computer network
one.Computer Network Overview
Concept of computer network:(*)
1.**Definition of computer network**:
2.**Composition of computer network:**
3.Type of computer network:
Computer network architecture
1.Transmission mode:
2.Data exchange:
3.Communication protocol and Architecture:
two.physical layer
1.Basic concepts of physical layer:
1.1 Four characteristics:(***)
1.2 Two signals:
1.3 Modulation and coding:
1.4 Transmission medium:
1.5 Three parts:
2.Basic communication technology of physical layer
2.1 Four channel multiplexing technologies
2.1.1 Reuse technology
2.1.2 Frequency division multiplexing FDM
2.1.3 Time division multiplexing TDM
2.1.4 Wavelength division multiplexing WDM(Wave)
2.1.5 Code division multiplexing
2.Data transmission mode
2.1 The number of transmissions at the same time is divided into
2.2 The behaviors of both parties through the data message are divided into
3.3 Signal division through transmission
3.4 By transmission direction Division
3.5 By transferring objects
three.data link layer
1.Basic concepts of data link layer
1.1 Concept of data link layer
1.2 Concept of frame
1.3 In Ethernet data frame MAC and LLC
1.4 Two transmission modes of data link layer
1.5 Three basic problems of data link layer(***)
1.6 Devices in LAN
2 Communication protocol of data link layer
2.1 Conflict domain and broadcast domain(*)
2.2 Virtual LAN (Experiment) VLAN(***)
2.3: CSMA/CD(Bus type)(***)
2.4: PPP(Unicast)
2.5: CRC((requires separate in-depth study)
four.network layer
1.Role of network layer
2.internet protocol IP
3.IP address
3.1IP Concept of address
3.2IP Composition of address
3.3IP Classification of addresses
3.3.1A class
3.3.2B class
3.3.3C class
3.3.4D class
3.3.5E class
3.3.6 Special address
4.IPv6
4.Network layer routing
4.1 route
4.2 Routing configuration
five.Transport layer
1.Transport layer concept
1.1 Transport layer
1.2 Port number
2.Two important protocols of transport layer
3.1TCP
3.2UDP
six.application layer
1.Role of application layer
2.Common protocols in application layer
seven.network security
1.Introduction to network security
1.1 network security
1.2 The threats faced by computer networks are mainly divided into two categories
1.2.1 Active attack
1.2.2 Passive attack
1.2 Network system characteristics
2.Encryption and interaction
2.1 Encryption and decryption
2.1.1 encryption
2.1.2 decrypt
2.2 Public and private keys
2.2.1 Symmetric encryption
2.2.2 Asymmetric encryption
2.3 firewall
Firewall areas
computer network
I Computer Network Overview
Concept of computer network: (*)
1. Definition of computer network:
Computer network refers to a computer system that links multiple computers and their external devices with independent functions in different geographical locations through communication lines and realizes resource sharing and information transmission under the management and coordination of network operating system, network management software and network communication protocol.
2. Composition of computer network:
terminal system /Resource subnet: provides shared software resources and hardware resources Communication subnet: network nodes and communication lines that provide information exchange.
3. Type of computer network:
According to the topological classification: star structure, tree structure, bus structure, ring structure, network structure Classification by scope: LAN LAN Metropolitan area network MAN Wide area network WAN Personal area network PAN internet Internet Classified by transmission mode: wired network( IEEE802.3) Wireless network:( IEEE802.11 WLAN Wireless LAN( wireless) WPAN Wireless personal area network)
Computer network architecture
1. Transmission mode:
According to the direction of transmission:
Simplex: working mode that can only transmit in one direction
Duplex: data in only one direction can be allowed to pass through the line at the same time
Full duplex: both sides can communicate data at the same time
According to the transmission object (mode):
Unicast: 1 to 1
Multicast: 1 to many
Broadcast: 1 pair all
2. Data exchange:
Circuit switching: continuous transmission of the whole message from source to destination Message exchange: the whole message is first transmitted to the adjacent node, all of which are stored, looked up the forwarding table, and then forwarded to the next node Packet switching: a message is divided into multiple packets, transmitted to adjacent nodes, looked up the forwarding table, and forwarded to the next node
3. Communication protocol and Architecture:
Three elements of network protocol: syntax, semantics and time sequence
OSI Reference model:
Application layer: use applications to provide services through the network.
