Escolar Documentos
Profissional Documentos
Cultura Documentos
OSI MODEL
Oleh
Syaifuddin, Skom
Security Network
Whats a protocol?
a human protocol and a computer network protocol:
Hi
TCP connection
request
Hi
TCP connection
response
Got the
time?
Get http://www.awl.com/kurose-ross
2:00
<file>
time
Protocol layers
Networks are complex,
with many pieces:
! hosts
! routers
! links of various
media
! applications
! protocols
! hardware, software
Question:
is there any hope of
organizing structure of
network?
. or at least our discussion
of networks?
ticket (complain)
baggage (check)
baggage (claim)
gates (load)
gates (unload)
runway takeoff
runway landing
airplane routing
airplane routing
airplane routing
! a
series of steps
ticket (complain)
ticket
baggage (check)
baggage (claim
baggage
gates (load)
gates (unload)
gate
runway (takeoff)
runway (land)
takeoff/landing
airplane routing
airplane routing
airplane routing
departure
airport
airplane routing
airplane routing
intermediate air-traffic
control centers
arrival
airport
Why layering?
Application
Transmission
Media
Telnet
FTP
Coaxial
cable
NFS
Fiber
optic
HTTP
Packet
radio
Tidak ada layering: setiap aplikasi baru harus di reimplementasi untuk setiap teknologi jaringan!
Telnet
FTP
NFS
HTTP
Intermediate
layer
Transmission
Media
Coaxial
cable
Fiber
optic
Packet
radio
applications
! FTP,
SMTP, HTTP
! transport:
transfer
! TCP,
supporting network
process-process data
UDP
! network:
routing of datagrams
from source to destination
! IP,
routing protocols
! link:
! physical:
application
transport
network
link
physical
allow applications to
interpret meaning of data, e.g.,
encryption, compression, machinespecific conventions
! session: synchronization,
checkpointing, recovery of data
exchange
! Internet stack missing these
layers!
! these
application
presentation
session
transport
network
link
physical
Systematic steps
Consistent order
Routable
"
!
!
!
!
!
!
Application
Presentation
Packetize messages
Address (source & dest.)
Transmit
Receiving computer
!
Application
6 Presentation
Sending computer
!
LAN-to-LAN communication
Non-Routable
"
Session
Transport
Network
Data Link
Data Link
Physical
Physical
Protocols
Layers
Network
Session
Transport
Network
Application Layer
A
7 Application
Layers
6 Presentation
5
Session
Transport
Network
Data-Link
Physical
Application Layer
User-to-Process Interface
Database Access
E-Mail
File Transfer
Remote Connection
e.g. X.400
Protocols
FTP, TFTP
HTTP
LPD
SMTP
SNMP
Telnet
TFTP
WWW
Presentation Layer
A
7 Application
Layers
6 Presentation
5
Session
Transport
Network
Data-Link
Physical
Presentation Layer
Process-to-Session Interface
Protocol Conversion
Data Translation
Compression/Encryption
Character Set Conversion
Graphics Command Interpretation
Redirectors
Formats
File System
ASCII
Printers
EBCDIC
Encrypted
Networks
GIF
JPEG
MPEG
MIDI
TIFF
Compressed
Session Layer
A
7 Application
Layers
6 Presentation
5
Session
Transport
Network
Data-Link
Physical
Session Layer
Process-to-Process
Establishes comm link between processes
Controls Dialog: transmit/receive
Synchronization: Keeps track of long
messages
Modes:
Simplex
Protocols
Half-Duplex
SSL
Full-Duplex
NFS
SQL
RPC
Transport Layer
A
7 Application
Layers
6 Presentation
5
Session
Transport
Network
Data-Link
Physical
Transport Layer
Session-to-Network Interface
Packetizes Session Messages
Ensures Reliable Connection
Transmits Acknowledgement
Types
Connection-Oriented: TCP allows four
connections thru an X.25 Network
Layer
Connection-Less: Correctly reorders
messages from an IP Network Layer
Protocols
TCP
UDP
SPX
Network Layer
A
7 Application
Layers
6 Presentation
5
Session
