计算机网络第6版课件：Chapter-1 Introduction

Introduction1-1Chapter1

IntroductionComputerNetworking:ATopDownApproach

6thedition

JimKurose,KeithRoss

Addison-Wesley

March2012Anoteontheuseofthesepptslides:We’remakingtheseslidesfreelyavailabletoall(faculty,students,readers).They’reinPowerPointformsoyouseetheanimations;andcanadd,modify,anddeleteslides(includingthisone)andslidecontenttosuityourneeds.Theyobviouslyrepresentalotofworkonourpart.Inreturnforuse,weonlyaskthefollowing:Ifyouusetheseslides(e.g.,inaclass)thatyoumentiontheirsource(afterall,we’dlikepeopletouseourbook!)Ifyoupostanyslidesonawwwsite,thatyounotethattheyareadaptedfrom(orperhapsidenticalto)ourslides,andnoteourcopyrightofthismaterial.Thanksandenjoy!JFK/KWRAllmaterialcopyright1996-2012J.FKuroseandK.W.Ross,AllRightsReservedIntroductionChapter1:introductionourgoal:

get“feel”andterminologymoredepth,detaillaterincourseapproach:useInternetasexampleoverview:what’stheInternet?what’saprotocol?networkedge;hosts,accessnet,physicalmedianetworkcore:packet/circuitswitching,Internetstructureperformance:loss,delay,throughputsecurityprotocollayers,servicemodelshistory1-2IntroductionChapter1:roadmap1.1whatistheInternet?1.2networkedge

endsystems,accessnetworks,links1.3networkcorepacketswitching,circuitswitching,networkstructure1.4delay,loss,throughputinnetworks1.5protocollayers,servicemodels1.6networksunderattack:security1.7history1-3IntroductionWhat’stheInternet:“nutsandbolts”viewmillionsofconnectedcomputingdevices:hosts=endsystems

runningnetworkappscommunicationlinksfiber,copper,radio,satellitetransmissionrate:bandwidthPacketswitches:forwardpackets(chunksofdata)routersandswitcheswiredlinkswirelesslinksroutermobilenetworkglobalISPregionalISPhomenetworkinstitutionalnetworksmartphonePCserverwirelesslaptop1-4Introduction“Fun”internetappliancesIPpictureframe/Web-enabledtoaster+weatherforecasterInternetphonesInternetrefrigeratorSlingbox:watch,controlcableTVremotely1-5Tweet-a-watt:monitorenergyuseIntroductionInternet:“networkofnetworks”InterconnectedISPsprotocols

controlsending,receivingofmsgse.g.,TCP,IP,HTTP,Skype,802.11InternetstandardsRFC:RequestforcommentsIETF:InternetEngineeringTaskForceWhat’stheInternet:“nutsandbolts”viewmobilenetworkglobalISPregionalISPhomenetworkinstitutionalnetwork1-6What’stheInternet:aserviceviewInfrastructurethatprovidesservicestoapplications:Web,VoIP,email,games,e-commerce,socialnets,…providesprogramminginterfacetoappshooksthatallowsendingandreceivingappprogramsto“connect”toInternetprovidesserviceoptions,analogoustopostalservicemobilenetworkglobalISPregionalISPhomenetworkinstitutionalnetworkIntroduction1-7IntroductionWhat’saprotocol?humanprotocols:“what’sthetime?”“Ihaveaquestion”introductions…specificmsgssent…specificactionstakenwhenmsgsreceived,orothereventsnetworkprotocols:machinesratherthanhumansallcommunicationactivityinInternetgovernedbyprotocolsprotocolsdefineformat,orderofmsgssentandreceivedamongnetworkentities,andactionstakenonmsgtransmission,receipt

