osi and ip network modelssecure.com.sg › courses › ict287 › extra_lab ›...
TRANSCRIPT
![Page 1: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/1.jpg)
l Standards Organizationsl Internet Organizationsl OSI Model Overviewl TCP/IP Model Overview
OSI and IP Network Models
![Page 2: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/2.jpg)
Standards Organizations
LAN WAN Internet Cabling OSI model
IEEE ITU IAB EIA/TIA ISO
![Page 3: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/3.jpg)
Active IEEE Standards Groups 2-5
IEEE Standards802.1 High Level Interface Working Group802.3 CSMA/CD (Ethernet) Working Group802.11 Wireless LAN Working Group802.15 WPAN Working Group802.16 Broadband Wireless Access Working Group802.17 Resilient Packet Ring Working Group802.18 Radio Regulatory TAG802.19 Coexistence TAG802.20 Mobile Broadband Wireless Access (MBWA) Working Group802.21 Media Independent Handoff Working Group802.22 Wireless Regional Area Networks
![Page 4: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/4.jpg)
Common WAN Serial Interface Standards 2-6
EIA/TIA-530
EIA/TIA-232or
V.35
EIA/TIA-449 HSSI
Router
Router WAN serial port standards
Electronics Industries Association
Telecommunications Industry Association
High-Speed Serial Interface
![Page 5: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/5.jpg)
UTP Category Standards 2-7
Category Frequencies Supported Typical Use
3 10 MHz Voice, 10BaseT Ethernet
4 20 MHz 16 Mbps Token Ring
5e 100 MHz 100BaseTX and 1000BaseTX Ethernet
6 200 MHz 1000BaseTX Ethernet
7* 600 MHz 10000BaseTX Ethernet
* Fully Shielded Cabling
![Page 6: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/6.jpg)
Internet Organizations 2-8
ICANN
APNIC ARIN RIPE LACNIC AFRINIC
IANA
ISOC
IAB
IESG IRSG
IRTFIETF
![Page 7: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/7.jpg)
OSI Model Overview
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
NetworkingOSI seven-layer modelChecking
for errors
Sendingmessages
Address of the server 1s and 0s
The wire
Applications
Without the OSI model,networks would be verydifficult to understandand implement.
With the OSI model, networks can be broken up into manageable pieces.The OSI model provides a common language to explain componentsand their functionality.
Encryption
Chaosnetworking
Mostly software
Mostlyhardware
![Page 8: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/8.jpg)
Layer 1: Physical Layer
CAT5 UTP
Wall jack
Patch panelHub and repeater
Device
NIC
![Page 9: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/9.jpg)
Layer 2: Data Link Layer
Switch look-up tables
Ethernetswitch
G
A B C D E F
Hub Hub
MAC address of NIC
A,B,C D,E,F
G
Server
![Page 10: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/10.jpg)
Layer 3: Network Layer
Subnet 1
Subnet 2
Subnet 3
Layer 3 addressing
Layer 3 addressing
Layer 3 addressing
Router RouterWAN
LAN LAN
![Page 11: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/11.jpg)
Layer 4: Transport Layer
ServerUser
Network
![Page 12: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/12.jpg)
Layer 5: Session Layer
Fileserver
Userdevice
Data
Data Block from byte 47
Okay, start the next data at byte 108.
Network
![Page 13: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/13.jpg)
Layer 6: Presentation Layer
Encrypt data Decrypt data
Network
![Page 14: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/14.jpg)
Layer 7: Application Layer
Webbrowser
FTP
![Page 15: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/15.jpg)
TCP/IP Model Overview
![Page 16: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/16.jpg)
OSI (Open Systems Interconnect) Reference Model
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
Network
Provides the transmission of the bit stream across the physical connection
Establishes an interface across layer 1 for layer 3 (node-to-node addressing)
Provides delivery of data between the transport layers (end-to-end addressing)
Segments, reassembles, and multiplexes multiple sessions over a layer 3 interface
Connects the user application directly between end systems
Packaging and presentation of the display format and code conversion for the data
Manages the program generating the data to the network
Host: 1-B Host: 2-A
![Page 17: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/17.jpg)
Packaging a Message Using the OSI Model
Data
Physical link
AH
DataAHPH
SH
TH
NH
DLH DLT
DataAHPH
SH DataAHPH
SH DataAHPHTH
NH SH DataAHPHTH1001010100101010001101
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
ServerPC
Sending file
Network
AH
PH
SH
TH
NH
DLH
DLT
Application header
Presentation headerSession headerTransport header
Network headerData link headerData link trailer
![Page 18: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/18.jpg)
Unpackaging a Message Using the OSI Model
Data
Physical link
AH
DataAHPH
SH
TH
NH
DLH DLT
DataAHPH
SH DataAHPH
SH DataAHPHTH
NH SH DataAHPHTH
1001010100101010001101
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
Server
File received
Network
1001010100101010001101
![Page 19: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/19.jpg)
Comparison of the OSI Reference Model and TCP/IP Protocol Suite
TCP
IP
UDP
UD
Pap
plic
atio
ns
TCP/IP protocol suite
LAN Protocols(for example,
Ethernet)
WAN(Frame Relay,
MPLS, and ATM)
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
FTP, SMTP, Telnet, HTTP
DNS, SNMP, NFS, RPC
Network access(network interface)
Network
Host-to-host
Process or
application
![Page 20: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/20.jpg)
TCP segmentUserdata
TCP headerPort Numbers
FileTransferE-MailRemote LoginWeb
browsing
21252380
IP datagram
Userdata
IP headerIP addresses TCP headerSource and
destinationEthernet frame
Userdata
EthernettrailerIP header TCP headerEthernet
header
Source and destination MAC addresses Error detection
Applicationdata
Packaging a Message with TCP/IP and Ethernet
FTP SMTP Telnet HTTP
![Page 21: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/21.jpg)
Transporting Data between Networks
Router (network 1)
Application data
Physical
TCP or UDP
IP
Ethernet
Physical
Ethernet
Physical
Data link
Physical
TCP or UDP
IP
Ethernet
Physical
Data link
Physical
Ethernet
LANLAN WAN
Network Network
Ethernettrailer
TCPheader
IPheader
Applicationdata
Ethernetheader
ServerPC
Router (network 2)
Application data
Leased circuit from carrier PPP – Point-to-Point Protocol
PPPheader
PPPtrailer
Ethernet trailer
Ethernet header
![Page 22: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/22.jpg)
WireSharkshows the Network Stack
7 Application
6 Presentation
5 Session
4 Transport
3 Network
2 Data link
1 Physical
![Page 23: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/23.jpg)
netcat in a nutshell
l What it isl What it doesl How to use it
![Page 24: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/24.jpg)
What is netcat ?
