CONFIGURING TCP/IP
ADDRESSING AND
SECURITY
Chapter 11
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 2
OVERVIEW
• Understand IP addressing
• Manage IP subnetting and subnet masks • Understand IP security terminology
• Manage Internet security features of Windows XP • Configure and troubleshoot Windows Firewall
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 3
UNDERSTANDING BINARY NUMBERS
Base 2 number system.
CONVERTING DECIMAL ADDRESSES TO BINARY
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 5
CONVERTING BINARY ADDRESSES TO DECIMAL
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 6
DEFAULT SUBNET MASKS – CLASSFUL ADDRESSING
First two bits determine IP address class. Network bits are 1’s from left to right. Host bits are 0’s from right to left.
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 8
IP ADDRESSES 254 65,534 16,777,214 Possible Hosts 2,097,152 16,384 126 Possible Networks 255.255.255.0 255.255.0.0 255.0.0.0 Default subnetmask 24 16 8 Network ID bits 192 - 223 128 - 191 0 - 127 1stbyte (decimal) 110 10 0 1stbit (binary) Class C Class B Class A
IP@ Special Class, Loopback and RFC1918 Reserved Addresses
169.254.0.0 (Automatic Private IP Address) APIPA 192.168.0.0 – 192.168.255.255 Private Class C 172.16.0.0 – 172.31.255.255 Private Class B 10.0.0.0 – 10.255.255.255 Private Class A 127.0.0.0 – 127.255.255.255 Loopback 240 – 255 Experimental Class E 224 – 239 Multicast group Class D
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 9
PROBLEMS WITH CLASSFUL ADDRESSES • Wasted addresses
• Class A – Which organization have 1.7 public systems?
• Shortage of address blocks
• Class A has only 126 blocks • Class B has only 16,384 blocks
• Excessive routing table entries
• Class C has 2,097,152 blocks
SUBNETTING A LARGE NETWORK
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 11
RESERVED HOST ADDRESS • Useable number of hosts is 2n– 2
• Host address bits of all zeroes is the network ID
• Example: 192.168.1.0
• Network ID or address of the network • Network ID of host address 192.168.1.25
• Host address bits of all ones is the network broadcast address
• Example:
• 192.168.1.255 is the broadcast address for 192.168.1.0
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 12
CLASSLESS INTERDOMAIN ROUTING (CIDR)
SUPERNETS
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 14
SECURING IP COMMUNICATIONS OVERVIEW • Internet threats
• Protective technologies
• Configuring and managing Windows Firewall • Monitoring Internet communications security
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 15
INTERNET THREATS • Viruses (the oldest threat) • Worms (the most persistent threat) • Trojan horses
VIRUSES
• Take advantage of gullible users • Infect document, graphics, and
executable files
• Often include mass-mailing components • Can carry destructive payloads
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 17
WORMS • Self-replicating • Network-aware
• Use bugs in programs or systems to spread • Can carry viruses or other payloads
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 18
TROJAN HORSES
SPYWARE
• Has attributes of Trojan horses or worms • Spies on its victim
• Might transmit marketing data or transmit personal data to the spyware author
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 20
ZOMBIES - BOTS
• Payload of worm or Trojan horse
• Remotely controlled to attack network targets • Participate in large-scale assaults on public Web
sites
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 21
PROTECTIVE TECHNOLOGIES • Security Center
• Windows Firewall
• Internet Connection Sharing (ICS) • Third-party utilities
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 23
SECURITY CENTER
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 24
FIREWALL TERMINOLOGY • Packet filtering
• Protocols (ICMP, TCP, UDP) • Ports - Service
ENABLING WINDOWS FIREWALL
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 26
FIREWALL EXCEPTIONS
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 27
MONITORING INTERNET SECURITY • Windows Firewall monitoring • Service logs
• Event logs
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 29
WINDOWS FIREWALL ALERTS
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 30
SERVER LOGS
Chapter 11: CONFIGURING TCP/IP ADDRESSING AND SECURITY 32
SUMMARY
• IP addresses are 32-bit binary addresses. • The network portion of IP addresses determines
location.
• CIDR allows creation of custom netblocks. • CIDR permits use of variable-length subnet masks. • Windows Firewall blocks unauthorized packets. • Windows Firewall exceptions allow specified traffic to
pass through the firewall.