You are previewing Introduction to Computer Networks and Cybersecurity.
O'Reilly logo
Introduction to Computer Networks and Cybersecurity

Book Description

If a network is not secure, how valuable is it? Introduction to Computer Networks and Cybersecurity takes an integrated approach to networking and cybersecurity, highlighting the interconnections so that you quickly understand the complex design issues in modern networks. This full-color book uses a wealth of examples and illustrations to effectively connect the principles of networks and networking protocols with the relevant cybersecurity issues.

Get the Fundamentals of Internet Architecture and the Protocol Layers

Organized into six parts, the book walks you through the fundamentals, starting with the way most people first encounter computer networks—through the Internet architecture. Part 1 covers the most important Internet applications and the methods used to develop them. Part 2 discusses the network edge, consisting of hosts, access networks, LANs, and the physical media used with the physical and link layers. Part 3 explores the network core, including packet/circuit switches, routers, and the Internet backbone, and Part 4 examines reliable transport and the management of network congestion.

Learn about Malware and Security Systems

Building on the concepts and principles, the book then delves into state-of-the-art cybersecurity mechanisms in Part 5. It reviews the types of malware and the various security systems, made up of firewalls, intrusion detection systems, and other components. Crucially, it provides a seamless view of an information infrastructure in which security capabilities are built in rather than treated as an add-on feature. The book closes with a look at emerging technologies, including virtualization and data center and cloud computing unified communication.

Understand Cyber Attacks—and What You Can Do to Defend against Them

This comprehensive text supplies a carefully designed introduction to both the fundamentals of networks and the latest advances in Internet security. Addressing cybersecurity from an Internet perspective, it prepares you to better understand the motivation and methods of cyber attacks and what you can do to protect the networks and the applications that run on them.

Pedagogical Features

The book’s modular design offers exceptional flexibility, whether you want to use it for quick reference, self-study, or a wide variety of one- or two-semester courses in computer networks, cybersecurity, or a hybrid of both. Learning goals in each chapter show you what you can expect to learn, and end-of-chapter problems and questions test your understanding. Throughout, the book uses real-world examples and extensive illustrations and screen captures to explain complicated concepts simply and clearly. Ancillary materials, including PowerPoint® animations, are available to instructors with qualifying course adoption.

Table of Contents

  1. To the Student
  2. To the Instructor
  3. Highlights of the Text
  4. Organization Supports both Hybrid and Other Well-Known Approaches
  5. Pedagogy
  6. Supplements
  7. Acknowledgments
  8. An Introduction to Information Networks
    1. I.1 Introduction
    2. I.2 The Internet Architecture
      1. I.2.1 A Hierarchical Structure
      2. I.2.2 Internet Standards and the Internet Corporation for Assigned Names and Numbers (ICANN)
    3. I.3 Access Networks
      1. I.3.1 Digital Subscriber Lines (DSL)
      2. I.3.2 Hybrid Fiber Coax (HFC)
      3. I.3.3 Fiber in the Loop (FITL)
      4. I.3.4 Broadband over Power Lines (BPL) and HomePlug
      5. I.3.5 A Typical Home Network
      6. I.3.6 Local Area Networks (LAN)
      7. I.3.7 Wireless Access Networks
      8. I.3.8 The Transmission Media
    4. I.4 The Network Core
      1. I.4.1 Internet eXchange Points (IXPs)
      2. I.4.2 Tier-1 Internet Service Providers (ISPs)
      3. I.4.3 The Internet2 Network
    5. I.5 Circuit Switching vs. Packet Switching
      1. I.5.1 Circuit Switching
      2. I.5.2 A Comparison of Circuit Switching with Packet Switching Using Statistical Multiplexing
    6. I.6 Packet Switching Delays and Congestion
      1. I.6.1 Packet Switching Delays
      2. I.6.2 Packet Loss and Delay
      3. I.6.3 Congestion and Flow Control
    7. I.7 The Protocol Stack
      1. I.7.1 The US DoD Protocol Stack
      2. I.7.2 The OSI Protocol Stack
      3. I.7.3 Packet Headers and Terms
      4. I.7.4 The Layer 2 (L2) to Layer 5 (L5) Operations
      5. I.7.5 A User’s Perception of Protocols
      6. I.7.6 A Comparison of the Connection-Oriented and Connectionless Approaches
    8. I.8 Providing the Benefits of Circuit Switching to Packet Switching
    9. I.9 Cybersecurity
      1. I.9.1 Attacks and Malware
        1. I.9.1.1 The Zero-Day Attack and Mutation in Delivery
        2. I.9.1.2 Crimeware Toolkits and Trojans
        3. I.9.1.3 Sophisticated Malware
      2. I.9.2 Defensive Measures for Cybersecurity
        1. I.9.2.1 The Firewall, the Intrusion Detection System (IDS) and the Intrusion Prevention System (IPS)
        2. I.9.2.2 Virtual Private Networks (VPN) and Access Control
        3. I.9.2.3 Integrated Defense for an Enterprise Network
    10. I.10 History of the Internet
      1. I.10.1 The Development of the Internet
      2. I.10.2 The Global Information Grid (GIG) of the US Department of Defense (DoD)
    11. I.11 Concluding Remarks
    12. References
    13. Problems
  9. Section 1: Applications
    1. Chapter 1 - The Application Layer
      1. 1.1 Overview
      2. 1.2 Client/Server and Peer-to-Peer Architectures
      3. 1.3 Inter-process Communication through the Internet
      4. 1.4 Sockets
      5. 1.5 Transport Layer Services
      6. 1.6 The Hypertext Transfer Protocol (http)
        1. 1.6.1 An Overview of HTTP
        2. 1.6.2 HTTP Messages
        3. 1.6.3 The Uniform Resource Identifier (URI)
        4. 1.6.4 The GET and POST Methods
        5. 1.6.5 The HTTP Response Message
        6. 1.6.6 Persistent and Non-persistent HTTP
        7. 1.6.7 TCP Fast Open (TFO)
        8. 1.6.8 Using HTTP for a Video Progressive Download
      7. 1.7 Cookies: Providing States to HTTP
        1. 1.7.1 The Operation of Setting Cookies
        2. 1.7.2 The Details Associated with Cookies
      8. 1.8 The Design of Efficient Information Delivery through Use of a Proxy
        1. 1.8.1 The Web Cache
        2. 1.8.2 Proxy Roles and Limitations
        3. 1.8.3 An Investigation of Access Link Bandwidth Issues
        4. 1.8.4 The Wide Area Application Service (WAAS) and Content Delivery Networks (CDNs)
      9. 1.9 The File Transfer Protocol (FTP)
        1. 1.9.1 Passive and Active FTP Data Connections
        2. 1.9.2 The Secure File Transfer Protocol (SFTP)
      10. 1.10 Electronic Mail
        1. 1.10.1 The Simple Mail Transfer Protocol (SMTP)
        2. 1.10.2 Mail Access Protocols
        3. 1.10.3 Microsoft Exchange and Outlook
          1. 1.10.3.1 The Messaging Application Programming Interface (MAPI)
          2. 1.10.3.2 The RPC over HTTP or Outlook Anywhere
          3. 1.10.3.3 The Exchange Server Messaging System
      11. 1.11 Concluding Remarks
      12. References
      13. Chapter 1 Problems
    2. Chapter 2 - DNS and Active Directory