Presentation layer: the presentation layer is used to process the presentation of interactive data, such as format conversion, data encryption and decryption, data compression and recovery
Session layer: responsible for maintaining the session establishment, maintenance and disconnection between two nodes in communication, as well as data exchange
Transport layer: it provides end-to-end data transmission services and realizes the functions of data control and operation.
Network layer: unit grouping, based on the data link layer, provides point-to-point communication, routing function, congestion control, network interconnection and other functions.
Data link layer: unit frame, based on the physical layer, provides node to node services, and adopts the methods of error control and flow control to realize network interconnection
Physical layer: Units bit,Establishment between network nodes using transmission medium as communication
TCP/IP Reference model:
Network interface layer: physical layer and data link layer
Internet layer: network layer
Transport layer
Application layer: session layer, presentation layer, application layer
II physical layer
1. Basic concept of physical layer:
1.1 four characteristics: (*)
Mechanical properties: what is the interface like Electrical characteristics: how many volts are used Functional characteristics: characteristics of level and voltage on the line Process characteristics: the sequence of signals transmitted to achieve different functions
1.2 two signals:
Analog signals - signals of specific frequency bands - have richer forms of expression------Weak anti-interference ability Digital signal - either 1 or 0--------Strong anti-interference ability
1.3 modulation and coding:
Modulation: analog signal conversion
code:
Digital signal conversion
Coding steps: sampling quantization coding
difference:
The data can be converted into digital signals by means of coding or analog models by means of modulation.
Digital data can be converted into digital signal (coding) through digital transmitter or analog signal through modulator.
Analog signals can be transmitted through PCM The encoder can be converted into digital signal (coding) or analog model (modulation) through amplifier modulator.
1.4 transmission medium:
Twisted pair:
Transmission distance 100-500(There are four hubs at most, and it will be distorted if it is exceeded)
Shielded twisted pair STP: Strong anti-interference, more expensive
Unshielded twisted pair: cheap, poor anti-interference
Manufacturing standard:
568B: Orange white, orange, green white, blue, blue white, green, brown white, Brown: eight kinds
568A: 12,26 Swap - green white, green, green white, blue, blue white, orange, brown white, brown
Optical fiber:
Multimode fiber:
Thicker core (50 or 62).5). It can transmit multiple modes of light. However, its inter mode dispersion is large, which limits the frequency of digital signal transmission, and will become more serious with the increase of distance. For example: 600 MB/KM The optical fiber is in 2 KM Only 300 at MB Broadband. Therefore, the transmission distance of multimode optical fiber is relatively close, generally only a few kilometers.
Distance: 2 KM
Single mode fiber:
Single mode fiber: the intermediate core is very thin (the core diameter is generally 8)-10),Only one mode of light can be transmitted, so. Its inter mode dispersion is very small, which is suitable for long-distance communication, but there are also material dispersion and waveguide dispersion, so the single-mode fiber has high requirements for the spectral width and stability of the light source, that is, the spectral width should be narrow. Good stability.
Distance: 100 KM
Coaxial cable: obsolete
Wireless: wireless signal frequency IEEE802.11
1.5 three parts:
Source system: the end that sends data Transmission system: various transmission media in the transmission process Target system: computer receiving data
2. Basic communication technology of physical layer
2.1 four channel multiplexing technologies
2.1.1 multiplexing technology
Multiplexing technology refers to the process of synthesizing multiple channels on the transmission path, and then restoring the original mechanism or removing the multiplexing technology of each channel of the terminal Multiple different signals are transmitted on the same channel. Multiplexing technology is mainly used to solve how to distinguish between different signals.
