Networking recaps for Cloud Computing

Videos

OSI Model

  1. Physical - 1s & 0s
  2. Data Link - network protocols, error checking, frame sync. LLC & MAC
  3. Network - IP, ICMP
  4. Transport - TCP, UDP
  5. Session - Communication channels between devices
  6. Presentation - Defines how two devices should encode, encrypt, & compress data so it’s received correctly on both ends.
  7. Application - Used by end user software. Provides protocols like HTTP, FTP, DNS, POP

Network Address Translation

Designed to overcome IPv4 shortages of addresses. The Router (NAT device) maintains a NAT table

  • Static NAT: maps 1:1 -> Private IP:Public IP
  • Dynamic NAT: many private IPs can share an equal or fewer amount of Public IP addresses
  • Port Address Translation aka overloading: most common in home networks. Allows for many Private IP addresses to one Public IP address. The NAT device records source IPs & ports, and replaces those with a single public IP, and a public source port, thus the name IP overloading

Subnetting

Classes:

  • A: 0.0.0.0 - 127.255.255.255

  • B: 128.0.0.0 - 191.255.255.255

  • C: 192.0.0.0 - 223.255.255.255

  • D: 224.0.0.0 - 239.255.255.255 - not allocated to hosts, used for multicasting

  • E: 240.0.0.0 - 255.255.255.255 - not available for general use. reserved for research purposes

  • Jack Rhysider subnet tool

CIDR notation

  • 192.168.0.15 is associated with the netmask 255.255.255.0 by using the CIDR notation of 192.168.0.15/24. This means that the first 24 bits of the IP address given are considered significant for the network routing. src

Encryption

Symmetric

  • encrypts & decrypts using the same private key. this makes sense for encryption at rest
  • key exchange problem: one of the major drawbacks of Symmetric encryption is the Secret Key used to encrypt and decrypt must exist in two different locations. Which begs the question, how do we get the key securely from one party to the other?
  • with symmetric encryption, the algorithm is publicly known. the only variable between each encrypted conversation is the Secret Key.

Asymmetric

  • uses public key & private key
  • The asymmetric keys are mathematically linked. What one key encrypts, only the other can decrypt — and vice versa.
  • I encrypt data with my recipient’s public key, I send it across the network, receiver decrypts with their mathematically linked private key (i.e the only key that can decrypt this message).
  • Message Signing is another advantage asymmetric encryption brings. read Using Asymmetric Keys for more insight
  • Compared to symmetric encryption, asymmetric is more expensive on resources

DDoS

  • Usually carried out by a Botnet
  • Application Layer Attack: exploit the fact requests are cheap for clients, but computationally expensive for servers to deliver
  • Protocol Attack: aka SYN Floods. Botnet generates a huge number of spoofed SYN’s, and the server sends back SYN-ACK’s (to non-existent, spoofed IPs). The server then waits for ACK’s which will never happen
  • Volumetric/Amplification attack: similar to an application layer attack, exploits where a response is significantly larger than the request. Such as making spoofed requests to DNS

DNS

  • DNS root servers. 13 of these servers exist. managed independently.
  • IANA has info on the TLDs (.com, .au, .uk etc). Registries have more information about
    • root zone -> name servers hosting the TLD zones. these TLD zones are run by registries that manage these TLDs -> name servers with the records for specific domains