Transport
Network
Data-Link
Physical
Network Layer
Network-to-Network
Packet Transmission
Intermediate Routing Decisions
Load Adaptation
Types
Connection-Oriented = X.25
Connection-Less = IP
Protocols
IP
ICMP
RIP
OSPF
BGP
IGMP
Layers
6 Presentation
5
Session
Transport
Network
Data-Link
Physical
Physical Layer
A
7 Application
Layers
6 Presentation
5
Session
Transport
Network
Data-Link
Physical
Physical Layer
Adapter-to-Adapter
Transmission of Bits
Voltage Levels
Bits per Second
Connector Dimensions
Adapter Interrupts
Formats
RS-232
HSSI
X.21
EIA-449
Cat-5, -6
Coax
PCMCIA
USB
Encapsulation
Headers
Trailer
Message
A
Application
Presentation
Session
Transport
Network
Data Link
Physical
TCP/IP
(and the OSI model)
OSI Model
A
7
TCP/IP Suite
B
TCP/IP Layers
Application
6 Presentation
Layers
WinSock
Application
FTP
NetBIOS
Session
Transport
Host-to-Host
Network
Internet
Data Link
Physical
Network Access
TCP
UDP
DHCP
IP
ICMP
LLC
ARP
MAC
RARP
Encapsulation
source
message
Ht
segment
datagram Hn Ht
frame Hl Hn Ht
M
M
M
M
application
transport
network
link
physical
link
physical
switch
destination
M
Ht
Hn Ht
Hl Hn Ht
M
M
application
transport
network
link
physical
Hn Ht
Hl Hn Ht
M
M
network
link
physical
Hn Ht
router
TCP/IP
TCP, UDP, IP
!
addressing: Port #s
! Governs transmission between devices
" Connection-Oriented: TCP Three-Way Handshake
" Packet
addressing: IP addresses
! Packet forwarding & routing
TCP/IP
SYN
Port #, ISN
ACK, ISN+1
10.10.1.2
ACK
SYN/ACK
ACK, ISN+2
ISN
123.45.67.8
! Initial
Client
Sequence Number
! Picked at random
! Controls packet sequence
Server
TCP/IP
Packet Structures
32 bits
Source Port
Destination Port
Sequence Number
Acknowledgement Number
Data Offset & Codes
Window
Checksum
Urgent Pointer
Options
Padding
UDP
32 bits
Source Port
Destination Port
Length
Checksum
Goldman, James E. Local Area Networks Wiley & Sons. 1997. pp 486-487
UDP Header
TCP Header
TCP
TCP/IP
IP Header
IPv4
32 bits
IP
Hdr
Service
Total Length
Ver. Len
Type
Frag. ID
Frag. Control
Lifetime
Protocol
Checksum
Source IP Address
Destination IP Address
Options
Padding
Goldman, James E. Local Area Networks Wiley & Sons. 1997. pg 482
INFORMATION SECURITY
GOVERNANCE AND RISK
MANAGEMENT
Security Network
Availability
!
Availability
! Redundant
! Clustering
! Loadbalancing
! Redundant
Integrity
!
Integrity
! Hashing
(data integrity)
! Configuration management (system integrity)
! Change control (process integrity)
! Access control (physical and technical)
! Software digital signing
! Transmission CRC functions
Confidentiality
!
Confidentiality
! Encryption
ATTACK AND
MONITORING
Security Network
Course Objective
Mahasiwa paham konsep tentang monitoring
dan mampu mengaktualisasikan konsep
tersebut pada praktis nyata.
! Mahasiswa paham konsep tentang metode
serangan (Method of Security Attack) serta
mampu mengimplementasikan pada sistem
aman secara nyata.
!
Menu
Monitoring
! Intrusion Detection
! IDS Tools
! Penetration Testing
! Method of Attack
! Access Control Compensation
!
Monitoring
Subjek terakuntabilitas sesuai dengan
aksinya pada system.
! Menggunakan log file untuk mendeteksi
masalah pada sistem
!
Intrusion Detection
!
Active Response
! Secara
Passive Response
! Menyimpan
Hybrid Response
! Menghentikan
Approach to IDS
Data apa yang digunakan?
Host-BAsed IDS
"
"
"
"
"
"
IDS-Related tools
Honeypots
"
"
Fake system.
"
"
Enticement VS Entrapment
"
"
Padded Cell
"
Vulnerability scanner
"
"
Penetration Testing
Penetrasi
"
Metode Serangan
"
"
Spamming
"
"
"
"
"
"
"
Sniffing
Spoofing (DNS Hijacking)
Phishing
Bersambung...
"
Knowledge Based
Behavior Based
Knowledge Based
"
Behavior Based
"
Perkembangan
"
"
Paket Anomali
"