2.1.2 frequency division multiplexing FDM
Frequency division multiplexing (FDM) is a method in which several signals with non overlapping spectrum are transmitted together in the transmission frequency band suitable for a certain transmission medium FDM. Before each signal enters the transmission frequency band, it is necessary to move the frequency (modulation), and at the receiving end, when moving back to the original frequency band, restore the original signal of each channel, so that the transmission frequency band can be multiplexed. Divide different frequencies to transmit signals in parallel
2.1.3 time division multiplexing TDM
Time division multiplexing TDM It uses different periods of the same physical connection to transmit different signals, which can also achieve the purpose of multiplex transmission. Time division multiplexing takes time as the parameter of signal segmentation, so each signal must not overlap each other on the time axis. Time division multiplexing TDM It is to divide the time provided for the transmission of information to the whole channel into several time slots (hereinafter referred to as time slots), and distribute these time slots to each signal source Divide different time periods to transmit signals
2.1.4 wavelength division multiplexing (WDM)
Is to combine two or more different i Optical carrier signals of the same wavelength (carrying various information) are combined at the transmitting end through a multiplexer (also known as a multiplexer) and coupled to the same optical fiber of the optical line for transmission Transmission according to the wavelength of light wave (wave combiner coupling)
2.1.5 code division multiplexing
Code division multiplexing CDM It is a multiplexing method that distinguishes various original signals by different codes. It is mainly combined with various multiple access technologies to produce various access technologies, including wireless and wired access. At the same time, the same frequency is distinguished according to the transmitted data code
2. Data transmission mode
2.1 the quantity transmitted at the same time is divided into:
Serial transmission
A data line is used to input data bit by bit, and each bit of data occupies a fixed length of time. Only a few lines are needed to exchange information between systems, which is especially suitable for long-distance communication between computers and peripherals.
Parallel transmission
Parallel transmission refers to the simultaneous transmission of data in groups on multiple parallel channels. It is the transmission of multiple data bits between devices at the same time.
2.2 the behaviors of both parties through data message are divided into:
Synchronous transmission
Synchronization: in computer networks, the timing factor is called bit synchronization. Synchronization is to receive data according to the start and end time and rate of each bit transmitted, otherwise an error will occur.
The bit packets transmitted synchronously are much larger. It will not send each character independently. Each character has its own start bit and stop bit. Instead, it will send them together. We call these combinations data frames, or frames for short
Asynchronous transmission:
Asynchronous transmission divides bits into groups for transmission. The group can be 1 character of 8 bits or longer. The sender can send these bit groups at any time, and the receiver never knows when they will arrive.
3.3 signal division through transmission
Baseband transmission: the transmission of digital signals is called baseband transmission Band transmission: the transmission of analog signals is called band transmission (300)-3400HZ)
3.4 split by transmission direction
Simplex half duplex full duplex
3.5 transmission object segmentation
Unicast multicast broadcast
III data link layer
1. Basic concepts of data link layer
1.1 concept of data link layer
Data link layer is a protocol between physical layer and Internet layer, which provides reliable data transmission of adjacent nodes
1.2 concept of frame
Protocol data unit of data link layer
form:
Frame headers: source MAC Address, purpose MAC Address, type( MAC Address is used to uniquely identify a network card in the network. If a device has one or more network cards, each network card needs and will have a unique address MAC (address)
data
End of frame: check
image-20211209163006415
1.3 MAC and LLC in Ethernet data frame
MAC(A protocol that interfaces with the physical layer
MAC Media control access
Function: encapsulation of data frames/Unloading, addressing and identification of frames, receiving and sending of frames, link management, error control of frames, etc. MAC The existence of sublayer shields the differences of different physical link layers
LLC(Docking network layer)
LLC Logical control access
effect: LLC The main functions of the sublayer are transmission reliability guarantee and control, packet segmentation and reorganization. Sequential propagation of packets.
