internet vulnerabilities & criminal activities
DESCRIPTION
Internet Vulnerabilities & Criminal Activities. 1.2 – 9/12/2011 Structure of Internet Communications. Computer Data. Binary format All data represented by only 2 signals 0’s and 1’s for representation 5 means of representation Electric current Voltage Iron particles “Pits” and “Land” - PowerPoint PPT PresentationTRANSCRIPT
Internet Vulnerabilities & Criminal Activities
Internet Vulnerabilities & Criminal Activities
1.2 – 9/12/2011Structure of Internet Communications
1.2 – 9/12/2011Structure of Internet Communications
Computer DataComputer Data
• Binary format– All data represented by only 2 signals– 0’s and 1’s for representation
• 5 means of representation– Electric current– Voltage– Iron particles– “Pits” and “Land”– Electron grid
• Fragile• Intangible
– Must have means of interpreting
• Binary format– All data represented by only 2 signals– 0’s and 1’s for representation
• 5 means of representation– Electric current– Voltage– Iron particles– “Pits” and “Land”– Electron grid
• Fragile• Intangible
– Must have means of interpreting
ProtocolProtocol
The “language” or rules used to transmit data over a
network.
The “language” or rules used to transmit data over a
network.
Common ProtocolsCommon Protocols
• HTTP - Hypertext Transfer Protocol• FTP - File Transfer Protocol• SMTP - Simple Mail Transfer
Protocol• IP - Internet Protocol• TCP - Transmission Control
Protocol• UDP - User Datagram Protocol
• HTTP - Hypertext Transfer Protocol• FTP - File Transfer Protocol• SMTP - Simple Mail Transfer
Protocol• IP - Internet Protocol• TCP - Transmission Control
Protocol• UDP - User Datagram Protocol
PacketPacket
The unit of data sent from a source to a destination on the
Internet
The unit of data sent from a source to a destination on the
Internet
Packet formatPacket format
• Header– Information about
the packet being sent
• Payload– Actual data
• Trailer– End of data signal– Also used for error
checking
• Header– Information about
the packet being sent
• Payload– Actual data
• Trailer– End of data signal– Also used for error
checking
PortPortVirtual ports are part of TCP/IP networking.
These ports allow software applications to share hardware resources without interfering with
each other. Computers and routers automatically manage network traffic traveling
via their virtual ports. Network firewalls additionally provide some control over the flow
of traffic on each virtual port for security purposes.
Virtual ports are part of TCP/IP networking. These ports allow software applications to share
hardware resources without interfering with each other. Computers and routers
automatically manage network traffic traveling via their virtual ports. Network firewalls
additionally provide some control over the flow of traffic on each virtual port for security
purposes.
Common Port NumbersCommon Port Numbers
• 20, 21 - FTP (File Transfer)
• 22 - SSH (Secure Shell)
• 25 - SMTP (Mail)
• 53 - DNS (Domain Name System)
• 80 - HTTP (Web Pages)
• 20, 21 - FTP (File Transfer)
• 22 - SSH (Secure Shell)
• 25 - SMTP (Mail)
• 53 - DNS (Domain Name System)
• 80 - HTTP (Web Pages)
Internet Protocol NumberInternet Protocol Number
Numerical identification number used by a node on
the Internet
Numerical identification number used by a node on
the Internet
IP Number FormatIP Number Format
• IPv4 - 32 bits, 4 bytes long• Each byte separated by a . (dot)• Example - 64.252.150.126• Divided in to classes by first octet
– Class A , 1-126– Class B, 128-191– Class C, 192-223– 127.0.0.1, loopback
• IPv4 - 32 bits, 4 bytes long• Each byte separated by a . (dot)• Example - 64.252.150.126• Divided in to classes by first octet
– Class A , 1-126– Class B, 128-191– Class C, 192-223– 127.0.0.1, loopback
IPv6IPv6
• Succeeds IPv4• Many more unique numbers
available• 128 bit addresses – 2128
possible addresses• Eliminates need for NAT• Offers more features than
IPv4• Typical IPv6
address:2001:0db8:85a3:0000:0000:8a2e:0370:7334
• Succeeds IPv4• Many more unique numbers
available• 128 bit addresses – 2128
possible addresses• Eliminates need for NAT• Offers more features than
IPv4• Typical IPv6
address:2001:0db8:85a3:0000:0000:8a2e:0370:7334
Domain Name System (DNS)
Domain Name System (DNS)
A server that converts domain names into their associated IP
number64.252.150.126 = snet.net
A server that converts domain names into their associated IP
number64.252.150.126 = snet.net
OSI - Open Systems InterconnectionOSI - Open Systems Interconnection
• Model of network protocols
• Created by the ISO• Protocol stack• Each layer responsible
for specific processing• Layers only
communicate with layer above & layer below
• Communications– Outgoing - each layer
adds new data– Receiving - each layer
strips off data
• Model of network protocols
• Created by the ISO• Protocol stack• Each layer responsible
for specific processing• Layers only
communicate with layer above & layer below
• Communications– Outgoing - each layer
adds new data– Receiving - each layer
strips off data
