Add to collection(s) Add to saved
  1. No category
Uploaded by bafpep

Introduction to Networking Complete

advertisement 
INTRODUCTION TO NETWORKING
WHAT IS A NETWORK?
WHAT IS A NETWORK?
• A network consists of 2 or more computers connected together, and they
can communicate and share resources (e.g. information)
WHY NETWORKING?
• Sharing information — i.e. data communication
•Do you prefer these?
•Or this?
•Sharing hardware or software
•E.g. print document
•Centralize administration and support
•E.g. Internet-based, so everyone can access the same
administrative or support application from their PCs
How many kinds of Networks?
Depending on one’s perspective, we can classify
networks in different ways
•Based on transmission media: Wired (UTP, coaxial cables,
fiber-optic cables) and Wireless
•Based on network size: LAN and WAN
•Based on management method: Peer-to-peer and
Client/Server
Transmission Media
• Two main categories:
–
–
Guided ― wires, cables
Unguided ― wireless transmission, e.g. radio,
microwave, infrared, sound, sonar
• We will concentrate on guided media here:
–
–
–
Twisted-Pair cables:
 Unshielded Twisted-Pair (UTP) cables
 Shielded Twisted-Pair (STP) cables
Coaxial cables
Fiber-optic cables
Twisted-Pair Cables
• If the pair of wires are not twisted, electromagnetic
noises from, e.g., motors, will affect the closer wire more
than the further one, thereby causing errors
Unshielded Twisted-Pair (UTP)
• Typically wrapped inside a plastic cover (for mechanical
protection)
• A sample UTP cable with 5 unshielded twisted pairs of wires
Insulator
Metal
Shielded Twisted-Pair (STP)
• STP cables are similar to UTP cables, except there is a
metal foil or braided-metal-mesh cover that encases each
pair of insulated wires
Categories of UTP Cables
• A variety of different cables are available for Ethernet and other
telecommunications and networking applications. These cables that are
described by their different categories, e.g. Cat 5 cables, Cat-6 cables, etc.,
which are often recognized by the TIA (telecommunications Industries
Association) and they are summarized below:
• Cat-1: This is not recognized by the TIA/EIA. It is the form of wiring that is
used for standard telephone (POTS) wiring, or for ISDN.
• Cat-2: This is not recognized by the TIA/EIA. It was the form of wiring that
was used for 4Mbit/s token ring networks.
• Cat-3: This cable is defined in TIA/EIA-568-B. It is used for data networks
employing frequencies up to 16 MHz. It was popular for use with 10 Mbps
Ethernet networks (100Base-T), but has now been superseded by Cat-5 cable.
Cat-4: This cable is not recognized by the TIA/EIA. However it can be used for
networks carrying frequencies up to 20 MHz. It was often used on 16Mbps token ring
networks.
Cat-5: This is not recognized by the TIA/EIA. It is the cable that is widely used for
100Base-T and 1000Base-T networks as it provides performance to allow data at 100
Mbps and slightly more (125 MHz for 1000Base-T) Ethernet. Cat 5 cable is now
obsolete and therefore it is not recommended for new installations.
Cat-5e: This form of cable is recognized by the TIA/EIA and is defined in TIA/EIA568-B.. It has a slightly higher frequency specification that Cat-5 cable as the
performance extends up to 125 Mbps. It can be used for 100Base-T and 1000Base-t
(Gigabit Ethernet).
Cat-6: This cable is defined in TIA/EIA-568-B provides a significant improvement in performance over Cat5
and Cat 5e. During manufacture Cat 6 cables are more tightly wound than either Cat 5 or Cat 5e and they
often have an outer foil or braided shielding. The shielding protects the twisted pairs of wires inside the Ethernet
cable, helping to prevent crosstalk and noise interference. Cat-6 cables can technically support speeds up to 10
Gbps, but can only do so for up to 55 metres.
Cat-6a: The “a” in Cat 6a stands for “Augmented.” The Cat 6a cables are able to support twice the maximum
bandwidth, and are capable of maintaining higher transmission speeds over longer cable lengths. Cat 6a cables
utilize shielded which is sufficient to all but eliminate crosstalk. However this makes them less flexible than Cat 6
cable.
