Telecommunications and Network Security: CISSP Guide To Security Essentials

Telecommunications and
Network Security
CISSP Guide to Security Essentials

Chapter 10
Objectives
• Wireline and wireless telecommunication
technologies
• Wired and wireless network technologies
• Network topologies and cabling
• The OSI and TCP/IP network models
Objectives (cont.)
• TCP/IP networks, protocols, addressing,
devices, routing, authentication, access
control, tunneling, and services
• Network based threats, attacks,
vulnerabilities, and countermeasures
Telecommunications
Technologies
Wired Telecom Technologies
• DS-1, aka T-1
– 24 voice or data channels, each
1.544 Mbit/sec
• Other T-carrier protocols
– DS-3 aka T-3 (673 voice channels, 45mBit/s)
– DS-4 (4,032 channels, 274mBit/s)
– DS-5 (5,760 channels, 400mBit/s)
(cont.)
• E-1 – Euro version
– 32 channels instead of 24, otherwise similar
• SONET (Synchronous Optical NETwork)
– High speed, fiber optic, encapsulates
T-protocols, ATM, TCP/IP
– OC-1 - 48.960 Mbit/sec
– OC-3 - 150.336 Mbit/sec
(cont.)
• SONET (cont.)
– OC-12 - 601.344 Mbit/sec
– OC-24 - 1,202.688 Mbit/sec
– OC-48 - 2,405.376 Mbit/sec
– OC-96 - 4,810.752Mbit/sec
– OC-192 - 9,621.504 Mbit/sec
(cont.)
• Frame Relay
– Data-Link layer protocol
– Early packet-switched technology that used
to transmit data between locations at
a lower cost than dedicated T-1 lines
– Switched Virtual Circuits (SVCs) and Permanent
Virtual Circuits (PVCs) emulate dedicated T-1
– Frame Relay succeeded X.25
– Being replaced by DSL and MPLS
(cont.)
• ATM (Asynchronous Transfer Mode)
– Synchronous, connection-oriented packet protocol
– Packets called cells, are fixed length
(5 byte header, 48 byte payload)
– Not common in LANs, but widely used for WAN links
– Giving way to MPLS.
(cont.)
• DSL (Digital Subscriber Line)
– Digital packet over copper voice circuits
at higher clock rate, coexists with
low frequency voice
– Modem used on subscriber side to convert DSL
signals to Ethernet (and sometimes Wi-Fi)
– DSLAM (Digital Subscriber Line Access Multiplexer)
on telco end aggregates signals
(cont.)
• MPLS (Multiprotocol Label Switching)
– Packet switched technology, encapsulates TCP/IP,
ATM, SONET, Ethernet frames)
– Carries voice + data, has QoS (quality of service)
capabilities to guarantee jitter-free voice and other
media such as video
– Replacing Frame Relay and ATM
(cont.)
• Other wired telecom technologies
– Data Over Cable Service Interface Specification
(DOCSIS)
• Used for cable Internet service
– PSTN (Public Switched Telephone Network)
• 56 Kbps modem
– ISDN (Integrated Services Digital Network)
• Limited to 128 Kbps
(cont.)
• Other wired telecom technologies
– SDH (Synchronous Digital Hierarchy)
• Similar to SONET
• Used outside the USA
– X.25
• Old packet-switching technology
• Rarely used anymore in the USA, replaced in the
1990s by Frame Relay
• A variant of X.25 is used for "Packet radio"
• X.25 is widely used outside the USA
Wireless Telecom Technologies
• CDMA2000 (code division multiple
access)
– Data transport: 1XRTT (153 kbit/s), EVDO (2.4
Mbit/s), EVDV (3.1 Mbit/s)
– Used by Verizon for the Droid cell phone (link Ch
10b)
• GPRS (General Packet Radio Service)
– Encapsulated in GSM (Global System for
Mobile communications) protocol (114kbit/s)
(cont.)
• EDGE (Enhanced Data rates for GSM
Evolution)
– Up to 1Mbit/s
• UMTS (Universal Mobile
Telecommunications System)
– Transported over WCDMA, up to 14Mbit/s)
(cont.)
• WiMAX (Worldwide Interoperability for
Microwave Access)
– Based on IEEE 802.16, WiMAX is a wireless
competitor to DSL and cable modems, also
competes with CDMA, GPRS, EDGE, UMTS
– Rates range from 2 to 12 Mbit/s, theoretically as high
as 70 Mbit/s
