Information And Networks Security Engineering Information Technology Essay

Each computing machine or device which connects in a web and communicates with other devices into it has an IP reference. IP reference is four Numberss from 0 up to 255, divided with points, for illustration 192.168. 10. 10.

IP reference is alone for each device ne’er two devices ne’er have the same IP reference. An IP reference consists of two subdivisions, the web reference and the host reference. All devices in a web portion the same web reference but the host reference is alone for each device. What helps us to separately the web from the host reference is the subnet mask. If we have the IP reference 192.168.10.10 the last octet figure ( 10 ) is the host reference and 192.168.10 is the web reference.

Over clip different versions of the IP protocol evolved, ab initio the IP version four and after that the IP version six. The passage from the one version to the other takes topographic point increasingly because 2 versions have differences in many countries.

In this papers we will concentrate on the security issues between the two versions. First, we will analyze a general overview about the IP version 4 and IP version 6, header information turn toing system and caput comparing. Later we will concentrate in a different subject which is the security issues for these two versions. Finally, we will be occupied with decision that will happen from this comparing in security issues between IP version 4 and IP version 6.

IP version 4 general overview

IP version four Heading

In the IP Version Four heading. Source reference and finish reference has the length of 32 spots. Therefore, the IP Version Four allows an address infinite of 4.3A-109A ( 232 ) references { 2

4Bits 8Bits 16Bits 24 Spots

Version

Length

Type Of Service

Entire Length

Designation

Flags

Fragment Offset

Time to Populate

Protocol

Header Checksum

Beginning IP Address

Destination IP Address

IP Option

Embroidering

Datas

The IP Version Four Packet

IP Version Four heading:

Version

This field identifies the port. Now we are utilizing IP version four.

Length

Minimal Header length is 5 ( which is the size of the IP heading )

Type of Service

This field has a size of 8 spots ( 1 byte ) , and describes how to route the package.

Entire Length

This field has a size of 4 spots, and describes the length of the heading in 32-bit words

Designation

Identification consists of 16-bit field.

Flags

mensurating 3 spot. Each spot is a separate flag

Time to Populate

size is 8 spot ( 1 byte ) . It contains a figure ( 1-255 ) , which determines the life-time of the datagram

Protocol

Indicates which protocol is used at the conveyance bed

Header Checksum

Used to command the proper transmittal of rubric, non the full bundle. Size is 16 spot ( 2 byte ) .

DestinationA IP Address

size is 32 spot, and contains the IP reference of the concluding receiver of the package.

Beginning IP Address

Size is 32 spot, and contains the IP reference of the original transmitter of the package.

IP Options

Normally non used. If non used the full filled with nothing.

Embroidering

The embroidering heading demands to be ended after a 32-bit word.

Datas

The information is being sent.

IP Version Four Addressing

This subdivision examines the IP Version Four Addressing construction. The IP Version Four Addressing consist of 32-bit Internet reference which means that there are

merely 232 IP Version Four addresses available so the assorted categories of IP Version Four addresses is: Public and Private IP references

Private IP addresses that are designated for webs that have limited or no entree to the Internet. Hosts or packages utilizing these references as a beginning and finish are non to look on the public Internet. { 4 }

These private reference blocks are:

10.0.0.0 – 10.255.255.255 ( 10.0.0.0 /8 )

10.0.1.0 – 172.16.0.0 to 172.16.255.255 ( 172.16.0.0 /12 )

10.0.2.0 – 192.168.0.0 to 192.168.255.255 ( 192.168.0.0 /16 )

Calculate the Network Address

172

16

20

0

1

0

1

0

1

1

0

0

0

0

0

1

0

0

0

0

0

0

0

1

0

1

0

0

0

0

0

0

0

0

0

0

Network

Host

Network Address for the 172.16.20.0/25 Network

Host spots are all 0s: 0+0+0+0+0+0+0+0 =0.The Network is 172.16.20.0

Calculate the Lowest Network Address

172

16

20

1

1

0

1

0

1

1

0

0

0

0

0

1

0

0

0

0

0

0

0

1

0

1

0

0

0

0

0

0

0

0

0

1

Network

Host

Lowest Host Address for the 172.16.20.1/25 Network

Host spots are all 0s: 0+0+0+0+0+0+0+1 =1.The Network is 172.16.20.1

Calculate the Broadcast Address

172

16

20

127

1

0

1

0

1

1

0

0

0

0

0

1

0

0

0

0

0

0

0

1

0

1

0

0

0

1

1

1

1

1

1

1

Network

Host

Broadcast Address for the 172.16.20.127/25 Network

Host spots are all 1s: 64+32+16+8+4+2+1 =1.The Network is 172.16.20.1

Public references

Although most IP Version Four host reference are public references designated for usage in web that are accessible to the internet Public addresses given straight from your ISP. The following are the major registries. { 3 }

