IFSM - Final Assessment Essay
Fundamentals of Information Systems
Security/Telecommunications and Network Security
Contents
◾ 1 Introduction
◾ 1.1 Basic Concepts
◾ 1.2 Network Models
◾ 1.2.1 OSI Reference Model
◾ 1.2.2 TCP/IP Model
◾ 2 Physical Layer
◾ 2.1 Signals
◾ 2.1.1 Analog Signals
◾ 2.1.2 Digital Signals
◾ 2.1.3 Analog vs Digital
◾ 2.2 Data Transmission
◾ 2.3 Network Topology
◾ 2.3.1 Physical Topologies
◾ 2.3.2 Logical Topologies
◾ 2.4 Media
◾ 2.4.1 Guided Media
◾ 2.4.2 Unguided Media
◾ 2.5 L1 Devices
◾ 2.6 Wireless Transmission Technologies
◾ 3 Data-Link Layer
◾ 4 Network Layer
◾ 4.1 Basic Concepts
◾ 4.2 The Internet Protocol (IP)
◾ 5 Transport Layer
◾ 5.1 The Transmission Control Protocol (TCP)
◾ 5.2 The User Datagram Protocol(UDP)
◾ 6 Session Layer
◾ 7 Presentation Layer
◾ 8 Application Layer
◾ 9 Further reading
Introduction
Basic Concepts
Data Communication
◾ Data Communications is the transfer of data or information between a source and a receiver.
◾ The source transmits the data and the receiver receives it.
◾ Data Communication is interested in the transfer of data, the method of transfer and the preservation of the data during the
transfer process and it does not bother of the information generation.
◾ Components of a DC
◾ Protocol- Defines the Rules and Regulations to
control and manage the communication
Page 1 of 16Fundamentals of Information Systems Security/Telecommunications and Network Securit...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
◾ Message-information/data that is needed to be
conveyed to the receiver
◾ Sender- to receive/consume the data
◾ Receiver- to generate the data
◾ Medium- a communication channel to carry the
message
Telecommunication
◾ Telecommunication is the assisted transmission of signals over a distance for the purpose of communication
Networking
◾ A computer network is an interconnection of a group of computers
◾ An internetwork is a collection of individual networks, connected by intermediate networking devices, that functions as a
single large network. Internetworking refers to the industry, products, and procedures that meet the challenge of creating and
administering internetworks
Network Categories and Technologies
Category Characteristics Technologies
Local Area Network (LAN)
◾ small geographic range
◾ higher data transfer rates
◾ typically configured and are operated by the owner of
the network
◾ Ethernet
◾ FDDI
◾ Token Ring
◾ Wireless LAN
◾ VLANs
Wide Area Network (WAN) ◾ connects different LANs over great distances.
◾ slow data rate
◾ ISDN
◾ Frame Relay
◾ ATM
Metropolitan Area Network
(MAN)
◾ intermediate between LAN and WAN.
◾ moderate-to-high data rates
◾ SMDS which is based on
DQDB
Network Models
OSI Reference Model
Overview
◾ The Open Systems Interconnection Basic Reference Model (OSI
Reference Model) is a layered, abstract description for
communications and computer network protocol design, developed as
part of the Open Systems Interconnection initiative by ISO.
◾ The OSI is composed of seven layers, each specifying particular
network functions.
◾ The Seven Layers of OSI Model
◾ One OSI layer communicates with another layer to make use of
the services provided by the second layer.
◾ The services provided by adjacent layers help a given OSI layer
communicate with its peer layer in other computer systems.
◾ Three basic elements are involved in layer services:
◾ The service user- resides inside the layer
Page 2 of 16Fundamentals of Information Systems Security/Telecommunications and Network Securit...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
◾ The service provider- resides inside the layer
◾ The service access point (SAP)- resides between the layers
◾ Advantages of Layering
◾ Each layer is reasonably self-contained so that the tasks
assigned to each layer can be implemented independently.
This enables the solutions offered by one layer to be
updated without adversely affecting the other layers.
◾ Various technologies, protocols, and services can interact
with each other and provide the proper interfaces to enable
communications.