      1. 2.1 The Domain Name Service (DNS)
        1. 2.1.1 Overview
        2. 2.1.2 Recursive and Iterative Queries
        3. 2.1.3 Recursive or Caching DNS Server
        4. 2.1.4 The Resource Record (RR) and DNS Query
          1. 2.1.4.1 The RR Format
          2. 2.1.4.2 The Insertion of a Specific Type of RR
          3. 2.1.4.3 The Mail Exchange Resource Record (MX RR) and Canonical Name (CNAME)
          4. 2.1.4.4 A Zone File
          5. 2.1.4.5 The BIND 9 DNS Server Configuration
          6. 2.1.4.6 The nslookup Command
        5. 2.1.5 The DNS Protocol
        6. 2.1.6 The Whois Service
        7. 2.1.7 Server Load Balancing
        8. 2.1.8 A Detailed Illustration of DNS Query and Response Messaging
        9. 2.1.9 Reverse DNS Lookup
        10. 2.1.10 The Berkeley Internet Name Domain (BIND) Server
      2. 2.2 Active Directory (AD)
        1. 2.2.1 An Overview Including the Applications of AD
        2. 2.2.2 The Hierarchical Structure of AD
        3. 2.2.3 Active Directory’s Structure and Trust
        4. 2.2.4 The AD Objects and Their Domain
        5. 2.2.5 Sites within an Active Directory (AD) Domain
        6. 2.2.6 The Service Resource Record (SRV RR)
        7. 2.2.7 The Open Directory (OD)
      3. 2.3 Concluding Remarks
      4. References
      5. Chapter 2 Problems
    3. Chapter 3 - XML-Based Web Services
      1. 3.1 Overview of XML-Based Web Applications
      2. 3.2 Client/Server Web Application Development
      3. 3.3 The PHP Server Script
      4. 3.4 AJAX
        1. 3.4.1 The Client Side Script
        2. 3.4.2 Server Side Script
      5. 3.5 XML
        1. 3.5.1 XML Benefits
        2. 3.5.2 Minor Problems in Editors
      6. 3.6 XML Schema
        1. 3.6.1 A Simple Element
        2. 3.6.2 Attributes
        3. 3.6.3 Complex Element
        4. 3.6.4 XSD Declaration in an XML File
        5. 3.6.5 Validating a XML against a xsd File
      7. 3.7 The XML Document Object Model (DOM)
        1. 3.7.1 The Client Side
        2. 3.7.2 Server Side
      8. 3.8 Concluding Remarks
      9. References
      10. Chapter 3 Problems
    4. Chapter 4 - Socket Programming
      1. 4.1 Motivation
      2. 4.2 Socket Concepts
      3. 4.3 TCP Socket Programming
      4. 4.4 Single-Thread TCP Socket Programming
        1. 4.4.1 The Server Side
        2. 4.4.2 The Client Side
        3. 4.4.3 The TCP Server Socket
        4. 4.4.4 The TCP Client Socket
        5. 4.4.5 The TCP Output Stream
        6. 4.4.6 The TCP Input Stream
        7. 4.4.7 The Console Input and Output
        8. 4.4.8 Closing the TCP Socket
        9. 4.4.9 Get localhost IP Address
        10. 4.4.10 The TCP Connection between Two Hosts
      5. 4.5 Multi-thread TCP Socket Programming
        1. 4.5.1 The Multi-threaded TCP Server
        2. 4.5.2 The Server Side
      6. 4.6 UDP Socket Programming
        1. 4.6.1 The Server Side
        2. 4.6.2 The Client Side
        3. 4.6.3 The UDP Socket
        4. 4.6.4 Obtaining the Client’s IP Address and Port Number
        5. 4.6.5 The UDP Send
        6. 4.6.6 The UDP Receive
        7. 4.6.7 The Console Input
        8. 4.6.8 The Console Output
      7. 4.7 Multi-thread UDP Socket Programming
      8. 4.8 IPv6 Socket Programming
      9. 4.9 Concluding Remarks
      10. References
      11. Chapter 4 Problems
    5. Chapter 5 - Peer-to-Peer (P2P) Networks and Applications
      1. 5.1 P2P-vs-Client/Server
      2. 5.2 Types of P2P Networks
      3. 5.3 Pure P2P: Gnutella Networks
      4. 5.4 Partially Centralized Architectures
      5. 5.5 Hybrid Decentralized (or Centralized) P2P
      6. 5.6 Structured vs. Unstructured P2P
      7. 5.7 Skype
      8. 5.8 P2P Client Software
      9. 5.9 Peer-to-Peer Name Resolution (PNRP)
        1. 5.9.1 PNRP Clouds
        2. 5.9.2 Peer Names and PNRP IDs
        3. 5.9.3 PNRP Name Resolution
        4. 5.9.4 PNRP Name Publication
      10. 5.10 Apple’s Bonjour
      11. 5.11 Wi-Fi Direct Devices and P2P Technology
        1. 5.11.1 Device Discovery and Service Discovery
        2. 5.11.2 Groups and Security
        3. 5.11.3 Concurrent Connections and Multiple Groups
      12. 5.12 P2P Security
      13. 5.13 Internet Relay Chat (IRC)
      14. 5.14 Concluding Remarks
      15. References
      16. Chapter 5 Problems
  10. Section 2: Link and Physical Layers
    1. Chapter 6 - The Data Link Layer and Physical Layer
      1. 6.1 The Physical Layer
        1. 6.1.1 Modems
        2. 6.1.2 Pulse Code Modulation (PCM) and Codec
          1. 6.1.2.1 Analog-to-Digital (A/D) Conversion
          2. 6.1.2.2 Digital-to-Analog (D/A) Conversion
        3. 6.1.3 Data Compression
        4. 6.1.4 Digital Transmission of Digital Data
          1. 6.1.4.1 Baseband Transmission
          2. 6.1.4.2 Line Codes
          3. 6.1.4.3 Block Coding
        5. 6.1.5 Synchronization and Clock Recovery
        6. 6.1.6 Channel Multiplexing for Multiple Access
        7. 6.1.7 Error Control and Shannon’s Capacity Theorem
          1. 6.1.7.1 Error Detection
          2. 6.1.7.2 Forward Error Correction
        8. 6.1.8 Organization for the Physical Layer Presentation
      2. 6.2 Link Layer Functions
        1. 6.2.1 Link Layer in Protocol Stack
        2. 6.2.2 Medium Access Control (MAC) and Logical Link Control (LLC) Sublayers
        3. 6.2.3 Data Rate Comparison among MAC and Associated Physical Layers
      3. 6.3 Link Layer Realization
      4. 6.4 Multiple Access Protocols
        1. 6.4.1 Point-to-Point Protocol (PPP)
        2. 6.4.2 MAC Protocols
          1. 6.4.2.1 Channel Partitioning MAC Protocols
          2. 6.4.2.2 Shared Ethernet and Wireless LAN Using Random Access
          3. 6.4.2.3 Token Ring
      5. 6.5 The Link Layer Address
        1. 6.5.1 The MAC Address
        2. 6.5.2 The Address Resolution Protocol (ARP)
      6. 6.6 MAC Layer Frame Format
        1. 6.6.1 Ethernet DIX V2.0
        2. 6.6.2 802.3 MAC Layer
        3. 6.6.3 802.11 MAC Layer
      7. 6.7 The 802.2 Logic Link Control (LLC) Sublayer
        1. 6.7.1 The LLC Header
        2. 6.7.2 The LLC PDU
        3. 6.7.3 The LLC Types
        4. 6.7.4 The Subnetwork Access Protocol (SNAP)
        5. 6.7.5 NetBIOS/NetBEUI
      8. 6.8 Loop Prevention and Multipathing
        1. 6.8.1 The Spanning Tree Protocol (STP)
        2. 6.8.2 The Rapid Spanning Tree Protocol (RSTP)
        3. 6.8.3 Layer 2 Multipathing (L2MP)
      9. 6.9 Error Detection
      10. 6.10 Concluding Remarks
      11. References
      12. Chapter 6 Problems
    2. Chapter 7 - The Ethernet and Switches
      1. 7.1 Ethernet Overview
      2. 7.2 The 802.3 Medium Access Control and Physical Layers
      3. 7.3 The Ethernet Carrier Sense Multiple Access/Collision Detection Algorithm
      4. 7.4 Ethernet Hubs
      5. 7.5 Minimum Ethernet Frame Length
      6. 7.6 Ethernet Cables and Connectors
      7. 7.7 Gigabit Ethernet and Beyond
        1. 7.7.1 Gigabit Ethernet (GE)
        2. 7.7.2 The Physical Layer for GE and Faster Technologies
        3. 7.7.3 Ten Gigabit (10G) Ethernet
        4. 7.7.4 40 Gbps and 100 Gbps Ethernet
      8. 7.8 Bridges and Switches
        1. 7.8.1 The Learning Function
        2. 7.8.2 The Switch Fabric in Full Duplex Operation
        3. 7.8.3 The Switch Table
        4. 7.8.4 An Interconnected Switch Network
