Administrative Create user accounts on my machine from students 1. Project draft due 2. Weblink readings 3. Projects due next week 1. Digital format, e-mail them to me, hard copy as a backup 2. Presentation line-up 3. You can use my laptop if you send me your PowerPoint presentation 4. What shall we do if we have extra time? VII. Advanced topics A. PPP and Remote Access Technologies 1. Point-to-Point Protocol a. Definition An Internet standard which enables layer three protocols (i.e. IP) to be transported over point-to-point links. Options and capabilities allow for negotation of link parameters, multiple layer three protocols, authentication and more. b. Usage PPP can multiplex multiple upper layer protocols over the same link. Configures packet sizes. Many of the PPP options happen at the Link Control Protocol (LCP) layer. Handles layer three layer facilities (i.e. dynamic assignment of an IP address). (NCP) c. links 1. http://www.ietf.org/html.charters/pppext-charter.html 2. news://comp.protocols.ppp 3. http://cs.uni-bonn.de/ppp/faq.html 4. http://people.ne.mediaone.net/carlson/ppp/index.html 2. 56Kb/s Modems see http://homepage.interaccess.com/~jkristof/56kmodem.html 3. RADIUS/TACACS/TACACS+ B. Network Design Premise: Simplicity is everything Example tasks: Test and standardization Goal: Quality Occam's Razor: William of Occam (1284-1374) developed a thought process known as Occam's Razor. Applied to science, it states that the simplest solution that works should be the one that is selected. Network design is part science (part art). We can apply Occam's Razor in designing networks. Simple solutions are: - easy to install - easy to fix - easy to maintain - easy to upgrade - easy to replace - easy to tear down - easy to modify - usually cheap 1. Network Staff a. Network design b. Network support c. Size of staff 2. Production Environment a. Voice/Data centers b. Voice/Data closets 3. Testing 4. Network Management a. Simplicity - don't spend more time managing your mmgt system b. If you can't manage it, don't put it in 5. Documentation a. RFC process 6. Cabling a. labels b. gender benders c. use screws 7. Education versus Training 8. Pagers, Cell Phones and Off-hours support a. Why Sunday morning is the worst time to install something 9. Vendors a. http://homepage.interaccess.com/~jkristof/partner.html 10. Networking Commandments a. http://homepage.interaccess.com/~jkristof/10comm.html 11. Links http://homepage.interaccess.com/~jkristof/toe.html C. Stories/Experiences from the front lines 1. Router interface up/down 2. I need a bigger screwdriver 3. The flood 4. N+I a. Cabling b. xDSL c. VoIP 5. Hello DePaul, Hello Black Hats D. Network Security 1. Disable unnecessary services a. inetd.conf b. control panel->network: protocols and services 2. Logging a. syslog b. auditing 3. Timestamps a. ntp 4. Update and patch regularly a. watch CERT b. watch bugtraq and ntbugtraq 5. Router/Switch examples a. filters/ACLs i. spoofing protection ii. broadcast protection iii. intrusion detection? b. watch your TELNET c. watch your SNMP d. LOG! 6. UNIX examples a. file system b. tools i. lsof ii. swatch iii. tcp wrappers iv. tripwire v. ssh vi. break-in tools - we'll get to that 7. Windows 95/98/NT examples a. file sharing b. l0phtcrack c. tools 8. Let's be a bad guy for a bit a. reconnoissance i. search engines ii. scanning tools iii. social engineering b. attack c. install backdoors, tools d. fix e. hide tracks f. log/sniff g. go after more 9. Links http://networks.depaul.edu/security/ news://news.depaul.edu/dpu.security http://www.cerias.purdue.edu http://www.cert.org http://www.sans.org http://www.securityportal.com/lasg/ http://packetstorm.securify.com 10. Other a. http://dep/cgi-bin/finger?@localhost b. telnet print D. DePaul's Network 1. Generic Overview a. Campus layout b. Physical links c. Hardware used d. Challenges 2. IP Overview 3. Swithes 4. Dial-up 5. Cabling maps 6. Future a. Gig Ethernet b. WAN c. Internet d. Distance Education