1-8Introductionahumanprotocolandacomputernetworkprotocol:Q:otherhumanprotocols?HiHiGotthetime?2:00TCPconnectionresponseGet/kurose-ross<file>timeTCPconnectionrequestWhat’saprotocol?1-9IntroductionChapter1:roadmap1.1whatistheInternet?1.2networkedge

endsystems,accessnetworks,links1.3networkcorepacketswitching,circuitswitching,networkstructure1.4delay,loss,throughputinnetworks1.5protocollayers,servicemodels1.6networksunderattack:security1.7history1-10IntroductionAcloserlookatnetworkstructure:networkedge:hosts:clientsandserversserversoftenindatacentersaccessnetworks,physicalmedia:wired,wirelesscommunicationlinks

networkcore:interconnectedroutersnetworkofnetworksmobilenetworkglobalISPregionalISPhomenetworkinstitutionalnetwork1-11IntroductionAccessnetworksandphysicalmediaQ:Howtoconnectendsystemstoedgerouter?residentialaccessnetsinstitutionalaccessnetworks(school,company)mobileaccessnetworkskeepinmind:bandwidth(bitspersecond)ofaccessnetwork?sharedordedicated?1-12IntroductionAccessnet:digitalsubscriberline(DSL)centralofficeISPtelephonenetworkDSLAMvoice,datatransmittedatdifferentfrequenciesoverdedicatedlinetocentralofficeuseexistingtelephonelinetocentralofficeDSLAMdataoverDSLphonelinegoestoInternetvoiceoverDSLphonelinegoestotelephonenet<2.5Mbpsupstreamtransmissionrate(typically<1Mbps)<24Mbpsdownstreamtransmissionrate(typically<10Mbps)DSLmodemsplitterDSLaccessmultiplexer1-13IntroductionAccessnet:cablenetworkcablemodemsplitter…cableheadendChannelsVIDEOVIDEOVIDEOVIDEOVIDEOVIDEODATADATACONTROL123456789frequencydivisionmultiplexing:differentchannelstransmittedindifferentfrequencybands1-14Introductiondata,TVtransmittedatdifferentfrequenciesoversharedcabledistributionnetworkcablemodemsplitter…cableheadendCMTSISPcablemodemterminationsystemHFC:hybridfibercoaxasymmetric:upto30Mbpsdownstreamtransmissionrate,2Mbpsupstreamtransmissionratenetworkofcable,fiberattacheshomestoISProuterhomesshareaccessnetwork

tocableheadendunlikeDSL,whichhasdedicatedaccesstocentralofficeAccessnet:cablenetwork1-15IntroductionAccessnet:homenetworkto/fromheadendorcentralofficecableorDSLmodemrouter,firewall,NATwiredEthernet(100Mbps)wirelessaccesspoint(54Mbps)wirelessdevicesoftencombinedinsinglebox1-16IntroductionEnterpriseaccessnetworks(Ethernet)typicallyusedincompanies,universities,etc10Mbps,100Mbps,1Gbps,10Gbpstransmissionratestoday,endsystemstypicallyconnectintoEthernetswitchEthernetswitchinstitutionalmail,webserversinstitutionalrouterinstitutionallinktoISP(Internet)1-17IntroductionWirelessaccessnetworkssharedwirelessaccessnetworkconnectsendsystemtorouterviabasestationaka“accesspoint”wirelessLANs:withinbuilding(100ft)802.11b/g(WiFi):11,54Mbpstransmissionratewide-areawirelessaccessprovidedbytelco(cellular)operator,10’skmbetween1and10Mbps3G,4G:LTEtoInternettoInternet1-18Host:sendspacketsofdatahostsendingfunction:takesapplicationmessagebreaksintosmallerchunks,knownaspackets,oflengthLbitstransmitspacketintoaccessnetworkattransmissionrateRlinktransmissionrate,akalinkcapacity,akalinkbandwidthR:linktransmissionratehost12twopackets,LbitseachpackettransmissiondelaytimeneededtotransmitL-bitpacketintolinkL(bits)R(bits/sec)==1-19IntroductionPhysicalmediabit:

propagatesbetween

transmitter/receiverpairsphysicallink:whatliesbetweentransmitter&receiverguidedmedia:signalspropagateinsolidmedia:copper,fiber,coaxunguidedmedia:

signalspropagatefreely,e.g.,radiotwistedpair(TP)twoinsulatedcopperwiresCategory5:100Mbps,1GpbsEthernetCategory6:10Gbps1-20IntroductionPhysicalmedia:coax,fibercoaxialcable:twoconcentriccopperconductorsbidirectionalbroadband:multiplechannelsoncableHFCfiberopticcable:glassfibercarryinglightpulses,eachpulseabithigh-speedoperation:high-speedpoint-to-pointtransmission(e.g.,10’s-100’sGpbstransmissionrate)lowerrorrate:repeatersspacedfarapartimmunetoelectromagneticnoise1-21IntroductionPhysicalmedia:radiosignalcarriedinelectromagneticspectrumnophysical“wire”bidirectionalpropagationenvironmenteffects:reflectionobstructionbyobjectsinterferenceradiolinktypes:terrestrialmicrowavee.g.upto45MbpschannelsLAN(e.g.,WiFi)11Mbps,54Mbpswide-area(e.g.,cellular)3Gcellular:~fewMbpssatelliteKbpsto45Mbpschannel(ormultiplesmallerchannels)270msecend-enddelaygeosynchronousversuslowaltitude1-22IntroductionChapter1:roadmap1.1whatistheInternet?1.2networkedge

