![Page 1: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/1.jpg)
Dr. Bhavani ThuraisinghamThe University of Texas at Dallas (UTD)
June 2012
Telecommunications and Network Security
![Page 2: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/2.jpg)
Domain Agenda• Networks • Network Security• Physical• Data Link• Network• Transport• Session• Presentation• Application• Telephony• Services
![Page 3: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/3.jpg)
OSI Model
• The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.
• It is a way of sub-dividing a communications system into smaller parts called layers. A layer is a collection of conceptually similar functions that provide services to the layer above it and receives services from the layer below it.
• On each layer an instance provides services to the instances at the layer above and requests service from the layer below.
![Page 4: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/4.jpg)
OSI Reference Model• Layer 7: Application• Layer 6: Presentation• Layer 5: Session• Layer 4: Transport• Layer 3: Network• Layer 2: Data Link• Layer 1: Physical
![Page 5: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/5.jpg)
TCP/IP• In the TCP/IP model of the Internet, protocols are not as rigidly designed into
strict layers as the OSI model.• TCP/IP does recognize four broad layers of functionality which are derived from
the operating scope of their contained protocols, namely the scope of the software application, the end-to-end transport connection, the internetworking range, and lastly the scope of the direct links to other nodes on the local network.
• The Internet Application Layer includes the OSI Application Layer, Presentation Layer, and most of the Session Layer. Its end-to-end Transport Layer includes the graceful close function of the OSI Session Layer as well as the OSI Transport Layer. The internetworking layer is a subset of the OSI Network Layer (see above), while the Link Layer includes the OSI Data Link and Physical Layers, as well as parts of OSI's Network Layer.
![Page 6: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/6.jpg)
Network Security• Issues and Concerns
– Non-repudiation– Redundancy
• Risks– Network is the key asset in many organizations– Network Attacks
• Attacks– Network as a channel for attacks– Network as the target of attack
![Page 7: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/7.jpg)
Network Security• Defense in Depth
– Series of hurdles– Collection of controls
• Security controls:– Are built around social, organizational, procedural and technical activities– Will be based on the organization’s security policy
• Security Objectives and Attacks– Business risk vs. Security solutions– Attack scenarios– Network entry point
• Inbound vs. Outbound attacks
• Methodology of Attack– Attack trees– Path of least resistance
![Page 8: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/8.jpg)
Target Related Issues• Acquisition
– Attacks start by gathering intelligence– Controls
• Limit information on a network; Distract an attacker
• Analysis– Analyze target for security weaknesses
• Access – Obtain access to the system– Manage user privileges– Monitor access
• Target Appropriation– Escalation of privileges– Attacker may seek sustained control of the system– Controls against privilege escalation
![Page 9: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/9.jpg)
Network Security Tools• Tools automate the attack processes• Network security is more than just technical implementations• Scanners
– Discovery scanning– Compliance scanning– Vulnerability scanning
![Page 10: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/10.jpg)
Layer 1: Physical Layer• Bits are converted into signals• All signal processing is handled here• Physical topologies
![Page 11: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/11.jpg)
Communication Technology• Analog Communication
– Analog signals use frequency and amplitude– Transmitted on wires or with wireless devices
• Digital communications– Uses different electronic states– Can be transmitted over most media– Integrity of digital communication is easier– Digital communication brings quantitative and qualitative enhancements
![Page 12: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/12.jpg)