Cat-7: This is an informal number for ISO/IEC 11801 Class F cabling. It comprises four individually shielded
pairs inside an overall shield. It is aimed at applications where transmission of frequencies up to 600 Mbps is
required.
Cat-8: These cables are still in development, but will be released in the foreseeable future to provide further
improvements in speed and general performance.
ETHERNET CAT 5 CABLE & PINOUT
•
Cat 5 cables is the current preferred cable type for LAN network and telephone wiring where
twisted pair cabling is required. Cat 5 cables consist of an unshielded cable comprising four
twisted pairs. The terminating connector is an RJ-45 jack. In view of this these Cat5 network
cables are often referred to as RJ45 network cables or RJ45 patch cables. Certified Cat-5
cables will have the wording "Cat-5" written on the side. As they conform to EIA/TIA 568A-5,
this is written on the outer sheath. It is always best to use the appropriate network cables
when setting up a network as faulty or not to standard cables can cause problems that may
be difficult to identify and trace.
• Where it is necessary to operate at higher speeds, as in the case of Gigabit Ethernet, an
enhanced version of Cat 5 cable known as Cat 5e is often recommended, although Cat 5 is
specified to operate with Gigabit Ethernet, 1000Base-T. Alternatively Cat 5e can be used
with 100Base-T to enable greater lengths (up to 350 metres) to be achieved.
CABLE TERMINATION AND SPEEDS
ETHERNET CAT 5 CROSSOVER CABLES
•
There are a number of different configurations of cable that may be employed according to the
equipment and the requirement. The most common type are the straight through cables which are
wired in a 1 to 1 configuration. However Cat-5 crossover cables are also required on occasions.
•
Typically a Cat-5 cable used to connect a computer (PC) to a switch will be a straight through
cable. However if two computers or two switches are connected together then a Cat5 crossover
cable is used.
•
Many Ethernet interfaces in use today are able to detect the type of cable, whether it is a straight
through or crossover cable, and they are able to adapt to the required format. This means that the
requirement for Cat-5 crossover cables is less than it might otherwise be.
•
A variety of different cables are seen connecting different Ethernet elements together. Cat5,
Cat5e and Cat6 are all seen. The cables use the cost efficient but effective RJ45 patch connector
and using this, these Ethernet cables are able to link or patch multiple items of Ethernet based
equipment together.
NETWORK CABLE (RJ45 TERMINATION)
LAN and WAN
•Local Area Network (LAN)
•Small network, short distance
•A room, a floor, a building
•Limited by no. of computers and distance covered
•Usually one kind of technology throughout the LAN
•Serve a department within an organization
•Examples:
•Network inside the AutomationHub
•Network inside your home
•Wide Area Network (WAN)
•A network that uses long-range telecommunication links to
connect 2 or more LANs/computers housed in different
places far apart.
•Towns, states, countries
•Examples:
•Network of AutomationGhana
•Internet
•
AutomationHub
•
Axis Spintex
Axis Post Office
Clients and Servers
•Network Clients (Workstation)
•Computers that request network resources or services
•Network Servers
•Computers that manage and provide network resources
and services to clients
•Usually have more processing power, memory and hard
disk space than clients
•Run Network Operating System that can manage not
only data, but also users, groups, security, and
applications on the network
•Servers often have a more stringent requirement on its
performance and reliability
•Advantages of client/server networks
•Facilitate resource sharing – centrally administrate and
control
•Facilitate system backup and improve fault tolerance
•Enhance security – only administrator can have access
to Server
•Support more users – difficult to achieve with peer-topeer networks
•Disadvantages of client/server networks
•High cost for Servers
•Introduce a single point of failure to the system
OSI MODEL
IP ADDRESSES
•
An Internet Protocol address (IP address) is a numerical label assigned to each
device connected to a computer network that uses the Internet Protocol for
communication.
• Internet Protocol version 4 (IPv4) defines an IP address as a 32-bit number
• However, because of the growth of the Internet and the depletion of available IPv4
addresses, a new version of IP (IPv6), using 128 bits for the IP address, was
developed in 1995, and standardized in December 1998. In July 2017, a final
definition of the protocol was published. IPv6 deployment has been ongoing since the
mid-2000s.