OSI Layer Services and Protocols
Layer Services Protocols
L7:Application layer ◾ Identifying communication partners, determining
resource availability, and synchronizing
communication
FTP,TFTP,SNMP,SMTP,Telnet,HTTP
L6:Presentation layer
◾ Provides a variety of coding and conversion
functions that are applied to application layer data
◾ Ensure that information sent from the application
layer of one system would be readable by the
application layer of another system
ASCII,EBCDIC,TIFF,JPEG,MPEG,MIDI
L5:Session layer
◾ Establishes, manages, and terminates
communication sessions consisting of service
requests and service responses that occur between
applications located in different network devices
NFS,NetBIOS,SQL,RPC
L4:Transport layer
◾ Flow control- manages data transmission between
devices so that the transmitting device does not
send more data than the receiving device can
process
◾ Multiplexing- enables data from several
applications to be transmitted onto a single physical
link.
◾ Virtual circuits- are established, maintained, and
terminated by the transport layer
◾ Error checking- involves creating various
mechanisms for detecting transmission errors,
while error recovery involves acting, such as
requesting that data be retransmitted, to resolve any
errors that occur.
TCP,UDP,SSL,SPX
L3:Network layer ◾ Path determination(routing) and logical addressing IP,ICMP,IGMP,RIP,OSPF,IPX
L2:Data link layer ARP,RARP,PPP,SLIP
Page 3 of 16Fundamentals of Information Systems Security/Telecommunications and Network Securit...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
◾ Provides reliable transit of data across a physical
network link
◾ Defines different network and protocol
characteristics, including physical addressing,
network topology, error notification, sequencing of
frames, and flow control
◾ Divided into 2 sublayers-LLC and MAC
◾ The Logical Link Control (LLC) sublayer of
the data link layer manages communications
between devices over a single link of a
network
◾ The Media Access Control (MAC) sublayer
of the data link layer manages protocol
access to the physical network medium. The
IEEE MAC specification defines MAC
addresses, which enable multiple devices to
uniquely identify one another at the data link
layer.
L1:Physical layer
◾ Defines the electrical, mechanical, procedural, and
functional specifications for activating,
maintaining, and deactivating the physical link
between communicating network systems.
◾ Define characteristics such as voltage levels, timing
of voltage changes, physical data rates, maximum
transmission distances, and physical connectors
HSSI,X.21,EIA/TIA-232
OSI Security Services
The security services that are defined in the OSI security model include
◾ Data integrity - protection from modification and destruction
◾ Data confidentiality - protection from disclosure
◾ Authentication -verification of identity of the communication source and
◾ Access control services - enable mechanisms to allow or restrict access.
Information Exchange Process
◾ The seven OSI layers use various forms of control information to communicate with their peer layers in other computer
systems. This control information consists of specific requests and instructions that are exchanged between peer OSI layers.
◾ Control information typically takes one of two forms:
◾ Headers are pre-appended to data that has been passed down from upper layers
◾ Trailers are appended to data that has been passed down from upper layers
◾ An OSI layer is not required to attach a header or a trailer to data from upper layers.
◾ The data portion of an information unit at a given OSI layer potentially can contain headers, trailers, and data from all the
higher layers. This is known as encapsulation.
TCP/IP Model
Overview
◾ The TCP/IP model or Internet reference model,
sometimes called the DoD (Department of
Defense) model or the ARPANET reference
model, is a layered abstract description for
communications and computer network protocol
design.
Page 4 of 16Fundamentals of Information Systems Security/Telecommunications and Network Securit...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
◾ It was created in the 1970s by DARPA for use
in developing the Internet's protocols.
◾ It is a suite of protocols among which TCP and
IP are the two main protocols, hence the name.
◾ This model was developed before the OSI
Reference Model, and the Internet Engineering
Task Force (IETF), which is responsible for the
model and protocols developed under it, has
never felt obligated to be compliant with OSI.
◾ The model is composed of 5 layers
◾ Physical
◾ Data Link
◾ Network
◾ Transport
◾ Application
The TCP/IP Advantage
The reasons that TCP/IP has become the most widely
used protocol are as follows:
◾ The flexible addressing scheme of TCP/IP
allows data to be routed over even very large
networks.
