Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Training | Edureka

Cybersecurity Certification Course www.edureka.co/cybersecurity-certification-training

CYBERSECURITY
o Refers to every thing digital
o Requires the understanding
of how a network runs
o Refers to the art of hiding
and encrypting information
o Requires the understanding
of cryptography

01Packet Structure
05 Firewall
02Network Architecture
06 Symmetric Cryptography
03Addressing Method
04IP & Mac
07 Asymmetric Cryptography
NETWORK SECURITY
AGENDA

Copyright © 2018, edureka and/or its affiliates. All rights reserved.
Network Part

Downloading a file?

Packet of what?
Packet Header
Payload
Contains critical information regarding the
packet. The information includes things like
source address, destination address, type of
service, IP version information
Payload refers to the actual data being
contained in the packet. This could be anything
ranging from a media file, executables or even a
simple text file
Packet Trailer

IPv4 Packet Header
Version Header Length
Identification
Total Length
Flags Fragment Offset
Time to Live Protocol Header Checksum
Source IP Address
Destination IP Address
Options (if any)
DCSP ECN
Version no. of Internet
Protocol used (e.g. IPv4).
Length of entire IP headerDifferentiated Service Code Point;
This refers to the type of service
Explicit Congestion Notification;
Information about the congestion in
route Length of entire IP Packet
(including IP header and IP
Payload).
If IP packet is fragmented
during the transmission, all
the fragments contain same
identification number. to
identify original IP packet
they belong to.
As required by the network resources, if IP Packet is too large
to handle, these ‘flags’ tells if they can be fragmented or not
This offset tells the exact
position of the fragment in
the original IP Packet.To avoid looping in the
network, every packet is
sent with some TTL value
set, which tells the network
how many routers (hops)
this packet can cross
Tells the Network layer at
the destination host, to
which Protocol this packet
belongs to
This field is used to keep
checksum value of entire
header which is then used
to check if the packet is
received error-free.
32-bit address of the
Sender (or source) of the
packet.
32-bit address of the
Receiver (or destination) of
the packet.
This is optional field, which
is used if the value of IHL is
greater than 5. These
options may contain values
for options such as Security,
Record Route, Time Stamp,
etc.

OSI Model
Application
Presentation
Session
Transport
Network
Datalink
Physical
This is where the user
application sits that
needs to transfer data
between or among hosts.
For example: HTTP, file
transfer application (FTP)
and electronic mail etc.
This layer helps to understand
data representation in one
form on a host to other host in
their native representation.
Data from the sender is
converted to on-the-wire data
(general standard format) and
at the receiver’s end it is
converted to the native
representation of the receiver.
This layer provides
session management
capabilities between
hosts. For example, if
some host needs a
password verification for
access and if credentials
are provided then for
that session password
verification does not
happen again. This layer
can assist in
synchronization, dialog
control and critical
operation management
(e.g., an online bank
transaction).
This layer provides end to end
data delivery among hosts.
This layer takes data from the
above layer and breaks it into
smaller units called Segments
and then gives it to the
Network layer for
transmission.
This layer helps to uniquely
identify hosts beyond the
subnets and defines the path
which the packets will follow
or be routed to reach the
destination.
This layer takes the raw
transmission data (signal,
pulses etc.) from the Physical
Layer and makes Data Frames,
and sends that to the upper
layer and vice versa. This layer
also checks any transmission
errors and sorts it out
accordingly.
This layer deals with hardware
technology and actual
communication mechanism
such as signaling, voltage,
cable type and length, etc.

TCP/IP Model
Application
Transport
Internet
Link
The Application layer allows applications to access the services of the
other layers, and it defines the protocols that applications use to exchange
data. The Application layer contains many protocols, and more are always
being developed.
The most widely known Application layer protocols help users exchange
information:
• The Hypertext Transfer Protocol (HTTP) transfers files that make up
pages on the World Wide Web.
• The File Transfer Protocol (FTP) transfers individual files, typically for an
interactive user session.
• The Simple Mail Transfer Protocol (SMTP) transfers mail messages and
attachments.
The Transport layer (also known as the Host-to-Host Transport layer)
provides the Application layer with session and datagram communication
services. The Transport layer encompasses the responsibilities of the OSI
Transport layer. The core protocols of the Transport layer are TCP and UDP.
TCP provides a one-to-one, connection-oriented, reliable communications
service. TCP establishes connections, sequences and acknowledges
packets sent, and recovers packets lost during transmission.
In contrast to TCP, UDP provides a one-to-one or one-to-many,
connectionless, unreliable communications service. UDP is used when the
amount of data to be transferred is small (such as the data that would fit
into a single packet), when an application developer does not want the
overhead associated with TCP connections, or when the applications or
upper-layer protocols provide reliable delivery.
TCP and UDP operate over both IPv4 and IPv6 Internet layers.
The Internet layer responsibilities include addressing, packaging, and
routing functions. The Internet layer is analogous to the Network layer of
the OSI model.
The core protocols for the IPv4 Internet layer consist of the following:
• The Address Resolution Protocol (ARP) resolves the Internet layer
address to a Network Interface layer address such as a hardware
address.
• The Internet Protocol (IP) is a routable protocol that addresses, routes,
fragments, and reassembles packets.
• The Internet Control Message Protocol (ICMP) reports errors and other
information to help you diagnose unsuccessful packet delivery.
• The Internet Group Management Protocol (IGMP) manages IP multicast
groups.
The Network Interface layer (also called the Network Access layer) sends
TCP/IP packets on the network medium and receives TCP/IP packets off
the network medium. TCP/IP was designed to be independent of the
network access method, frame format, and medium. Therefore, you can
use TCP/IP to communicate across differing network types that use LAN
technologies—such as Ethernet and 802.11 wireless LAN—and WAN
technologies—such as Frame Relay and Asynchronous Transfer Mode
(ATM). By being independent of any specific network technology, TCP/IP
can be adapted to new technologies.