– Clear calls this 4G and provides it in the USA, but
not yet in San Francisco (link Ch 10c)
(cont.)
• CDPD (Cellular Digital Packet Data)
– first data over cellular, used AMPS analog carrier, up
to 19.2 kbit/s
• Packet Radio
– Transmits data over amateur radio bands, using
AX.25
iClicker Questions
Which of these can transmit data at
9 Gbps over fiber optic cables?
A. Frame Relay
B. T-3
C. SONET
D. ATM
E. DSL
Which of these is used for cable
Internet service?
A. DSL
B. MPLS
C. DOCSIS
D. SDH
E. WIMAX
Which of these can transmit data at
70 Mbps with microwaves?
A. Frame Relay
B. SDH
C. WIMAX
D. CDMA2000
E. EDGE
Network Technologies
Wired Network Technologies
• Ethernet
– Frame-based protocol
• 14 byte header
• Payload (46-1500 bytes)
• Checksum
• Inter-frame gap
– Error detection: Carrier Sense Multiple Access
with Collision Detection (CSMA/CD)
– MAC address: 6 bytes. Format xx.xx.xx.yy.yy.yy.
• xx.xx.xx assigned to manufacturer
(cont.)
• Network cabling
– Ethernet
• 10BASE-T – this is the commonly twisted-pair
network cable that supports the Category
3, 5, or 6 ANSI standard. This cable has 8 conductors, of
which 4 are used. An 8-pin RJ45 connector is used to
connect a cable to a device.
• 100BASE-TX – the same twisted-pair network
cable (Category 5 and 6) and connectors
as 10BASE-T, and also uses just
4 of the 8 conductors
• 1000BASE-T – the same twisted-pair network
cable and connectors as 100BASE-TX, except
that all 8 conductors are used.
(cont.)
– Ethernet (cont.)
• 10BASE2 – the old “thinnet” coaxial cabling
with twist-lock BNC connectors – rarely used.
• 10BASE5 – the old “thicknet” coaxial cabling
that is rarely used.
(cont.)
• Twisted pair cabling
– Category 3 – consists of four twisted pairs in a
single jacket. Suitable only for 10Mbit/s Ethernet.
Superseded by Category 5 and 5e.
– Category 5 – consists of four twisted
pairs in a single jacket. Maximum length
is 100m. Suitable for 100Mbit/s and can
be used for Gigabit Ethernet.
– Category 5e – supersedes Category 5 and
includes specifications for far end crosstalk.
(cont.)
• Twisted pair cabling (cont.)
– Category 6 – backward compatible with Category
5 and 5e, but higher specifications for noise and
crosstalk, making it more suitable for Gigabit
Ethernet.
– Category 7 – even more stringent than
Category 6 cabling, Cat-7 is suitable
for 10Gbit/s networks.
(cont.)
• Cabling
– Optical
• Carries signal in the form of light instead of electricity
• Greater speeds and distances possible
• More expensive
(cont.)
• Ethernet devices
– Hub – connects local stations together; sends each
frame to every connected node
– Repeater – extend signal over distances
– Switch – like a hub but sends data only to the correct
node
– Router – connect networks to each other
– Gateway – translates various types of
communications
(cont.)
• Token ring
– Logical ring
– Speed: 4Mbit/s and 16Mbit/s
– Mostly replaced by Ethernet
(cont.)
• Universal Serial Bus (USB)
– Successor to RS-232 serial
– Speeds
• USB 1.0/1.1 – 1.5 Mbits/s and 12 Mbits/s
• USB 2.0 – 480 Mbits/s
• USB 3.0 – 4.8 Gbits/s
– Hot pluggable
– Used to connect peripheral and human
interface devices
(cont.)
• RS-232
– Serial communications, speeds 110 bit/s – 57.7
kbit/s
– Used to connect communications devices such as
modems, and human interface devices such as mice
– Largely replaced by USB
(cont.)
• HSSI (High Speed Serial Interface)
– 52Mbits/s, cable length 50’, used to
connect WAN devices
• FDDI (Fiber Distributed Data Interface)
– Token technology over fiber that has
been replaced by gigabit Ethernet and SONET
• Fibre Channel
– Gigabit protocol used in SANs (Storage
Area Networks)
Common Network Topologies
Figure 1-7 Common network topologies