      9. 7.9 A Layer 2 (L2) Switch and Layer 3 (L3) Switch/Router
        1. 7.9.1 A Multilayer Switch
        2. 7.9.2 A Simple View of Internet Switches/Routers
        3. 7.9.3 The Architecture of High-Performance Internet Routers
        4. 7.9.4 A Multilayer Switch Chassis and Blades for a Campus Network
          1. 7.9.4.1 The Cisco Catalyst 6500 Switch Chassis
          2. 7.9.4.2 The Crossbar Switch Fabric and Supervisor Engine
          3. 7.9.4.3 Line Cards/Blades
          4. 7.9.4.4 Centralized Switching by the Supervisor Engine in a 6500 Chassis
          5. 7.9.4.5 The Central Forwarding Operation of a Cisco 6500 Multilayer Switch
      10. 7.10 Design Issues in Network Processors (NPs) and ASICs
        1. 7.10.1 Forwarding and Policy Engine Design Issues
        2. 7.10.2 Network Processors (NPs) and Application-Specific Integrated Circuits (ASICs)
        3. 7.10.3 ASIC + General-Purpose Processors
          1. 7.10.3.1 The Cisco Nexus 7000 Series Switches
          2. 7.10.3.2 The Cisco Nexus 5500 Switch
        4. 7.10.4 The Use of a Cisco QuantumFlow Processor in Internet Backbone Routers
          1. 7.10.4.1 New Ethernet Switch/Router Technology
          2. 7.10.4.2 The Multi-Service Network Infrastructure
          3. 7.10.4.3 Aggregation or Edge Routers
          4. 7.10.4.4 The Carrier Ethernet Network
          5. 7.10.4.5 The Core Network Router
      11. 7.11 Design Issues for the Packet Buffer/Memory and Switch Fabric
        1. 7.11.1 Switch Fabric Design Issues
          1. 7.11.1.1 Input Queuing (IQ) vs. Output Queuing (OQ)
          2. 7.11.1.2 Shared-Output Queuing (SQ)
          3. 7.11.1.3 Virtual Output Queuing (VOQ)
          4. 7.11.1.4 The Combined Input/Output Queue (CIOQ)
        2. 7.11.2 Design Issues for Buffers/Queues
        3. 7.11.3 Design Issues for Sizing Buffers in Switches
      12. 7.12 Cut-Through or Store-and-Forward Ethernet for Low-Latency Switching
        1. 7.12.1 Traditional L2 and L3 Forwarding
        2. 7.12.2 The Mechanisms That Make Cut-Through Forwarding Versatile
        3. 7.12.3 The Design Issues Associated with Cut-Through Forwarding
      13. 7.13 Switch Management
        1. 7.13.1 The Simple Network Management Protocol (SNMP)
        2. 7.13.2 Remote Monitoring (RMON)
      14. 7.14 Concluding Remarks
      15. References
      16. Chapter 7 Problems
    3. Chapter 8 - Virtual LAN, Class of Service, and Multilayer Networks
      1. 8.1 The Virtual LAN (VLAN-802.11q)
        1. 8.1.1 VLAN Switches and Trunks
          1. 8.1.1.1 VLANs Connected by a L3 Switch/Router for Inter VLAN Communication
          2. 8.1.1.2 VLANs Connected without a L3 Switch/Router for Intra VLAN Communication
          3. 8.1.1.3 The Access Mode or Trunk Mode
        2. 8.1.2 The VLAN Registration Protocol
        3. 8.1.3 The VLAN Tag
        4. 8.1.4 VLAN Forwarding
      2. 8.2 Class of Service (CoS-802.11p)
        1. 8.2.1 The Quality of Service (QoS) on L2
        2. 8.2.2 Priority Classification and Queues in Frame Forwarding
        3. 8.2.3 Class of Service Scheduling Methods
      3. 8.3 Switch Design Issues in CoS, Queues and Switch Fabric
        1. 8.3.1 ASICs for Forwarding Based on CoS at Wire Speed
        2. 8.3.2 The Unified Forwarding Engine (UFE) in Unified Port Controller (UPC)
        3. 8.3.3 Meeting CoS Requirements through the Use of Virtual Output Queues
      4. 8.4 Asynchronous Transfer Mode (ATM)
        1. 8.4.1 The ATM Network Architecture
        2. 8.4.2 The Adaptation Layer (AAL)
        3. 8.4.3 Virtual Circuits (VCs)
        4. 8.4.4 The ATM Cell
        5. 8.4.5 The ATM Physical Layer
      5. 8.5 Classical IP over ATM
      6. 8.6 Multiprotocol Label Switching (MPLS)
        1. 8.6.1 The Multiprotocol Label Switching (MPLS) Network
        2. 8.6.2 The MPLS Header and Switching
      7. 8.7 Multilayer Network (MLN) Architectures
        1. 8.7.1 The Motivating Factors for MLN
        2. 8.7.2 The Architecture of the CapabilityPlanes
        3. 8.7.3 The DataPlane and Its Provisioning
      8. 8.8 Concluding Remarks
      9. References
      10. Chapter 8 Problems
    4. Chapter 9 - Wireless and Mobile Networks
      1. 9.1 An Overview of Wireless Networks
      2. 9.2 802.11 Wireless LANs
        1. 9.2.1 The Infrastructure Mode
        2. 9.2.2 The Ad Hoc Mode
        3. 9.2.3 The Basic Service Set (BSS) and the Independent BSS (IBSS)
        4. 9.2.4 The Distribution System (DS) and the Extended Service Set (ESS)
        5. 9.2.5 Passive and Active Scanning
        6. 9.2.6 Robust Security Network Associations (RSNAs)
        7. 9.2.7 Wireless Challenges
        8. 9.2.8 The 802.11 Physical Layer
        9. 9.2.9 The 802.11n Physical Layer
          1. 9.2.9.1 MIMO
          2. 9.2.9.2 Space Division Multiplexing (SDM)
          3. 9.2.9.3 Antenna Diversity or Space-Time Coding (STC)
          4. 9.2.9.4 MIMO Summary
        10. 9.2.10 The MAC Layer
          1. 9.2.10.1 Carrier Sense Multiple Access/Collision Avoidance (CSMA/CA)
          2. 9.2.10.2 The Unicast Frame
          3. 9.2.10.3 The Distributed Coordination Function (DCF)
          4. 9.2.10.4 The Broadcast Frame
          5. 9.2.10.5 Virtual Carrier Sensing
          6. 9.2.10.6 The Point Coordination Function (PCF)
          7. 9.2.10.7 Random Back-off Time and Error Recovery
          8. 9.2.10.8 MAC Frames and MAC Addresses
          9. 9.2.10.9 MAC Frame Types
        11. 9.2.11 Frequency Reuse, Power and Data Rates
          1. 9.2.11.1 Frequency Reuse
          2. 9.2.11.2 802.11h: Dynamic Frequency Selection (DFS) and Transmitter Power Control (TPC)
          3. 9.2.11.3 The Number of Stations in a BSS
        12. 9.2.12 Power over Ethernet
      3. 9.3 Wireless Personal Area Network (WPAN)
        1. 9.3.1 Bluetooth
          1. 9.3.1.1 Data Rates and Range
          2. 9.3.1.2 The Piconet
          3. 9.3.1.3 The States and Modes of Piconet
          4. 9.3.1.4 Types of Links
          5. 9.3.1.5 Packet Format
          6. 9.3.1.6 Time Division Duplex (TDD) and Frequency Hopping (FH)
          7. 9.3.1.7 The Scatternet
        2. 9.3.2 Ultra Wideband (802.15.3)
        3. 9.3.3 ZigBee (802.15.4)
      4. 9.4 WLANs and WPANs Comparison
      5. 9.5 WiMAX (802.16)
      6. 9.6 Cellular Networks
        1. 9.6.1 CDMA2000
        2. 9.6.2 The Universal Mobile Telecommunication Service (UMTS)
        3. 9.6.3 Long Term Evolution
        4. 9.6.4 Mobility
      7. 9.7 Concluding Remarks
      8. References
      9. Chapter 9 Problems
  11. Section 3: Network Layer
    1. Chapter 10 - The Network Layer
      1. 10.1 Network Layer Overview
        1. 10.1.1 The Need for Network and Link Layers
        2. 10.1.2 Network Layer Functions
      2. 10.2 Connection-Oriented Networks
      3. 10.3 Connectionless Datagram Forwarding
      4. 10.4 Datagram Networks vs. Virtual Circuit ATM Networks
      5. 10.5 Network Layer Functions in the Protocol Stack
      6. 10.6 The IPv4 Header
      7. 10.7 IP Datagram Fragmentation/Reassembly
      8. 10.8 Type of Service (ToS)
        1. 10.8.1 ToS, IP Precedence and DSCode Points (DSCP)
        2. 10.8.2 Queuing/Scheduling Methods
      9. 10.9 The IPv4 Address
        1. 10.9.1 Network Interface and IP address
        2. 10.9.2 Subnet
        3. 10.9.3 Network ID, Subnet ID and Host ID