endsystems,accessnetworks,links1.3networkcorepacketswitching,circuitswitching,networkstructure1.4delay,loss,throughputinnetworks1.5protocollayers,servicemodels1.6networksunderattack:security1.7history1-23Introductionmeshofinterconnectedrouterspacket-switching:hostsbreakapplication-layermessagesintopacketsforwardpackets

fromoneroutertothenext,acrosslinksonpathfromsourcetodestinationeachpackettransmittedatfulllinkcapacityThenetworkcore1-24IntroductionPacket-switching:store-and-forwardtakesL/Rsecondstotransmit(pushout)L-bitpacketintolinkatRbpsstoreandforward:

entirepacketmustarriveatrouterbeforeitcanbetransmittedonnextlinkone-hopnumericalexample:L=7.5MbitsR=1.5Mbpsone-hoptransmissiondelay=5secmoreondelayshortly…1-25sourceRbpsdestination123LbitsperpacketRbpsend-enddelay=2L/R(assumingzeropropagationdelay)IntroductionPacketSwitching:queueingdelay,lossABCR=100Mb/sR=1.5Mb/sDEqueueofpacketswaitingforoutputlink1-26queuingandloss:Ifarrivalrate(inbits)tolinkexceedstransmissionrateoflinkforaperiodoftime:packetswillqueue,waittobetransmittedonlinkpacketscanbedropped(lost)ifmemory(buffer)fillsupNetworkLayer4-27Twokeynetwork-corefunctionsforwarding:

movepacketsfromrouter’sinputtoappropriaterouteroutputrouting:

determinessource-destinationroutetakenbypacketsroutingalgorithmsroutingalgorithmlocalforwardingtableheadervalueoutputlink010001010111100132211230111destaddressinarrivingpacket’sheaderIntroductionAlternativecore:circuitswitchingend-endresourcesallocatedto,reservedfor“call”betweensource&dest:Indiagram,eachlinkhasfourcircuits.callgets2ndcircuitintoplinkand1stcircuitinrightlink.dedicatedresources:nosharingcircuit-like(guaranteed)performancecircuitsegmentidleifnotusedbycall(nosharing)Commonlyusedintraditionaltelephonenetworks1-28IntroductionCircuitswitching:FDMversusTDMFDMfrequencytimeTDMfrequencytime4usersExample:1-29IntroductionPacketswitchingversuscircuitswitchingexample:1Mb/slinkeachuser:100kb/swhen“active”active10%oftimecircuit-switching:

10userspacketswitching:

with35users,probability>10activeatsametimeislessthan.0004*packetswitchingallowsmoreuserstousenetwork!N

users1MbpslinkQ:howdidwegetvalue0.0004?Q:whathappensif>35users?…..1-30*CheckouttheonlineinteractiveexercisesformoreexamplesIntroductiongreatforburstydataresourcesharingsimpler,nocallsetupexcessivecongestionpossible:packetdelayandlossprotocolsneededforreliabledatatransfer,congestioncontrolQ:Howtoprovidecircuit-likebehavior?bandwidthguaranteesneededforaudio/videoappsstillanunsolvedproblem(chapter7)ispacketswitchinga“slamdunkwinner?”Q:humananalogiesofreservedresources(circuitswitching)versuson-demandallocation(packet-switching)?Packetswitchingversuscircuitswitching1-31Internetstructure:networkofnetworksEndsystemsconnecttoInternetviaaccessISPs(InternetServiceProviders)Residential,companyanduniversityISPsAccessISPsinturnmustbeinterconnected.SothatanytwohostscansendpacketstoeachotherResultingnetworkofnetworksisverycomplexEvolutionwasdrivenbyeconomicsandnationalpoliciesLet’stakeastepwiseapproachtodescribecurrentInternetstructureInternetstructure:networkofnetworksQuestion:givenmillionsofaccessISPs,howtoconnectthemtogether?accessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnet………………Internetstructure:networkofnetworksOption:connecteachaccessISPtoeveryotheraccessISP?accessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnet……………………………connectingeachaccessISPtoeachotherdirectlydoesn’tscale:O(N2)connections.Internetstructure:networkofnetworksaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnet………………Option:connecteachaccessISPtoaglobaltransitISP?CustomerandproviderISPshaveeconomicagreement.global