Network Topologies
• Bus. All of the nodes in the
network are connected to a single
conductor. A break in the network
conductor will cause some or the entire
network to stop functioning. Early
Ethernet networks consisting of thinnet
coaxial cabling were bus networks.
Network Topologies (cont.)
• Ring. All of the nodes are connected
to exactly two other nodes, forming a
circular loop. Breaking any conductor will
cause the network to stop functioning.
Network Topologies (cont.)
• Star. All nodes are connected to a
central device. A break in a conductor will
disconnect only one node, and the
remaining nodes will continue functioning.
Ethernet networks are physical stars,
with computers connected to central hubs
or switches. Token ring networks, while
logically as a ring, are physically wired as
a star.
Wireless Network Technologies
• Wi-Fi, also known as WLAN, Wireless
LAN
– Wireless data link layer network protocol
– Bandwidth up to 54Mbit/s for 802.11g, distances to
100m
– Some people claim up to 600 Mbps for 802.11n (link
Ch 10d)
Wireless Network
Technologies (cont.)
• Wi-Fi standards
Standard Spectrum Data Rate Range Released

802.11a 5 GHz 54 Mbit/s 120 m 1999
802.11b 2.4 GHz 11 Mbit/s 140 m 1999
802.11g 2.4 GHz 54 Mbit/s 140 m 2003
802.11n 2.4/5 GHz 248 Mbit/s 250 m 2009
802.11y 3.7 GHz 54 Mbit/s 5000 m 2008
Wireless Network
• Wi-Fi security
– SSID should be a non-default value
– SSID broadcast should be disabled
– MAC access control
– Authentication
• Require ID and password, may use a RADIUS server
– Encryption
• WEP (Wired Equivalent Privacy)
• WPA (Wireless Protected Access)
• WPA2 (superset of WPA, full standard
PSK v. RADIUS
• WPA and WPA-2 operate in two modes
• Pre-Shared Key (PSK)
– Users must enter the key on each device
• RADIUS server
– Used with 802.1x authentication
– Each user has an individual key
– More secure, recommended for enterprises
Wireless Network
• Bluetooth
– Personal Area Network (PAN) technology
– Data rate: 1Mbit/s – 3Mbit/s
– Distance: up to 10 m
– Devices can authenticate through a process
called “pairing”, during which two devices
can exchange a cryptographic secret key
that the two devices can later use
– Communications between paired devices can
also be encrypted
Wireless Network
• IrDA
– Infrared Data Association standard
– Infrared light spectrum from 2.4kbit/s to 16Mbit/s
• Requires line-of-sight
– Once popular, now being replaced with Bluetooth
Wireless Network
• Wireless USB (WUSB)
– Wireless protocol designed for wireless connectivity
of various computer peripherals
• Printers, digital cameras, hard disks, and
other high-throughput devices.
– Bandwidth ranges from 110 Mbit/s at 10
meters to 480 Mbit/s at 3 meters
– 3.1 to 10.6 GHz frequency range
Wireless Network