Network Topology• Even small networks are complex• Network topology and layout affect scalability and security• Wireless networks also have a topology• Ring Topology
– Closed-loop topology– Advantages
• Deterministic
– Disadvantages• Single point of failure
![Page 13: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/13.jpg)
Network Topology• Bus Topology
– LAN with a central cable to which all nodes connect– Advantages
• Scalable; Permits node failure
– Disadvantages• Bus failure
• Tree Topology– Devices connect to a branch on the network– Advantages
• Scalable; Permits node failure
– Disadvantages• Failures split the network
![Page 14: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/14.jpg)
Network Topology• Mesh Topology
– Every node network is connected to every other node in the network – Advantages
• Redundancy
– Disadvantages• Expensive; Complex; Scalability
• Star Topology– All of the nodes connect to a central device– Advantages
• Permits node/cable failure; Scalable
– Disadvantages• Single point of failure
![Page 15: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/15.jpg)
Cable Selection Considerations• Throughput• Distance between devices• Data sensitivity• Environment• Twisted Pair
– One of the simplest and cheapest cabling technologies– Unshielded (UTP) or shielded (STP)
![Page 16: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/16.jpg)
Unshielded Twisted Pair (UTP)Category Transmission Rate Use
Category 1 < 1 Mbps Analog voice and basic interface rate (BRI) in Integrated Services Digital Network (ISDN)
Category 2 < 4 Mbps 4 Mpbs IBM Token Ring LAN
Category 3 16 Mbps 10 Base-T Ethernet
Category 4 20 Mbps 16 Mbps Token Ring
Category 5 100 Mbps 100 Base-TX and Asynchronous Transfer Mode (ATM)
Category 5e 1000 Mbps 1000 Base-T Ethernet
Category 6 1000 Mbps 1000 Base-T Ethernet
![Page 17: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/17.jpg)
Coaxial Cable (Coax)• Conducting wire is thicker than twister pair
– Bandwidth– Length
• Expensive and physically stiff
![Page 18: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/18.jpg)
Fiber Optics• Three components
– Light source– Optical fiber cable
• Two types
– Light detector
• Advantages• Disadvantages
![Page 19: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/19.jpg)
Wireless Transmission Technologies• 802.11 – WLAN• 806.16 – WMAN, WiMAX• Satellite• Bluetooth• IrDA• Microwave• Optical
![Page 20: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/20.jpg)
Wireless Multiplexing TechnologiesTechnology Principle Objective
Direct Sequence Spread Spectrum (DSSS)
Spread transmission over a wider-frequency band
Signal less susceptible to noise
Frequency-Hopping Spread Spectrum (FHSS)
Spread signal over rapidly changing frequencies
Interference
Orthogonal-Frequency Division Multiplexing (OFDM)
Signal is subdivided into sub-frequency bands
![Page 21: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/21.jpg)
Physical Layer: Equipment Agenda• Patch panel• Modem• Cable modem• Digital subscriber line• Hub and repeater• Wireless access points
![Page 22: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/22.jpg)
• Patch Panels– Provide a physical cross-connect point for devices– Alternative to directly connecting devices– Centralized management
• Modem– Convert a digital signal to analog– Provide little security
• War dialing
– Unauthorized modems
Physical Layer: Equipment Agenda
![Page 23: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/23.jpg)
• Cable Modem– PCF Ethernet NIC connects to a cable modem– Modem and head-end exchange cryptographic keys– Cable modems increase the need to observe good security practices
• Digital Subscriber Line– Use CAT-3 cables and the local loop
• Asymmetric Digital Subscriber Line (ADSL)• Rate-Adaptive DSL (RADSL)• Symmetric Digital Subscriber Line (SDSL)• Very high bit rate DSL (VDSL)
Physical Layer: Equipment Agenda
![Page 24: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/24.jpg)
• Hubs– Used to implement a physical star/logical bus topology– All devised can read and potentially modify the traffic of other devices
• Repeaters– Allow greater distances between devices
• Wireless Access Points (WAPS)– Access Point (AP)– Multiple Input Multiple Output (MIMO)
Physical Layer: Equipment Agenda
![Page 25: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/25.jpg)
