Principles of Cybersecurity, 1st Edition page 251

Copyright Goodheart-Willcox Co., Inc. Chapter 8 Overview of Network Security and Network Threats 251 TCP/IP Review A protocol is an industry-accepted standardized format that allows commu- nication between devices. It is like a rule that everyone must follow. In order for devices to communicate, they must use a standard set of protocols. Networking pro- tocols allow that communication to take place. If devices do not use the same pro- tocol for traffi c, the messages will be unreadable. Early protocols were proprietary. Proprietary means owned by someone, and it cannot be used without permission. Proprietary protocols were used only for those vendors and their systems. Once the Internet started to gain popularity, use of the network protocol Transmission Control Protocol/Internet Protocol (TCP/IP) became necessary. It became the de facto standard of networking protocols. A de facto standard is one that is generally accepted over time and adopted for use, but not required. Nearly every system that accesses a network today uses TCP/IP as its communication method. TCP/IP is actually a suite of protocols. In fact, the name is composed of two of the most fundamental protocols: TCP and IP. Some of the other protocols in the TCP/IP suite include DNS, DHCP, HTTP, FTP, ARP, ICMP, IGMP, and UDP. There are two current versions of TCP/IP: IPv4 and IPv6. There are signifi - cant differences between the versions. Both are used extensively on Internet hosts. Therefore, security professionals need to have a solid understanding of each version. IPv4 Basics The IPv4 protocol has long been the predominant network protocol. It has some limitations. Even with its limitations, it is still heavily used on most network systems. It is critical to be able to read network addresses, identify information such as the difference between the host and network portion of an address, and to dissect the IPv4 packet sections. IPv4 Addresses An address is a unique value that is assigned to host on a computer network. If you think of the computer network as an apartment building, which has its own address, then each apartment also has a unique address. In TCP/IP IPv4, this address is in a dot-decimal format. It is composed of four sections, and each section is called an octet. Each octet consists of 8 bits. The largest number possible in any octet is the value 255. Figure 8-1 shows a network address that uses the IPv4 protocol. The octets are separated by periods. The entire address is always 32 bits long. A network host obtains its address through manual assignment or automati- cally. A manual assignment is called a static IP address. If assigned automati- cally, the unique address is received from a server that holds a range of available addresses. The IP address serves two purposes. Part of the address identifi es the network to which the host is assigned. The remaining portion is the unique ID of the host on that network. As an example, think of your street address. There may be many houses on the same street, but each one has a unique address. So, the street is similar to the network address. The house number is the unique host address. IPv4 Host vs. Network It is not possible to look at just the IP address and determine which part of it refers to the network and which part is unique to each host. To determine that information, the subnet mask assigned to the address must be considered. TCP/IP was developed as part of research by the United States agency called DARPA for a network called ARPAnet. This network is the origin of today’s Internet. FYI Goodheart-Willcox Publisher Figure 8-1. This address format follows the IPv4 protocol. 172.16.4.201 Full address Octets are separated by periods One octet

Previous Page Next Page

Principles of Cybersecurity, 1st Edition Page 251 (263 of 634)

Resources and Downloads

Help