Notes:
The agreement is located at OSI In the seven layer protocol, the data link layer is divided into the upper layer LLC(Logical link control), and lower layer MAC(Media access control), MAC It is mainly responsible for controlling and linking the physical media of the physical layer. When sending data, MAC The protocol can judge whether to send data in advance. If it can be sent, add some control information to the data, and finally send the data and control information to the physical layer in the specified format; When receiving data, MAC The protocol first determines whether there is a transmission error in the input information. If there is no error, the control information is removed and sent to LLC(Logical link control) layer.
image-20211209163038852
1.4 two transmission modes of data link layer
Unicast broadcast
1.5 three basic problems of data link layer (*)
Package into frame( PPP)
Encapsulation into a frame is to add the header and tail before and after a piece of data respectively, so as to form a frame. After receiving the bit stream handed over by the physical layer, the receiving end can identify the beginning and end of the frame from the received bit stream according to the marks of the header and tail.
Transparent transmission
Transparent transmission means that no matter what bit combination the transmitted data is, it should be able to be transmitted on the link
Error detection (odd parity) CRC: (calculation required)
When the correct frame is received, it is necessary to send a confirmation to the transmitting end. The transmission is counted within a certain period of time. If the other party's confirmation is not received, it is considered that an error has occurred, so it is retransmitted until the other party's confirmation is received,
1.6 equipment in LAN
Bridge (between physical layer and data link layer)
Two port switch
Hub (share bandwidth at physical layer)
Hub in English:“ HUB"The main function of the hub is to regenerate, shape and amplify the received signal, so as to expand the transmission distance of the network, and concentrate all nodes on the nodes centered on it.
Switch (exclusive bandwidth of data link layer)
Switch( Switch)A switch is a network device used for electrical (optical) signal forwarding. It can provide exclusive electrical signal path for any two network nodes accessing the switch. The most common switch type Ethernet switch.
2 communication protocol of data link layer
2.1 conflict domain and broadcast domain (*)
Conflict domain
Each port of the switch is a conflict domain; The conflict domain can only occur in one network segment
Broadcast domain
All ports of the switch are in a broadcast domain; The broadcast domain occurs in one or more network segments
difference
Broadcast domains can span network segments
The conflict domain is based on the first layer (physical layer), while the broadcast domain is based on the second layer (data link layer)
HUB All ports are in the same broadcast domain and conflict domain, Switch All ports are in the agreed broadcast domain, and each port is a conflict domain.
Share broadband in the same conflict domain
2.2 virtual LAN (experimental) VLAN (*)
VLAN(Virtual local Area Network)That is, virtual LAN is a physical network LAN A communication technology that is logically divided into multiple broadcast domains. VLAN There is no direct communication between and VLAN There is no direct communication between, so the broadcast message is limited to one VLAN Inside.
Advantages and objectives
Divide broadcast domain: reduce garbage data
Enhance LAN Security
Improve robustness
Flexible build team
divide VLAN Way of
Port based
Configure different interfaces of the switch PVID,When a data frame enters the switch interface, if there is no band VLAN Tag, and the interface is configured with PVID. If the incoming frame already has VLAN Label, then the switch will not increase VLAN Label, even if the interface has been configured PVID
Access: Only one is allowed VLAN
Trunk: Allow multiple VLAN
Hybird
Subnet based
Configure subdomains VLAN Mapping table, if the switching device receives untagged(No VLAN Label) frame, the switching equipment according to the source in the message IP Address information, confirm the added VLAN iD. The network segment or will be specified IP The message sent at the specified address VLAN Medium transmission reduces the amount of tasks managed by the network and is conducive to management
be based on MAC address
Configure it first MAC Address and VLAN The mapping relationship table does not need to be reconfigured when the physical location of the end user changes VLAN. It improves the security of end users and the flexibility of access
Protocol based
The type of service provided in the network will be the domain VLAN It is easy to manage and maintain. All protocol types and VLAN ID Initial configuration of the mapping relationship table. The address formats of various protocols need to be analyzed and converted accordingly, which consumes more resources of the switch and has a slight disadvantage in speed.