◾ Virtually all operating systems and platforms can use TCP/IP.
◾ TCP/IP offers a very large number of utilities and tools.
◾ The I/Internet communication is based on TCP/IP.
TCP/IP Services and Protocols
Layer Services Protocols Devices
Physical Layer
◾ Dictates Signal Characteristics
◾ Data Transmission
◾ Signal Multiplexing
◾ Dictates Network L/O
◾ Dictates Media Characteristics
◾ Switching
◾ HSSI
◾ X.21
◾ Repeaters
◾ Hubs
◾ Modems
Data Link Layer
◾ Error Detection and Correction
◾ Flow and Error Control
◾ Media Access Control
◾ Virtual Circuit Switching
◾ HDLC
◾ ARP/RARP
◾ SLIP
◾ PPP
◾ Bridges
◾ Switches
Network Layer
◾ Internetworking
◾ Logical Addressing
◾ Routing
◾ Datagram Switching
◾ Routed Protocols
◾ IGMP
◾ IP
◾ ICMP
◾ Routing Protocols
◾ RIP
◾ IGRP
◾ BGP
◾ OSF
◾ Routers
◾ Gateways
Transport Layer ◾ Process-to-Process Delivery
◾ Congestion Control
◾ TCP
◾ UDP
N/A
Page 5 of 16Fundamentals of Information Systems Security/Telecommunications and Network Securit...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
◾ Quality of Service
Application Layer
◾ WWW
◾ Multimedia
◾ TFTP
◾ HTTP
◾ FTP
◾ SMTP
◾ SNMP
◾ POP3
◾ Application Gateways
Physical Layer
Signals
◾ Data is transmitted in the form of electromagnetic signals.
◾ Signals are of two types
◾ Analog Signals
◾ Digital Signals
Analog Signals
◾ Analog data refers to information that is continuous;
◾ Analog data take on continuous values
◾ Analog signals - can have an infinite number of values in a range;
Digital Signals
◾ Digital data refers to information that has discrete states.
◾ Digital data take on discrete values.
◾ Digital signals- can have only a limited number of values.
Analog vs Digital
Periodic vs Non-Periodic Signals
◾ In data communications, we commonly use periodic analog signals and nonperiodic digital signals.
◾ Periodic analog signals can be classified as simple or composite.
◾ A simple periodic analog signal, a sine wave, cannot be decomposed into simpler signals.
◾ A composite periodic analog signal is composed of multiple sine waves.
Signal Properties
◾ Frequency is the rate of change with respect to time.
◾ Change in a short span of time means high frequency.
◾ Change over a long span of time means low frequency.
◾ If a signal does not change at all, its frequency is zero.
◾ If a signal changes instantaneously, its frequency is infinite.
◾ Frequency and period are the inverse of each other.
◾ Phase describes the position of the waveform relative to time 0.
A complete sine wave in the time domain can be represented by one single spike in the frequency domain A single-frequency sine
wave is not useful in data communications; we need to send a composite signal, a signal made of many simple sine waves
According to Fourier analysis, any composite signal is a combination of simple sine waves with different frequencies, amplitudes,
and phases.
Page 6 of 16Fundamentals of Information Systems Security/Telecommunications and Network Securit...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
If the composite signal is periodic, the decomposition gives a series of signals with discrete frequencies; �if the composite signal
is nonperiodic, the decomposition gives a combination of sine waves with continuous frequencies. The bandwidth of a composite
signal is the difference between the highest and the lowest frequencies contained in that signal.
◾ Digital Signals
◾ In addition to being represented by an analog signal, information can also be represented by a digital signal. For
example, a 1 can be encoded as a positive voltage and a 0 as zero voltage. A digital signal can have more than two
levels. In this case, we can send more than 1 bit for each level.
◾ A digital signal is a composite analog signal with an infinite bandwidth.
◾ Baseband transmission of a digital signal that preserves the shape of the digital signal is possible only if we have a
low-pass channel with an infinite or very wide bandwidth.