Standard Connections• Types of connectors
– RJ-11– RJ-45– BNC– RS-232
• Cabling standards– TIA/EIA-568
![Page 26: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/26.jpg)
Physical Layer Threats and Controls• Attacking
– Wire– Wireless– Equipment: Modems
• Controls– Wire
• Shielding• Conduit• Faraday cage
– Wireless• Encryption• Authentication
– Equipment• Locked doors and cabinets
![Page 27: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/27.jpg)
Layer 2: Data Link Layer• Connects layer 1 and 3• Converts data from a signal into a frame• Transmits frames to devices• Linker-Layer encryption• Determines network transmission format
![Page 28: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/28.jpg)
Synchronous/Asynchronous Communications
• Synchronous– Timing mechanism synchronizes data transmission– Robust error checking– Practical for high-speed, high-volume data
• Asynchronous– Clocking mechanism is not used– Surrounds each byte with bits that mark the beginning and end of
transmission
![Page 29: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/29.jpg)
Unicast, Multicast and Broadcast Transmissions
• Multicasts• Broadcasts
– Do not use reliable sessions
• Unicast
![Page 30: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/30.jpg)
Unicast – Point-to-Point• ISDN (Integrated Services Digital Network)• T’s (T Carriers)• E’s (E Carriers)• OC’s (Optical Carriers)
![Page 31: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/31.jpg)
Integrated Service Digital Network (ISDN)
B (Bearer) Channel 64kBit/s
D (Delta) Channel 16KBit/s
BRI (Basic Rate Interface) 2*B+I*D = 144kBit/s
PRI (Primary Rate Interface) North America
23*B+I*D = 1.55MBit/s (TI)
PRI Europe and Australia 30*B+I*D = 2MBit/s (EI
![Page 32: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/32.jpg)
“T” Carrier
Channel Multiplex Ratio Bandwidth
T1 1xT1 1.544 Mbps
T2 4xT1 6.312 Mbps
T3 7xT2 = 28xT1 44.736 Mbps
T4 6xT3 = 168xT2 274.176 Mbps
![Page 33: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/33.jpg)
“E” Carrier
Channel Multiplex Ratio Bandwidth
E1 1xE1 2.058 Mbps
E2 4xE1 8.848 Mbps
E3 4xE2 = 16xE1 34.304 Mbps
E4 4xE3 = 64xE2 139.264 Mbps
![Page 34: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/34.jpg)
“OC” Optical Carrier STS
Optical Level Bandwidth
OC1 51.84 Mbps
OC3 155.52 Mbps
OC12 622.08 Mbps
OC48 2488.32 Mbps
OC192 9953.28 Mbps
![Page 35: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/35.jpg)
Circuit-switched vs.Packet-switched Networks
• Circuit-switched– Dedicated circuit between endpoints– Endpoints have exclusive use of the circuits and its bandwidth
• Packet-switched– Data is divided into packets and transmitted on a shared network– Each packet can be independently routed on the network
• Switched vs. Permanent Virtual Circuits– Permanent Virtual Circuits (PVC)– Switched Virtual Circuits (SVC)
![Page 36: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/36.jpg)
Carrier Sense Multiple Access• Only one device may transmit at a time• There are two variations
– Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)– Carrier Sense Multiple Access with Collision Detection (CSMA/CD)
![Page 37: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/37.jpg)
Polling to Avoid Contention• Slave device needs permission from a master device• Used mostly in mainframe protocols• Optional function of the IEEE 802.1 1 standard
![Page 38: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/38.jpg)
Token Passing• A token is a special frame that circulates through the ring• Device must possess the token to transmit• Token passing is used in Token Ring (IEEE 802.5) and FDDI
![Page 39: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/39.jpg)
Bridges and Switches• Bridges
– Layer 2 devices that filter traffic between segments based on MAC addresses
– Can connect LANs with unlike media types– Simple bridges do not reformat frames
• Switches– Multi-port devices to connect LAN hosts– Forward frames only to the specified MAC address– Increasingly sophisticated– Also forward broadcasts
![Page 40: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/40.jpg)
Multiplexer/Demultiplexer• Combining or splitting signals• Technologies
– TDM – Time– FDM – Frequency– WDM – Wave
![Page 41: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/41.jpg)