INTERNET PROTOCOL VERSION 4 (IPV4)
• IPv4 uses 32-bit addresses which limits the address space to 4294967296
(232) addresses.
• It is made up solely of numbers, and these numbers are conventionally written
in the particular form of XXX.XXX.XXX.XXX, which is referred to as dotted
decimal format.
• Any one of the numbers between the dots can be between 0 and 255, so
example IP addresses include:
• 205.112.45.60
• 34.243.44.155
• These numbers can also be written in binary form by taking each of the
decimal values separated by dots and converting to binary. So a number like
205.112.45.60 could be written as:
• 11001101.01110000.00101101.00111100
• Each of these binary components is referred to as an octet
• Why is each number limited to 0 to 255? Well, IP addresses are limited to 32
bits in length and the maximum number of combinations of binary numbers
you could have in an octet is 256 (mathematically calculated as 28). Hence,
the largest IP address you could have would be 255.255.255.255, given that
any one octet could be from 0 to 255.
•
There is one more aspect of an IP address that is important to understand - the
concept of a class.
•
Each IP address belongs to a class of IP addresses depending on the number in the
first octet.
•
These classes are:
•
Notice that the number 127 is not included. That’s because it is used in a special, self
reflecting number called a loopback address. Think of this as an address that says,
“this is my address.”
PRIVATE NETWORKS
• Of the approximately four billion addresses defined in IPv4, three ranges are
reserved for use in private networks.
• Packets addresses in these ranges are not routable in the public Internet,
because they are ignored by all public routers.
• Therefore, private hosts cannot directly communicate with public networks, but
require network address translation at a routing gateway for this purpose.
CLASS C SUBNETTING
CLASS C SUBNETTING
NETWORK ADDRESS TRANSLATION
•
Network address translation (NAT) is a method of remapping one IP address space into another
by modifying network address information in the IP header of packets while they are in transit
across a traffic routing device. The technique was originally used as a shortcut to avoid the need to
readdress every host when a network was moved. It has become a popular and essential tool in
conserving global address space in the face of IPv4 address exhaustion. One Internet-routable IP
address of a NAT gateway can be used for an entire private network.
•
IP masquerading is a technique that hides an entire IP address space, usually consisting of private
IP addresses, behind a single IP address in another, usually public address space. The address that
has to be hidden is changed into a single (public) IP address as "new" source address of the
outgoing IP packet so it appears as originating not from the hidden host but from the routing
device itself. Because of the popularity of this technique to conserve IPv4 address space, the term
NAT has become virtually synonymous with IP masquerading.
PROTOCOLS
•
Both TCP and UDP are protocols used for sending bits of data known as packets over
the Internet. They both build on top of the Internet protocol. In other words, whether
you are sending a packet via TCP or UDP, that packet is sent to an IP address. These
packets are treated similarly, as they are forwarded from your computer to
intermediary routers and on to the destination.
•
TCP and UDP are not the only protocols that work on top of IP. However, they are the
most widely used. The widely used term “TCP/IP” refers to TCP over IP. UDP over IP
could just as well be referred to as “UDP/IP”, although this is not a common term.
TCP
• TCP stands for Transmission Control Protocol. It is the most commonly used protocol on the Internet.
• When you load a web page, your computer sends TCP packets to the web server’s address, asking it to send the web page to you.
The web server responds by sending a stream of TCP packets, which your web browser stitches together to form the web page and
display it to you. When you click a link, sign in, post a comment, or do anything else, your web browser sends TCP packets to the
server and the server sends TCP packets back. TCP is not just one way communication — the remote system sends packets back to
acknowledge it is received your packets.
• TCP guarantees the recipient will receive the packets in order by numbering them. The recipient sends messages back to the sender
saying it received the messages. If the sender does not get a correct response, it will resend the packets to ensure the recipient
received them. Packets are also checked for errors. TCP is all about this reliability, packets sent with TCP are tracked so no data is lost
or corrupted in transit. This is why file downloads do not become corrupted even if there are network hiccups. Of course, if the
recipient is completely offline, your computer will give up and you will see an error message saying it can not communicate with the
remote host.
