Computer Networks and Information Security (99)[detail]

OSI 7 layer

APSTNDLP

communication basics

medium, energy form, way to represent energy as data

PSTN

Public Switched Telephone Network

PSTN Structure

Local loops, trunks and switching offices

synch comm

depends on timing signals provided by the sender

asynch comm

no timing signals required

simplex

comm only in one direction always

half duplex

comm in one direction at a time, can be reversed

full duplex

comm in both directions at a time

RS-232-C

-15V to 15V, start bit, idle period

Nyquist equation

maxD = 2.(bw).log2(num volt levsls)

Shannon-Hartley theorem

D = B log2(1 + S/N)

S/N

dB = 10log10(S/N)

Why nyquist

finite transmission capacity of perfect channel

why shannon-hartley

random noise greatly reduces max data rate

Attenuation

signal on wire becoming weaker with distance, resistance converts energy to heat

amplitude modulation

change strength/alter height of sine wave

freq modulation

change wavelength/speed of sine wave

phase shift modulation

change phase/restart sine wave

multiplexing

multiple signals sent over a medium without interferences

freq div multiplex

divides spectrum into freq bands

time div multiplex

users take turns in round robin

code div multiplex

extract desired signal, rejecting else

Packet

small blocks of data send and received individually

Packets benefits

allow efficient error detection/recovery and fair sharing of comm links

Frames

encapsulates frames for transmission on on physical layer

frame contents

header, payload, trailer

unack connless service

ethernet

ack connless service

wifi

ack conn-oriented service

ATM

sender data link layer

break bit stream into discrete frames, compute checksum, send w/ frame

receiver data link layer

recomputes checksum, if does not match an error occurrerrrd

byte stuffing

add special byte to beginning and end of each frame

bit stuffing

similar to byte stuffing but no requirement for 8 bits, helps physical layer maintain serialisation

transmission error types

interference causing received incorrectly, and interference causing data to be received when none sent

two basic strats for errors

error correcting codes and error detecting codes

error detection

check if error occurs and if so, request frame be resubmitted, no need for error correcting data

parity

even or odd number of 1s in message

checksum

sender calculates complement of sum and sends with message, receiver checks if total is zero

Cyclic redundancy check

A polynomial code, sender and receiver agree on G(x)

Error correction

Redundancy to sent information, most useful on noisy channels where retrans likely to error

hamming distance

given 2 valid codewords, count number of corresponding bits that differ

hamming error detecting h

requires code with hamming distance h+1

hamming error correcting h

requires code with hamming distance 2h+1

stop and wait

sender waits for ack before sending more

sliding window

sender and receiver maintain set of seq numbers for frames they can send/receive

broadcast channels

shared medium, used by LANs, reduces cost but adds coord overhead and high bandwidth req.

LAN topologies

star, ring, bus

medium access control

sublayer that determines who goes next on multiaccess channel

static channel allocation

split channel by multiplexing, works well with small constant users

dynamical channel allocation assumptions

independent traffic, single channel, observable collisions, continuous or slotted time, carrier sense or no carrier sense

ALOHA

Users transmit whenever they have data, central computer broadcasts each frame it receives, if frame not heard wait a random time and retransmit

Slotted ALOHA

ALOHA synced with clock to improve performance

CSMA/CD

Carrier Sense Multple Access w/ Collision Detection

CSMA

detect when stations are transmitting and wait for idle, wait random time, or use slots

Bridge

connects multiple LANs

VLAN

virtual LANs based on organisational structure rather than geography

Network layer

Deals with end to end transmission/choosing route a message should take/connecting networks

connectionless

preferred by internet community, routers just move packets, network inherently unreliable, hosts manage error and flow control

connection oriented

network should be reliable, quality of service vital, preferred by telephone companies

Routing table

managed by routing algorithm to determine where packets should go

Virtual circuit

path established between sender and receiver, packets carry identifier

Routing when?

datagram: for each packet, VC network: when new VC set up

Forwarding

looking up table to see where to send packet

Pouting

filling in and updating routing table

routing goals

correctness, simplicity, robustness, stability, fairness, efficiency

non adaptive routing

static routes, decisions made offline, downloaded to routers when booting

adaptive routing

dynamic routing, changes based on topology, traffic, etc, optimise for some measure

Sink tree

Shows optimal routes from all sources to a destination

Flooding

simple technique to send incoming packet out all outgoing links except the one it arrived on

Distance vector routing

each router maintains table, tables shared with each other until no change

dijkstras algo

start at one point and move along tree working out best path

Link state routing

complete topology distributed to every router

Load shedding

When a router has too many packets to handle it must drop some: drop new packets for file transfer and old packets for real time media

Internetworking

Connecting multiple networks together

Network differences

Service offered, addressing, broadcasting, packet size, ordering, QoS, Reliability, security, parameters, accounting

MTU

maximum transmission unit

Tunneling

Used when source and destination networks are the same but there is a different network between

internet principles

make sure it works, simple, clear choices, modularity, heterogeneity, avoid statis, good design not perfrect, strict sending but tolerent receiving, scalaiblity, performance and cost

IPv4

32bit addresses containing network prefix and host address

CIDR notation

/16 /24 notation

Classless InterDomain Routing

combines smaler networks into a supernet for easier routing

IPv6

128bit addresses, solves running out of IPv4 addresses, not directly compatible

DHCP

A host can broadcast a DHCP request, a server can respond to the data link layer address (MAC)

UDP

connectionless protocol, sending packets between applications, apps can build own protocols

TCP

connection oriented protocol, adds reliability, flow control, congestion control

RPC

remote procedure call, similar to calling a function in programming language

Authenticity

Is a person who they claim to be? using something you know/have/are

Accountability

Can it be proven you did or didn't do something

Confidentiality

Ensuring that private information is not disclosed to unauthorised individuals

Integrity

Ensuring information and programs are only changed in an authorised person

Availability

Ensuring systems work promptly and that authorised users are not denied service.

Threat

a possible danger that might exploit a vulnerability

Attack

a deliberate attempt to evade security services and violate the security polity of a system

Passive attacks

eavesdropping, traffic analysis (contents or properties)

Active attacks

Modification of data stream or creating false one

Authentication

assures communication is authentic, typically implemented by having secret information the other party can verify

Access control

limit and controls access to a host system and application, requires authentication

Message Authentication Code

A code generated with a key and original message passed with the message to be verified on the receiving end