Based on matching strategy
Configure the terminal on the switch first MAC Address and IP Address and contact VLAN parallel connection. Only qualified terminals can join the specified VLAN. The terminal conforming to the policy joins the specified VLAN It is strictly prohibited to modify after IP Address and MAC Address, otherwise it will cause the terminal from the specified address VLAN Exit from.
2.3: CSMA/CD (bus type) (*)
CSDN/CD Carrier sense multiple access/Conflict detection is a competitive access method using random access technology in broadcast channel. It has the characteristics of multi-target address and transmits data in bus network
Four characteristics (important)
Listen before you send
Listen and send
Conflict stop
Delayed postemission
2.4: PPP (unicast)
Point to point communication is a one-to-one channel, so there will be no collision. Therefore, it is relatively simple and adopts PPP agreement; among PPP The protocol is between the user and the computer ISP(The protocol of the data link layer used by Internet service providers (ISPs) for communication PPP It was originally designed for communication between two peer nodes IP Traffic transmission provides an encapsulation protocol.
2.5: CRC (need separate in-depth study)
Cyclic redundancy check It is the most commonly used error checking code in the field of data communication. Its feature is that the length of information field and check field can be selected arbitrarily. Cyclic redundancy check( CRC)It is a data transmission error detection function. l Example: the data to be sent is 1101011011, using CRC The generating polynomial of is P(x)=x^4+x+1.Find the remainder.
IV network layer
1. Role of network layer
Provide end-to-end service unit: grouping The purpose of the network layer is to realize the transparent data transmission between the two end systems. The specific functions include addressing and routing, connection establishment, maintenance and termination. The service it provides makes the transport layer do not need to understand the data transmission and exchange technology in the network.
2. Internet layer protocol IP
ARP Address resolution protocol
according to IP Address get physical address
RARP Anti address resolution protocol
ICMP Internet control message protocol
adopt ICMP Transmission control messages refer to the messages of the network itself, such as whether the network is connected, whether the host is reachable, and whether the route is available.
IGMP Internet Group Management Protocol
A communication protocol for managing multicast group members. IP Host and adjacent router utilization IGMP To create a group member of a multicast group. Multicast solves the repeated copy of data and the repeated occupation of bandwidth in the case of unicast, and also solves the waste of bandwidth resources in the case of broadcast
3.IP address
3.1 concept of IP address
IP Address make IP The protocol provides a unified address format. It assigns a logical address to each network and host on the Internet to shield the difference of physical address.
Composition: one IP The address consists of 4 bytes and 32 bits, which is generally expressed in dotted decimal system,
IP Address and MAC Address difference
IP An address is a logical address, MAC The address is a physical address
MAC The address is unique, but IP Address is not subject to unique
MAC The address mainly works on the second floor, IP The address is at the Internet layer
MAC The address is 48 digits, IP The address is usually 32 bits( v6 Is 128 bits)
IP The allocation of addresses depends on the network topology, MAC The address assignment depends on the manufacturer
3.2 composition of IP address
Host address and network address
Host address/Host number
Identifies the address of a device
network address/network number
Identifies the address of a network segment
Subnet mask
The subnet mask is used to distinguish between the network number and the host number
It is used to indicate a IP Which bits of the address identify the subnet where the host is located and which bits identify the bit mask of the host. Subnet mask cannot exist alone, it must be combined IP Address. Subnet mask can only have one function, that is, to IP The address is divided into network address and host address
3.3 classification of IP addresses
3.3.1A type