UDP
•
UDP stands for User Datagram Protocol. A datagram is the same thing as a packet of information.
The UDP protocol works similarly to TCP, but it throws all the error-checking stuff out. All the backand-forth communication and deliverability guarantees slow things down.
•
When using UDP, packets are just sent to the recipient. The sender will not wait to make sure the
recipient received the packet, it will just continue sending the next packets. If you are the recipient
and you miss some UDP packets, too bad you can not ask for those packets again. There is no
guarantee you are getting all the packets and there is no way to ask for a packet again if you
miss it, but losing all this overhead means the computers can communicate more quickly.
•
UDP is used when speed is desirable and error correction is not necessary. For example, UDP is
frequently used for live broadcasts and online games.
NETWORK DEVICES
• Repeater – A repeater operates at the physical layer. Its job is to regenerate
the signal over the same network before the signal becomes too weak or
corrupted so as to extend the length to which the signal can be transmitted
over the same network. An important point to be noted about repeaters is
that they do not amplify the signal. When the signal becomes weak, they copy
the signal bit by bit and regenerate it at the original strength. It is a 2 port
device.
• Bridge – A bridge operates at data link layer. A bridge is a repeater, with
add on functionality of filtering content by reading the MAC addresses of
source and destination. It is also used for interconnecting two LANs working on
the same protocol. It has a single input and single output port, thus making it a
2 port device.
• Switch – A switch is a multi port bridge with a buffer and a design that can
boost its efficiency(large number of ports imply less traffic) and performance.
Switch is data link layer device. Switch can perform error checking before
forwarding data, that makes it very efficient as it does not forward packets
that have errors and forward good packets selectively to correct port
only. In other words, switch divides collision domain of hosts, but broadcast
domain remains same.
• Routers – A router is a device like a switch that routes data packets based on
their IP addresses. Router is mainly a Network Layer device. Routers normally
connect LANs and WANs together and have a dynamically updating routing
table based on which they make decisions on routing the data packets. Router
divide broadcast domains of hosts connected through it.
GATEWAY
• A gateway, as the name suggests, is a passage to connect two networks
together that may work upon different networking models. They basically
works as the messenger agents that take data from one system, interpret it,
and transfer it to another system. Gateways are also called protocol
converters and can operate at any network layer. Gateways are generally
more complex than switch or router.
PRACTICAL (CISCO PACKET TRACER)
• Router Configuration
• configure terminal (To enter configuration mode)
• interface fastEthernet 1/0 (To Configure interface FastEthernet 0/1)
• ip address 192.168.10.1 255.255.255.0 (To add IP address to current interface)
• no shutdown (Enable current interface)
• Exit (Exit current mode)
• ip dhcp pool IPD (Create DHCP pool with ID “IPD”)
• network 192.168.10.0 255.255.255.0 (To specify Network of DHCP pool)
• default-router 192.168.10.1 (To set default IP address of DHCP pool)
•
exit (Exit current mode)
• ip dhcp excluded-address 192.168.10.1 192.168.10.10 (To reserve IP address range)
• ip route 192.168.100.0 255.255.255.0 192.168.2.1 (To create route to 192.168.100.0/24 network)
• ip route 0.0.0.0 0.0.0.0 192.168.5.1 (To create a default route for router)
DNS
• DNS (Domain Name System) is one of the most important
technologies/services on the internet, as without it the Internet would be very
difficult to use.
• DNS provides a name to number (IP address) mapping or translation,
allowing internet users to use, easy to remember names, and not numbers to
access resources on a network and the Internet.
DNS BASICS – UNDERSTANDING WHY WE NEED IT
• All devices (computers etc) that are connected to the Internet, your own
network, or company network are identified by an IP address; which is a
number.
• IP addresses are easy for computers to process but they are not so easy for
people to remember
• On early computer networks a simple text file called a hosts file was created
that mapped host names to IP addresses.
• This enabled people to refer to other computers by the name, and their
computer translated that name to an IP address when it needed to
communicate with it.
• The location for the hosts file is normally C\windows\system32\drivers\etc
•
As network sizes increased the hosts file approach became impractical due to the
fact that:
•
•
It needed to be stored on each computer
•
Updates were difficult to manage as all of the computers would need to be given an
updated file.