• Near Field Communication (NFC)
– Ultra-short distance (up to 10cm or 4”)
– Works like RFID
– Intended for cell phones
– Rates: 106 kbit/s, 212 kbit/s, or 424 kbit/s
– Active or passive mode
• Passive mode ideal for key card access control
– See link Ch 10e
iClicker Questions
Which device connects two different
networks together, such as a VoIP
network and a data network?
A. Hub
B. Repeater
C. Switch
D. Router
E. Gateway
Which protocol runs at 52 Mbps,
with a maximum cable length of 50
feet?
A. Token ring
B. RS-232
C. HSSI
D. FDDI
E. Fibre Channel
Which protocol only transmits data a
distance of 10 centimeters?
A. Wi-Fi
B. Bluetooth
C. IrDA
D. WUSB
E. NFC
Network Protocols
OSI Protocol Model
• Application
• Presentation
• Session
• Transport
• Network
• Data link
• Physical
OSI Mnemonics
• Please Do Not Throw Sausage Pizza
Away
• All People Seem To Need Data
Processing
OSI Protocol Model: Physical
• Concerned with a network’s physical
media
– Electrical
– Optical
– Radio frequency
• Example standards
– RS-232, RS-422, T1, E1, 10Base-T, SONET,
DSL, 802.11a (physical), Twinax
OSI Protocol Model: Data Link
• Concerned with the transfer of data
between nodes
• Manages error correction for any errors
that take place at the physical layer
– 802.3 (Ethernet), 802.11a MAC, GPRS, AppleTalk,
ATM, FDDI, Fibre Channel, Frame Relay,
PPP, SLIP, Token Ring, Wi-MAX
– ARP could be placed here, or in layer 3 (link Ch 10f)
OSI Protocol Model: Network
• Used to transport variable-length data
sequences between nodes
• Manages fragmentation and reassembly
• Communications are point-to-point
• No notion of a “connection”
• Data packets may not arrive in order
– IP, ICMP, ARP, IPX
OSI Protocol Model: Transport
• Manages the delivery of data from
node to node on a network
– Even when there are intermediate devices
such as routers and a variety of physical media
between the nodes
– Manages “connections”
• Guarantee the order of delivery of data packets,
packet reassembly, error recovery
– Examples: UDP, TCP, IPsec, PPTP, L2TP, SPX
OSI Protocol Model: Session
• Manages connections between nodes,
including session establishment,
communication, and teardown
– NetBIOS, TCP sessions, SIP
OSI Protocol Model: Presentation
• Deals with the presentation or
representation of data in a
communications session
– Character set translation
– Compression
– Encryption
• Examples of presentation - layer
standards include SSL, TLS, MIME, and
MPEG
OSI Protocol Model: Application
• Top-most layer in the OSI
network model
• Concerned with the delivery of data
to and from applications
• Examples standards
– DNS, NFS, NTP, DHCP, SMTP, HTTP,
SNMP, SSH, Telnet, WHOIS
TCP/IP Protocol Model
• Application
• Transport
• Internet
• Link
• Image from link Ch 10g

