ip address and its types

1. ITP 457
Network Security
Networking Technologies III
IP, Subnets & NAT

2. Internet Protocol( IP)
 IP handles end-to-end delivery
 Most commonly used network layer protocol
 All traffic on the internet uses IP

3. Internet Protocol ( IP)
 Upon receiving packet from Transport layer,
IP layer generates a header
 Header includes : source and destination IP
addresses
 Header is added to front of TCP packet to
create a resulting IP packet.
 Purpose of IP is to carry packets end to end
across a network.

4. IP header
Source IP address
Destination IP address
Data

5. IP addresses
 Identify each individual machine on the
internet
 32 bits in length
 Hackers attempt to determine all IP address
in use on a target network – “network
mapping”
 Hackers generate bogus packets appearing
to come from a given IP address – “IP
address spoofing”

6. IP Addresses in depth
 32 bits, with 8 bit groupings
 E.x: 192.168.0.1
 Each number between the dots can be between 0
and 255
 4 billion combinations
 Not really
 Allocated in groups called address blocks
 3 sizes, based on the class of the address
 Class A, Class B, and Class C

7. Class A Addresses
 Giant organizations
 There are no more available
 All IP addresses are of the form:
0 – 126.x.x.x
x can be between 0 and 255
 The first octet is assigned to the owner, with the rest being freely
distributable to the nodes
 Has a 24 bit address space
 Uses up to half of the total IP addresses available!!!
 Who owns these???
 Internet Service Providers
 Large internet companies
 Google, CNN, WB

8. Class B Addresses
 Large Campuses or Organizations
 Example: Colleges, including USC
 These are running out!!!
 All Class B Addresses are of the form:
128 - 191.x.x.x
Where x can take any number between 0 and 255
 The first two octets are assigned to the address block owner, with
the last two being freely distributable
 Example: 128.125.x.x  USC
 Example: 169.232.x.x  UCLA
 16-bit address space
 ¼ of all IP addresses belong to Class B Addresses

9. Class C Addresses
 Small to mid-sized businesses
 A fair number left
 All Class C Addresses have the following
format:
192-232.x.x.x
 The first three octets are assigned, with the
last being freely distributable
 Only 253 distributable addresses within a Class C
Address

10. Reserved Addresses
 Private Networks (no public connections)
 10.x.x.x
 172.16.x.x
 192.168.x.x
 127.x.x.x – local network (loopback)
 255.255.255.255 – broadcast – sends to
everyone on the network

11. Netmasks
 IP address has 2 components
 Network address
 Host address
 Determined by the address and the class of
the address
 Example (Class C):
 IP Address: 192.168.3.16
 Network address: 192.168.3
 Host address: 16

12. Packet Fragmentation
 Various transmission media have different
characteristics
 Some require short packets others require
longer packets
 E.g. satellite – longer packets
 Local LAN – shorter packets

13. Packet Fragmentation
 To optimize packet lengths for various
communication links, IP offers network elements
(routers and firewalls) the ability to slice up packets
into smaller pieces, a process called fragmentation.
 The end system’s IP layer is responsible for
reassembling all fragments
 Hackers use packet fragmentation to avoid being
detected by Intrusion Detection Systems

14. Lack of Security in IP
 IP version 4 does not include any security
 All components of packets are in clear text,
nothing is encrypted
 Anything in the header or data segment can
be viewed or modified by the hacker
 TCP/UDP Hijacking
 “Man-in-the-middle” attack

15. ICMP
 ICMP – Internet Control Message Protocol
 It is the Network Plumber
 Its job is to transmit command and control
information between networks and systems

16. ICMP examples
 “ping” request = ICMP Echo message
 If the “pinged” system is alive it will respond with
ICMP Echo Reply Message
 Try pinging
 www.google.com
 www.yahoo.com
 www.cnn.com
 Will they all work?
 Some sites have disabled ping. Why?
 Ping-of-death  a ping too big
 Ping flooding  type of denial-of-service attack

17. Routers and packets
 Routers
 Transfer packets from network to network
 They determine the path that a packet should
take across the network specifying from hop to
hop which network segments the packets should
bounce through as they travel across the network
 Most networks use dynamic routing
 RIP, EIGRP
 We will be discussing these technologies later in
the course

18. Network address translation
 NAT
 Blocks of addresses are allotted to ISP’s and
organizations
 Classes of IP Addresses
 What happens when we have more
computers than IP Addresses?
 We have a Class C address – allows 253
computers
 Our organization has 1000 computers
 What do we do???

19. Solution?
 Reserve a range of IP addresses to build
your own IP network
 10.x.y.z - un-routable IP addresses
 172.16.y.z
 192.168.y.z
 How to connect these machines to Internet?

20. Network Address Translation
 Use a gateway /router to map invalid addresses to
valid IP addresses
 Translates your local address to a routable address
 Router receives one IP Address
 Either dynamically assigns addresses to all the nodes
behind the router, or it is assigned statically using non-
routable addresses
 If dynamic, uses DHCP (Dynamic Host Configuration Protocol)
 When someone inside the network wants to access a
computer outside the local network (the internet), the
request is sent to the router, which uses NAT to send the
request to the internet

21. NAT and security?
 Does NAT improve security?
 It hides internal IP addresses from hacker
 NAT must be combined with “firewalls” for
optimum security

22. Firewalls

23. Firewalls
 Network traffic cops
 Tools that control the flow of traffic going
between networks
 By looking at addresses associated with
traffic, firewalls determine whether
connections should be transmitted or
dropped
 We will cover the setup and configuration of
firewalls in great depth later in class