OSI Layers
Layer 7 : Application
Layer 6: Presentation
Layer 5: Session
Layer 4: Transport
Layer 3: Network
Layer 2: Data Link
Layer 1: Physical
OSI Layer 1
Layer 1: Physical
Everything you connect to a physical device:
USB
Hubs
Cables
Repeaters
Data transportation on bit levels
10111010111010101101011110
Topologies:
Bus
Mesh
Star
Tree
Ring
OSI Layer 2
Layer 2: Data Link
This layer deals with addressing the physical hardware
Data transportation on frame level
PPTP
L2TP
ARP
Token Ring
- Logical Link Control (flow control + error notification)
- MAC addresses
OSI Layer 3
Layer 3: Network
Handles path selection and logical addressing
Data transportation on packet level
IP addresses
OSPF
IP
DHCP
ICMP
Layer 3 concerns Routers
OSI Layer 4
Layer 4: Transport
Handles end-to-end data transfer services and reliability
Data transportation on datagram level
Segmentation
Sequencing
Error checking
Protocols:
- TCP
- UDP
- SSL
OSI Layer 5
Layer 5: Session
Handles inter-host communications
Simplex
Half duplex
Full duplex
Protocols:
PAP: Password Authentication Protocol
PPTP: Point-to-Poin tunneling protocol
RPC: Remote Procedure Call Protocol
NFS: Network File System
Layer 5 concerns Gateways
OSI Layer 6
Layer 6: Presentation
Handles
Compression and decompression
Encryption and decryption
Common format to repretent data standards such as: JPEG, MID, TIFF
OSI Layer 7
Layer 7 : Application
Handles user data
Protocols:
SSL: Secure Socket Layer
Telnet
FTP
(s)FTP
SNMP
SMTP
OSI Layer Security
In alle lagen van de OSI Layer dien je maatregelen te nemen voor de informatiebeveiliging, doch de mensen blijven de zwakste schakel.
TCP/IP Model
TCP/IP Layer -> Protocols in each layer
Layer 4 Application Layer -> HTTP, RDP, DHCP, DNS, X windows, Telnet, SMTP, SSH, TFTP, SNMP, FTP
Layer 3 Transport Layer -> TCP, UDP
Layer 2 Internet Layer -> ICMP, IGMP, ARP, IPv4/IPv6
Layer 1 Network acces Layer -> Ethernet, FDDI, x.25, Frame Relay, Token Ring
OSI Layer vs TCP/IP Model
OSI Layers
7, 6, 5 -> Application
4 -> Transport
3 -> Internet
2, 1 -> Network Interface
Firewalls
Packet filtereing firewall=pakket mag door of niet
Stateful packet filtering firewall=ziet of sessie vanuit intern is opgestart
Application proxy firewalls= kijkt naar applicatie content
Circuit leven proxy FW=proxy firewall
IPS
IPS – Intrusion Prevention System
Detects malicious traffic and intervein when deemed necessary
- Policy based (signature)
- Heuristic scanning
IDS
IDS – Intrusion Detection System
Detects malicious traffic and sends an alert when deemed necessary
- Policy based (signature)
Human interaction required
Wireless
Ad hoc Mode: directly connect two+ clients, no access point
Infrastructure Mode: connects endpoints to a central network, not directly to each other
Stand-alone Mode: isolated system
WEP: don’t use can be cracked in seconds, predecessor to WPA and WPA2.
WPA: uses TKIP for data encryption
WPA2: based on 802.11i, uses AES, key management, reply attack protection, and data integrity (2004)
WPA3: improved version of WPA2 (2018)
WEP= no go (verdien je stokslagen als je het gebruikt)
WPA= is beter maar is ook kwetsbaar
VPN - Protocols
PPTP, Point to Point tunneling protocol
L2F, Layer 2 Forwarding
L2TP, Layer 2 tunneling protocol
TLS – Transport Layer Security
IPsec
Digital
IPSEC
2 protocols: AH Authentication header and ESP Encapsulated Security Payload
works with Security Associations (SA’s)
works with IKE protocols IKE IS FOR MANAGING SECURITY ASSOCIATIONS
2 modes:
transport: data is encrypted header is not
tunneled: new uses rc6; IP header is added, old IP header and data is encrypted
TOR
HetTor-netwerkverbergt je identiteit door je internetverkeer om te leiden langs verschillendeTor-servers (of ‘nodes’). Je data wordt versleuteld en dan over de verschillende nodes gestuurd, waar de verschillende encryptie-lagen stuk voor stuk ontsleuteld worden, tot de data uiteindelijk ‘kaal’ op zijn bestemming is.