•
To overcome these (and other) limitations the DNS system was developed.
The text file could take a along time to process due to the fact that it was
unstructured.
DNS SYSTEM
•
The DNS system consists of many Domain Name servers that together provide the
name to IP address mapping for registered devices (usually servers) on the Internet.
•
The main DNS severs (root servers) are owned and managed by a variety of
different organizations, and are located mainly in the USA.
•
Here is a list http://www.iana.org/domains/root/servers.
•
Other companies including ISPs have their own DNS servers which are linked to the
root servers in a hierarchical fashion providing a distributed system.
• Fortunately you don’t need to manage a DNS server or create DNS records
to use the Internet.
• However you need to have access to a DNS server.
• To access a DNS server you will need the IP address of the DNS server.
• This is usually supplied to you by your ISP (Internet Service Provider).
• Most client computers/devices will be configured to obtain an IP and a DNS
server address automatically.
• You can Check what IP address and what DNS address you have been
assigned by typing ipconfig/all at the command line.
• If DNS isn’t working properly then you will be unable to connect to other
computers on the Internet using their name, but you can still connect using their
IP address if you know it.
FIREWALLS
What is a firewall?
• A firewall is a device (or software feature) designed to control the flow of
traffic into and out-of a network.
• In general, firewalls are installed to prevent attacks.
WHAT IS AN ATTACK?
Attack covers many things:
1. Someone probing a network for computers.
2. Someone attempting to crash services on a computer.
3. Someone attempting to crash a computer
(Win nuke).
4.
Someone attempting to gain access to a computer to use resources or
information.
EDGE FIREWALL
An edge firewall is usually software running on a server or workstation. An
edge firewall protects a single computer from attacks directed against it.
Examples of these firewalls are:
ZoneAlarm
BlackIce
IPFW on OSX
FIREWALL APPLIANCE
An appliance firewall is a device whose sole function is to act as a firewall.
Examples of these firewalls are:
Cisco PIX.
Cisco ASA (Adaptive Security Appliance)
Netscreen series.
NETWORK FIREWALL
• Router/Bridge based Firewall
• A firewall running on a bridge or a router protects from a group of devices to an entire
network. Cisco has firewall feature sets in their IOS operating system.
• Computer-based Network Firewall
• A network firewall runs on a computer (such as a PC or Unix computer). These
firewalls are some of the most flexible. Many free products are available including
IPFilter (the first package we tried), PF (the current package we are using found on
OpenBSD 3.0 and later) and IPTables (found on Linux). Commercial products include:
Checkpoint Firewall-1. Apple OSX includes IPFW (included in an operating system you
gotta purchase).
WHY USE A FIREWALL?
• Protect a wide range of machines from general probes and many attacks.
• Provides some protection for machines lacking in security.
GREAT FIRST LINE OF DEFENSE.
• Having a firewall is a necessary evil.
It’s like living in a gated community.
The gate may stop 99% of unwanted visitors. The locks on your doors stop
the remaining 1% (maybe, but you get the idea).
• Don’t let the firewall give you a false sense of security.
machines by turning off services you don’t need.
Harden your
HOW DOES A FIREWALL WORK?
Blocks packets based on:
Source IP Address or range of addresses.
Source IP Port
Destination IP Address or range of addresses.
Destination IP Port
Some allow higher layers up the OSI model.
Other protocols (How would you filter DecNET anyway?).
Common ports
80
443
20 & 21
23
22
25
HTTP
HTTPS
FTP (didn’t know 20 was for FTP, did you?)
Telnet
SSH
SMTP
SAMPLE FIREWALL RULES
Protected server:
134.71.1.25
Protected subnet:
134.71.1.0/24
$internal refers to the internal network interface on the firewall.
$external refers to the external network interface on the firewall.
SAMPLE RULES:
CAN YOU FIND THE PROBLEM?
(For this example, when a packet matches a rule, rule processing stops.)
