so we are starting with a brand new chapter network security so i'm going to assume that you already have a background in computer networks otherwise all this will be a bit tough for you to follow networks by itself is a vast topic it's a course by itself so in this video some of the core concepts i will provide a quick recap again i won't get into many details even later when we talk about security aspects related to network you need to understand certain protocols those protocol specific that is topic related recap i will provide when i am addressing that particular protocol so these will be covered later again this will all be a recap it is expected that you know all these concepts beforehand itself else you have to read up on your own so once we finish this high level background we will move on to what does network security mean why are networks vulnerable how are attacks launched in networks and what kind of defense mechanisms are possible all this is basically a very high level outline for what is to follow everyone knows the word internet including five year olds so what does this mean so this word can be split into inter and net essentially something that interconnects heterogeneous networks at a large global scale heterogeneous here refers to a variety of networks the underlying core technology is different so it can be ethernet networks fiber optics networks wireless networks and so on so in this figure the network a could be an ethernet network in which case the link technology that is being used to interconnect two devices will be ethernet this network b could be a wireless network in which case the link technology used in here will be a wireless technology inside this networks itself there can be many devices mini links and so on and these are interconnected by routers in this particular fashion by the way this is a very simplistic view of the internet internet is and lots more complex that you should know by now so what internet basically achieves is communication between these two end points so here is one node a and here is another node b it can be a client this can be a server they won't both want to talk with each other how do you enable communication we are not even talking about secure communication just communication so this is a very complex task because you have to take care of many things how do you do error control how do you ensure reliability how do you ensure everyone is sharing the media nicely and so on so this complex task is handled via layers this leads to something called an internet protocol stack so it's a modular design that makes it easy to implement and it is also a distributed implementation that makes it more fault tolerant each of this layer is in turn made up of protocols so like arp protocol ospf protocol tcp protocol all these are protocols that occur at different layers of the protocol stack protocol we already saw this is an agreement on how to communicate this defines the format rules actions so how many layers does the internet protocol stack have that is right 5 it's not 7 because that session and presentation are not used in practice so each of this layer has a specific functionality so what is the role of the network layer what about transport layer and what about link layer so let's start from bottom up so the role of the physical layer is essentially to enable bit transmissions on media how to convert bits into signals that go on the link that is the role of the physical layer the role of the link layer is to enable communication between neighbors so it is not bothered so in this previous figure you saw a client communicating to the server over many routers the link layer is not bothered it is only bothered with one node talking with another node so what does it mean for these two nodes which are neighbors to talk with each other now the role of the network layer is end to end routing of messages so this takes care of what is the route to take how do i transfer it from the source to the destination host so in order to achieve this you do need to take services of the link layer we will get to that shortly the role of the transport layer is just process to process communication that is on a machine there can be many processes which are corresponding to applications running how do we ensure that this process communicates with some other process on some other machine and applications are very specific to a given purpose so emails help us share some messages web helpers in browsing the internet file transfers let us transfer file from one to the other so these applications are built making use of the functionality provided by all these layers so what are the core concepts which you should know and which i'm just going to provide a very high level overview are listed here so let's get started so the complex functionality as i mentioned is in the form of layers so there are multiple layers let's look at this example let's assume that this is the transport layer and this is the application layer now this application wants reliable transfer of messages so that job the transport layer protocol like tcp is going to provide now this is a service interface so this will communicate through this interface that i want reliable transfer and there may be other parameters that may also be communicated and then there is a peer interface between the tcp implementation on this host and the tcp implementation on this host both are peers and their job is to provide reliability and for this they both need an interface to for example specify the sequence numbers that i am going to start with this sequence number or acknowledgements that i have received something until now so for that they both have to communicate for which you need a peer interface so that is what is listed here surface interface is an interface for users of the functionality and peer interface is an interface with a peer that is needed to implement that particular functionality this communication between the higher layer and the lower layer that is of service interface is straight forward because these both layers often are on the same machine but these peer layers are on separate machines how do they interface with each other well this is through the process of headers so this leads to the concept of encapsulation and decapsulation so each layer as it makes use of services of the lower layer also adds a header this header is not for use within this machine this header is for the peer so this for example is the application layer it will pass the application layer data here you add a tcp header which will be interpreted by the peer here and similarly when this goes down this you will add a network layer which will be interpreted by some router in between these hosts and similarly when these other devices receive this so for example here you will look at this network layer process this this is of no