One A class IP Address means, in IP Among the four segment numbers of the address, the first segment number is the network number, and the remaining three segment numbers are the number of the local computer. A class IP The length of the network ID in the address is 8 bits, and the length of the host ID is 24 bits, A There are 126 networks, each of which can accommodate more than 16 million hosts. A class IP Address range 1.0.0.1 To 127.255.255.254 The first byte is the network number, and the first bit of the first byte is 0
3.3.2B type
One B Class address refers to IP Among the four segment numbers of the address, the first two segment numbers are network numbers. B class IP The length of the network ID in the address is 16 bits, and the length of the host ID is 16 bits, B Class network address is applicable to medium-sized networks. There are 16384 networks, and each network can accommodate more than 60000 computers. B class IP Address range 128.0.01-191.255.255.254 The first two bytes are the network number, and the first two digits of the first byte are 10
3.3.3C type
One C class IP Address means, in IP Among the four segment numbers of the address, the first three segment numbers are the network numbers, and the remaining segment numbers are the numbers of the local computer. C class IP The length of the network ID in the address is 24 bits, and the length of the host ID is 8 bits, C There are many network addresses, with more than 2.09 million networks. It is suitable for small-scale local area networks. Each network can only contain 254 computers at most. C class IP Address range 192.0.0.1-223.255.255.254 The first three bytes are the network number, and the first two bits of the first byte are 110
3.3.4type D
D class IP Addresses have historically been called multicast addresses and multicast addresses. In Ethernet, multicast addresses name a group of sites that should receive a packet in the network. The highest bit of the multicast address must be "1110", ranging from 224.0.0.0 To 239.255.255.255
3.3.5class e
retain
3.3.6 special address
Network address: addresses with all host numbers of 0 are not available Broadcast address: addresses with host number 1 are not available Loopback address: 127.0.0.0 Test use
4.IPv6
because IPv4 Address can not meet the needs, there is a lack of situation, so it was born IPv6 Address continues to be used. v6 The address consists of 128 bits and 16 bytes, which is generally expressed in hexadecimal.
4. Network layer routing
4.1 routing
What is routing?
Routing refers to the process of determining the network scope of the end-to-end path when the packet is from the source to the destination. Routing is the path information guiding message forwarding. Forwarding can be confirmed through routing IP Message path
Routing is the most important task in the network layer
Router
Network layer infrastructure
Data forwarding
A port represents a network segment. The router stores a table leading to each network segment, which is called a routing table
Routing table
Also known as routing domain information base, it is a spreadsheet (file) or class database stored in router or networked computer. The routing table stores paths to specific network addresses
gateway
Also known as inter network connector, protocol converter. It is used for the interconnection of two networks with different high-level protocols. Gateway can be used for both Wan interconnection and LAN interconnection
Route acquisition method
connected route
Static routing
Dynamic routing
4.2 route configuration mode
Static routing
Static routing: it is manually configured by the administrator, which is convenient to configure and has low requirements for the system. It is suitable for small networks with simple and stable topology
Default route: a special route that can only be used when the message does not find a matching specific table item in the route table
Dynamic routing
Dynamic routing
The routing interworking of different network segments is realized through dynamic routing protocol
Dynamic routing protocol has its own routing algorithm, which can automatically adapt to the changes of network topology and is suitable for networks with a certain number of three-tier devices
Dynamic routing protocol
RPI
RPI: Routing information protocol
Vector based dynamic routing protocol
It is suitable for small and medium-sized network topology, and the maximum number of hops is 15
OSPF
OSPF:Open shortest path first
Link state based routing
use SPF Algorithm to calculate the shortest path. tree protocol
BGP
BGP It is a routing protocol between autonomous systems. Routing protocol between autonomous systems
Routing protocol between autonomous systems
IS-IS
IS-IS: Intermediate system to intermediate system