◾ In baseband transmission, the required bandwidth is proportional to the bit rate;
if we need to send bits faster, we need more bandwidth.
◾
◾ If the available channel is a bandpass channel, we cannot send the digital signal directly to the channel; �we need to
convert the digital signal to an analog signal before transmission.
Data Transmission
Data Rate
◾ Data Rate Limits- depends on three factors:
◾ The bandwidth available
◾ The level of the signals we use
◾ The quality of the channel (the level of noise)
Note:Increasing the levels of a signal may reduce the reliability of the system.
Transmission Impairments
◾ Signals travel through transmission media, which are not perfect. The imperfection causes signal impairment. This means
that the signal at the beginning of the medium is not the same as the signal at the end of the medium. What is sent is not
what is received. Three causes of impairment are attenuation, distortion, and noise.
◾ Performance
◾ One important issue in networking is the performance of the network—how good is it?
The first, bandwidth in hertz, refers to the range of frequencies in a composite signal or the range of frequencies that a channel can
pass. The second, bandwidth in bits per second, refers to the speed of bit transmission in a channel or link.
◾
◾ The bandwidth-delay product defines the number of bits that can fill the link.
Network Topology
A Network topology is the study of the arrangement or mapping of the elements of a network.
Physical Topologies
Overview
◾ Physical topology defines how the systems are physically connected. It represents the physical layout of the devices on the
network.
◾ There are five main types of physical topologies that can be used and each has its own strengths and weaknesses.
Topologies
Page 7 of 16Fundamentals of Information Systems Security/Telecommunications and Network Securit...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
Topology Advantages Disadvantages
Commonly
used
Technology
Structure
Bus
◾ Uses a linear,
single cable for
all computers
attached
◾ All traffic
travels the full
cable and can
be viewed by all
other
computers.
◾ Easy to
install
◾ Costs are
usually low
◾ Easy to add
systems to
network
◾ Great for
small
networks
◾ Out-of-date
technology
◾ If cable
breaks, whole
network is
down
◾ Can be
difficult to
troubleshoot
◾ Unmanageable
in a large
network
◾ If a malicious
user were on
this network
and utilized a
packet capture
program, he
could see
every
conversation
that occurred
between
machines.
Ethernet
Ring
◾ All computers
are connected
by a
unidirectional
transmission
link, and the
cable is in a
closed loop.
◾ Does not
require
termination
like the bus.
◾ Easy to
install
◾ Costs are
usually low
◾ Great for
small
networks
◾ Easy to add
systems to
network
◾ If one station
experiences a
problem, it can
negatively
affect
surrounding
computers on
the same ring.
◾ Out-of-date
technology
◾ If cable
breaks, whole
network is
down
◾ Can be
difficult to
troubleshoot
◾ Unmanageable
in a large
network
FDDI
Star
◾ All computers
are connected to
a central device,
which provides
more resilience
for the network.
◾ when one
system goes
down, it
does not
bring the
rest of the
network
down.
◾ Costs are
usually higher
than with bus
or ring
networks
◾ If you have
only one
central device
Logical bus
(Ethernet)
and ring
topologies
(Token
Ring)
Page 8 of 16Fundamentals of Information Systems Security/Telecommunications and Network Securit...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
◾ It is the most
prevalent
topology in use
today.
◾ Easy to
install
◾ Easy to add
devices to
network
◾ One break
does not
bring whole
network
down
◾ Easier to
troubleshoot
◾ Widely used
◾ Centralized
management
and it fails, it
brings the
network down
Tree
◾ The hybrid or
tree topology is
simply a
combination of
the other
topologies.
◾ The hierarchy
of the tree is
said to be
symmetrical, if
each node in the
network having
a specific fixed
number, f
('branching
factor' ),of
nodes
connected to it
at the next
lower level in
the hierarchy.
Combined
Advantages
Combined
Disadvantages Ethernet
Mesh
◾ In this layout,
every system is
connected to
every other
system.
◾ The main
advantage of
this topology is
high
availability.
◾ The main
disadvantage of
this topology is
cost, both
administrative
and physical.
