DATA COMM & NETWORK
DATA COMM & NETWORK INFO 306
Popular in Course
Popular in Information & Operations Mgmt
This 5 page Study Guide was uploaded by Rita Kunde on Wednesday October 21, 2015. The Study Guide belongs to INFO 306 at Texas A&M University taught by Gary Whitten in Fall. Since its upload, it has received 82 views. For similar materials see /class/226261/info-306-texas-a-m-university in Information & Operations Mgmt at Texas A&M University.
Reviews for DATA COMM & NETWORK
Report this Material
What is Karma?
Karma is the currency of StudySoup.
You can buy or earn more Karma at anytime and redeem it for class notes, study guides, flashcards, and more!
Date Created: 10/21/15
Chapter 10 The Internet De nitions Network Access Point NAP 7 Connects the highest level of Internet Service Providers Metropolitan Area Exchange MAE 7 evolved as the number of network access points increased Peeling 7 ISP s at the same level exchanging messages with each other with out charging Point of Presence how ISP s provide access to the Internet Remote Access Server RAS 7 Checks the User ID and password when the user connects to the ISP s modem pool DSL 7 Digital Subscriber Line uses traditional phone lines must have modern phone lines 4 kHztwo kinds 7 Symmetrical and Asymmetric DSL Cable Modems 7 digital service offered by cable television companies 15 7 10 Mbps upstream 2 7 30 Mbps downstream Fixed Wireless 7 dishbased microwave transmissions technology Passive Optical Networking PON also called Fiber to the Home will unleash the potential of optical ber communications to end users Dark ber 7 unused ber cable National Lambda Rail NLR7 a major incentive by US research Universities and private sector technology companies to provide a national scales infrastructure for research and experimentation in networking technologies and applications NLR aims to catalyze innovative research and development into next generation network technologies protocols services and applications NLR puts the control and power and the promise of experimental network infrastructure in the hands of our nation s scientists and researchers Important Statements Each ISP acts as an autonomous system with its own interior and exterior routing protocols Digital Subscriber Line 7 Must have modern phone lines to house Symmetric DSL SDSL provides that same transmission rates up to 128 Kbps in both directions on the circuits Asymmetric DSL ADSL Provides different rates to up to 640Kbps and fromup to 6144Mbps the carrier s end of ce It also includes an analog channel for voices transmissions ADSL Rates European standard Cable Modems 7 Digital service olTered by cable television companies who offer an upstream rate of 15 7 10 Mbps and downstream rate of 230 Mbps Fixed Wireless 7 dishbased microwave transmission technology point to point and point to multipoint limited of stations transfer rates range from 15 to 11 Mbps depending on the vendor New network being developed Internet 27 The very high performance Backbone Network Service vBNS run by worldcom 34 universities participate The Abilene network also called Internet 2 is being developed by the University Corporation for Advanced Internet Development UCAID CANet3 is the Canadian government initiative Uses access through Gigapops similar to NAP s except very high speed622 Mbps to 24Gbps using SONET ATM and IPv6 protocols Protocol development focuses on issues like quality of service and multicasting New applications include teleimmersion and videoconferencing Chapter 11 Network Security De nitions Disruptions 7 the loss or reduction in network service Destruction 7 can cause disruptions Disastersnatural or manmade 7 may occur that destroy host computers or large sections of the network Unauthorized access 7 viewed as hackers gaining access to organizational data files and resources However most unauthorized access incidents involved employees The Computer Emergency Response Team CERT 7 At Carnegie Mellon University as established with USDoD support in 1988 after a computer virus shut down 10 of the computers on the Internet in 1989 137 incidents 2000 7 21756 incidents Network Controls 7 these reduce threats to network security Preventative Controls 7 Mitigate or stop a person from acting or an event from occurring passwords guards locks Detective Controls 7 reveal of discover unwanted events e g auditing software provides evidence for later use Corrective Controls 7 rectify an unwanted event of a trespass eg reinitiating a network circuit Risk Assessment 7 is the process of making a network more secure by comparing each security threat with the control designed to reduce it Redundancy 7 uninterruptible power supplies faulttolerant servers disk mirroring disk duplexing Viruses 7 Attach to programs and execute when programs are run Macroviruses 7 Attach themselves to documents and becomes active when documents are opened Disaster Recovery Plan DRP 7 a plan response to possible disasters providing for partial or complete recovery of all data application software network components and physical facilities Back up and Recovery Controls 7 Enable an organization to to recover its data and restart its application software should some part of the network fail Level 1 When networks are built additional capacity and spare equipment are added to recover from a minor disaster Level 2 Most large organizations rely on professional disaster recovery rms to provide second level support for major disasters Preventing Intruder Access 1 Casual Hackers 7 only have limited knowledge of computer security Security Experts 7 whose motivation is the thrill of the huntcrackers Professional Hackers 