relevance to the higher layers so you do not pass it up you pass only those layers that are of relevance again this will read what the other guy has sent make some sense of it and then pass it up by removing this because the higher layer again has no use for this so here is an example of an ip header which is used for communicating between two peers that implement this ip protocol so for example this may be one router this may be another router so this router when it communicates with it it will go down the protocol stack up the protocol stack and it will interpret this ip header that this guy created or modified and act on it accordingly so this can also happen between a host and its next router typically hosts are the ones that create these headers routers tend to modify it so it has information such as who is generating this packet who is this packet for and so on and these intermediate routers will look at this destination address and figure out who is the next hop router they should send this packet to so what we have seen is encapsulation decapsulation the other thing which you should also know is multiplexing and demultiplexing so for this typically when you receive a packet with some header at a given layer you need to decide which among the higher layer protocols i need to pass this packet to because there may be multiple protocols running at a given layer for example when you receive a packet at the ip layer you need to look at the header and figure out should this packet be processed by the higher layer tcp or by the udp accordingly you will pass it on similarly when you receive a packet at the transport layer again depending upon what the port number is you decide whether this should go to http smtp or pgp process so essentially the headers have these fields frame type protocol or port number which at any given layer will specify which of the higher layer protocols this packet has to be passed for further processing so encapsulation decapsulation add these headers multiplexing demultiplexing use the fields within the headers to pass the packet to the relevant process or protocol so all these layers interactions with networks is shown in this figure suppose there is a network one which is an ethernet network and there is a network two which is a token ring network and network three which is a point to point this is the network three even though there is one link we can still use the route as a network and network 4 which is again ethernet notice that this is a star topology lot of people think ethernet is a bus topology those days are long gone this is not there anymore so switches interconnect the hosts in this particular fashion suppose host one here wants to send a packet to host2 this is how the layers are traversed so some application here will pass the data to the tcp layer it will add its own header this packet will move down the protocol stack and it will come to the switch this switch is a link layered device so it implements this ethernet link layer protocol and then based on this this may decide to pass it to the router and this router has a network layer as you can also see this router is implementing two link interfaces one is ethernet one is token ring and again this packet goes up and again comes back on the other interface and then again passes it out on this link and at the host 2 it will go up the protocol stack like this the same thing has been explained if you want to send a packet from host 1 to host 3 except that it now traverses s1 r1 r2 s2 and h3 another thing to note that a router typically has multiple links and there will be protocols specific to that particular link this said again something people tend to confuse is these switches and routers as far as functionality is concerned these are the layers that they have to implement but often these switches and routers also implement isp tcp layers because you need to manage these switches to manage the switch some application has to run on this and you may want to use tcp to talk with that application so to configure these switches to debug what is happening on the switches you may have to use these other layers as well but as far as functionality is concerned this is what they need to implement packet switching is another core concept that you should be aware of this is in contrast to circuit switching as employed in telephone networks so circuit switching operates with dedicated resources whereas here this is all shared resources you share based on demand so for example if this is a router and it is connected to all these hosts and there is an outgoing link this outgoing link is not dedicated to any of this host as the packets come it will serve them in some first and first out or some round robin process and put them out on the link and how do you ensure fairness one host is not gobbling up all the link bandwidth by putting restrictions on the package size so this ensures some fairness so all these packets are interspersed and sent out on the link that way they are sharing that link capacity another thing that this sharing brings in is a store and forward operation it is not that because many links will be wanting to send on the same output you have to store these packets in a buffer so that is the store and forward mode of operation it is possible that when you do this you may also suffer from buffer overflow that is this can also lead to packet loss so this is the concept of packet switching one other thing to note about the internet is it's a best effort service based on datagram model datagram is nothing but a form of packet switching there is another form of packet switching called virtual switching virtual circuit switching this is not popular so datagram is what is used so what a datagram means is there is no connection setup you can just start sending packets as you get them and best effort means that the network will do its best to deliver the packet to the other end but in the process there are no guarantees the packet can get lost it can get corrupted it can get reordered it can get misdelivered it can be duplicated delayed and so on the reason why internet follows a best effort service is because it is based on this kiss principle stands for keep it simple stupid and that is its greatest strength this is what makes it interconnect heterogeneous networks because if the networks are heterogeneous one provides some guarantees the other does not provide any guarantees you cannot as such provide any guarantees as well so that is the basis for this so this runs over everything so this ip which is what is interconnecting the networks it has to be a common protocol otherwise you cannot interconnect so that is why you only see one protocol called ip at the network layer at the other layers you can have lot of choices so that's it we are done with some core concepts that you need to know before we proceed further