◾ Mainly used in
Wide Area
◾ Extremely
fault tolerant
◾ Expensive
◾ Difficult to
implement
◾ Difficult to
administer
◾ Difficult to
troubleshoot
problems like
cable faults.
Internet
Page 9 of 16Fundamentals of Information Systems Security/Telecommunications and Network Securit...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
Network
environments or
in environments
where high
availability
outweighs the
costs associated
with this
amount of
interconnection.
Logical Topologies
◾ The Logical topology defines how the systems communicate across the physical topologies.
◾ There are two main types of logical topologies:
◾ shared media topology
◾ token-based topology
Shared Media Topology
◾ In a shared media topology, all the systems have the ability to access the physical layout whenever they need it.
◾ Advantage- the systems have unrestricted access to the physical media.
◾ Disadvantage-collisions: If two systems send information out on the wire at the same time, the packets collide and kill both
packets.
◾ Example: Ethernet- uses CSMA/CD protocol to avoid collision
◾ Ideal for small networks-many networks are broken up into several smaller networks with the use of switches or hubs to
reduce the collision domain.
◾ Shared media networks are typically deployed in a bus, star, or hybrid physical topology.
Token Based
◾ The token-based topology works by using a token to provide access to the physical media.
◾ In a token-based network, there is a token that travels around the network. When a system needs to send out packets, it grabs
the token off of the wire, attaches it to the packets that are sent, and sends it back out on the wire. As the token travels
around the network, each system examines the token. When the packets arrive at the destination systems, those systems
copy the information off of the wire and the token continues its journey until it gets back to the sender. When the sender
receives the token back, it pulls the token off of the wire and sends out a new empty token to be used by the next machine.
◾ Advantage - no collision problems
◾ Disadvantage- latency, because each machine has to wait until it can use the token, there is often a delay in when
communications actually occur.
◾ Token-based network are typically configured in physical ring topology because the token needs to be delivered back to the
originating machine for it to release. The ring topology best facilitates this requirement
Media
Signal and data transmissions occurs between a transmitter and at least a receiver, mostly in the form of electromagnetic waves
over a transmission medium (or a sequence of them). Transmission media can be classified as:
◾ Guided
◾ Unguided
Guided Media
◾ Twisted Pair
◾ Coaxial Cable
◾ Fiber Optics
Page 10 of 16Fundamentals of Information Systems Security/Telecommunications and Network Sec...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
Unguided Media
Unguided media provides a means for transmitting electromagnetic waves but do not guide them; examples are the propagation
through air, vacuum or water, all these media are unguided.
L1 Devices
Patch Panels
Modems
Wireless Transmission Technologies
Data-Link Layer
Concepts and Architecture
Architecture
Transmission Technologies
Technology and Implementation
Ethernet
Wireless Local Area Networks
Address Resolution Protocol (ARP)
Point-to-Point Protocol (PPP)
Network Layer
Basic Concepts
Local Area Network (LAN)
Wide Area Network (WAN) Technologies
Metropolitan Area Network (MAN)
Global Area Network (GAN)
Technology and Implementation
Routers
Firewalls
End Systems
The Internet Protocol (IP)
Overview
◾ The IP component of TCP/IP determines where packets of data are to be routed based on their destination addresses, and IP
has certain characteristics related to how it handles this function.
◾ The functioning of an IP based communication is analogous to Delivering Mail Through the Postal Service
IP Characteristics
Page 11 of 16Fundamentals of Information Systems Security/Telecommunications and Network Sec...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
Bits 0–3 4–7 8–15 16–18 19–31
Version Header length Type of Service Total Length
Identification Flags Fragment Offset
Time to Live Protocol Header Checksum
Source Address
Destination Address
Options
Data
◾ Operates at network layer
◾ Connectionless protocol- The destination device receives the data and does not return any status information to the sending
device
◾ Packets treated independently- A packet can be misdirected, duplicated, or lost on the way to its destination.
◾ Hierarchical addressing
◾ Best-effort delivery
◾ No data recovery features- does not provide any special features that recover corrupted packets
IP Packet Format
◾ The header consists of 12 fields + 1 optional field
◾ Version(4bits) :For IPv4, this has a value of 4 (hence the
name IPv4).