Wireless Local Area Networks• Allow mobile users to remain connected• Extend LANs beyond physical boundaries
![Page 42: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/42.jpg)
Wireless Standards : IEEE 802• 802.1 1b• 802.1 1a• 802.1 1g• 802.1 1n / Multiple Input Multiple Output• 802.1 1i / Security• 802.1 6 / WiMAX• 802.1 5 / Bluetooth• 802.1 x / Port security
![Page 43: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/43.jpg)
Ethernet (IEEE 802.3)• Most popular LAN architecture• Support bus, star, and point-to-point topologies• Currently supports speed up to 10000 Mbps
![Page 44: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/44.jpg)
Protocols• Address Resolution Protocols (ARP)
– ARP (RFC 826)– RARP (RFC 903)– ARP Cache Poisoning
• Point-to-Point Protocol (PPP)– RFC 1331
• Encapsulation• Link Control Protocol (LCP)• Network Control Protocols
• Password Authentication Protocol (PAP)– Identification and authentication of remote entity– Uses a clear text, reusable (static) password– Supported by most network devices
![Page 45: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/45.jpg)
Challenge Handshake Authentication Protocol
• CHAP– Periodically re-validates users– Standard password database is unencrypted– Password is sent as a one-way hash– CHAP Process
• MSCHAP• The Nonce
![Page 46: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/46.jpg)
Extensible Authentication Protocol (EAP)
• Provides a pointer to authentication• EAP – Transport level security• Wireless needs EAP• PEAP - (Protected EAP)
![Page 47: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/47.jpg)
Link Layer Threats• Confidentiality
– Sniffing for reconnaissance– Offline brute force– Unapproved wireless
• Integrity– Modify packets– Man-in-the-middle– Force weaker authentication
• Availability– Denial of service– War driving
• Transition from wireless to wired
![Page 48: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/48.jpg)
Wired and Wireless Link-Layer Controls
• Encryption– PPP Encryption Control Protocol (ECP)
• Authentication– PAP– CHAP– EAP
• Tunneling– EAP-TTLS
• Radio frequency management
![Page 49: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/49.jpg)
Wireless Encryption Summary802.1x
DynamicWEP
Wi-FiProtected
Access
Wi-FiProtected Access 2
Access Control 802.1X 8021X or pre-shared key
802.1X or pre-shared key
Authentication EAP methods EAP methods or pre-shared key
EAP methods or pre-shared key
Encryption WEP TKIP (RC4) CCMP (AES Counter Mode)
Integrity None Michael MIC CCMP (AES CBC-MAC)
![Page 50: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/50.jpg)
Metropolitan Area Network (MAN)• Optimization for city• Use wireless infrastructure, fiber optics or ethernet to connect
sites together• Still needs security• Switched Multi-megabit Data Service (SMDS)• SONET/SDH
![Page 51: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/51.jpg)
Layer 3: Network Layer• Moves information between two hosts that are not physically
connected• Uses logical addressing
![Page 52: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/52.jpg)
LAN/WAN• Local Area Network (LAN)
– LANs service a relatively small area– Most LANs have connectivity to other networks– VLANs are software-based LAN segments implemented by switching
technology
• Wide Area Network (WAN)– A WAN is a network connecting local networks or access points– Connections are often shared and tunneled through other connections
![Page 53: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/53.jpg)
Storage Area Network (SAN)• Hard drive space problem• Server of servers• Fiber backbone• Switched
![Page 54: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/54.jpg)
Public Switched Telephone Networks (PSTNs)
• PSTNs are circuit-switched networks• PSTNs are subject to attacks
![Page 55: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/55.jpg)
X.25• Suite of protocols for unreliable networks• Has a strong focus on error correction• Users and host connect through a packet-switched network• Most organizations now opt for frame relay and ATM instead of
X.25 for packet switching
![Page 56: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/56.jpg)
Frame Relay• Network cloud of switches• Customers share resources in the cloud• The cloud is assumed to be reliable• Customers are charged only for bandwidth used
