Telecommunications is “the electrical transmission of data among systems through analog, digital, and wireless transmission types.” In the U.S. they are regulated by the Federal Communications Commission (FCC) and by the International Telecommunications Union (ITU) and the International Standards Organizations (ISO) abroad. OSI was introduced by the ISO in 1984, though the Transmission Control Protocol/Internet Protocol was already in use by that time. A protocol is a standard set of rules that determines how systems will communicate across networks. Encapsulation works with the protocol stack to add information at each layer until the message is sent. The system the message is being sent to performs the entire process in reverse. Each layer has three communication abilities; it can communicate with the layer above it, below it, and with the same layer on the system it is communicating with.
There are seven OSI layers: the application layer, presentation layer, session layer, transport layer, network layer, data link layer, and physical layer. The application layer is where the action takes place. From there the request is made for the information to be sent and it works its way down the stack to the first layer or physical layer. The physical layer is responsible for converting the information from bits into voltage to be sent to the other system.
The TCP/IP suite functions in much the same way as the OSI, just with different groupings and a few different capabilities. It is a suite of protocols that governs the way data travels form one device to another. The IP part of the suite is responsible for assigning internetwork addresses and routing the packets to where they belong. The current protocol being used is IPv4, which runs in a 32 bit setting. Unfortunately we are currently almost out of available IPs which are required in order to properly receive requested information on the internet. As a result, the system is slowly moving to IPv6, which operates in a 128 bit environment, allowing a much larger number of available IPs. Another major perk of IPv6 is the integrated IPSec that is a part of the suite. This allows for end-to-end secure transmission and authentication, which the IPv4 had trouble providing. IPs are broken down into subnets, which are logical rooms or sub networks. It is a logical way of separating host IP domains for easy maintenance and security implementation. IP addresses allow requests and responses to be sent, and it is how networks communicate, but they are not very user friendly as far as remember all the IP addresses to the sites you may want to visit. The fix for this is the Domain Name Service (DNS) mapping, which resolves ULSs to the proper IP address.
In the past, analog transmissions were used for connecting networks. Today this has almost completely switched to a digital format because it can transport more calls and data transmissions on the same line at a higher quality and over longer distances. This is because digital waves travel in either a 0 or a 1 state. It can’t be in any other state, unlike analog, which can become distorted or caught in between levels. There are three types of transmission methods from servers: unicast – which is sent to one computer, multicast – which is sent to multiple computers, and broadcast – which is sent to all users on the subnet. Media Access Control (MAC) is mapped to the appropriate IP address through the Address Resolution Protocol (ARP) to ensure the correct information packets arrive where they are intended. The DHCP is responsible for delivering IP address to users as long as the address is not static. The problem with the DHCP is that it is susceptible to falsified identity. DHCP snooping should be used to prevent this.
Firewalls are an important security device used to restrict access from one device or network to another device or network. There are several variations that can be used in different situations to fulfill different needs. A few of the variations include Packet-filtering Firewalls, Stateful Firewalls, Proxy Firewalls, and Kernel Proxy Firewalls. Something often used along with a firewall is a VPN or virtual private network. It provides a secure private connection through a public network through encryption and tunneling protocols. In other words, it sets up a connection directly between two users and can’t be viewed or influenced by anything else.
A few security issues related to networking include router spoofs or masquerading. A masquerading attack is where an IP address is mapped back to a hackers MAC address in order to receive all the transmissions intended for another device with a different MAC address. This is usually done through ARP poisoning, where a system’s ARP table is altered to contain incorrect information. A Loki attack deals with the Internet Control Message Protocol (ICMP). This protocol is generally used for pinging other devices in an echo request/reply format. It is generally given trusted status because it was never intended to carry a payload. Hackers have discovered this trust flaw and have exploited it by implanting the Loki server on a desired system and sending it messages via the pings.
To combat some hackers, some companies establish Honey-pot systems to try and draw criminals away from the legitimate systems. These sandbox systems are developed with open ports and mirror images of legitimate systems. They should have no connection to the legitimate systems and can be used to try and track down and prosecute the perpetrators. This is just one way for companies to fight back, though they must be sure they are towing the fine line between enticement and entrapment, which is illegal.
No comments:
Post a Comment