Tor network= losse vpn netwerk tussen pc’s.
Er is altijd een stuk wat niet ge-encypt is, communicatie richting de vpn tunnel.
Common Cyber Attacks
Bluejacking: when attackers send unsolicited messages via Bluetooth
Spoofing: when an attacker sends false replies to a requesting system, beating valid replies from the real (email) server. (DNS, Email)
DOS: performed by sending malformed packets to a system; can interrupt service or completely deny legitimate users of system resources.
DDOS: botnet, zombie, massive dos attack using multiple computers
SMURF: ICMP requires three players (attacker, victim and amplifying network); attacker spoofs packet header to make it appear that it originated on the victim system with amplifying network broadcasting the message.
SYN FLOOD: TCP packets requesting a connection (SYN bit set) are sent to the target network with a spoofed source address. The target responds with a SYN-ACK packet, but the spoofed source never replies.
Samenvatting HC week 4
Dit hoorcollege bestond uit een verscheidenheid aan onderwerpen rondom het thema netwerken en communicatie. Er is gesproken over het OSI model, het theoretische model aangaande netwerkcommunicatie.
De netwerk security devices Firewalls en IPS/IDS’sen zijn besproken. Verder zijn draadloze en virtuele netwerken aan bod gekomen evenals de beveiliging ervan.
Er is besproken wat een VPN is, ook Tor als VPN netwerk is aan bod gekomen.
De verschillende soorten aanvallen die op netwerken uitgevoerd kunnen worden zijn besproken
Een bekende security methode ter beveiliging van netwerken: defense in depth.
Begrippenlijst
PPTP = Point-to-Point Tunneling Protocol
L2TP = Layer 2 Tunneling Protocol
L2F = Layer 2 Forwarding
TLS = Transport Layer Security
ARP = Address Resolution Protocol
MAC = Media Access Control
IDS = Intrusion Detection System
IPS = Intrusion Protection System
IP = Internet Protocol
OSPF = Open Shortest Path First
DHCP = Dynamic Host Configuration Protocol
ICMP = Internet Control Message Protocol
TCP = Transmission Control Protocol
UDP = User Datagram Protocol
SSL = Secure Sockets Layer
PAP = Password Authentication Protocol
RPC = Remote Procedure Call
NFS = Network File System
FTP = File Transfer Protocol
SNMP = Simple Network Management Protocol
SMTP = Simple Mail Transfer Protocol
WEP = Wired Equivalent Protocol
WPA = Wi-Fi Protected Access
TKIP = Temporal Key Integrity Protocol
LEAP = Lightweight Extensible Authentication Protocol
AP = Access Point
PTK = Pairwise Transit Key
GTK = Group Temporal Key
HTTP = Hyper Text Transfer Protocol
VM = Virtual Machine
OS = Operating System
DoS = Denial of Service
-
Verzamelingen & Relaties36
-
Propositie Logica26
-
Statistiek71
-
Big (O) Notation6
-
Data Typen15
-
Bomen en Grafen24
-
C#19
-
SQL20
-
Statistiek V217
-
Software Architecture166
-
Self-Assessment Questions Software Architecture120
-
Architecture Characteristics12
-
Security12
-
Legal and ethics82
-
Legal W114
-
Legal W218
-
Legal W333
-
Legal W416
-
Legal W523
-
Lv237
-
DevOps40
-
Business Process Analysis85
-
Cybersecurity w126
-
Cybersecurity w217
-
Cybersecurity w324
-
Cybersecurity w421
-
Cybersecurity w513
-
Cybersecurity w616
-
Cybersecurity w712