        4. 10.9.4 Private IP Addresses
        5. 10.9.5 Classless Inter-Domain Routing
        6. 10.9.6 ARP Cache
        7. 10.9.7 Optimal use of IP addresses
      10. 10.10 The Dynamic Host Configuration Protocol (DHCP)
        1. 10.10.1 The DHCP Server and Routers
        2. 10.10.2 DHCP Protocol
        3. 10.10.3 The Reuse of a Previously Allocated Network Address
      11. 10.11 IP Multicast
        1. 10.11.1 The IP Multicast Advantage
        2. 10.11.2 Routing for Multicast
        3. 10.11.3 The Protocol Independent Multicast (PIM)
      12. 10.12 Routing between LANs
      13. 10.13 Network Address Translation (NAT)
        1. 10.13.1 Address and Port Translation
        2. 10.13.2 NAPT Mapping/Binding Classifications
          1. 10.13.2.1 NAT Behavior Related to UDP Bindings in RFC3489
          2. 10.13.2.2 Address and Port Mapping Behavior in RFC 4787 and RFC 5382
        3. 10.13.3 NAPT for Incoming Requests
          1. 10.13.3.1 Application Level Gateways (ALGs)
          2. 10.13.3.2 The Static Port Forwarding
          3. 10.13.3.3 The Universal Plug and Play (UPnP) Internet Gateway Device (IGD) Protocol
          4. 10.13.3.4 Traversal Using Relays around NAT (TURN)
          5. 10.13.3.5 The Session Traversal Utilities for NAT (STUN)
          6. 10.13.3.6 The Interactive Connectivity Establishment (ICE)
      14. 10.14 The Internet Control Message Protocol (ICMP)
        1. 10.14.1 The ICMP Packet
        2. 10.14.2 Echoes and Replies
        3. 10.14.3 The Destination Unreachable Message
        4. 10.14.4 The Traceroute
          1. 10.14.4.1 A Traceroute in UNIX-like OSs
          2. 10.14.4.2 The Microsoft Windows Tracert
      15. 10.15 The Mobile Internet Protocol
      16. 10.16 Concluding Remarks
      17. References
      18. Chapter 10 Problems
    2. Chapter 11 - IPv6
      1. 11.1 The Need for IPv6
      2. 11.2 The IPv6 Packet Format
      3. 11.3 IPv6 Addresses
        1. 11.3.1 Three Types of IPv6 Addresses
        2. 11.3.2 The Scope of Addresses
        3. 11.3.3 The Global Unicast Address
        4. 11.3.4 The Multicast Address
        5. 11.3.5 The Anycast Address
        6. 11.3.6 Special Addresses
      4. 11.4 The Transition from IPv4 to IPv6
        1. 11.4.1 The Double NAT: NAT 444
        2. 11.4.2 An Incremental Carrier-Grade NAT (CGN) for IPv6 Transition
        3. 11.4.3 Address Family Translation
          1. 11.4.3.1 Stateful Address Family Translation (AFT)-(NAT 64)
          2. 11.4.3.2 Stateless AFT (IVI)
        4. 11.4.4 The Dual Stack
        5. 11.4.5 Dual-Stack Lite (DS-Lite)
          1. 11.4.5.1 The Access Model
          2. 11.4.5.2 The Home Gateway
        6. 11.4.6 Tunneling
        7. 11.4.7 Encapsulating an IPv6 Datagram into IPv4
        8. 11.4.8 The 6To4 Scheme
        9. 11.4.9 6To4 Automatic Tunneling
        10. 11.4.10 A 6To4 Relay Router
        11. 11.4.11 The Rapid Deployment of IPv6 on the IPv4 Infrastructures (6rd)
        12. 11.4.12 The Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)
        13. 11.4.13 Teredo Tunneling
          1. 11.4.13.1 The Motivation for Teredo Tunneling
          2. 11.4.13.2 The Teredo Network Infrastructure
          3. 11.4.13.3 The Teredo Protocol
          4. 11.4.13.4 The Teredo IPv6 Addressing Scheme
          5. 11.4.13.5 Teredo Packet Encapsulation
      5. 11.5 IPv6 Configuration and Testing
        1. 11.5.1 OS X
        2. 11.5.2 Microsoft Windows
        3. 11.5.3 Pinging Windows 7/Vista from OS X
        4. 11.5.4 Installing IPv6 in Windows XP
        5. 11.5.5 The Firewall Configuration for Echo Reply in Windows XP
        6. 11.5.6 A Multicast Ping and the Replies
      6. 11.6 Concluding Remarks
      7. References
      8. Chapter 11 Problems
    3. Chapter 12 - Routing and Interior Gateways
      1. 12.1 Routing Protocol Overview
      2. 12.2 Configuring a Router
        1. 12.2.1 Static Route Configuration
        2. 12.2.2 Dynamic Routing Protocol Configuration
        3. 12.2.3 The RIP Configuration
        4. 12.2.4 The OSPF Configuration
        5. 12.2.5 The BGP Configuration
      3. 12.3 VLAN Routing
      4. 12.4 Open Shortest Path First (OSPF)
        1. 12.4.1 OSPF Areas
        2. 12.4.2 OSPF Routing Table Construction
        3. 12.4.3 Type of Service (ToS) Support
      5. 12.5 The OSPF Routing Algorithm
        1. 12.5.1 A Graphical Representation
        2. 12.5.2 Dijkstra’s Algorithm
        3. 12.5.3 Generating a Routing Table
        4. 12.5.4 Load-Sharing Multipath in OSPF
        5. 12.5.5 OSPF Properties
      6. 12.6 The Routing Information Protocol (RIP)
        1. 12.6.1 The Distance Vector Algorithm
        2. 12.6.2 The Positive Aspects of Rapid Convergence
        3. 12.6.3 The Negative Aspects of Slow Convergence
        4. 12.6.4 Split Horizon with Poison Reverse
        5. 12.6.5 A Three-Node Loop Problem
      7. 12.7 OSPF-vs.-RIP
      8. 12.8 Concluding Remarks
      9. References
      10. Chapter 12 Problems
    4. Chapter 13 - Border Gateway Routing
      1. 13.1 Autonomous Systems
      2. 13.2 Border Gateway Protocol (BGP) Overview
        1. 13.2.1 A BGP Session
        2. 13.2.2 A BGP Route
        3. 13.2.3 The AS_Path Attribute
        4. 13.2.4 Path Attributes
      3. 13.3 A Real-World BGP Case
      4. 13.4 BGP Route Advertisements
        1. 13.4.1 The Next Hop Attribute in External BGP (eBGP) and Internal BGP (iBGP)
        2. 13.4.2 AS_Path Attribute Propagation in Route Advertisements
      5. 13.5 BGP Route Selection
        1. 13.5.1 The BGP Policy
        2. 13.5.2 The Use of Attributes in Selecting Routes
        3. 13.5.3 The Integration of BGP and IGP
        4. 13.5.4 Local Preference
        5. 13.5.5 The Multi-Exit Discriminator (MED) Attribute
      6. 13.6 BGP Import and Export Policies
        1. 13.6.1 The import policy
        2. 13.6.2 The Export Policy
        3. 13.6.3 Bandwidth-Based Policy for Export Routes
      7. 13.7 BGP Security
      8. 13.8 Concluding Remarks
      9. References
      10. Chapter 13 Problems
  12. Section 4: Transport Layer
    1. Chapter 14 - The Transport Layer
      1. 14.1 Transport Layer Overview
        1. 14.1.1 The Function of the Transport Layer in the Protocol Stack
        2. 14.1.2 The Transmission Control and Stream Control Transmission Protocols
      2. 14.2 The Socket
      3. 14.3 The User Datagram Protocol (UDP)
        1. 14.3.1 The Use of UDP
        2. 14.3.2 The UDP Packet Format
      4. 14.4 A Reliable Transport Protocol: TCP
        1. 14.4.1 TCP Overview
        2. 14.4.2 The 3-Way Handshake
        3. 14.4.3 Closing a TCP Connection
        4. 14.4.4 The Sequence and Acknowledgment (ACK) Numbers
        5. 14.4.5 A Simple Acknowledgment Scheme
        6. 14.4.6 Pipelined Protocols
        7. 14.4.7 A TCP Segment and Sequence Number
        8. 14.4.8 The Sliding Window
      5. 14.5 The TCP Packet Header and Options
        1. 14.5.1 The TCP Header Format
        2. 14.5.2 A 3-Way Handshake Analysis Using a Network Analyzer
        3. 14.5.3 The Half Close Analysis Using a Network Analyzer
        4. 14.5.4 Using a Network Analyzer to Obtain the Secure Shell (SSH) and HTTP Sequence and ACK Numbers
          1. 14.5.4.1 The Secure Shell Protocol
          2. 14.5.4.2 HTTP
        5. 14.5.5 Explicit Congestion Notification