And OSPF similar, IS-IS It is to divide the area based on the route, OSPF Using interface partition
Internal gateway protocol
RIP and OSPF Differences between
RIP Is a vector based protocol, OSPF Is based on link status
RIP Suitable for small and medium-sized network topology, OSPF It is suitable for large-scale networks
OSPF Support variable length subnet mask( VLSM). RIP I won't support it
ODPF Convergence rate ratio RIP More quickly
V Transport layer
1. Transport layer concept
1.1 transport layer
The transport layer provides end-to-end services From the perspective of communication and information processing, the transport layer provides communication services to the upper application layer The so-called port is like a house number. The client can pass through IP The address can be found on the corresponding server side, but there are many ports on the server side. Each application corresponds to a port number. Through the port number similar to the house number, the client can really access the server. In order to distinguish port numbers, each port is numbered, which is the port number
1.2 port number
FTP: 21(20)*
FTP(File transfer protocol)
21 connect; 20 transmission data
TELNET: 23*: TELNET(Remote login)
SMTP: 25*
SMTP(E-mail transfer protocol)
POP3(Post office protocol (version 3): 110
DNS: 53*: DNS(Domain name system)
TFTP: 69: TFTP(Simple file transfer protocol)
HTTP: 80*: HTTP(Hypertext Transfer Protocol)
SNMP: 161: SNMP(Simple network management protocol)
HTTPS: 443*: HTTPS(Hypertext transfer security protocol)
2. Two important protocols of transport layer
3.1TCP
Transmission control protocol: TCP
TCP yes TCP/IP The more complex protocol in the system is the most important protocol in the transport layer
TCP Its main features are:
TCP Is a connection oriented transport layer protocol
TCP Provide reliable delivery services
TCP Provide full duplex communication
TCP Byte stream oriented
window
Fixed window: if the window is too small, you need to constantly confirm the data when transmitting large data, which will cause great delay
Sliding window: Generally speaking, sliding window is a flow control technology. It essentially describes the receiver TCP The data of datagram buffer size. The sender calculates the maximum length of data it can send according to this data. If the sender receives a message with a window size of 0 from the receiver TCP If a datagram is sent, the sender will stop sending data until the receiver sends a datagram whose window size is not 0
Congestion handling and flow control
TCP Triple handshake and flow control
3.2UDP
User datagram protocol: UDP
UDP Yes IP Some functions have been added to the datagram service, including multiplexing and division functions and error detection functions
UDP Its main features are:
UDP Is connectionless
UDP Best effort delivery
UDP Message oriented and no congestion control
UDP Low overhead and high transmission efficiency
UDP The concept of the first part
Vi application layer
1. Role of application layer
Through the communication and cooperative work between multiple application processes located in different hosts, the content of the application layer is to define the communication rules
2. Common protocols in application layer
Domain name system DNS
Domain name structure: each domain name is separated by a label. mail.cctv.com (Tertiary domain name.Secondary domain name.Top level domain name)
Domain name server: iterative recursion
File transfer protocol FTP
use TCP Connect, transfer data
The port number is 21 (20) 20 to send data
Remote terminal protocol TELNET
use TCP Connect and log in remotely to another remote host
The port number is 23
World Wide Web and HTTP agreement
Hypertext transfer protocol is a simple request-Response protocol
The port number is 80
Email protocol
SMTP Email transport protocol: port number 25
POP3 Post office protocol version 3: port number 110
DHCP Dynamic Host Configuration Protocol
It refers to a period controlled by the server IP Address range. When the client logs in to the server, it can automatically obtain the address assigned by the server IP Address and subnet mask.
Port number 68
VII network security
1. Introduction to network security
1.1 network security
Network security( Cyber Security)It means that the hardware, software and data in the network system are protected from damage, change and disclosure due to accidental or malicious reasons. The system operates continuously, reliably and normally, and the network service is not interrupted.