7 - Applications Layer7 - Applications Layer
• Interface between applications
program and protocol stack
• Layer contacted by application
program
• Examples - http, ftp, smtp
• Interface between applications
program and protocol stack
• Layer contacted by application
program
• Examples - http, ftp, smtp
6 - Presentation Layer6 - Presentation Layer
• Also called translation layer• Converts data received from
application layer to format used by protocol stack
• Can be used for compression & encryption
• Also called translation layer• Converts data received from
application layer to format used by protocol stack
• Can be used for compression & encryption
5 - Session Layer5 - Session Layer
• Allows two programs within different computers to establish a communication session
• Sets communication markers (not on all networks)
• Allows two programs within different computers to establish a communication session
• Sets communication markers (not on all networks)
4 - Transport Layer4 - Transport Layer
• Interface between application layers and network layers
• Protocols - tcp, udp• On sending machine:
– Divides data sent by Session layer into packets
• On receiving machine:– Puts packets into order– Checks data integrity – Sends acknowledgement
• Interface between application layers and network layers
• Protocols - tcp, udp• On sending machine:
– Divides data sent by Session layer into packets
• On receiving machine:– Puts packets into order– Checks data integrity – Sends acknowledgement
3 - Network Layer3 - Network Layer
• Handles packet addressing
• Converts logical address to physical address
• Sets route packets will follow from source to destination
• Protocol - IP
• Handles packet addressing
• Converts logical address to physical address
• Sets route packets will follow from source to destination
• Protocol - IP
2 - Data Link Layer2 - Data Link Layer
• Sending machine– Converts packets into frames– Adds physical address of source and
destination machines– Calculates checksum
• Receiving machine– Recalculate checksum– Send acknowledgement if checksums match
• Sending machine– Converts packets into frames– Adds physical address of source and
destination machines– Calculates checksum
• Receiving machine– Recalculate checksum– Send acknowledgement if checksums match
1 - Physical Layer1 - Physical Layer
• Sending machine– Converts Data Link Layer frames into
transmission signals• Electronic signal• Luminous signal• Electromagnetic signal
• Receiving machine– Converts physical signal into 1’s & 0’s
• Sending machine– Converts Data Link Layer frames into
transmission signals• Electronic signal• Luminous signal• Electromagnetic signal
• Receiving machine– Converts physical signal into 1’s & 0’s
OSI - How it worksOSI - How it works
• Sending machine - each layer adds a header
• Receiving machine - each layer removes a header
• Layer only sees header added by same layer on sending machine
• Sending machine - each layer adds a header
• Receiving machine - each layer removes a header
• Layer only sees header added by same layer on sending machine
TCP/IPTCP/IP
• Fewer layers than OSI
• Different protocols working on different level
• May have more than one protocol on the same level
• Fewer layers than OSI
• Different protocols working on different level
• May have more than one protocol on the same level
Application LayerApplication Layer
• Communicates between application programs & transport layer
• Protocol selected• Port number
assigned
• Communicates between application programs & transport layer
• Protocol selected• Port number
assigned
Transport LayerTransport Layer
• Divides data into packets
• Orders received packets
• Checks & acknowledges received packets
• Divides data into packets
• Orders received packets
• Checks & acknowledges received packets
Transport Layer ProtocolsTransport Layer Protocols
• TCP - Transmission Control Protocol– Reliable– Used for SMTP, HTTP,
FTP
• UDP - User Datagram Protocol– Unreliable– Used for DNS
• TCP - Transmission Control Protocol– Reliable– Used for SMTP, HTTP,
FTP
• UDP - User Datagram Protocol– Unreliable– Used for DNS
Internet LayerInternet Layer
• Determines path packet should take from source to destination
• Every router on the path is called a hop
• Router uses its router table to determine packet’s path
• No acknowledgement on this level
• Determines path packet should take from source to destination
• Every router on the path is called a hop
• Router uses its router table to determine packet’s path
• No acknowledgement on this level
Network Interface LayerNetwork Interface Layer
• Most common physical network - Ethernet
• Logic Link Control (LLC) Layer– Adds information on
Internet layer protocol• Media Access Control
(MAC) Layer– Add source &
destination MAC address• Physical Layer - same as
OSI model Physical Layer
• Most common physical network - Ethernet
• Logic Link Control (LLC) Layer– Adds information on
Internet layer protocol• Media Access Control
(MAC) Layer– Add source &
destination MAC address• Physical Layer - same as