TCP/IP Protocol Model: Link
• Concerned with node to node delivery
– Wi-Fi
– Ethernet
– Token Ring
– ATM
– Frame Relay
– PPP
TCP/IP Protocol Model: Internet
• Also known as the Internet layer
• Concerned with end-to-end packet delivery,
even through intermediate devices such as
switches and routers
• Protocols
– IPv4
– IPv6
– ARP
– RARP
– ICMP
– IGMP
– IPsec
TCP/IP Protocol Model:
Routing Protocols
• Internet layer routing protocols
– RIP
– OSPF
– IS-IS
– BGP
Internet (cont.)
• Network layer addressing
– Network addresses in IPv4 are 32
bits in length
• Expressed as a dot-decimal notation,
xx.xx.xx.xx, where the range of each
‘xx’ is 0-255 decimal.
• Typical network address is 141.204.13.200
Internet (cont.)
• Network layer addressing (cont.)
– Subnets and subnet masking
• IP address divided into two parts:
network and node
• Subnet mask used to distinguish network
and node portions; e.g. 255.255.255.0
Internet (cont.)
– Default gateway – node that connects to other
networks
– Address allocation by Regional Internet Registry
(RIR), ISPs
Internet (cont.)
– Reserved address blocks
• Private networks
– 10.0.0.0 – 10.255.255.255
– 172.16.0.0 - 172.31.255.255
– 192.168.0.0 - 192.168.255.255
• Loopback: 127.0.0.1 - 127.0.0.255 (127.0.0.1 = “me”)
• Multicast: 224.0.0.0-239.255.255.255
Internet (cont.)
– Network address translation (NAT)
• Internal private addresses are translated into public
routable addresses at the network boundary
Internet (cont.)
– Classful networks
• Class A
• Class B
• Class C
– Classless networks (Classless Internet Domain
Routing (CIDR)
• Variable length subnet masks, not limited
to just Class A, B, C
Internet (cont.)
– Types of addressing
• Unicast (regular node addresses)
• Broadcast (send to all nodes on
a subnet)
• Multicast (send to a group of notes on different
networks)
• Anycast (send to only one of a group of nodes)
– See link Ch 10h
TCP/IP Protocol Model: Transport
• TCP Protocol
– Connection oriented, persistent connections,
dedicated and ephemeral ports, sequencing,
guaranteed delivery
– Examples: FTP, HTTP, Telnet
• UDP Protocol
– Connectionless, dedicated port numbers only, no
sequencing, no guarantee of delivery
– Examples: DNS, TFTP, VoIP
TCP/IP Protocol Model: Application
• Topmost layer in the TCP/IP protocol
stack
• Protocols: DHCP, DNS, Finger, FTP,
HTTP, LDAP, NFS, NIS, NTP, Rlogin,
RPC, Rsh, SIP, SMTP, SNMP, Telnet,
TFTP, VoIP, Whois
TCP/IP Routing Protocols
• Router-to-router communication protocol
used by routers to help determine the
most efficient network routes between
two nodes on a network
• Helps routers make good routing
decisions (making the right choice about
which way to forward packets)
TCP/IP Routing Protocols (cont.)
• RIP (Routing Information Protocol) – one
of the early routing protocols
– Hop count is the metric, maximum = 15
• IGRP (Interior Gateway Routing Protocol)
– Cisco proprietary, obsolete
– Multiple metrics: bandwidth, delay, load, and
reliability
• EIGRP (Enhanced Interior Gateway
Routing Protocol) – Cisco proprietary
– Advances over IGRP including VLSM
• OSPF (Open Shortest Path First) – Open
standard for enterprise networks
– Metric is “path cost” (primarily speed)
– Can use authentication to prevent route spoofing
• BGP (Border Gateway Protocol) – the
dominant Internet routing algorithm
• IS-IS (Intermediate system to
intermediate system) – used primarily by
large ISP networks
Remote Access / Tunneling
Protocols
• Tunneling: encapsulating packets of one
protocol within another – can include
encryption
– Reasons: protection of encapsulated protocol; hide
details of intermediary network, authentication of
traffic
Remote Access / Tunneling
Protocols (cont.)
• Tunneling: (cont.)
– VPN – generic term for tunneled (and usually
encrypted) network connection from a public
network to a private network
– Protocols (cont.)
• SSL / TLS
• SSH
• IPsec
• Others: L2TP, PPP, PPTP, SLIP
iClicker Questions
HTTP runs on port 80. What layer
assigns that port number to the data
segment?
A. Application, Presentation, or Session