![Page 57: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/57.jpg)
Asynchronous Transfer Mode (ATM)• ATM is connection-oriented
– Uses virtual circuits– Guarantees QoS but not the delivery of cells– Types of virtual circuits
![Page 58: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/58.jpg)
Multi-Protocol Label Switching (MPLS)• Bandwidth management and scalability• Permits traffic-engineering• Provides QoS and defense against network attacks• Operates at Layer 2 and 3• Operates over most other packet switching technologies such as
Frame Relay and ATM
![Page 59: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/59.jpg)
Comparing Broadband Wireless802.11
WiFi802.16WiMAX
802.20Mobile-Fi
UMTS3G
Bandwith 11-54 Mbps shared Share up to 70 Mbps
Up to 1.5 Mbps each 384 Kbps – 2 Mbps
Range (LOS)Range (NLOS)
100 meters30 meters
30 – 50 km2 – 5 km (‘07)
3 – 8 km Coverage is overlaid on wireless infrastructure
Mobility Portable Fixed (Mobile – 16e)
Full mobility Full mobility
Frequency/ Spectrum 2.4 GHz for 802.1 1b/g5.2 GHz for 802.11a
2 - 11 GHz for 802.16a11-60 GHz for 802.16
< 3.5 GHz Existing wireless
Licensing Unlicensed Both Licensed Licensed
Standardization 802.11a,b and g standardized
802.16, 802.16a and 802.16 REVd standardized, other under development
802.20 in development
Part of GSM standard
Availability On the market today Products available today
Standards coming Currently being deployed
![Page 60: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/60.jpg)
Wireless Optics• Two laser transceivers communicate at speeds comparable to
SONET• Wireless optics transmissions are hard to intercept• Wireless optics can be unreliable during inclement weather• Avoids the licensing requirements of Microwave in most regions
![Page 61: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/61.jpg)
Network Usage: Definitions• Intranet• Extranet
– Granting access to external organizations
• Internet
![Page 62: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/62.jpg)
Other Aspects
• Virtual Private Network– Remote access through VPN– LAN to LAN configuration
• Secure Remote Access– Remote access through modems, ISPs, WAN connections
• Traffic Shaping– Quality of Service (QoS)– Depends on all carriers agreeing on priority handling rules
• Routers– Network routing
![Page 63: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/63.jpg)
Firewalls• Filtering
– Filtering by address– Filtering by service
• Static Packet Filtering• Stateful inspection or dynamic packet filtering• Personal firewalls• Enforce administrative security policies• Separate trusted networks from untrusted networks
– Firewalls should be placed between security domains
• Proxy Firewalls– Circuit-level policy– Application-level policy
![Page 64: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/64.jpg)
FirewallsFirewall Type OSI Model Layer Characteristics
Packet filtering Network layer Routers using ACLs dictate acceptable access to a network
Looks at destination and source addresses, ports and services requested
Application-level proxy
Application layer Deconstructs packets and makes granular access control decisions
Requires one proxy per service
![Page 65: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/65.jpg)
Firewalls (cont.)Firewall Type OSI Model Layer Characteristics
Circuit- level proxy Session layer Deconstructs packets
Protects wider range of protocols and services than app-level proxies, but are not as detailed as a level of control
Stateful Network layer Keeps track of each conversation using a state table
Looks at state and context of packets
![Page 66: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/66.jpg)
Network Partitioning• Boundary routers• Dual-homed host• Bastion Host• Demilitarized Zone (DMZ)• Three-legged firewall
![Page 67: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/67.jpg)
End Systems• Servers and mainframes• Operating systems• Notebooks• Workstations• Smart phones• Personal digital assistants• Network Attached Storage (NAS)
![Page 68: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/68.jpg)
Internet Protocol (IP)• Internet Protocol (IP) is responsible for routing packets over a
network• Unreliable protocol• IP will subdivide packets• IPv4 address structure
![Page 69: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/69.jpg)
Internet Protocol (cont.)
