CST3607 Class Notes 2021-02-16

News & Tools

BlueBorne

  • The IoT Attack Vector “BlueBorne” Exposes Almost Every Connected Device
  • BlueBorne is an attack vector by which hackers can leverage Bluetooth connections to penetrate and take complete control over targeted devices.
  • BlueBorne affects ordinary computers, mobile phones, and the expanding realm of IoT devices.
  • The attack does not require the targeted device to be paired to the attacker’s device, or even to be set on discoverable mode.

Homework Assignment Debriefing

Anti-Virus, or Not?

  • In my opinion, anyone who promotes not using anti-virus and other protective software on all computers and devices connected to the Internet is irresponsible, to your systems, and also to others on the Internet. It is too trivial for systems to be compromised by malware.

ICMP (Internet Control Message Protocol)

The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet Protocol Suite.

  • ICMP works at the Network layer and is used by IP for many different services. ICMP is basically a management protocol and messaging service provider for IP.
  • ICMP messages are encapsulated within IP datagrams.
  • ICMP is used by network devices, like routers, to send error messages indicating, for example, that a requested service is not available or that a host or router could not be reached.
    • Destination unreachable: 
      If a router can’t send an IP datagram any further, it uses ICMP to send a message back to the sender, advising it of the situation.
    • For example, take a look at Figure 3.17, which shows that interface E0 of the Lab_B router is down.
  • ICMP can also be used to relay query messages.
  • ICMP is assigned protocol number 1.
  • ICMP differs from transport protocols such as TCP and UDP in that it is not typically used to exchange data between systems, nor is it regularly employed by end-user network applications (with the exception of some diagnostic tools like ping and traceroute).

ICMP messages are divided into two broad categories: error-reporting messages and query messages.

  • The error-reporting messages report problems that a router or a host (destination) may encounter when it processes an IP packet.
  • The query messages, which occur in pairs, help a host or a network manager get specific information from a router or another host.
    • For example, nodes can discover their neighbors. Also, hosts can discover and learn about routers on their network, and routers can help a node redirect its messages.

When a packet is received by a router, what does the router have to do?

  1. Decrement TTL by 1, then evaluate TTL
    • The router will decrement TTL by 1, then evalutate the value of TTL to determine if the packet should be dropped or forwarded.
    • If TTL = 0, then drop the packet and send an ICMP destination unreachable to the sender
    • If TTL > 0, then proceed
  2. What is the network that the packet is destined for?
  3. Do I have that network in my routing table?
  4. If no, then drop the packet and send an ICMP destination unreachable to the sender
  5. If yes, then…
    • Which interface of mine do I have to send the packet out of to get it to the destination network?
    • What is the IP address of the next closest router that I have to send the packet to? (Next Hop IP)
    • Forward the packet to the destination network via the next hop router.

Traceroute

  • Traceroute is a diagnostic command that uses ICMP and TTL to map a path to the destination IP address:
Traceroute TTL Example

Subnetting Tutorial & Reference Page

Google: My Activity

  • See the logs of what you’ve searched for, visited, and watched on Google services.

Supernetting

  • Combines contiguous networks to create a larger block of addresses
  • Decreases the number of 1’s in the mask
    • (i.e. Decreases the number of “network” bits, and increases the number “host” bits)

Subnetting

  • Divides an address block into smaller networks
  • Increases the number of 1’s in the mask
    • (i.e. Increases the number of “network” bits, and decreases the number “host” bits)

Answer these questions when subnetting:

  • How many subnets are needed?
  • How many “total addresses” per subnet are needed?
  • How many network are bits used?
  • How many host are bits used?
  • What are the valid subnets?
  • What’s the broadcast address for each subnet?

Subnetting Tips/Notes

  • If no mask/prefix is given, then borrow bits starting from the “Class” boundary of the IP address.
  • If a mask/prefix is given, then the given mask/prefix is the result of subnetting.  (Borrow bits from the “Class” boundary to the given mask/prefix.) (e.g. Q. 7, Pg. 40)
  • The total number of subnets and total number of hosts must be a power of 2.
  • Is the question asking for “subnets” or “hosts”
    • If you’re asked for the # of hosts, then you must determine how many bits are needed to get that # of hosts, then subtract those bits from the 32 IPv4 bits, to determine the network bits / mask / prefix.
  • Determine the number of subnets: 2[number of bits borrowed].
  • Determine the total number of addresses: 2[the number of host bits].
  • Add the Wildcard mask to the network/subnet address to determine the broadcast/last address in the network/subnet.
  • Block Size:
    • The block size (256 – [The interesting octet]) is best used to determine the increment of the subnets.
    • The interesting octet is the last octet, from the left, that you borrowed bits from.
    • The “block size” is not the number of addresses per subnet. It is the increment from one subnet to the next, within the “interesting” octet.
  • Determine how many addresses to add to the network address/subnet zero to get to the target subnet.
    • 1. Multiplying (Subnet “Number”) by the (number of addresses per subnet).
      (For the Nth subnet, subtract 1 before multiplying by the number of addresses per subnet.)
    • 2. Convert the result to its Base-256 equivalent
    • 3. Add the Base-256 equivalent to the original network address of the block to get the network/subnet address of the target subnet.
  • The “subnet address” is the same as the “network address” of a subnet.
  • Subnet using the methods that work for all subnets, large or small. Switching methods depending on the size of the subnet requires more effort than is necessary.
  • Practice makes improvement!
  • Subnetting Notes:
    • Pay attention to whether the customer needs “networks” or “hosts”
    • If the prefix/mask is given, and either the required number of subnets, or the required number of host addresses, then the prefix/mask is our starting point. (Start borrowing bits after the given prefix)
    • If only the Network Address and a Prefix are given, then the given prefix is the result of an already subnetted network. Since we’re not given any other information, we’ll have to use the “class” of the Network Address as the starting point, before subnetting, and then borrow the number of bits needed to match the given prefix.
    • The nth subnet range, includes the subnet network IP address and the broadcast IP address. e.g. 192.168.1.0 to 192.168.1.25
    • The subnet number for the nth subnet, is the 1st address in the nth subnet. e.g. Network ID / Subnet address / Network address for the nth subnet.

~

Read / Do/ Watch

CCNA Certification Study Guide, Volume 2

  • Read Chapter 5: IP Routing
  • Do the Written Labs
  • Answer the Review Questions
    • Do not submit your answers for this chapter. The answers are in Appendix.

Do: Assignment #2: Due before Thurs. Feb. 18, 2020, before 6pm EST.

  • Download Assignment #2
  • Important: Make sure to read and understand the instructions on how to handle the protected PDF
  • If you have any issues completing all parts of every question on the assignment, e-mail me with the question # and the specifics you need assistance with.
  • No late assignments will be accepted.

Do

Do

Make sure to always have access to a calculator which has an Exponent function (^key) ( x) for every class.

Better Focus and Efficient Studying When Not Multitasking