OSI model Physical Layer
Network Interface FrameNetwork Interface Frame
• Data to be transmitted or received has now been converted to a frame
• Each layer adds a header when sending
• Each layer removes a header when receiving
• Data to be transmitted or received has now been converted to a frame
• Each layer adds a header when sending
• Each layer removes a header when receiving
Communications LogCommunications Log
Languages of the Web - HTMLLanguages of the Web - HTML
• HyperText Markup Language– File extensions: .html, .htm, .html4– Comprised of elements which tells
receiving browser how to display those elements
– Hyperlink: link from a web page element to another file or web page
– Some elements can pose security risks– Related: Dynamic HTML (DHTML), XML,
XHTML
• HyperText Markup Language– File extensions: .html, .htm, .html4– Comprised of elements which tells
receiving browser how to display those elements
– Hyperlink: link from a web page element to another file or web page
– Some elements can pose security risks– Related: Dynamic HTML (DHTML), XML,
XHTML
Languages of the Web - PerlLanguages of the Web - Perl
• Practical Extraction and Report Language– File extension: .pl– High level programming language– Portable, free– Robust & flexible– Server-side actions– Security risk from inputs
• Practical Extraction and Report Language– File extension: .pl– High level programming language– Portable, free– Robust & flexible– Server-side actions– Security risk from inputs
Languages of the Web - PHPLanguages of the Web - PHP
• Personal Home Page– File extensions: .php, .php3– Server-side scripting language– Used for database applications – Security risk from inputs
• Personal Home Page– File extensions: .php, .php3– Server-side scripting language– Used for database applications – Security risk from inputs
Languages of the Web - ColdFusionLanguages of the Web - ColdFusion
• ColdFusion– File extension: .cfm– Three major components
• ColdFusion Application Server - server-side processor of ColdFusion page requests
• ColdFusion Markup Language - similar to HTML• ColdFusion Studio - integrated development
environment (IDE)• Can be used for database connectivity
• ColdFusion– File extension: .cfm– Three major components
• ColdFusion Application Server - server-side processor of ColdFusion page requests
• ColdFusion Markup Language - similar to HTML• ColdFusion Studio - integrated development
environment (IDE)• Can be used for database connectivity
Languages of the Web - ASPLanguages of the Web - ASP
• Active Server Pages– File extension: .asp– Server-side scripting environment– Default language is VBScript– Can be used for database
connectivity– ActiveX - used for dynamic web page
content
• Active Server Pages– File extension: .asp– Server-side scripting environment– Default language is VBScript– Can be used for database
connectivity– ActiveX - used for dynamic web page
content
Languages of the Web - CGILanguages of the Web - CGI
• Common Gateway Interface– File extensions: .cgi, .pl– Oldest standard for passing
information from web server to another program (such as Perl)
– Set of guidelines used with many web languages
• Common Gateway Interface– File extensions: .cgi, .pl– Oldest standard for passing
information from web server to another program (such as Perl)
– Set of guidelines used with many web languages
Languages of the Web - JavaLanguages of the Web - Java
• Java– File extension: none– Client-based
• Scripting languages– Javascript - connected to Java by name only– Jscript - Microsoft’s Javascript clone
– Server-based• Java Server Pages (JSP)
– File extension: .jsp– Used for dynamic content & database connectivity
• JHTML– File extension: .jhtml– HTML with Java
• Java– File extension: none– Client-based
• Scripting languages– Javascript - connected to Java by name only– Jscript - Microsoft’s Javascript clone
– Server-based• Java Server Pages (JSP)
– File extension: .jsp– Used for dynamic content & database connectivity
• JHTML– File extension: .jhtml– HTML with Java
SourcesSources
• “The OSI Reference Model for Network Protocols” by Gabriel Torres. Hardware Secrets. (2007) http://www.hardwaresecrets.com/article/431
• “How TCP/IP Protocol Works - Part 1” by Gabriel Torres. Hardware Secrets. (2007) http://www.hardwaresecrets.com/article/433
• “How TCP/IP Protocol Works - Part 2” by Gabriel Torres. Hardware Secrets. (2007) http://www.hardwaresecrets.com/article/435
• “Languages of the Web” by Stuart McClure, Saumil Shah, and Shreeraj Shah. Web Hacking: Attacks and Defenses (2003)
• “The OSI Reference Model for Network Protocols” by Gabriel Torres. Hardware Secrets. (2007) http://www.hardwaresecrets.com/article/431
• “How TCP/IP Protocol Works - Part 1” by Gabriel Torres. Hardware Secrets. (2007) http://www.hardwaresecrets.com/article/433
• “How TCP/IP Protocol Works - Part 2” by Gabriel Torres. Hardware Secrets. (2007) http://www.hardwaresecrets.com/article/435
• “Languages of the Web” by Stuart McClure, Saumil Shah, and Shreeraj Shah. Web Hacking: Attacks and Defenses (2003)