Internet Protocol Address StructureClass Range of First
OctetNumber of Octets
for Network Number
Number of Hosts in Network
A 1 – 127 1 16,777,216
B 128 – 191 2 65,536
C 192 – 223 3 256
D 224 – 239 Multicast
E 240 - 255 Reserved
![Page 70: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/70.jpg)
Subnetting and Valid Subnets• Subnetting• Supernetting• Classless Inter-Domain Routing (CIDR)
![Page 71: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/71.jpg)
Dynamic Host Configuration Protocol (DHCP)
• Dynamically assigns IP addresses to hosts• Client does not have to request a new lease every time it boots
![Page 72: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/72.jpg)
IPv6• A larger IP address field• Improved security• A more concise IP packet header• Improved quality of service (QoS)
![Page 73: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/73.jpg)
Internetwork Packet Exchange (IPX)• Vendor specific• Retired
![Page 74: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/74.jpg)
Internet Control Message Protocols (ICMP)
• ICMP redirect attacks• Traceroute exploitation• Ping scanning
![Page 75: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/75.jpg)
Internet Group Management Protocol (IGMP)
• Used for multicast messages• Sets up multicast groups
![Page 76: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/76.jpg)
Virtual Private Network (VPN)• Secure shell (SSH)• SSL/TLS• SOCKS• High Assurance Internet Protocol Encryptor (HAIPE)• IP Security (IPSEC) – see next slide
![Page 77: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/77.jpg)
IPSEC Authentication and Confidentiality for VPNs
• Authentication Header (AH)• Encapsulating Security Payload (ESP)• Security Parameter Index (SPI)• Security Associations• Transport Mode / Tunnel Mode• Internet Key Exchange ((IKE)
![Page 78: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/78.jpg)
Tunneling Protocols• Tunneling Protocols
– Point-to-point Tunneling Protocol (PPTP)– Layer 2 Tunneling Protocol (L2TP)
• Routing Protocols– Routing Information Protocol (RIP)– Virtual Router Redundancy Protocol (VRRP)– Open Shortest Path First (OSPF)– Exterior Gateway Protocol (EGP)– Border Gateway Protocol (BGP)– Intermediate System-to-Intermediate System (ISIS)– Interior Gateway Routing Protocol (IGRP)– Enhanced IGRP (EIGRP)
![Page 79: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/79.jpg)
Risks and Attacks• Key shortcoming in IP is its lack of authentication• Shortcomings in implementation• IP Fragmentation Attacks
– Teardrop attack– Overlapping fragment attacks
• IP Address Spoofing– Overlapping fragment attacks– Packets are sent with a bogus source address– Takes advantage of a protocol flaw
• Encryption as a Threat– External attackers– Internal attackers
![Page 80: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/80.jpg)
Risks and Attacks• Network Eavesdropping• Sniffing the wire• Encryption• IP allows the sender to specify the path
– Attackers can abuse source routing, thereby gaining access to an internal network
![Page 81: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/81.jpg)
Risks and Attacks
• Source-routing Exploitation– IP allows the sender to specify the path
• Attackers can abuse source routing, thereby gaining access to an internal network
• Smurf and Fraggle attacks– Smurf attack mis-uses the ICMP Echo Request– Fraggle attack used UDP instead of ICMP– Ping of death
![Page 82: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/82.jpg)
Controls• Policy• Inbound and outbound traffic controls• Network partitioning
![Page 83: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/83.jpg)
