Principles of Cybersecurity, 1st Edition page 255

Copyright Goodheart-Willcox Co., Inc. Chapter 8 Overview of Network Security and Network Threats 255 NAT often runs on a router to handle the conversion from private to public address, as shown in Figure 8-5. The source port for each private Internet protocol (IP) address is appended to the address. This is called the socket, which is the IP address and the port together. Think of a socket as a person’s name on a pack- age. It is a unique address for the host. When the IP address is converted, NAT uses the unique port number. The router then sends the packet out through the public IP address. When a packet returns to the router, this port is used as the des- tination. The router checks the NAT table for the port number to locate the correct private IP address. A business gets its public IP address from an Internet Service Provider (ISP). They can use any private IP address range of their choice. Because public IP addresses cannot be duplicated on the Internet, there is some regulatory control over these addresses. The organization Internet Assigned Numbers Authority (IANA) is responsible for the control of IP addresses. To make this more effi cient, IANA divided all possible public IP addresses and assigned them to fi ve different registrars, as shown in Figure 8-6. These registrars are called Regional Internet Registrars (RIRs). IP Address Owner Another important ability is identifying who is behind an IP address. When a company sets up a web, e-mail, or other public server, the server names are registered globally so there are no duplicates on the Internet or any network. The nonprofi t organization Internet Corporation for Assigned Names and Numbers (ICANN) maintains the responsibility for managing and coordinating the main- tenance of the databases that store this information. These databases can provide information about the owner of the website, including contact information. Per- haps you are getting a great deal of denial-of-service traffi c or e-mail spam. There is a variety of free tools widely available on the Internet to begin tracking down the sender of the packet. There are many sites where you can access reverse IP data and WHOIS data for both IPv4 and IPv6 addresses. WHOIS is a system that NAT Translation Table Private IP and Port Assigned Public IP and Source Port 192.168.100.25:2374 207.24.200.19:2374 192.168.100.34:5243 207.24.200.19:5243 Internet Laptop 01 Port 2374 192.168.100.25 Tablet 01 Port 5243 192.168.100.34 Router/NAT Device 192.168.100.25:2374 192.168.100.34:5243 207.24.200.19 Public IP Goodheart-Willcox Publisher vector art: Aiiiza/Shutterstock.com Figure 8-5. Private addresses in the IPv4 protocol are converted into public addresses by appending their ports to the private address using NAT. Each private IP address receives a random (dynamic) port number from NAT. That will become the source port on the public IP address so when a packet returns it can find the correct IP address.

Previous Page Next Page

Principles of Cybersecurity, 1st Edition Page 255 (267 of 634)

Resources and Downloads

Help