1.2 the threats faced by computer networks are mainly divided into two categories
1.2.1 active attack
Take the initiative to do some malicious acts based on the network. Malicious string modification of information data, release of malicious program scripts, etc Tampering Malicious program Denial of service
1.2.2 passive attack
Passive attacks mainly collect information rather than access, do not change the structure of the data itself, and do not affect the software and hardware data intercept Eavesdropping Flow analysis
1.2 network system characteristics
Confidentiality: information is not disclosed to unauthorized users, entities or processes, or for their use Integrity: the characteristic that data cannot be changed without authorization, that is, the characteristic that information will not be modified, damaged or lost during storage or transmission Availability: a feature that can be accessed by authorized entities and used on demand. That is, whether the required information can be accessed when needed. For example, denial of service in the network environment, damage to the normal operation of the network and related systems, etc. belong to the attack on availability Reliability: have the ability to control the dissemination and content of information Non repudiation: provide basis and means in case of security problems
2. Encryption and interaction
2.1 encryption and decryption
2.1.1 encryption
It changes the original information data with a special algorithm, so that unauthorized users, even if they obtain the encrypted information, still can't understand the content of the information because they don't know the decryption method
Encryption means
MD5 Encryption (information)-Abstract algorithm): 128 bits
AES Encryption (called secret key encryption): 128,192,256 position
SHAI Encryption (secure hash algorithm): 160 bits
RSA Encryption: public key encryption, private key decryption: 1204 bits
2.1.2 decryption
The reverse process of encryption is decryption
2.2 public and private keys
2.2.1 symmetric encryption
Using the encryption method of single key cryptosystem, the same secret key can be used for information encryption and decryption at the same time. This encryption method is called symmetric encryption, also known as single secret key encryption.
2.2.2 asymmetric encryption
When asymmetric encryption is used, two keys will be generated. The sender encrypts with its own public key and the receiver decrypts with its own private key
Four characteristics of digital signature
Prevent replay attack: the attacker uses network monitoring or other means to steal the authentication credentials, and then sends it back to the authentication server. In digital signature, if the signature message is stamped with time stamp or added with serial number, it can effectively prevent replay attack
Prevent data forgery: others cannot forge the signature of the message, because the private secret key can only be known by the signer, and all others cannot construct the correct signature result data
Prevent data tampering: the digital signature is sent to the recipient together with the original file or abstract. Once the information is tampered, the recipient can judge that the file is invalid by calculating the abstract and verifying the signature, so as to ensure the integrity of the file
Prevent data repudiation: digital signature can be used not only as the basis of identity authentication, but also as the evidence of signer's signature operation. In order to prevent the recipient from repudiation, the receiver can be required to return a signed message to the sender or a trusted third party in the digital signature system. If the receiver does not return any information, the communication can be terminated or restarted, and the signatory has no loss. Therefore, neither party can deny it.
2.3 firewall
Firewall is an access control technology, which can strictly control the packets entering and leaving the network boundary and prohibit any unnecessary communication to reduce the occurrence of potential intrusion
Firewall areas
Local Local area
Top level security zone with security priority of 100
local Is the area of the firewall itself, such as ping The reply of Internet control protocol such as command needs local All messages sent by the firewall can be considered from the domain local Messages sent in the area that require firewall response and processing (rather than forwarding) can be considered as Local Area reception
Trust Trusted area
Advanced security zone with security priority of 85
It is usually used to define the network where internal users are located. It can also be understood that it should be the most tightly protected area
DMZ Demilitarized zone
Intermediate security zone, security priority 50
It is usually used to define the internal server sitting on the network
The function is to WEB. E-mail And other servers that allow external access are separately connected to the regional port, so that the whole needs to be accessed, the separation of internal and external networks can be realized, and the needs of users can be met. DMZ It can be understood as a special network area different from the external network or internal network, DMZ Some public servers without confidential information are usually placed in the, such as Web,Mail,FTP Services in. In this way, visitors from the Internet can access DMZ In service, but it is impossible to access the company's confidential or private information stored in the intranet DMZ The server in is damaged, and it will not affect the confidential information in the intranet
Untrust Non trusted area
Low level security area with security priority of 5
Usually used to define Internet And other insecure networks, which are used for the access of network entry lines.