Addressing: Unicast

Addressing: Broadcast

Addressing: Multicast

Visiting Google?
https://www.google.com

TCP/IP Three-way Handshake
Client
Server

Connected!

What’s my computer’s address?
IP ADDRESS
192.168.32.28
A unique string of numbers separated by full
stops that identifies each computer using the
Internet Protocol to communicate over a
network.
MAC ADDRESS
F4-96-34-89-F9-98
A media access control address (MAC address)
of a device is a unique identifier assigned to a
network interface controller (NIC) for
communications at the data link layer of a
network segment

Unique MAC
192.168.1.3 192.168.1.3192.168.1.3 192.168.1.3
F4-96-34-89-F9-98 A7-85-14-91-Z1-10B4-96-54-89-K9-99 P4-96-H4-88-F9-09
Computer A Computer B Computer C Computer D

Address Resolution Protocol
192.168.1.31
192.168.1.33192.168.1.32 192.168.1.34
Who is 192.168.1.33?

192.168.1.31
Hey that’s me. Here have my MAC address
too so that we can communicate more easily
in future
192.168.1.33
Well….that’s easily exploitable! I could just lie.

Liars…liars everywhere
192.168.1.31
192.168.1.33
192.168.1.32

Man in the Middle
192.168.1.31 192.168.1.33
192.168.1.32
“Man in the Middle” (MITM)
What is it? By impersonating the endpoints in an
online information exchange (i.e. the connection
from your smartphone to a website), the MITM
can obtain information from the end user and the
entity he or she is communicating with.
For example, if you are banking online, the man in
the middle would communicate with you by
impersonating your bank, and communicate with
the bank by impersonating you. The man in the
middle would then receive all of the information
transferred between both parties, which could
include sensitive data, such as bank accounts and
personal information.

This is exactly where the security part of
cybersecurity comes in

Firewall
A firewall is a network security system that monitors and controls over all your incoming and outgoing network traffic based on
advanced and a defined set of security rules.

Firewall
Packet Filtering firewall
Application/Proxy Firewall
Hybrid Firewall

Packet Filtering Firewall
Packet Header

Application/Proxy Firewall
192.102.4.88
192.168.1.31
A proxy firewall is a network security system that protects network resources by filtering messages at the application layer. A
proxy firewall may also be called an application firewall or gateway firewall.
Packet Header
Payload
Both, the packet header
and the payload is
checked

Hybrid Firewall
Application
Firewall
Packet Filtering
Firewall
A hybrid firewall is the combination of Application firewall and Packet Filtering Firewall. They are applied in series.

Hybrid Firewall: Parallel
Packet Filtering
Firewall
Application
Firewall

Cryptography
Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa. It is a method
of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it.

Symmetric Cryptography

Symmetric Cryptography
The quick brown fox jumps over the lazy dog
Plain Text
ftq cguow ndaiz raj vgybe ahqd 13 xmlk pase
Cipher Text
A cryptographic key is the core part of
cryptographic operations. Many cryptographic
systems include pairs of operations, such as
encryption and decryption. A key is a part of
the variable data that is provided as input to a
cryptographic algorithm to execute this sort of
operation.
𝐸 𝑘, 𝑀 = C
𝐸−1
𝑘, 𝐶 = 𝑀

Public/Key Cryptography
Bill decides to
send
Digital Signature
Transaction Message
Bob’s Secret key (sk)
Sign
Verification
Transaction Message
Alice’s Public key (pk)
Mandy receives Bil
transaction
Blockchain Technology

Demo Time!

Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Training | Edureka

More Related Content

What's hot (20)

Similar to Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Training | Edureka (20)

More from Edureka! (20)

Recently uploaded (20)

Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Training | Edureka