◾ Internet Header Length(4bits) : tells the number of 32-bit
words in the header. In IPv4, this field specifies the size of
the header.
◾ Type of Service (8bits)
◾ bits 0-2: precedence
◾ bit 3: 0 = Normal Delay, 1 = Low Delay
◾ bit 4: 0 = Normal Throughput, 1 = High Throughput
◾ bit 5: 0 = Normal Reliability, 1 = High Reliability
◾ bits 6-7: Reserved for future use or for
Differentiated services or for Explicit Congestion
Notification
◾ Total Length(16bits) : defines the entire datagram size, including header and data, in bytes.
◾ Identification : primarily used for uniquely identifying fragments of an original IP datagram.
◾ Flags(3bits) : used to control or identify fragments. They are (in order, from high order to low order):
◾ Reserved; must be zero.
◾ Don't Fragment (DF)
◾ More Fragments (MF)
◾ Fragment Offset(13bits) : specifies the offset of a particular fragment relative to the beginning of the original unfragmented
IP datagram.
◾ Time To Live(8bits) : helps prevent datagrams from persisting in an internetwork. When the TTL field hits zero, the packet is
no longer forwarded by a packet switch and is discarded.
◾ Protocol : defines the protocol used in the data portion of the IP datagram.
◾ Header Checksum(16bits) :used for error-checking of the header.
◾ Source address : An IP address is a group of 4, 8-bit octets for a total of 32 bits. The value for this field is determined by
taking the binary value of each octet and concatenating them together to make a single 32-bit value.
◾ Destination address : indicates the address of the packet receiver.
◾ Options : Additional header fields may follow the destination address field, but these are not often used. Note that the value
in the IHL field must include enough extra 32-bit words to hold all the options (plus any padding needed to ensure that the
header contains an integral number of 32-bit words)
IP Addressing
◾ Each IP address has specific components and follows a basic format. These IP addresses can be subdivided and used to
create addresses for subnetwork.
◾ Each host on a TCP/IP network is assigned a unique 32-bit logical address that is divided into two main parts:
◾ the network number- identifies a network, assigned by InterNIC or an ISP
◾ the host number-identifies a host on a network,assigned by the local network administrator.
◾ IPv4 Address representations
Notation Value Conversion from dot-decimal
Dot-decimal notation 192.0.2.235 N/A
Dotted Hexadecimal 0xC0.0x00.0x02.0xEB Each octet is individually converted to hex
Dotted Octal 0300.0000.0002.0353 Each octet is individually converted into octal
Hexadecimal 0xC00002EB Concatenation of the octets from the dotted hexadecimal
Page 12 of 16Fundamentals of Information Systems Security/Telecommunications and Network Sec...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
Decimal 3221226219 The hexadecimal form converted to decimal
Octal 030000001353 The hexadecimal form converted to octal
◾ IP Address Classes
◾ The IPV4 addresses are divided into five different address classes: A, B,C, D, and E.
IP Address
Class Format Purpose
High-Order
Bit(s) Address Range
No. Bits
Network/Host Max. Hosts
A N.H.H.H Few large
organizations 0 1.0.0.0 to 126.0.0.0 7/24
167772142
(2 24
- 2)
B N.N.H.H Medium-size
organizations 1, 0
128.1.0.0 to
191.254.0.0 14/16 65534 (2
16 - 2)
C N.N.N.H Relatively small
organizations 1, 1, 0
192.0.1.0 to
223.255.254.0 21/8 254 (2
8 - 2)
D N/A Multicast groups (RFC
1112) 1, 1, 1, 0
224.0.0.0 to
239.255.255.255
N/A (not for
commercial use) N/A
E N/A Experimental 1, 1, 1, 1 240.0.0.0 to
254.255.255.255 N/A N/A
Virtual Private Network (VPN)
Tunneling
Dynamic Host Configuration Protocol (DHCP)
Internet Control Message Protocol (ICMP)
Internet Group Management Protocol (IGMP)
Transport Layer
Concepts and Architecture
The Transmission Control Protocol (TCP)
Overview
◾ TCP is a connection-oriented protocol that provides data reliability between hosts. TCP has a number of unique
characteristics related to the way in which it accomplishes this transmission.