        6. 14.5.6 Round Trip Time Measurement
        7. 14.5.7 Windows Scaling
        8. 14.5.8 Selective Acknowledgment
        9. 14.5.9 The Use of a Reset Flag
        10. 14.5.10 The Use of a Push Flag
      6. 14.6 The Buffer and Sliding Window
        1. 14.6.1 The Sender Side
        2. 14.6.2 The Receiver Side
        3. 14.6.3 Extending the Sequence Number to 64 Bits
      7. 14.7 Features of the Stream Control Transmission Protocol (SCTP)
        1. 14.7.1 The Motivation for SCTP
        2. 14.7.2 SCTP vs. TCP
        3. 14.7.3 SCTP Streams and Services
      8. 14.8 The SCTP Packet Format
        1. 14.8.1 The Chunk Field
        2. 14.8.2 Chunk Types
        3. 14.8.3 The Payload Data Format
      9. 14.9 SCTP Association Establishment
      10. 14.10 The SCTP SHUTDOWN
      11. 14.11 SCTP Multi-Homing
      12. 14.12 Concluding Remarks
      13. References
      14. Chapter 14 Problems
    2. Chapter 15 - Packet Loss Recovery
      1. 15.1 Packet Acknowledgment (ACK) and Retransmission
      2. 15.2 Round Trip Time and Retransmission Timeout
      3. 15.3 Cumulative ACK and Duplicate ACK
      4. 15.4 The Sliding Window and Cumulative ACK
      5. 15.5 Delayed ACK
      6. 15.6 Fast Retransmit
      7. 15.7 Synchronization (SYN) Packet Loss and Recovery
      8. 15.8 The Silly Window Syndrome/Solution
      9. 15.9 The TCP Selective Acknowledgment (SACK) Option
      10. 15.10 Concluding Remarks
      11. References
      12. Chapter 15 Problems
    3. Chapter 16 - TCP Congestion Control
      1. 16.1 TCP Flow Control
      2. 16.2 TCP Congestion Control
        1. 16.2.1 The Buffer Sizing Problem
        2. 16.2.2 Congestion Control Approaches
        3. 16.2.3 ATM Congestion Control
      3. 16.3 Standard TCP End-to-end Congestion Control Methods
        1. 16.3.1 The Congestion Window Size (CWND)
        2. 16.3.2 Slow Start
        3. 16.3.3 The Effective Window
        4. 16.3.4 The Signs of Congestion
        5. 16.3.5 Additive Increase Multiplicative Decrease (AIMD) and Congestion Avoidance
      4. 16.4 TCP Tahoe and TCP Reno in Request for Comment (RFC) 2001
        1. 16.4.1 Slow Start and Timeout
        2. 16.4.2 Three or More Duplicate Acknowledgments (ACKs)
        3. 16.4.3 Congestion Avoidance
        4. 16.4.4 Fast Retransmit and Fast Recovery in RFC 2001
      5. 16.5 An Improvement for the Reno algorithm—RFC 2581 and RFC 5681
      6. 16.6 TCP NewReno
        1. 16.6.1 Filling Multiple Holes in the Receiver’s Buffer
        2. 16.6.2 Fast Retransmit and Fast Recovery Algorithms in NewReno
      7. 16.7 TCP Throughput for a Real-World Download in Microsoft’s Windows XP
      8. 16.8 A Selective Acknowledgment (SACK)-Based Loss Recovery Algorithm
        1. 16.8.1 A Conservative SACK-Based Loss Recovery Algorithm for TCP
        2. 16.8.2 Reno vs. NewReno vs. SACK
        3. 16.8.3 The CWND Slow Recovery Process
        4. 16.8.4 The “Limited Transmit” Algorithm
      9. 16.9 High-Speed TCP (HSTCP) Congestion Control Design Issues
        1. 16.9.1 The Design Issues Associated with TCP Congestion Control for High-Speed Networks
        2. 16.9.2 An Overview of HighSpeed TCP (HSTCP)
        3. 16.9.3 The Response Functions in HighSpeed TCP (HSTCP)
        4. 16.9.4 Limited Slow-Start in HSTCP
        5. 16.9.5 H-TCP
      10. 16.10 CUBIC TCP
        1. 16.10.1 CUBIC Window Adjustment
        2. 16.10.2 TCP CUBIC vs. TCP NewReno
        3. 16.10.3 The Performance of TCP CUBIC
      11. 16.11 Loss-Based TCP End-to-End Congestion Control Summary
      12. 16.12 Delay-Based Congestion Control Algorithms
      13. 16.13 Compound TCP (CTCP)
        1. 16.13.1 The Compound TCP (CTCP) Control Law
        2. 16.13.2 The Compound TCP Response Function
        3. 16.13.3 CTCP Deployment and Performance
      14. 16.14 The Adaptive Receive Window Size
      15. 16.15 TCP Explicit Congestion Control and Its Design Issues
        1. 16.15.1 ECN-Capable Transport (ECT) and Congestion Experienced (CE)
        2. 16.15.2 The Explicit Congestion Notification (ECN) 3-Way Handshake
        3. 16.15.3 Congestion Experienced (CE) by Router and ECN-Echo (ECE) by Receiver
        4. 16.15.4 Weighted Random Early Detection (WRED) + Explicit Congestion Notification
        5. 16.15.5 A WRED and ECN Case Study
        6. 16.15.6 Performance Evaluation of Explicit Congestion Notification (ECN)
        7. 16.15.7 The ECN-Based Data Center TCP (DCTCP)
      16. 16.16 The Absence of Congestion Control in UDP and TCP Compatibility
        1. 16.16.1 The Coexistence of TCP and UDP flows
        2. 16.16.2 The Coexistence of Multiple TCP Flows
        3. 16.16.3 Coexisting Heterogeneous TCP NewReno, CUBIC and CTCP Flows
      17. 16.17 Concluding Remarks
      18. References
      19. Chapter 16 Problems
  13. Section 5: Cybersecurity
    1. Chapter 17 - Cybersecurity Overview
      1. 17.1 Introduction
      2. 17.2 Security from a Global Perspective
      3. 17.3 Trends in the Types of Attacks and Malware
        1. 17.3.1 Malware Statistics and Detection Methods
        2. 17.3.2 Web-Based Malware
      4. 17.4 The Types of Malware
        1. 17.4.1 Worms
        2. 17.4.2 Phishing
        3. 17.4.3 Trojans
        4. 17.4.4 Botnets
        5. 17.4.5 Rootkits
          1. 17.4.5.1 User Mode Rootkits
          2. 17.4.5.2 Kernel Mode Rootkits
          3. 17.4.5.3 The Master Boot Record (MBR) Rootkit
          4. 17.4.5.4 A Real-World Rootkit/Trojan
        6. 17.4.6 Viruses
      5. 17.5 Vulnerability Naming Schemes and Security Configuration Settings
        1. 17.5.1 Common Vulnerabilities and Exposures (CVE)
        2. 17.5.2 Common Configuration Enumeration (CCE)
      6. 17.6 Obfuscation and Mutations in Malware
        1. 17.6.1 Executable Packing/Compression
        2. 17.6.2 Entry Point Obfuscation (EPO)
        3. 17.6.3 Polymorphism
          1. 17.6.3.1 Polymorphic Malware
          2. 17.6.3.2 The Detection of Polymorphic Malware
        4. 17.6.4 Metamorphism
          1. 17.6.4.1 Metamorphic Malware
          2. 17.6.4.2 The Detection of Metamorphic Malware: An Open Challenge
      7. 17.7 The Attacker’s Motivation and Tactics
        1. 17.7.1 The Attack Motivation
        2. 17.7.2 Attack Tactics and Their Trends
      8. 17.8 Zero-Day Vulnerabilities
        1. 17.8.1 The History of Zero-Day Vulnerabilities
        2. 17.8.2 Defensive Measures for Zero-Day Vulnerabilities
      9. 17.9 Attacks on the Power Grid and Utility Networks
      10. 17.10 Network and Information Infrastructure Defense Overview
        1. 17.10.1 Defense for the Enterprise
        2. 17.10.2 Penetration Tests
        3. 17.10.3 Contingency Planning
        4. 17.10.4 The Critical Infrastructure Protection (CIP) Plan
        5. 17.10.5 Intelligence Collection for Defense of the Internet Community
        6. 17.10.6 The Eradication of Botnets
      11. 17.11 Concluding Remarks
      12. References
      13. Chapter 17 Problems
    2. Chapter 18 - Firewalls
      1. 18.1 Overview
      2. 18.2 Unified Threat Management
      3. 18.3 Firewalls
      4. 18.4 Stateless Packet Filtering
        1. 18.4.1 The Format for the Rule Used in Packet Filtering
        2. 18.4.2 The Manner in Which the Firewall ACL Is Processed
        3. 18.4.3 The Inherent Weaknesses of Stateless Filters