7 who break into corporate ofr government computers for speci c purposes 4 Organization Employees 7 who have legitimate access to the network but who gain access to information they are not authorized to use Callback Modems amp Automatic Number Identi cation ANI So users can only dial in from authorized locations are granted access One time Passwords 7 provides a strategy for traveling employees how can t use call back modems and automatic number identification Sent to pager email handheld device Firewall 7 router gateway or special perpose computer that examins packets owing into and out of the organization s networks usually via the Intranet restricting access to that network packet level and application level Packet level examines the source and destination address of packets that pass through it only allowing packets that have acceptable addresses to pass IP Spoo ng 7 accomplished by changing the source address on incoming packets from their real address to an address inside the organization s network Application Level 7 application gateway acts as an intermediate host computer separating a private network from the rest of the intemet but it works on specific applications such as Web sites access Network Address Translation NAT 7 is used to shield a private network from outside interference NAT Proxy server Uses an address table translating network addresses inside the organization into aliases for use on the Internet So internal addresses remain hidden Encryption Plaintext the unencrypted message Encryption Algorithm works like the locking mechanism to a safe Key works like a safe s combination Ciphertext produced from the plainteXt message by the encryption function Decryption is the same process in reverse but it does not always use the same key or algorithm Encryption Techniques Symmetric 7 private key encryptionuses same key to encrypt and decrypt Asymmetric 7 public key encryptionpublic key used to encrypt private key used to decrypt Greatly reduces key management problems public key works as follows B the message recipient makes hisher public key widely availablesay through the intemet Athe sender then uses B s MN VV public key to encrypt the message to be sent to B s B then uses his own private key to decrypt the message Digital Signatures 7 based on a variation of public key encryption includes name of creator and key contents in the outgoing message in encrypted using the sender s private key then decrypted using the sender s public key providing evidence that the message originated from the sender Brute Force trying all possible combinations possible until you nd the right key Other Encryption Techniques Pretty Good Privacy PGP 7 public freeware package developed by Phil Zimmerman used to encrypt emails PGP users make there public keys available by the intemet Anyone wishing to send a encrypted message to that person cut and pastes the public key from the intemet in t o the PGP software it encrypts the message and sends the message using that key Secure Sockets Layer SSL 7 technique used on the web that operates between the application and transport layers combines symmetric with digital signatures SSL has 4 steps p t Negotiation 7 Brower and server rst agree on the encryption technique they will use 2 Authentication 7 the server authenticates itself by sending its digital signature to the browser 3 Symmetric Key Exchange 7 browser and server exchange sym Keys used to encrypt outgoing messages Symmetric Key Encryption w Dig Signatures 7 encrypted messages are then sent that include digital signatures A V Detecting Unauthorized Access Intrusion Detection System IDS Netw0rk based IDS s 7 installs IDS s sensors n network circuits and monitors packets H0st based IDS s 7 monitors all activity on the server as well as incoming server traf c Application based IDS s are a special form of hostbased IDS s that monitor just one application such as a Web server Detecting Intrusions intrusion detection systems use two main techniques to determine ifan intrusion is in progress Misuse Detection 7 compares monitored activities with signatures of known attacks If an attack is recognized the IDS issues an alert Anomaly Detection operates in stable computing environments and looks for a major deviations form the normal parameters of network operation When one is detected large number of failed logins increased traf c an alert is issued Correcting Unauthorized Access Once it has occurred nd where the security breach occurred and X it in an attempt to deter such breakins there has been a stiffening of computer security laws and in the legal interpretation of other laws that pertain to computer networks Many organization have taken steps to detect or deter intruders by using entrapment techniques that lure hackers to a server with fake information and may even have special software to task the hacker s origin Honeypots lures hackers into a system admin can watch the hacker exploit the vulnerabilities of the system thereby learning where the system has weaknesses that needs to be redesigned the hacker can be caught and stopped while trying to obtain root access to the system By studying the activities of hackers designers can better create more secure systems that are potentially invulnerable to future hackers To get around legal concerns a warning message should be displayed saying that unauthorized access will be monitored
Are you sure you want to buy this material for
You're already Subscribed!
Looks like you've already subscribed to StudySoup, you won't need to purchase another subscription to get this material. To access this material simply click 'View Full Document'