ISPInternetstructure:networkofnetworksaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnet………………ButifoneglobalISPisviablebusiness,therewillbecompetitors….ISPBISPAISPCInternetstructure:networkofnetworksaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnet………………ButifoneglobalISPisviablebusiness,therewillbecompetitors….whichmustbeinterconnectedISPBISPAISPCIXPIXPpeeringlinkInternetexchangepointInternetstructure:networkofnetworksaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnet…………………andregionalnetworksmayarisetoconnectaccessnetstoISPSISPBISPAISPCIXPIXPregionalnetInternetstructure:networkofnetworksaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnetaccessnet…………………andcontentprovidernetworks(e.g.,Google,Microsoft,Akamai)mayruntheirownnetwork,tobringservices,contentclosetoendusersISPBISPAISPBIXPIXPregionalnetContentprovidernetworkIntroductionInternetstructure:networkofnetworksatcenter:small#ofwell-connectedlargenetworks“tier-1”commercialISPs

(e.g.,Level3,Sprint,AT&T,NTT),national&internationalcoveragecontentprovidernetwork(e.g,Google):privatenetworkthatconnectsitdatacenterstoInternet,oftenbypassingtier-1,regionalISPs1-40accessISPaccessISPaccessISPaccessISPaccessISPaccessISPaccessISPaccessISPRegionalISPRegionalISPIXPIXPTier1ISPTier1ISPGoogleIXPIntroductionTier-1ISP:e.g.,Sprint…to/fromcustomerspeeringto/frombackbone…………POP:point-of-presence1-41IntroductionChapter1:roadmap1.1whatistheInternet?1.2networkedge

endsystems,accessnetworks,links1.3networkcore

packetswitching,circuitswitching,networkstructure1.4delay,loss,throughputinnetworks1.5protocollayers,servicemodels1.6networksunderattack:security1.7history1-42IntroductionHowdolossanddelayoccur?packetsqueueinrouterbuffers

packetarrivalratetolink(temporarily)exceedsoutputlinkcapacitypacketsqueue,waitforturnABpacketbeingtransmitted(delay)packetsqueueing

(delay)free(available)buffers:arrivingpacketsdropped(loss)ifnofreebuffers1-43IntroductionFoursourcesofpacketdelaydproc:nodalprocessing

checkbiterrorsdetermineoutputlinktypically<msecABpropagationtransmissionnodalprocessingqueueing

dqueue:queueingdelaytimewaitingatoutputlinkfortransmissiondependsoncongestionlevelofrouterdnodal=dproc+dqueue+dtrans+dprop1-44Introductiondtrans:transmissiondelay:L:packetlength(bits)R:linkbandwidth(bps)dtrans

=L/Rdprop:propagationdelay:d:lengthofphysicallinks:propagationspeedinmedium(~2x108m/sec)dprop=d/sdtransanddpropverydifferentFoursourcesofpacketdelaypropagationnodalprocessingqueueingdnodal=dproc+dqueue+dtrans+dprop1-45ABtransmission*CheckouttheJpdelayIntroductionCaravananalogycars“propagate”at