◾ The functioning of a TCP based communication is analogous to Sending Mail Certified(registered mail)
TCP Characteristics
◾ Operates at the transport layer of the TCP/IP stack
◾ Provides applications with access to the network layer
◾ Connection-oriented protocol- The end systems synchronize with one another to manage packet flows and adapt to
congestion in the network.
◾ Full-duplex mode operation
◾ Error checking- provides error checking by including a checksum in the datagram to verify that the TCP header information
is not corrupt
◾ Sequencing of data packets- TCP segments are numbered and sequenced so that the destination can reorder segments and
determine if data is missing.
◾ Acknowledgment of receipt- the receiver returns an acknowledgment to the sender indicating that it received the segment.
◾ Data recovery features- the receiver can request retransmission of a segment
TCP Connection Establishment
Page 13 of 16Fundamentals of Information Systems Security/Telecommunications and Network Sec...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
Bits 0–3 4–7 8–15 16–31
Source port Destination port
Sequence number
Acknowledgment number
Data offset Reserved CWR ECE URG ACK PSH RST SYN FIN Window
Checksum Urgent pointer
Options (optional)
Data
◾ TCP provides reliable transport services by establishing a connection-oriented session between the hosts. The Connection
establishment is performed by using a "three-way handshake" mechanism.
◾ A three-way handshake synchronizes both ends of a connection by allowing both sides to agree upon initial sequence
numbers.
◾ This mechanism also guarantees that both sides are ready to transmit data and know that the other side is ready to transmit as
well.
◾ Each host randomly chooses a sequence number used to track bytes within the stream it is sending and receiving. Then, the
three-way handshake proceeds in the following manner:
◾ The first host (Host A) initiates a connection by sending a packet with the initial sequence number (X) and SYN bit
set to indicate a connection request.
◾ The second host (Host B) receives the SYN, records the sequence number X, and replies by acknowledging the SYN
(with an ACK = X + 1). Host B includes its own initial sequence number (SEQ = Y). An ACK = 20 means the host
has received bytes 0 through 19 and expects byte 20 next. This technique is called forward acknowledgment.
◾ Host A then acknowledges all bytes Host B sent with a forward acknowledgment indicating the next byte Host A
expects to receive (ACK = Y + 1). Data transfer then can begin.
TCP segment structure
◾ Consists of header(11 fields) and data sections
◾ Source port (16 bits) – identifies the
sending port
◾ Destination port (16 bits) – identifies
the receiving port
◾ Sequence number (32 bits) – has a dual
role
◾ If the SYN flag is present then
this is the initial sequence
number and the first data byte is
the sequence number plus 1
◾ if the SYN flag is not present
then the first data byte is the
sequence number
◾ Acknowledgment number (32 bits) – if the ACK flag is set then the value of this field is the next expected byte that the
receiver is expecting.
◾ Data offset (4 bits) – specifies the size of the TCP header in 32-bit words. The minimum size header is 5 words and the
maximum is 15 words thus giving the minimum size of 20 bytes and maximum of 60 bytes. This field gets its name from the
fact that it is also the offset from the start of the TCP packet to the data.
◾ Reserved (4 bits) – for future use and should be set to zero
◾ Flags (8 bits) (aka Control bits) – contains 8 bit flags
◾ CWR (1 bit) – Congestion Window Reduced (CWR) flag is set by the sending host to indicate that it received a TCP
segment with the ECE flag set.
◾ ECE (ECN-Echo) (1 bit) – indicate that the TCP peer is Explicit Congestion Notification(allows end-to-end
notification of congestion without dropping packets)capable during 3-way handshake.