Layer 4: Transport Layer• End-to-end transport between peer hosts• Connection oriented and connectionless protocols
![Page 84: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/84.jpg)
Protocols
• Transmission Control Protocol (TCP)– Well-known ports– Registered ports– Dynamic and/or private ports
• User Datagram Protocol (UDP)– Fast – Low overhead– No error correction/replay protection
• Sequenced Packet Exchange (SPX)– Novell’s protocol– Replaced by TCP
![Page 85: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/85.jpg)
Transport Layer Security (TLS)• Mutual authentication• Encryption• Integrity
![Page 86: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/86.jpg)
Attacks• SYN Flood• Port Scanning
– FIN, NULL and XMAS Scanning– SYN Scanning– TCP Sequence Number Attacks– Session Hijacking
• Denial of Service
![Page 87: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/87.jpg)
Controls• SYN proxies• Honeypots and honeynets• Tarpits• Continuous or periodic authentication
![Page 88: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/88.jpg)
Layer 5: Session Layer• Client server model• Middleware and three-tiered architecture• Mainframe• Centralized systems
![Page 89: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/89.jpg)
Protocols• Real-time protocol – RTP• RTP control protocol – RTCP • Remote procedure calls - RPC
![Page 90: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/90.jpg)
RPC Threats and Controls• Threats
– Unauthorized sessions– Invalid RPC exchanges
• Controls– Secure RPC
![Page 91: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/91.jpg)
Layer 6: Presentation Layer
• Ensures a common format for data• Services for encryption and compression
![Page 92: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/92.jpg)
Standards• Mainframe to PC Translation
– Extended Binary Coded Decimal Interchange Code (EBCDIC)– American Standard Code for Information Interchange (ASCII)– Gateway
• Video and Audio Compression– Codec
• Compression / decompression
– Conserves bandwidth and storage
![Page 93: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/93.jpg)
Compression ProtocolsAudio Compression
ISO/IECMPEG – I Layer III (MP3)MPEG-I Layer I & IIAAC: HE_ACC v2aacPlus v2
ITU-TG.711 G.722 G.723G.726 G.728 G.729
Video CompressionISO/IEC
MJPEGMPEG-I & IIMPEG-4 ASP & AVC
ITU-TH.261 – H.264
![Page 94: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/94.jpg)
Threats and Controls• Availability Threat
– Lack of interoperability
• Controls– Organizational standards
![Page 95: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/95.jpg)
Layer 7: Application Layer• The application layer is NOT the Graphical User Interface (GUI)• Performs communications between peer applications
![Page 96: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/96.jpg)
Implementations• Client/Server
– Telephony/voice– Video– Instant messaging– Email– World wide web– File transfer
• Peer-to-peer– Sharing
• Multi-tier– Web front-end– Database back-end– Web 2.0
![Page 97: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/97.jpg)
Protocols Examples
FTP File Transfer Protocol
HTTP HyperText Transfer Protocol
IMAP Internet Message Access Protocol
IRC Internet Relay Chat
MIME Multipurpose Internet Mail Extensions
POP3 Post Office Protocol (version 3)
Rlogin Remote Login in UNIX Systems
SOAP Simple Object Access Protocol
SSH Secure Shell
TELNET Terminal Emulation Protocol
![Page 98: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/98.jpg)
Threats and Controls• Vulnerabilities as of September 2007
– 35,000
• Verified exploits– +10,000
• Controls– STOP IT!
• Don’t use application-layer protocols that are too risky?