      5. 18.5 Stateful/Session Filtering
        1. 18.5.1 Stateful Inspection
        2. 18.5.2 Network Address Translation (NAT)
      6. 18.6 Application-Level Gateways
      7. 18.7 Circuit-Level Gateways
      8. 18.8 A Comparison of Four Types of Firewalls
      9. 18.9 The Architecture for a Primary-Backup Firewall
      10. 18.10 The Windows 7/Vista Firewall as a Personal Firewall
      11. 18.11 The Cisco Firewall as an Enterprise Firewall
      12. 18.12 The Small Office/Home Office Firewall
      13. 18.13 Emerging Firewall Technology
      14. 18.14 Concluding Remarks
      15. References
      16. Chapter 18 Problems
    3. Chapter 19 - Intrusion Detection/Prevention System
      1. 19.1 Overview
        1. 19.1.1 IDS/IPS Building Blocks
        2. 19.1.2 Host-Based or Network-Based IDS/IPS
      2. 19.2 The Approaches Used for IDS/IPS
        1. 19.2.1 Anomaly-Based Detection Methods
          1. 19.2.1.1 Statistical-Based IDS/IPS
          2. 19.2.1.2 Knowledge-/Expert-Based IDS/IPS
          3. 19.2.1.3 Machine Learning-Based IDS/IPS
        2. 19.2.2 Signature-Based IDS/IPS
        3. 19.2.3 Adaptive Profiles
      3. 19.3 Network-Based IDS/IPS
        1. 19.3.1 Network-Based IDS/IPS (NIDS/NIPS) Functions
        2. 19.3.2 Reputation-Based IPS
      4. 19.4 Host-Based IDS/IPS
      5. 19.5 Honeypots
      6. 19.6 The Detection of Polymorphic/Metamorphic Worms
      7. 19.7 Distributed Intrusion Detection Systems and Standards
        1. 19.7.1 Event Aggregation and Correlation
        2. 19.7.2 Security Information and Event Management (SIEM)
        3. 19.7.3 Standards for Multiple Formats and Transport Protocols
      8. 19.8 SNORT
      9. 19.9 The TippingPoint IPS
      10. 19.10 The McAfee Approach to IPS
      11. 19.11 The Security Community’s Collective Approach to IDS/IPS
      12. 19.12 Concluding Remarks
      13. References
      14. Chapter 19 Problems
    4. Chapter 20 - Hash and Authentication
      1. 20.1 Authentication Overview
      2. 20.2 Hash Functions
        1. 20.2.1 The Properties of Hash Functions
        2. 20.2.2 The History of Hash Functions
        3. 20.2.3 Secure Hash Algorithms 1 and 2 (SHA-1 and SHA-2)
        4. 20.2.4 Feasible Attacks to a Hash
      3. 20.3 The Hash Message Authentication Code (HMAC)
        1. 20.3.1 The HMAC Algorithm
        2. 20.3.2 The Key Derivation Function (KDF) and the Pseudorandom Function (PRF)
      4. 20.4 Password-Based Authentication
        1. 20.4.1 Dictionary Attacks
        2. 20.4.2 The UNIX Encrypted Password System: CRYPT
        3. 20.4.3 The UNIX/Linux Password Hash
          1. 20.4.3.1 The MD5-Based Scheme
          2. 20.4.3.2 The SHA-Based Scheme
        4. 20.4.4 The Windows Password
          1. 20.4.4.1 The LM (LanManager) Hash
          2. 20.4.4.2 The Windows NT Hash
        5. 20.4.5 Cracking Passwords
      5. 20.5 The Password-Based Encryption Standard
      6. 20.6 The Automated Password Generator Standard
      7. 20.7 Password-Based Security Protocols
        1. 20.7.1 IEEE P1363.2
        2. 20.7.2 Online Authentication
        3. 20.7.3 ANSI X9.26-1990
        4. 20.7.4 Kerberos
      8. 20.8 The One-Time Password and Token
        1. 20.8.1 Two-Factor Authentication
        2. 20.8.2 The OTP Standards
        3. 20.8.3 RFC 2289: A One-Time Password System
        4. 20.8.4 RFC 2808: The SecurID Simple Authentication and Security Layer (SASL) Mechanism
        5. 20.8.5 RFC 4226: The HMAC-based One Time Password (HOTP)
        6. 20.8.6 A Time-Based One-time Password Algorithm (TOTP)
        7. 20.8.7 RFC 4758: The Cryptographic Token Key Initialization Protocol (CT-KIP)
        8. 20.8.8 IETF Draft: One Time Password (OTP) Pre-authentication
        9. 20.8.9 Intel Identity Protection Technology (Intel IPT)
      9. 20.9 Open Identification (OpenID) and Open Authorization (OAuth)
        1. 20.9.1 OpenID
        2. 20.9.2 OAuth
      10. 20.10 Concluding Remarks
      11. References
      12. Chapter 20 Problems
    5. Chapter 21 - Symmetric Key Ciphers and Wireless LAN Security
      1. 21.1 Block Ciphers
        1. 21.1.1 The Data Encryption Standard (DES)
        2. 21.1.2 Triple-DES
        3. 21.1.3 The Advanced Encryption Standard (AES)
        4. 21.1.4 Confidentiality Modes
          1. 21.1.4.1 The Electronic Codebook (ECB) Mode
          2. 21.1.4.2 The Cipher Block Chaining (CBC) Mode
      2. 21.2 Stream Ciphers
        1. 21.2.1 Rivest Cipher 4 (RC4)
        2. 21.2.2 WLAN Security Using Stream Cipher RC4
          1. 21.2.2.1 The Chronology of WLAN Security
          2. 21.2.2.2 The 802.11 WEP and 802.11i WPA Security Processes, and Their Weaknesses
          3. 21.2.2.3 Wired Equivalent Privacy (WEP)
          4. 21.2.2.4 802.11i Wi-Fi Protected Access (WPA)
          5. 21.2.2.5 802.11i Fresh Keying
        3. 21.2.3 The AES Counter Mode
        4. 21.2.4 802.11iWi-Fi Protected Access 2 (WPA2)
          1. 21.2.4.1 An Overview of the Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
          2. 21.2.4.2 The CCMP Nonce
        5. 21.2.5 The Advanced Encryption Standard Counter Mode (AES-CTR)
          1. 21.2.5.1 The Cipher Block Chaining Message Authentication Code (CBC-MAC)
          2. 21.2.5.2 The CCMP Complete Scheme
        6. 21.2.6 WiFi Protected Setup (WPS)
      3. 21.3 The US Government’s Cryptography Module Standards
        1. 21.3.1 Federal Information Processing Standard (FIPS) 140-2
        2. 21.3.2 FIPS 140-3
        3. 21.3.3 The New European Schemes for Signatures, Integrity and Encryption (NISSIE)
      4. 21.4 Side Channel Attacks and the Defensive Mechanisms
      5. 21.5 Concluding Remarks
      6. References
      7. Chapter 21 Problems
    6. Chapter 22 - Public Key Cryptography, Infrastructure and Certificates
      1. 22.1 Introduction
        1. 22.1.1 The Diffie-Hellman (DH) Protocol
          1. 22.1.1.1 Overview of the DH Key-Agreement Protocol
          2. 22.1.1.2 Diffie-Hellman Key-Agreement Protocol Security
          3. 22.1.1.3 The Use of a Diffie-Hellman Key-Agreement Protocol
          4. 22.1.1.4 Diffie-Hellman Groups
        2. 22.1.2 The Rivest, Shamir and Adleman (RSA) Public-Key Cryptography
          1. 22.1.2.1 The RSA Algorithm
          2. 22.1.2.2 Chinese Remainder Theorem (CRT) and RSA Decryption
          3. 22.1.2.3 RSA Security
      2. 22.2 The Digital Signature Concept
        1. 22.2.1 RSA Signatures
          1. 22.2.1.1 The RSA Signature Algorithm
          2. 22.2.1.2 The Security of RSA Signatures
          3. 22.2.1.3 An Example of Signing and Verifying a RSA Signature
        2. 22.2.2 The Digital Signature Standard (DSS)
      3. 22.3 Public Key Cryptography Characteristics
        1. 22.3.1 The Recommended Use of Public Key Cryptography
        2. 22.3.2 RSA vs. DH
        3. 22.3.3 The RSA Challenge
      4. 22.4 Elliptic Curve Cryptography (ECC)
        1. 22.4.1 The ECC Algorithms and Their Properties
        2. 22.4.2 The Elliptic Curve Discrete Logarithm Problem (ECDLP) and Its Applications
        3. 22.4.3 Elliptic Curve Diffie-Hellman (ECDH) Key-Agreement Protocol
        4. 22.4.4 Elliptic Curve Digital Signature Algorithm (ECDSA)
        5. 22.4.5 The Elliptic Curve Integrated Encryption Standard (ECIES)