l Swiss Army Knife of Networkl A versatile network Utility tooll Uses TCP and UDP protocoll Designed as a backend tool
n Can be used directlyn Driven by other programs
![Page 25: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/25.jpg)
Power of netcat
l Can create Outbound or Inbound connections TCP or UDP to or from any ports
l Full DNS forward reverse checking
l Can use any local port
l Can use any locally configured network address
l Port scanning with randomizer
l Option to let other program service establish connections
l Optional telnet responder
![Page 26: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/26.jpg)
How Do I use netcat ?
l General form of usage is n nc [switches] [hostname] [portnumber]
l Simplest Usage would ben nc –v www.secure.com.sg 80n GET http://www.secure.com.sg/index.html HTTP/1.0
n Hostname can be a name or IP Address
![Page 27: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/27.jpg)
Options
l -vn Controls the verbosity level
l -w <seconds>n Sets the network inactivity timeout
l -p <port number>n Binds the connection to specific port number
![Page 28: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/28.jpg)
Options
l -o <file name>n To obtain hexdump file of data sent either way
l -ln Makes netcat wait for inbound connectionsn And once connection is established it transfers the
data
![Page 29: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/29.jpg)
Interesting -l (listener)
Can use to create like a listening netcat serverl On listening end
n C:\tools\nc> nc –l -p 1234 < test.txt
l On client end n C:\tools\nc> nc 127.0.0.1 1234
![Page 30: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/30.jpg)
Options
l -Ln Listen harder
l -rn Randomize port numbers
l -zn Zero – I/O mode [used in scanning]
![Page 31: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/31.jpg)
Options
l -e <program name>n Allows to execute a program (dangerous)
l -dn Allows to run in detached mode without console
windowl -u
n Makes a UDP connection instead of TCP connection
![Page 32: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/32.jpg)
Options
l -s <address>n Local source address
l -i <seconds>n Specifies delay interval for lines sent or ports
scannedl -t
n Answer telnet negotiation
![Page 33: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/33.jpg)
Put the Knife to Use
lUse It GOOD
lUse It BAD
![Page 34: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/34.jpg)
USE IT GOOD
l Port Scanning
n Find what is out there
unc -v -w 5 -r 127.0.0.1 1-1023
![Page 35: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/35.jpg)
USE IT GOOD
l Simple Data Transfer Agentn Immaterial which side is server and which side is
clientn Input at one goes as output to another
l HEX Dump Featuren Can be used to analyze odd network protocols
![Page 36: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/36.jpg)
USE IT GOOD
l Performance Testing
n Generate large amount of useless data on network with server on one end and client on other end we can use it to test network performance.
l Protect your workstations X server
![Page 37: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/37.jpg)
DARK SIDE
l Scanning for vulnerable servicesn Can use files as input to netcat and scan the system
by using –i and –r switchesl Can use –e option to execute programsl SYN-Bombing
n Can disable TCP servers
![Page 38: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/38.jpg)
EXAMPLE
l Listen on port 21 (FTP Port) using netcat with –e switch to execute cmd.exe
l FTP request made from a different machine on the listener machine
![Page 39: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/39.jpg)
RESULT
D:\tools\nc> nc -l -p 21 -e cmd.exe
C:\Documents and Settings\RAJAT>ftp 127.0.0.1
Connected to 127.0.0.1
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
Request
![Page 40: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/40.jpg)
Conclusion
l Netcat is a very useful network utility tooll Very light but extremely effectivel Particularly when it can listen and execute
programs when connection requests are made on the specific ports
![Page 41: OSI and IP Network Modelssecure.com.sg › courses › ICT287 › Extra_Lab › 02_OSI_WireShark_Ne… · What is netcat ? lSwiss Army Knife of Network lA versatile network Utility](https://reader033.vdocuments.net/reader033/viewer/2022060507/5f2241ece36de46577702909/html5/thumbnails/41.jpg)
THANK YOU
Questions ??