AfriNIC ( African Network Information Centre ) ( Africa Region Site: Hypertext transfer protocol: //www.afrinic.net )

APNIC ( Asia Pacific Registry for Internet Numbers )

( Asia/Pacific Region site: hypertext transfer protocol: //www.apnic.net )

LACNIC ( Regional Latin American and Caribbean Internet Address Registry ) ( Latin America and some Caribbean Island site: hypertext transfer protocol: //www.lacnic.net )

RUPE NCC ( Reseaux IP Europeans Network Coordination Centre ) ( Europe, the Middle East, and Central Asia, hypertext transfer protocol: //www.ripe.net )

ARNI ( American Registry for Internet Numbers ) ( North America Region Site: http//www.arin.net )

fig1.jpg

ISP Column

IP Version Four Classs

Address Mask has three degrees. Class A Address Range start from 10.0.0.0 – 10.255.255.255 the figure of references is 16 777 216.Class B is The Second Address Range begins from 172.16.0.0 – 172.31.255.255 and figure of references is 1 048 576.The Class C is the last.Address scope for category C is 192.168.0.0 – 192.168.255.255 and figure of references is 65 536 { 4 }

Class AA

From 10.0.0.0 to 10,255,255,255

Class B

From 172.16.0.0 to 172.31.255.255

Class C

From 192.168.0.0 to 192.168.255.255

Address Class

First Octet Range

Prefix And Mask

Number Of Possible Network

Number of Hosts per Network

A

1 to 127

8/ 255.0.0.0

126 ( 2^7 )

16,777,214 ( 2^24-2 )

Bacillus

128 to 191

16/ 255.255.0.0

16.384 ( 2^14 )

65,534 ( 2^16-2 )

C

192 to 2223

24/ 255.255.225.0

2097159 ( 2^21 )

254 ( 2^8-2 )

IP Version 4 Network Classs

Class A ( 1 – 126 )

Default Subnet Mask = 255.0.0.0

A

Subnet/Host

Network

Host

Host

Host

255

0

0

0

Class B ( 128 – 191 )

Default Subnet Mask = 255.255.255.0

A

A

Subnet/Host

Network

Host

Host

Host

255

255

0

0

Class C ( 192 – 223 )

Default Subnet Mask = 255.255.255.0

A

A

A

Subnet/Host

Network

Host

Host

Host

255

255

255

0

IP Version 4 Subnet

Network and Host Parts of Classful Addresses-No Subnetting

Class A

1 Eight

3 Eights

Network

Host

Class B

2 Eights

2 Eights

Network

Host

Class C

3 Eights

1 Eight

Network

Host

Class A Network has the 51 per centum of the address infinite.The category B web was given half of what was Lashkar-e-Taibas ( 25 per centum ) of the address infinite.Class C web given ( 12 per centum ) of the address infinite. Class D and Class E was created twelvemonth subsequently from RFCs. Class D addresses got 6 per centum of the available reference. Class E addresses so got the staying 6 per centum.

{ 4 }

Relative Size of the Ipv4 Address Classes

IP Versions 4 TCP and UDP

The two most common conveyance bed protocol of the TCP/IP protocol suite is two.

User Datagram Protocol ( UDP ) .

UDP is a simple, connectionless protocol. It has the advantage of supplying low- overhead informations bringing. { 4 }

Applications that use UDP:

Domain Name System

Video Streaming

Voice Over IP

Bit ( 0 )

Bit ( 15 ) Bit ( 16 )

Bit ( 31 )

8 Bytes

Beginning Port ( 16 )

Destination Port 16

Length ( 16 )

Checksum ( 16 )

Application Layer informations

UDP Datagram

Transmission Control Protocol ( TCP ) .