100km/hrtollboothtakes12sectoservicecar(bittransmissiontime)car~bit;caravan~packetQ:Howlonguntilcaravanislinedupbefore2ndtollbooth?timeto“push”entirecaravanthroughtollboothontohighway=12*10=120sectimeforlastcartopropagatefrom1stto2ndtollboth:100km/(100km/hr)=1hrA:62minutestollboothtollboothten-carcaravan100km100km1-46IntroductionCaravananalogy(more)supposecarsnow“propagate”at1000km/hrandsupposetollboothnowtakesonemintoserviceacarQ:Willcarsarriveto2ndboothbeforeallcarsservicedatfirstbooth?A:Yes!after7min,1stcararrivesatsecondbooth;threecarsstillat1stbooth.tollboothtollboothten-carcaravan100km100km1-47IntroductionR:linkbandwidth(bps)L:packetlength(bits)a:averagepacketarrivalratetrafficintensity=La/RLa/R~0:avg.queueingdelaysmallLa/R->1:avg.queueingdelaylargeLa/R>1:more“work”arrivingthancanbeserviced,averagedelayinfinite!averagequeueingdelayLa/R~0Queueingdelay(revisited)La/R->11-48*CheckouttheJavaappletforaninteractiveanimationonqueuingandlossIntroduction“Real”Internetdelaysandrouteswhatdo“real”Internetdelay&losslooklike?tracerouteprogram:providesdelaymeasurementfromsourcetorouteralongend-endInternetpathtowardsdestination.Foralli:sendsthreepacketsthatwillreachrouterionpathtowardsdestinationrouteriwillreturnpacketstosendersendertimesintervalbetweentransmissionandreply.3probes3probes3probes1-49Introduction“Real”Internetdelays,routes1cs-gw(54)1ms1ms2ms2(45)1ms1ms2ms3(30)6ms5ms5ms4(29)16ms11ms13ms5(36)21ms18ms18ms6()22ms18ms22ms7(6)22ms22ms22ms853(53)104ms109ms106ms9(29)109ms102ms104ms10(0)113ms121ms114ms11(4)112ms114ms112ms12nio-n2.cssi.renater.fr(3)111ms114ms116ms13nice.cssi.renater.fr(02)123ms125ms124ms14r3t2-nice.cssi.renater.fr(10)126ms126ms124ms15(4)135ms128ms133ms165(5)126ms128ms126ms17***18***19fantasia.eurecom.fr(42)132ms128ms136

mstraceroute:towww.eurecom.fr3delaymeasurementsfromto*meansnoresponse(probelost,routernotreplying)trans-oceaniclink1-50*DosometraceroutesfromexoticcountriesatIntroductionPacketlossqueue(akabuffer)precedinglinkinbufferhasfinitecapacitypacketarrivingtofullqueuedropped(akalost)lostpacketmayberetransmittedbypreviousnode,bysourceendsystem,ornotatallABpacketbeingtransmittedpacketarrivingtofullbufferislostbuffer(waitingarea)1-51*CheckouttheJavaappletforaninteractiveanimationonqueuingandlossIntroductionThroughputthroughput:rate(bits/timeunit)atwhichbitstransferredbetweensender/receiverinstantaneous:rateatgivenpointintimeaverage:rateoverlongerperiodoftimeserver,withfileofFbitstosendtoclientlinkcapacityRs

bits/seclinkcapacityRc

bits/secserversendsbits(fluid)intopipepipethatcancarryfluidatrateRs

bits/sec)pipethatcancarryfluidatrateRc

bits/sec)1-52IntroductionThroughput(more)Rs<Rc

Whatisaverageend-endthroughput?Rs

bits/secRc

bits/secRs>Rc

Whatisaverageend-endthroughput?linkonend-endpaththatconstrainsend-endthroughputbottlenecklinkRs

bits/secRc

bits/sec1-53IntroductionThroughput:Internetscenario10connections(fairly)sharebackbonebottlenecklinkR

bits/secRsRsRsRcRcRcRper-connectionend-endthroughput:min(Rc,Rs,R/10)inpractice:RcorRsisoftenbottleneck1-54IntroductionChapter1:roadmap1.1whatistheInternet?1.2networkedge

endsystems,accessnetworks,links1.3networkcore

packetswitching,circuitswitching,networkstructure1.4delay,loss,throughputinnetworks1.5protocollayers,servicemodels1.6networksunderattack:security1.7history1-55IntroductionProtocol“layers”Networksarecomplex,withmany“pieces”:hostsrouterslinksofvariousmediaapplicationsprotocolshardware,softwareQuestion:

isthereanyhopeoforganizingstructureofnetwork?….oratleastourdiscussionofnetworks?1-56IntroductionOrganizationofairtravelaseriesofstepsticket(purchase)baggage(check)gates(load)runwaytakeoffairplaneroutingticket(complain)baggage(claim)gates(unload)runwaylandingairplaneroutingairplanerouting1-57Introductionticket(purchase)baggage(check)gates(load)runway(takeoff)airplaneroutingdepartureairportarrivalairportintermediateair-trafficcontrolcentersairplaneroutingairplaneroutingticket(complain)baggage(claimgates(unload)runway(land)airplaneroutingticketbaggagegatetakeoff/landingairplaneroutingLayeringofairlinefunctionalitylayers:

eachlayerimplementsaserviceviaitsowninternal-layeractionsrelyingonservicesprovidedbylayerbelow1-58IntroductionWhylayering?dealingwithcomplexsystems:explicitstructureallowsidentification,relationshipofcomplexsystem’spieceslayeredreferencemodelfordiscussionmodularizationeasesmaintenance,updatingofsystemchangeofimplementationoflayer’sservicetransparenttorestofsysteme.g.,changeingateproceduredoesn’taffectrestofsystemlayeringconsideredharmful?1-59IntroductionInternetprotocolstackapplication:supportingnetworkapplicationsFTP,SMTP,HTTPtransport:process-processdatatransferTCP,UDPnetwork:routingofdatagramsfromsourcetodestinationIP,routingprotocolslink:datatransferbetweenneighboringnetworkelementsEthernet,802.111(WiFi),PPPphysical:bits“onthewire”applicationtransportnetworklinkphysical1-60IntroductionISO/OSIreferencemodelpresentation:allowapplicationstointerpretmeaningofdata,e.g.,encryption,compression,machine-specificconventionssession:synchronization,checkpointing,recoveryofdataexchangeInternetstack“missing”theselayers!theseservices,ifneeded,mustbeimplementedinapplicationneeded?applicationpresentationsessiontransportnetworklinkphysical1-61IntroductionsourceapplicationtransportnetworklinkphysicalHtHnMsegmentHtdatagramdestinationapplicationtransportnetworklinkphysicalHtHnHlMHtHnMHtMMnetworklinkphysicallinkphysicalHtHnHlMHtHnMHtHnMHtHnHlMrouterswitchEncapsulationmessageMHtMHnframe1-62IntroductionChapter1:roadmap1.1whatistheInternet?1.2networkedge

endsystems,accessnetworks,links1.3networkcorepacketswitching,circuitswitching,networkstructure1.4delay,loss,throughputinnetworks1.5protocollayers,servicemodels1.6networksunderattack:security1.7history1-63IntroductionNetworksecurityfieldofnetworksecurity:howbadguyscanattackcomputernetworkshowwecandefendnetworksagainstattackshowtodesignarchitecturesthatareimmunetoattacksInternetnotoriginallydesignedwith(much)securityinmindoriginalvision:

“agroupofmutuallytrustingusersattachedtoatransparentnetwork”

Internetprotocoldesignersplaying“catch-up”securityconsiderationsinalllayers!1-64IntroductionBadguys:putmalwareintohostsviaInternetmalwarecangetinhostfrom:virus:self-replicatinginfectionbyreceiving/executingobject(e.g.,e-mailattachment)worm:self-replicatinginfectionbypassivelyreceivingobjectthatgetsitselfexecutedspywaremalwarecanrecordkeystrokes,websitesvisited,uploadinfotocollectionsiteinfectedhostcanbeenrolledinbotnet,usedforspam.DDoSattacks1-65IntroductiontargetDenialofService(DoS):attackersmakeresources(server,bandwidth)unavailabletolegitimatetrafficbyoverwhelmingresourcewithbogustraffic1.selecttarget2.breakintohostsaroundthenetwork(seebotnet)3.sendpacketstotargetfromcompromisedhostsBadguys:attackserver,networkinfrastructure1-66IntroductionBadguyscansniffpacketspacket“sniffing”:

broadcastmedia(sharedethernet,wireless)promiscuousnetworkinterfacereads/recordsallpackets(e.g.,includingpasswords!)passingbyABCsrc:Bdest:Apayloadwiresharksoftwareusedforend-of-chapterlabsisa(free)packet-sniffer1-67IntroductionBadguyscanusefakeaddressesIPspoofing:

sendpacketwithfalsesourceaddressABCsrc:Bdest:Apayload1-68…lotsmoreonsecurity(throughout,Chapter8)IntroductionChapter1:roadmap1.1whatistheInternet?1.2networkedge

endsystems,accessnetworks,links1.3networkcore

packetswitching,circuitswitching,networkstructure1.4delay,loss,throughputinnetworks1.5protocoll