        6. 22.4.6 Recommended Finite Fields and Elliptic Curves for Desired Security Strength
        7. 22.4.7 The ECC Challenge
      5. 22.5 Certificates and the Public Key Infrastructure
        1. 22.5.1 A Certificate Authority (CA) and the Public Key Infrastructure
        2. 22.5.2 The Secure Socket Layer (SSL) and Certificates
        3. 22.5.3 The X.509 Certificate Format
        4. 22.5.4 Classes of Certificates
        5. 22.5.5 Trusted Root Certificates
        6. 22.5.6 Certificate Revocation List (CRL)
      6. 22.6 Public Key Cryptography Standards (PKCS)
      7. 22.7 X.509 certificate and Private Key File Formats
      8. 22.8 U.S. Government Standards
        1. 22.8.1 National Security Agency (NSA) Suite B
        2. 22.8.2 Suite B Cryptography Support in Windows
        3. 22.8.3 The Entity Authentication Standard
      9. 22.9 Attacks Which Target the Public Key Infrastructure and Certificates
      10. 22.10 Email Security
        1. 22.10.1 Pretty Good Privacy (PGP)
        2. 22.10.2 Secure/Multipurpose Internet Mail Extensions (S/MIME)
      11. 22.11 Concluding Remarks
      12. References
      13. Chapter 22 Problems
    7. Chapter 23 - Secure Socket Layer/Transport Layer Security (SSL/TLS) Protocols for Transport Layer Security
      1. 23.1 Introductory Overview
      2. 23.2 The Handshake Protocol
      3. 23.3 Attacks on the Handshake Protocol
        1. 23.3.1 A SSL Version 2 Rollback Attack
        2. 23.3.2 Man-in-the-Middle Attacks
        3. 23.3.3 Browser Exploits against SSL/TLS (BEAST)
      4. 23.4 The Record Protocol
      5. 23.5 SSL/TLS Cryptography
        1. 23.5.1 Key Generation
        2. 23.5.2 Diffie-Hellman (DH) in SSL/TLS
        3. 23.5.3 Elliptic Curve Cryptography (ECC) Cipher Suites for TLS
      6. 23.6 Datagram Transport Layer Security (DTLS)
        1. 23.6.1 The Need to Protect UDP Communication
        2. 23.6.2 The Features in DTLS
        3. 23.6.3 Applications of DTLS
      7. 23.7 US Government Recommendations
      8. 23.8 Extended Validation SSL (EV-SSL)
      9. 23.9 Establishing a Certificate Authority (CA)
      10. 23.10 Web Server’s Certificate Setup and Client Computer Configuration
        1. 23.10.1 Certificate Request and Generation
        2. 23.10.2 The Apache Web Server
        3. 23.10.3 Microsoft’s Internet Information Services (IIS) Server
      11. 23.11 A Certificate Authority’s Self-Signed Root Certificate
        1. 23.11.1 The Use of a Self-Signed Root CA Certificate with Windows
        2. 23.11.2 The Use of a Self-Signed CA Certificate with Firefox
      12. 23.12 Browser Security Configurations
      13. 23.13 Concluding Remarks
      14. References
      15. Chapter 23 Problems
    8. Chapter 24 - Virtual Private Networks for Network Layer Security
      1. 24.1 Network Security Overview
      2. 24.2 Internet Protocol Security (IPsec)
        1. 24.2.1 IPsec Security Services
        2. 24.2.2 IPsec Modes
        3. 24.2.3 Security Association (SA)
        4. 24.2.4 The Encapsulating Security Protocol (ESP)
        5. 24.2.5 The Authentication Header (AH)
        6. 24.2.6 The Anti-Replay Service
      3. 24.3 The Internet Key Exchange (IKE)
        1. 24.3.1 The IKE Components and Functions
        2. 24.3.2 Distributed Denial of Service (DDoS) Resistance and Cookies
        3. 24.3.3 IKEv2 Protocol
          1. 24.3.3.1 IKE_SA_INIT and IKE_AUTH Exchanges
          2. 24.3.3.2 Authentication (AUTH)
          3. 24.3.3.3 The Traffic Selector
        4. 24.3.4 The Two Phases of IKE
        5. 24.3.5 Generating Keying Material
        6. 24.3.6 The Pre-Shared Secret
        7. 24.3.7 Extended Authentication (XAUTH)
        8. 24.3.8 IKE Diffie-Hellman Groups
        9. 24.3.9 Network Address Translation (NAT) Issues in an Authentication Header (AH) and Encapsulating Security Payloads (ESP)
      4. 24.4 Data Link Layer VPN Protocols
        1. 24.4.1 The Point-to-Point Tunneling Protocol (PPTP) Version 2
        2. 24.4.2 The Layer 2 Tunneling Protocol (L2TP)
      5. 24.5 VPN Configuration Procedure Examples
        1. 24.5.1 The Use of a Pre-shared Secret for Authentication in Windows 7/Vista
        2. 24.5.2 Windows 7/Vista Tunnel Using PKI Certificates for Authentication
        3. 24.5.3 A VPN Server in Microsoft’s Internet Security and Acceleration (ISA) Server
        4. 24.5.4 Connecting a Windows 7/Vista to a Cisco VPN Appliance
        5. 24.5.5 The Cisco VPN Appliance: Certificate-Based Authentication for a Gateway to Gateway Tunnel
      6. 24.6 Concluding Remarks
      7. References
      8. Chapter 24 Problems
    9. Chapter 25 - Network Access Control and Wireless Network Security
      1. 25.1 An Overview of Network Access Control (NAC)
        1. 25.1.1 NAC Policies
        2. 25.1.2 The Network Access Control/Network Access Protection (NAC/NAP) Client/Agent
        3. 25.1.3 The Enforcement Points
        4. 25.1.4 The NAC/NAP Server
        5. 25.1.5 NAC/NAP Product Examples
        6. 25.1.6 Enforcement Point Action
          1. 25.1.6.1 Case 1: Using a Dynamic Host Configuration Protocol (DHCP)
          2. 25.1.6.2 Case 2: Using a VPN
          3. 25.1.6.3 Case 3: Using 802.1X
        7. 25.1.7 Authentication and Authorization
      2. 25.2 Kerberos
        1. 25.2.1 The Key Distribution Center (KDC)
        2. 25.2.2 A Single Sign-On Authentication Process
        3. 25.2.3 Access Resources
        4. 25.2.4 The Use of Realms in a KDC
        5. 25.2.5 Security Issues
        6. 25.2.6 Implementations
      3. 25.3 The Trusted Platform Module (TPM)
        1. 25.3.1 An Overview of TPM
        2. 25.3.2 The TPM Functional Blocks
        3. 25.3.3 The Platform Configuration Register (PCR)
        4. 25.3.4 The Endorsement Key (EK)
        5. 25.3.5 The Attestation Identity Key (AIK)
        6. 25.3.6 The Root of Trust for Storage (RTS) and the TPM Key Hierarchy
          1. 25.3.6.1 The Storage Root Key (SRK)
          2. 25.3.6.2 Sealing a Key
          3. 25.3.6.3 The TPM Key Hierarchy
          4. 25.3.6.4 Ownership of the Storage Root Key (SRK) in a TPM
        7. 25.3.7 TPM Applications
      4. 25.4 Multiple Factor Authentications: Cryptographic Tokens and TPM
      5. 25.5 802.1X
        1. 25.5.1 The Extensible Authentication Protocol (EAP)
        2. 25.5.2 The Remote Authentication Dial-In User Service (RADIUS)
      6. 25.6 Enterprise Wireless Network Security Protocols
        1. 25.6.1 The Home Network Scenario
        2. 25.6.2 The Enterprise Wireless Network Scenario
        3. 25.6.3 Roaming and Reassociation
        4. 25.6.4 Disassociation and Deauthentication
        5. 25.6.5 Remote Access Security Solutions
        6. 25.6.6 The Products for NAC/NAP Provided by Cisco and Microsoft
      7. 25.7 Concluding Remarks
      8. References
      9. Chapter 25 Problems
    10. Chapter 26 - Cyber Threats and Their Defense
      1. 26.1 Domain Name System (DNS) Protection
        1. 26.1.1 A Cache Poisoning Attack
        2. 26.1.2 Domain Name Service Security Extensions (DNSSEC)
          1. 26.1.2.1 The New Types of Resource Records (RRs) for DNSSEC
          2. 26.1.2.2 Authenticated Denial of Existence for a DNS RR
          3. 26.1.2.3 A Chain of Trust
          4. 26.1.2.4 The Key Signing Key (KSK) and the Zone Signing Key (ZSK)
