Edward's CS Journey

Operational Security and Overall Class Reflection This week, we learned about operational security. Two types of operational security methods were discussed: firewalls and intrusion detection systems. Firewalls help filter out packets passing from the Internet to an internal network. They are designed to prevent denial of service attacks and illegal modifications of internal data and only allow authorized access to a network. This can help keep the untrusted packets out of an internal network and let the trusted packets in.  There are three types of firewalls. First, there is a firewall with stateless packet filtering. This firewall decides which packet to forward or drop based on information such as IP address, TCP/UDP port numbers, ICMP message types, and TCP SYN and ACK bits. The firewall can be set so that packets with given information can be evaluated based on rules, such as ACK =0, and can be blocked from entering the internal network.  Second, there is a firewall with ...

Link Layer This week, we learned about the link layer of the Internet Protocol Stack. The link layer transfers frames between nodes (routers and hosts) in a network. Communication is completed by connecting each node by a link. These links can be wired, wireless, or local area networks (LANs). To transfer datagrams received from the network layer above it, the link layer encapsulates a datagram in a frame before sending it to another node. This layer uses MAC addresses, which are stored in the frame headers, to identify the source and destination of the frame. The link layer transfers frames between nodes in a network. Switches can be used to store and forward frames to their intended destinations. To do so, a frame's MAC address is read and selectively forwarded to the appropriate outgoing, using point-to-point links to access a segment. Each switch has a switch forwarding table that maps the MAC address to the appropriate interface. Switches are self-learning and use flooding to ...

Network Layer: Control Plane This week, we learned more about the control plane and its role in the network layer. The control plane is in charge of determining the route a packet takes to get from the source to the destination. Two approaches are used to determine the routing path: per-router control and logically centralized control.  In a per-router control panel, the routers interact with each other to find a packet's routing path. Each router has a local forwarding table that contains output links for each packet. The router reads the packet header and determines which link to send the packet to. In a logically centralized control plane (software-defined network), a remote controller interacts with local control agents in routers. The controller communicates with local control agents to compute forwarding tables, which then determine the appropriate route for each packet using the packet's header bits.  A routing path needs to be "good" if it has certain characte...