Transcript Lecture2_Networking_..

ITP 457
Network Security
Computer Networks
Overview





Brief Introduction to Computers and
Computer Components
What is a network?
Introduction to Physical Networks
LANs, WANs, and MANs
Logical Network Topologies
Introduction to Computers


Computers
 Made up of hardware and software
 Software cannot run by itself, and without software, your
computer is an expensive paperweight
Main Components
 CPU (Central Processing Unit) – does the math that is necessary
for computer use
 Memory




RAM (Random Access Memory) – temporary memory, very fast, not
very big
Secondary Storage – Hard Disks, Optical Media; large and slow
Network Interface Cards – allow computers to communicate with
one another
Additional Add-In Cards include Sound, Video, SCSI, Firewire,
etc.
Operating Systems


Manages hardware and software so the user does not have to
micro-manage
Microsoft
 Windows 95/98/ME




Very limited networking capabilities
Blue Screen of Death!!!
Microsoft has completely abandoned this Operating System. We will
not cover these OSes in this class
Windows NT/2000/XP/2003



Built on the NT kernel, which is a much more stable and network
savvy kernel
Security is an issue, due to holes in the O.S.
We will cover these operating systems extensively
Unix


Server-workstation operating system meant
to be portable, multi-tasking, multi-user, &
time sharing
Originally written in the 70s



Extremely popular, even today as Solaris 10
Was the primary reason that the programming
language C grew to be the de-facto language
We will not cover Unix in this class
Linux





Uses the Linux kernel, with a bunch of other stuff
Its open-source, meaning its free to use and develop
Most people download a distribution, which is a package of the
Linux kernel with a bunch of other useful modules
 You pay for documentation, proprietary modules, and support
Is becoming very popular, due to the fact that it is free, reliable,
and the linux community is very helpful in forums and IRC
We will spend a few weeks on Linux, due to its popularity as a
workstation and server operating system
Mac OS




One of the first graphical user interfaces
 Introduced in 1984
Original Mac OS (1984 – 2001)
 Versions 6 – 9
 No command line; single tasking or very limited multitasking
 Horrible memory management – user had to manually allocate
memory
OS X
 Complete rewrite using the Mach Kernel and the Free BSD
implementation of Unix
 Has software emulation for older software
 Now runs on Intel based processors
We will not cover too much of Mac based security, but the same
principles for Linux security can be applied to Macs.
Computer Networks


Minimum: Two or more connected computers
A good computer network consists of the following







All hosts must use the same standard method for sending
and receiving data
Information must be delivered without any corruption
There must be a way of acknowledging that the data has
reached it’s destination
Nodes must be able to determine the source of the
communication
The network should be scalable
Nodes must be able to identify other nodes
The network should run without the need for user micromanagement
Computer Network
Components

Two main parts to the network

Physical Network





Physical connection between devices or nodes
Hardware
Wiring
Wireless devices as well, but they are a little bit more
complicated to understand
Logical Network



Lays out the roles and routes for data transmission
Dependent on the Protocol used for networking
Software
Physical Network



Wires, cables, printers, hubs, switches,
computers, servers, etc.
Computers use Network Interface Cards
(NICs) to interact with the network
Network Topology


Physical layout of components on the network
Star, Ring, and Bus are the most common
topologies

Mesh is becoming more prevalent, especially with
wireless
Bus Topology

A long line with computers connected




Components on the computer motherboard are connected using a bus
10Base2, 10Base5 use bus topologies
Advantages:




Called “taps” in the line
Simple
Cheap
Quick Set-up
Disadvantages:





Difficult to troubleshoot
One break in the line causes the whole network to go down!!!
Performance is directly proportional to the number of nodes on the line
Very low security – all computers on the line can see the data
Collision!!!


Two computers trying to send information at the same time
Carrier Sense Multiple Access fixes this somewhat
Ring Topology




Every node has two connections, to create a closed network
Token Ring and FDDI (Fiber Distributed Data Interface) use Ring
Topologies
Advantages:
 Additional nodes do not directly impact performance (with a good
protocol)
 No packet collision
Disadvantages:
 Slow – data must pass through multiple nodes to reach
destination
 Any node failure causes the ring to die
 To add a node, you must shut down the network
 All systems must be on for the ring to work properly
 Complete dependence on one cable – no redunancy
Star Topology






The most common topology for home and business networks
Nodes have a connection to a central hub
The hub can be connected to other hubs to create intricate
diagrams
10BaseT, 100BaseT
Advantages:
 Good performance – limits the number of nodes to travel through
 Easy to set-up and expand
 A non-centralized failure will not bring down the network
Disadvantages:
 Most expensive topology – requires the most cabling and most
hardware
Mesh Topology





Think of a combination of a star and ring topology
Multiple ways for data to travel from source to destination
Wireless Ad-Hoc networks are mesh networks
 Wireless infrastructure (wireless access points and routers), are
more of a star topology
Advantages:
 Extremely reliable & self healing
 Easily scalable
Disadvantages:
 You never know exactly how the data is going to travel
 The data may not flow in the most optimized manner


In order to find the most optimal route, all routes must be tested
Virus propagation is a HUGE issue
Network Sizes


Completely arbitrary – no set definition of each
LAN – Local Area Network




WAN – Wide Area Network



Geographically separated LANs connected with routers and high-speed
interconnections
Typically connected with telephone, T1 or T3 lines, or Cable/DSL lines
MAN – Metropolitan Area Network


All computers are networked together
Only occupies one “site”
Typically high speed (100 Mbits/sec or 1 Gbit/sec)
Larger number of WAN or LANs connected typically using wireless or fiber
lines
Internet

Either a WAN or a MAN, depending on how you define it 
Logical Topology




While the physical topology defines how the
nodes are connected, the logical topology
defines how the data is to be sent and how
the network behaves from a software
standpoint
Ethernet
Token Ring
FDDI
Ethernet




Most common logical topology
Logical common bus topology
Single bus to which all communication occurs
Uses CSMA/CD – Carrier Sense Multiple
Access/Collision Detection




All computers share a single network segment
Every computer listens on the network segment
If no other computer is transmitting at that time, then the
computer can transmit data
If two computers send data at the same time, then a
collision occurs. Both computers sense the conflict, and
stop sending. They wait a “random” amount of time (in
nanoseconds), then retransmits the data.
Ethernet Continued

Is classified as IEEE 802.3 & 802.3u






10BASE-2: coaxial networking – dead
10BASE-5: thicknet – dead
10BASE-T: 2 of 4 pairs of unshielded twisted pair wire
called CAT5 cabling; speed of up to 10 Mbits/sec; dead
100BASE-TX: fast ethernet; 2 of 4 pairs of unshielded
twisted pair wire; speed of up to 100 Mbits/sec; seen
everywhere
100BASE-FX and 100BASE-FL – fast ethernet on optical
fibers; speed of up to 100 Mbits/sec; more expensive than
100BASE-T; not used a whole lot anymore
1000BASE-T: uses all 4 pairs of CAT5e or CAT6 cabling;
speed of up to 1000 Mbits/sec
Token Ring



Problem with CSMA/CD: Lots of computers on a network
segment can cause starvation – computer may never get to
transmit data
IEEE 802.5 – Token Ring
 A special packet called a Token packet is passed around the ring
 A computer can only transmit data when the computer has the
token
 When the computer is done transmitting, it releases the token
FDDI – Fiber-Distributed Data Interface
 Uses fiber optic lines instead of a copper wire
 Can support thousands of users
 Speed of up to 100 Mbits/sec
 Has backup-ring in case of primary ring failure
 Gigabit ethernet has made FDDI obsolete