The TCP provides a dependable protocol over IP. Guarantees that packages will be delivered to its finish, it will get in the order in which they were sent and that the contents of the packages will get as sent { 4 }

Following Applications use Transmission control protocol:

Web browsers

Electronic mail

File transportations

Bit ( 0 )

Bit ( 15 ) Bit ( 16 )

Bit ( 31 )

20 Bytes

Beginning Port ( 16 )

Destination Port 16

Sequence Number ( 32 )

Acknowledgement Number ( 32 )

Header Length 4

A

Window 16

Reserved 6

A

A

Code 6

A

A

Checksum 16

A

Urgent 16

Option ( 0 or 32, if any )

Application Layer Data ( Size Veries )

TCP Datagram

Subnet Mask

A Subnet mask is a 32-bit figure that masks an IP reference. The figures can be 0, 128, 192, 224, 240, 248, 252, 254, 255. If we have IP reference 192.168.0.1 with mask 255.255.255.0.

The information science in digital:

Information science: 11000000.10101000.00000000.00000001

Mask:11111111.11111111.11111111.00000000 { 3 }

Address

Hosts

Netmask ( Binary )

Netmask

/4

240,435,456

11110000 00000000 00000000 00000000

240.0.0.0

/5

134,217,728

11111000 00000000 00000000 00000000

248.0.0.0

/6

67,108,864

11111100 00000000 00000000 00000000

252.0.0.0

/7

33,554,432

11111110 00000000 00000000 00000000

254.0.0.0

/8

16,777,216

11111111 00000000 00000000 00000000

255.0.0.0

/9

8,388,608

11111111 10000000 00000000 00000000

255.128.0.0

/10

4,194,304

11111111 11000000 00000000 00000000

255.192.0.0

/11

2,097,152

11111111 11100000 00000000 00000000

255.224.0.0

/12

1,048,576

11111111 11110000 00000000 00000000

255.240.0.0

/13

524,288

11111111 11111000 00000000 00000000

255.248.0.0

/14

262,144

11111111 11111100 00000000 00000000

255.252.0.0

/15

131,072

11111111 11111110 00000000 00000000

255.254.0.0

/16

65,534

11111111 11111111 00000000 00000000

255.255.0.0

/17

32,768

11111111 11111111 10000000 00000000

255.255.128.0

/18

16,384

11111111 11111111 11000000 00000000

255.255.192.0

/19

8,192

11111111 11111111 11100000 00000000

255.255.224.0

/20

4,096

11111111 11111111 11110000 00000000

255.255.240.0

/21

2,048

11111111 11111111 11111000 00000000

255.255.248.0

/22

1,024

11111111 11111111 11111100 00000000

255.255.252.0

/23

512

11111111 11111111 11111110 00000000

255.255.254.0

/24

256

11111111 11111111 11111111 00000000

255.255.255.0

/25

128

11111111 11111111 11111111 10000000

255.255.255.128

/26

64

11111111 11111111 11111111 11000000

255.255.255.192

/27

32

11111111 11111111 11111111 11100000

255.255.255.224

/28

16

11111111 11111111 11111111 11110000

255.255.255.240

/29

8

11111111 11111111 11111111 11111000

255.255.255.248

/30

4

11111111 11111111 11111111 11111100

255.255.255.252

Structure of Subnetted IP Network

Class A

Class A ( Not Subnetted )

8 Spots

4 Spots

Network

Host

Class A ( Subnetted )

8 Spots

S spots

24-s spots

Network

Subnet

Host

Class B

Class B ( Not Subnetted )

16 Spots

16 Spots

Network

Host

Class B ( Subnetted )

16 Spots

S spots

16-s spots

Network

Subnet

Host

Class C

Class C ( Not Subnetted )

24 Spots

8 Spots

Network

Host

Class C ( Subnetted )

24 Spots

S spots

16-s spots

Network

Subnet

Host

IP version 6 general overview

IP Versions Six Header

One of the of import characteristics in IP Version Six heading is the biggest reference infinite. Both beginning and finish references are allowed to hold 128 spots. This would make a 3.4A-1038 ( 2128 ) reference infinite. { 2 }

Version ( 4 Spots )

Traffic Class ( 8 Spots )

Flow Label ( 20 Spots )

Payload Length ( 16 Spots )

Following Header ( 8 Spots )

Hop Limit ( 8 Spots )

Beginning Ip Address ( 128 Spots )

Destination IP Address ( 128 Spots )

The IP Version Six Packet

The Fieldss in the IP Version Six heading and their descriptions are eight:

VersionA A

TheA VersionA field shows theA versionA of IP and is set to 6.