– Update / patch
![Page 99: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/99.jpg)
Telephony• Voice Over IP
– Reduced cost– Converged technology security
• Mobile Telephony – Cellular service– Analog
• Advanced Mobile Phone Service (AMPS)
– Digital• Global Service for Mobile Communications (GSM)• General Packet Radio Service (GPRS)• Universal Mobile Telecommunications System (UMTS)
– Data
![Page 100: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/100.jpg)
Mobile Multiplexing Technologies
Technology Principle Objective
Frequency Division Multiple Access
(FDMA)
Divide frequency into sub bands
Open several low bandwidth channels
Time Division Multiple Access
(TDMA)
Split transmission by time slices
Multiplexing between participants
Code Division Multiple Access
(CDMA)
Multiplex several signals into one
signal
Multiplexing is performed on a
digital level
![Page 101: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/101.jpg)
Protocols• VoIP Protocols
– H.323
• SIP• Mobile Telephony Protocols
– Proprietary Applications and Services– Wireless Application Protocol (WAP)
• Mobile internet browsing
![Page 102: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/102.jpg)
Telephony Threats and Controls• Threats
– IP Telephony Network Issues– IP Telephony Vulnerabilities
• Controls– Authentication– Firewalls– Modem control
• Good practices for VoIP telephony– Encryption– Hardening– Patches– Authentication– Physical protection
![Page 103: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/103.jpg)
General Threats• Authenticity• Eavesdropping• Social engineering• Tunneling firewalls
![Page 104: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/104.jpg)
Services• Authentication• Directory• Configuration• Communication• Storage• Printing
![Page 105: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/105.jpg)
Authentication
• Centralized Remote User Authentication– Network Access Server send authentication requests to the Centralized
Authentication Server.
• Kerberos Authentication– RFC 1510– Principals (client and server) are treated as equals– Key Distribution Server (KDC)
• Authentication server (AS)
– Ticket granting server (TGS)
![Page 106: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/106.jpg)
Directory Services• Domain Name Service (DNS)• Lightweight Directory Access Protocol (LDAP)• Network Basic Input Output System (NetBios)• Network Information Service (NIS/NIS+)
![Page 107: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/107.jpg)
Configuration Services• Simple Network Management Protocol (SNMP)• Dynamic Host Configuration Protocol (DHCP)• Network Time Protocol (NTP)• Finger User Information Protocol
![Page 108: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/108.jpg)
Communication Services• Synchronous Messaging
– Instant Messaging (IM)– Internet Relay Chat (IRC)
• Asynchronous Messaging– Simple Mail Transfer Protocol (SMTP)– Post Office Protocol (POP)– Internet Message Access Protocol (IMAP)– Network News Transfer Protocol (NNTP)
![Page 109: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/109.jpg)
Remote Communication Services• TCP/IP Terminal Emulation Protocol (TELNET)• Remote Login (RLOGIN), Remote Shell (RSH), Remote Copy (RCP)• X Window System (XII)• Video and multimedia
![Page 110: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/110.jpg)
Storage Server Services• Common Internet File System (CIFS ) /Server Message Block
(SMB)• Network File System (NFS)• Secure NFS (SNFS)
![Page 111: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/111.jpg)
Storage Data Services• File Transfer Protocol (FTP)• Trivial File Transfer Protocol (TFTP)• Hypertext Transfer Protocol (HTTP)• HTTP over TLS (HTTPS)• Secure Hypertext Transfer Protocol (S-HTTP)• Proxies
![Page 112: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/112.jpg)
Printing Services• Internet Printer Protocol (IPP)• Line Printer Daemon (LPD) and Line Printer Remote (LPR)• Common UNIX Printing System (CUPS)
![Page 113: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/113.jpg)
DNS Threats• Spoofing• Query manipulation
– Hosts file manipulation– Social engineering
• Information disclosure• Domain litigation• Cyber squatting
![Page 114: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/114.jpg)
Other Threats• Email Threats
– Spoofing– Open Mail Relay Servers– Spam and Filtering
• Instant messaging Threats• File sharing• SPIM• Service Message Block (SMB) Threats
– Buffer overflows
![Page 115: Dr. Bhavani Thuraisingham The University of Texas at Dallas (UTD) June 2012](https://reader036.vdocuments.us/reader036/viewer/2022062517/56813dc0550346895da7899c/html5/thumbnails/115.jpg)
Controls• DNS security extensions (DNSSEC)• Mail filtering• IM policy• Turn off SMB