          5. 26.1.2.5 Authentication Chains in DNS Parent and Child Zones
        3. 26.1.3 DNSSEC Deployment
          1. 26.1.3.1 The US Government Deployment Guidelines
          2. 26.1.3.2 The DNSSEC Tools
      2. 26.2 Router Security
        1. 26.2.1 BGP Vulnerabilities
        2. 26.2.2 BGP Security Measures
      3. 26.3 Spam/Email Defensive Measures
        1. 26.3.1 Email Blacklists
        2. 26.3.2 The Sender Policy Framework (SPF)
        3. 26.3.3 DomainKey Identified Mail (DKIM)
        4. 26.3.4 Secure/Multipurpose Internet Mail Extensions (S/MIME)
        5. 26.3.5 Domain-Based Message Authentication, Reporting and Conformance (DMARC)
        6. 26.3.6 Cerificate Issues for S/MIME and Open Pretty Good Privacy (OpenPGP)
        7. 26.3.7 National Institute of Standards and Technology (NIST) SP 800-45 Version 2
      4. 26.4 Phishing Defensive Measures
        1. 26.4.1 Safe Browsing Tool
        2. 26.4.2 Uniform Resource Locator (URL) Filtering
        3. 26.4.3 The Obfuscated URL and the Redirection Technique
      5. 26.5 Web-Based Attacks
        1. 26.5.1 Web Service Protection
        2. 26.5.2 Attack Kits
        3. 26.5.3 HTTP Response Splitting Attacks
        4. 26.5.4 Cross-Site Request Forgery (CSRF or XSRF)
        5. 26.5.5 Cross-Site Scripting (XSS) Attacks
        6. 26.5.6 Non-persistent XSS Attacks
        7. 26.5.7 Persistent XSS Attacks
        8. 26.5.8 Document Object Model (DOM) XSS Attacks
        9. 26.5.9 JavaScript Obfuscation
        10. 26.5.10 Asynchronous JavaScript and Extensible Markup Language (AJAX) Security
        11. 26.5.11 Clickjacking
      6. 26.6 Database Defensive Measures
        1. 26.6.1 Structured Query Language (SQL) injection Attacks
        2. 26.6.2 SQL injection Defense Techniques
      7. 26.7 Botnet Attacks and Applicable Defensive Techniques
        1. 26.7.1 Botnet Attacks
        2. 26.7.2 Fast Flux DNS
        3. 26.7.3 Well-Known Trojans and Botnets
        4. 26.7.4 Distributed Denial of Service (DDoS) Attacks
        5. 26.7.5 Botnet Control
        6. 26.7.6 Botnet Defensive Methods That Use Intelligence and a Reputation-Based Filter
      8. 26.8 Concluding Remarks
      9. References
      10. Chapter 26 Problems
  14. Section 6: Emerging Technologies
    1. Chapter 27 - Network and Information Infrastructure Virtualization
      1. 27.1 Virtualization Overview
      2. 27.2 The Virtualization Architecture
        1. 27.2.1 The Computer Hardware/Software Interface
        2. 27.2.2 The Process Virtual Machine (VM) and System Virtual Machine (VM)
        3. 27.2.3 The Virtual Machine Monitor
        4. 27.2.4 Instruction Set Architecture (ISA) Emulation
        5. 27.2.5 Security Domain Isolation
      3. 27.3 Virtual Machine Monitor (VMM) Architecture Options
        1. 27.3.1 Hosted Virtualization
        2. 27.3.2 The Hypervisor
        3. 27.3.3 Hosted Virtualization-vs.-Hypervisor
      4. 27.4 CPU Virtualization Techniques
        1. 27.4.1 Privileges Resident in the x86 Architecture
        2. 27.4.2 CPU Virtualization
        3. 27.4.3 Full Virtualization with Binary Translation
        4. 27.4.4 Para-virtualization
        5. 27.4.5 Hardware-Assisted Virtualization
      5. 27.5 Memory Virtualization
      6. 27.6 I/O Virtualization
        1. 27.6.1 The Input Output Virtual Machine (IOVM) Model
        2. 27.6.2 Intel Virtualization Technology for Directed I/O
      7. 27.7 Server Virtualization
        1. 27.7.1 Microsoft’s Hyper-V
        2. 27.7.2 Xen Virtualization
        3. 27.7.3 VMware’s ESX Server Architecture
        4. 27.7.4 A Comparison of Xen with VMware
        5. 27.7.5 The Virtual Appliance
      8. 27.8 Virtual Networking
        1. 27.8.1 Segmentation in Virtual Networking
          1. 27.8.1.1 The VPN
          2. 27.8.1.2 The Overlay Network
        2. 27.8.2 Isolation/Segmentation in the Network Virtualization Environment
        3. 27.8.3 Virtual Switches
        4. 27.8.4 The VMware VirtualCenter
        5. 27.8.5 Virtual Machine Migration
        6. 27.8.6 VPN Routing and Forwarding (VRFs) Tables
          1. 27.8.6.1 VRFs
          2. 27.8.6.2 VRF Lite Traffic Routing with Segmentation
        7. 27.8.7 Unified Access and Centralized Services
      9. 27.9 Data Center Virtualization
        1. 27.9.1 A Virtualized Data Center Architecture
        2. 27.9.2 Storage Area Networks (SANs) Virtualization
        3. 27.9.3 Fiber Channel (FC) and Fiber Channel over Ethernet (FCoE)
          1. 27.9.3.1 Fiber Channel
          2. 27.9.3.2 Fiber Channel over Ethernet (FCoE)
        4. 27.9.4 The Converged Network Adapter (CNA)
        5. 27.9.5 The Cisco Unified Computing System (UCS)
      10. 27.10 Cloud Computing
      11. 27.11 Concluding Remarks
      12. References
      13. Chapter 27 Problems
    2. Chapter 28 - Unified Communications and Multimedia Protocols
      1. 28.1 Unified Communications (UC)/Unified Messaging (UM)
      2. 28.2 Internet Protocol Telephony and Public Service Telephone Network Integration
        1. 28.2.1 The Media Gateway
        2. 28.2.2 The Media Gateway Controller (MGC)
        3. 28.2.3 The Media Gateway Control Protocol Standards
        4. 28.2.4 Integrated Services
      3. 28.3 Implementations of Unified Communications
        1. 28.3.1 The All-in-One Box
        2. 28.3.2 The Microsoft Exchange Server
      4. 28.4 The Session Initiation Protocol (SIP)
        1. 28.4.1 SIP Overview
        2. 28.4.2 The SIP Standards Groups
        3. 28.4.3 SIP Services
        4. 28.4.4 SIP Addressing
      5. 28.5 The SIP Distributed Architecture
        1. 28.5.1 The User Agent (UA)
        2. 28.5.2 Locating a SIP Server
        3. 28.5.3 The SIP Registrar
        4. 28.5.4 Setting Up A Call
      6. 28.6 Intelligence in Unified Communications
      7. 28.7 The Media in a Session Initiation Protocol Session
        1. 28.7.1 Quality of Service (QoS) Constraints
        2. 28.7.2 The Multimedia Protocol Stack
        3. 28.7.3 A Protocol Comparison (SIP vs. H.323)
      8. 28.8 The Real-Time Protocol (RTP) and Its Packet Format
        1. 28.8.1 The RTP Header
        2. 28.8.2 The Payload Type and Sequence Number
        3. 28.8.3 The Timestamp
      9. 28.9 The Real-Time Control Protocol (RTCP) and Quality of Service (QoS)
        1. 28.9.1 The Purpose of RTCP
        2. 28.9.2 RTCP Packets
        3. 28.9.3 The RTCP Extended Report Packet Format
        4. 28.9.4 Audio/Video Conferencing
      10. 28.10 Integrated Services in the Internet
        1. 28.10.1 The Resource ReSerVation Protocol (RSVP)
        2. 28.10.2 RSVP’s Role in Voice/Video Communication
        3. 28.10.3 The RSVP Flow Descriptor
        4. 28.10.4 RSVP Protocol Mechanisms
      11. 28.11 The Real-Time Streaming Protocol (RTSP)
        1. 28.11.1 The Use of RTSP for Streaming Multimedia Control
        2. 28.11.2 RTSP Functions
        3. 28.11.3 A RTSP Session
      12. 28.12 Unified Communication/Unified Messaging Security
        1. 28.12.1 The National Institute of Standards and Technology (NIST)’s SP 800-58
        2. 28.12.2 The International Telecommunications Union’s H.323 Security Standard: H.325
        3. 28.12.3 Session Initiation Protocol (SIP) Security
      13. 28.13 Concluding Remarks
      14. References
      15. Chapter 28 Problems
  15. Glossary of Acronyms