TrafficA Class

TrafficA Class field is similar to the IP Version Four.

Flow Label

The size of Flow Label field is 20 spots.

Payload LengthA

Payload Length field size is 16 spots.

Following Heading

The Following Header field shows the type bed such as TCP, UDP, or ICMPv6. The size of the Following Header field is 8 spots.

Hop LimitA

Shows the maximal figure of routers the IP Versions Six packetA can go.

The size of the Hop Limit field is 8 spots.

Beginning AddressA

Shows the beginning of the package.

The size of the Source Address field is 128 spots.

Finish AddressA

Shows theA finish of the package.

The size of the Destination Address field is 128 spots.

Differences between IP Version Four and IP Version Six Headers

The most of import difference between these two is the size of address infinite. IP Version Four allows merely 32 spot beginning and finish references, whereas IP Version Six allows 128 spot beginning and finish references. This makes the address infinite of IPv4 4.3A-109A ( 232 ) and the address infinite of IPv6 3.4A-1038A ( 2128 ) , which is much larger. { 1 }

Internet Protocol Version 4 ( IPv4 ) 4 Eights

11010001.11011100.11001001.01110001

209.156.201.113

4,294,467,295 IP Addresss

Internet Protocol Version 6 ( IPv6 ) 16 Eights

11010001.11011100.11001001.011100011.11010001.11011100.110011001.01110001.11010001.11011100.11001001.0111001.11010001.11011100.11001001.01110001

A524:72D3:2C80: DD02:0029: EC7A:002B: EA73

3.4 ten 10^38 IP Addresss

Comparing IPv4 and IPv6 Addresses

IP Version Six Addressing

The Ip versions Six has entree to allocated 18,446,744,073,709,551,616 IP references in a individual /64 allocation18,446,744,073,709,551,616 IP addresses in a individual /64 allotment.

Types of IP Version Six Addresses

IP Version Six references are classified into three classs:

Unicast addresses A ( One to One )

The unicast reference is the individual interface in IP version Six.

Multicast addresses A ( One to Many )

The Ip Versions Six Multicast references have the prefix ff00: :/8.Ip Version Six multicast reference consists from four spot groups

Anycast references ( One to Nearest ( Allocated from Unicast ) )

Anycast references is an reference that is assigned to a set of interfaces that may belong to the different nodes.

Network Notation In IP version Six

With IP Version Six, if you have a series of nothings in a row, the reference need non be written out wholly. You can utilize a dual colon ( : : ) to stand for that series of nothings, nevertheless you can merely utilize that one time.

For illustration, reference like “ 2011:0AB8:0000:0004:0000:01AF:0000:002A ” , it can be written like “ 2011: AB8: :4:0:1AF:0:2A ” or “ 2011: AB8:0:4:0:1AF: :2A ” , but would ne’er be written like “ 2011: AB8: :4: :1ff: :2A ” .You besides can non hold three colons in a row ( : : : ) .

The URL to see web site will be form { 2 }

hypertext transfer protocol: // 2011:0AB8:0000:0004:0000:01AF:0000:002A /

Ipv6_address_leading_zeros.svg.png

Ip Version 6 Address

Benefits of IP Version Six

More Efficient Routing

The IP Version Six reduces the size of routing tabular arraies and makes routing more efficient and hierarchal waies maximal transmittal unit.

More Efficient Packet Processing

The IP Version Six ‘s simplified package heading makes package treating more efficient.

Directed Data Flows

The IP Version Six supports multicast instead than broadcast. Multicast allows bandwidth-intensive package flows to be sent to multiple finishs. Simplified Network Configuration Address auto-configuration is built in to IP Version Six Support for new services easier to make Peer-to-peer webs, and services such as VoIP.

Security

The IPSec supply confidentially hallmark and informations unity.

Ipv4 – ipv6 security issues and comparing

IP version 4 security issues

IP version four was designed with no security way. IP version four was based on terminal to stop theoretical account, for illustration if an e-mail requires encoding service the terminal nodes are responsible to supply this service. Bellow we will analyze some menaces because of this theoretical account.