◾ URG (1 bit) – indicates that the URGent pointer field is significant
◾ ACK (1 bit) – indicates that the ACKnowledgment field is significant
◾ PSH (1 bit) – Push function
◾ RST (1 bit) – Reset the connection
◾ SYN (1 bit) – Synchronize sequence numbers
◾ FIN (1 bit) – No more data from sender
◾ Window (16 bits) – the size of the receive window, which specifies the number of bytes (beyond the sequence number in
the acknowledgment field) that the receiver is currently willing to receive
◾ Checksum (16 bits) – The 16-bit checksum field is used for error-checking of the header and data
◾ Urgent pointer (16 bits) – if the URG flag is set, then this 16-bit field is an offset from the sequence number indicating the
last urgent data byte
◾ Data (Variable bits): As you might expect, this is the payload, or data portion of a TCP packet. The payload may be any
number of application layer protocols. The most common are HTTP, Telnet, SSH, FTP, but other popular protocols also use
TCP.
Page 14 of 16Fundamentals of Information Systems Security/Telecommunications and Network Sec...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
The User Datagram Protocol(UDP)
Overview
◾ The User Datagram Protocol (UDP) is a connectionless transport-layer protocol that belongs to the Internet protocol family.
◾ UDP is basically an interface between IP and upper-layer processes. UDP protocol ports distinguish multiple applications
running on a single device from one another.
◾ Unlike the TCP, UDP adds no reliability, flow-control, or error-recovery functions to IP. Because of UDP's simplicity, UDP
headers contain fewer bytes and consume less network overhead than TCP.
◾ UDP is useful in situations where the reliability mechanisms of TCP are not necessary, such as in cases where a higher-layer
protocol might provide error and flow control.
◾ UDP is the transport protocol for several well-known application-layer protocols, including Network File System (NFS),
Simple Network Management Protocol (SNMP), Domain Name System (DNS), and Trivial File Transfer Protocol (TFTP).
TCP vs UDP
Service TCP UDP
Reliability
Ensures that packets reach their destinations, returns
ACKs when a packet is received, and is a reliable
protocol.
Does not return ACKs and does not guarantee that a
packet will reach its destination, and is an unreliable
protocol.
Connection
Connection oriented, thus it performs handshaking and
develops a virtual connection with destination
computer.
Connectionless, thus it does no handshaking and does not
set up a virtual connection.
Packet
sequencing
Uses sequence numbers within headers to make sure
that each packet within a transmission is received. Does not use sequence numbers.
Congestion
controls
The destination computer can tell the source if it is
overwhelmed and to slow the transmission rate.
The destination computer does not communicate back to
the source computer about flow control through UDP.
Usage Used when reliable delivery is required. Used when reliable delivery is not required, such as in
streaming video and status broadcasts.
Speed and
overhead
Uses a considerable amount of resources and is slower
than UDP. Uses fewer resources and is faster than TCP.
Technology and Implementation
Scanning Techniques
Denial of Service
Session Layer
Concepts and Architecture
Technology and Implementation
Remote Procedure Calls
Directory Services
Access Services
Presentation Layer
Concepts and Architecture
Technology and Implementation
Transport Layer Security (TLS)
Page 15 of 16Fundamentals of Information Systems Security/Telecommunications and Network Sec...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...
Application Layer
Concepts and Architecture
Technology and Implementation
Asynchronous Messaging (E-mail and News)
Instant Messaging
Data Exchange (World Wide Web)
Peer-to-Peer Applications and Protocols
Administrative Services
Remote-Access Services
Information Services
Voice-over-IP (VoIP)
General References
Sample Questions
Endnotes
Further reading
◾ Basic Computer Security
◾ Information Security in Education
◾ Communication Networks
◾ Wifi/Security
◾ UNIX Computing Security
◾ Security Architecture and Design
Retrieved from "https://en.wikibooks.org/w/index.php?
title=Fundamentals_of_Information_Systems_Security/Telecommunications_and_Network_Security&oldid=2952618"
◾ This page was last modified on 3 May 2015, at 10:07.
◾ Text is available under the Creative Commons Attribution-ShareAlike License.; additional terms may apply. By using this
site, you agree to the Terms of Use and Privacy Policy.
Page 16 of 16Fundamentals of Information Systems Security/Telecommunications and Network Sec...
9/29/2016https://en.wikibooks.org/w/index.php?title=Fundamentals_of_Information_Systems_Secur...