA QUANTUM
● What are the different places in the network where these types of attacks can be implemented?