Denial of Service onslaught ( DOS ) : In this instance of onslaught certain services are flooded with a big sum of sham petitions which make the bing system unapproachable from the existent users.

Malicious, viruses and worms: Because of IP version four little reference scope allows these menaces. [ 6 ]

Man in the in-between onslaught: IP version four has non got hallmark mechanisms so it allows the adult male in the in-between onslaughts. ICM redirects and ARP toxic condition engage these types of onslaughts. [ 5 ]

Atomization onslaughts: This type of onslaughts take advantage of the method in which stated runing systems. The Ping of decease is an illustration of this type where the system flooded with disconnected ping packages. These packages grow beyond the certain package size bound of IP version four.

Port scanning: In this type of onslaught a subdivision of a web is scanned in order to happen unfastened services. Because of little IP version four reference infinite, this process takes no more than 3 proceedingss.

ICMP redirect and ARP toxic condition: ARP protocol is responsible for mapping an IP reference with a physical MAC reference. ARP toxic condition occurs when the ARP response from an unknown host in the cyberspace are broadcasted with bad function information which can travel to the incorrect finish. ICMP redirects working with in same manner. [ 5 ]

IP version six security issues

IP version six is more unafraid protocol than IP version four but it still to hold exposures. In this subdivision we will analyze some of them.

Dual – stack security issues: The passage from IP version four to IP version six will be progressive and it will take much clip. For the passage period from IP version four to IP version six, double – stack will supply the coveted operation. Dual – stack addition security exposures, as a consequence of holding two substructures with certain security jobs. Most of the security issues are non a consequence of specific IP version six security deficiencies but a consequence of inappropriate constellation. [ 5 ]

Header burlesquing issues: Spoofing continues to be a menace in IP version six webs, due to the fact that the neighbour find ( ND ) , burlesquing menace is merely possible by nodes which belong on the same section. [ 6 ]

Deluging issues: Scaning for services and valid host references is more hard in IPv6 webs because of the larger addressing infinite but this characteristic does non intend that IP version six is wholly invulnerable to this certain onslaughts. IP version six characteristic of multicast references is exploited by the ‘Smurf Attack ” .

Mobility: Mobility is a new characteristic of IP version six. Mobility consists of two types of references, the existent references and the nomadic references. Real references are typical IP version six references contained in the extension heading and the impermanent references contained in the IP heading. The impermanent subdivision of a nomadic device reference may be affected to burlesquing onslaughts. [ 5 ]

IP version four and IP version six security comparing

The chief security difference between the IP version four and IP version six is that security in IP version six is native and this protocol was designed sing the security factor.

In IP version six IP sec is a portion of the protocol and it is compulsory. In IP version four the IP sec is optional, IP sec adapted to IP version four due to the great demand for the security in current IP version four cyberspace construction.

IP sec in IP version four webs contains two manners of security traffic. The first manner called tunnel manner and it uses to protect the whole IP version four packages. The 2nd manner is called conveyance and it uses to vouchsafe merely the warhead packages. In IP version six there is no demand for tunnel manners because hallmark and ESP protocols provide secure traffic in IP version six.

Neighbour find protocol and car – constellation are mechanisms used by IP version six. Both neighbour find and reference constellation make IP version six more secure than IP version four. Besides IP version six provides values for Time to Live ( TTL ) mechanism up to 255, this parametric quantity blocks outside extra references and outside neighbour packages. [ 5 ]

IP version four reference infinite is smaller than IP version six and as a consequence it allows menaces such as viruses.

Personal Decision

My decision from this papers is that IP version six improves many subdivisions of its predecessor such as more efficient routing, direct information flows and security. Besides the format of the heading is different between two protocols. With IP version six we will hold adequate IP references for many old ages. Execution of the IP version six is more complicated and demands really good cognition from web decision makers.

The most of import issue that makes IP version six better than IP version four is the security issue. IP version six is designed with security in head. Security in IP version six is native. IP sec protocol in IP version six is compulsory but in IP version four is an excess service, larger address infinite and the encrypted communicating completes the security factor in IP version six. However, any new engineering has its deficiencies so in IP version six the more security job is the double – stack because passage from IP version six will go on increasingly so the double – stack will supply the coveted operation. Dual – stack addition security

exposures as a consequence of holding two substructures with certain security jobs.

This is my personal decision about my group undertaking IP version four – IP version six general overview and security issues.