B. Transport
C. Network
D. Data link
E. Physical
What layer is HTTP in?
A. Application, Presentation, or Session

B. Transport
C. Network
D. Data link
E. Physical
What layer of the TCP/IP model
contains TCP?
A. Application
B. Transport
C. Internet
D. Link
E. Physical
What is the subnet mask for a class
B network?
A. 0.0.0.0
B. 255.0.0.0
C. 255.255.0.0
D. 255.255.255.0
E. Something else
Which routing protocol uses hop
count as the metric?
A. BGP
B. RIP
C. EIGRP
D. OSPF
E. IS-IS
Network Authentication Protocols
Authentication Protocols
• RADIUS (Remote Authentication Dial In
User Service)
– Over-the-wire protocol from client to AAA
(authentication, authorization, accounting) server
• Diameter – more advanced RADIUS
replacement
Authentication Protocols (cont.)
• TACACS (Terminal Access Controller Access-
Control System) – authenticates user to a
network.
– Between access point or gateway and
an AAA server
– Replaced by TACACS+ and RADIUS
• 802.1X – port level access control. System
authenticates before user authenticates
• CHAP (Challenge-Handshake Authentication
Protocol)
– Between client system and gateway
• PPP uses CHAP
• EAP (Extensible Authentication Protocol)
– Authentication Framework – used to authenticate users in
wired and wireless networks. Used by WPA and WPA2
wireless network standards.
• PEAP (Protected Extensible
Authentication Protocol)
– used in wireless networks to authenticate users
– PEAP uses an SSL/TLS tunnel to encrypt
authentication information
• PAP (Password Authentication Protocol)
– unsecure because protocol is unencrypted
Network-Based Threats, Attacks,
and Vulnerabilities
Network Threats
• The expressed potential for the
occurrence of a harmful event such
as an attack
– DoS / DDoS – designed to flood or
cause malfunction
– Teardrop - attacker sends mangled packet fragments
with overlapping and oversized payloads to a target
system
Network Threats (cont.)
• Threats (cont.)
– Sequence number – guesses upcoming sequence
numbers as a method for hijacking a session
– Smurf - large number of forged ICMP echo requests.
The packets are sent to a target network’s
broadcast address, which causes all systems on the
network to respond
Network Threats (cont.)
• Threats (cont.)
– Ping of Death – ICMP echo request, 64k length
– SYN flood – large volume of TCP SYN packets,
consumes resources on target system
– Worm – automated, self-replicating program
– Spam – unsolicited commercial e-mail (UCE): fraud,
malware, marketing
– Phishing – emails luring users to fraudulent sites
– Pharming – attack on DNS that redirects access to
legitimate sites to imposter sites
Network Vulnerabilities
• Unnecessary open ports
• Unpatched systems
• Poor and outdated configurations
• Exposed cabling
Network Countermeasures
Network Countermeasures
• Access control lists
• Firewalls
• Intrusion Detection System (IDS)
– Network based (NIDS)
– Host based (HIDS)
Network Countermeasures (cont.)
• Intrusion Prevention System (IPS)
– Network and host based
• Protection of network cabling
• Anti-virus software
• Private addressing (10.*.*.*, etc.)
Network Countermeasures (cont.)
• Close unnecessary ports and services
• Security patches
• Unified Threat Management (UTM)
– Security appliances that perform many functions,
such as Firewall, IDS, IPS, Antiirus, Anti-spam, Web
content filtering
• Gateways – filtering intermediaries
iClicker Questions
Which authentication framework is
used by WPA2?
A. PAP
B. PEAP
C. EAP
D. CHAP
E. EAP
Which attack uses broadcast
packets to amplify its effect?
A. DoS
B. Teardrop
C. Smurf
D. Ping of Death
E. SYN flood
Which attack poisons a DNS record?
A. Phishing
B. Teardrop
C. Pharming
D. Ping of Death
E. SYN flood

Telecommunications and Network Security: CISSP Guide To Security Essentials

Uploaded by

Copyright:

Available Formats

Telecommunications and Network Security: CISSP Guide To Security Essentials

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Telecommunications and Network Security: CISSP Guide To Security Essentials

Uploaded by

Copyright:

Available Formats

Telecommunications and

CISSP Guide to Security Essentials

Figure 1-7 Common network topologies

Standard Spectrum Data Rate Range Released

• Image from link Ch 10g

A. Application, Presentation, or Session

A. Application, Presentation, or Session

You might also like