Pass in on $external from any proto tcp to 134.71.1.25 port = 80
Pass in on $external from any proto tcp to 134.71.1.25 port = 53
Pass in on $external from any proto udp to 134.71.1.25 port = 53
Pass in on $external from any proto tcp to 134.71.1.25 port = 25
Block in log on $external from any to 134.71.1.25
Block in on $external from any to 134.71.1.0/24
Pass in on $external from any proto tcp to 134.71.1.25 port = 22
Pass out on $internal from 134.71.1.0/24 to any keep state
SAMPLE RULES:
CAN YOU FIND THE PROBLEM?
(For this example, when a rules matches a packet, rule processing stops.)
Pass in on $external from any proto tcp to 134.71.1.25 port = 80
Pass in on $external from any proto tcp to 134.71.1.25 port = 53
Pass in on $external from any proto udp to 134.71.1.25 port = 53
Pass in on $external from any proto tcp to 134.71.1.25 port = 25
Block in log on $external from any to 134.71.1.25
Block in on $external from any to 134.71.1.0/24
Pass in on $external from any proto tcp to 134.71.1.25 port = 22
Pass out on $internal from 134.71.1.0/24 to any keep state
The SSH rule would never have a chance to be evaluated. All traffic to 134.71.1.25 is blocked with the previous
two rules.
WINDOWS FIREWALL
• What type of firewall is it?
• The Windows Firewall with Advanced Security is a tool which gives you
detailed control over the rules that are applied by the Windows Firewall.
• You can view all the rules that are used by the Windows Firewall, change their
properties, create new rules or disable existing ones.
WINDOWS FIREWALL WITH ADVANCED SECURITY
• Windows Firewall with Advanced Security is a management snap-in for the
Windows Firewall from which you can control in a very detailed way, all the
rules and exceptions that govern how the Windows Firewall works.
UNDERSTANDING INBOUND, OUTBOUND &
CONNECTION SECURITY RULES
• In Windows Firewall with Advanced Security you will encounter three important types of rules:
• Inbound rules – they apply to traffic that is coming from the network or the Internet to your
Windows computer or device. For example, if you are downloading a file through BitTorrent,
the download of that file is filtered through an inbound rule.
• Outbound rules – these rules apply to traffic that is originating from your computer and
going to the network and the Internet. For example, your request to load the How-To Geek
website in your web browser is outbound traffic and it is filtered through an outbound rule.
When the website is downloaded and loaded by your browser, this is inbound traffic.
• Connection security rules –less common rules that are used to secure the traffic between two
specific computers while it crosses the network. This type of rule is used in very controlled
environments with special security requirements. Unlike inbound and outbound rules which are
applied only to your computer or device, connection security rules require both computers
involved in the communication to have the same rules applied.
LINUX(UBUNTU) FIREWALL
• Ubuntu includes its own firewall, known as ufw – short for “uncomplicated
firewall.”
• Ufw is an easier-to-use frontend for the standard Linux iptables commands.
• You can even control ufw from a graphical interface.
• Ubuntu’s firewall is designed as an easy way to perform basic firewall tasks
without learning iptables.
• It doesn’t offer all the power of the standard iptables commands, but it’s less
complex.
TERMINAL USAGE (WORKING WITH RULES)
• The firewall is disabled by default. To enable the firewall, run “sudo ufw
enable”
• To disable or turn it off, use the command “sudo ufw disable”
• Let’s say you want to allow SSH traffic on port 22. To do so, you can run one
of several commands:
• sudo ufw allow 22 (Allows both TCP and UDP traffic – not ideal if UDP isn’t
necessary.)
• sudo ufw allow 22/tcp
• sudo ufw allow ssh
(Allows only TCP traffic on this port.)
• Ufw assumes you want to set the rule for incoming traffic, but you can also
specify a direction. For example, to block outgoing SSH traffic, run the
following command:
• sudo ufw reject out ssh
• You can view the rules you’ve created with the following command:
• sudo ufw status
• To delete a rule, add the word delete before the rule. For example, to stop
rejecting outgoing ssh traffic, run the following command:
• sudo ufw delete reject out ssh
• Ufw’s syntax allows for fairly complex rules. For example, this rule denies TCP
traffic from the IP 12.34.56.78 to port 22 on the local system:
• sudo ufw deny proto tcp from 12.34.56.78 to any port 22
GUFW GRAPHICAL INTERFACE
• GUFW is a graphical interface for ufw. Ubuntu doesn’t come with a graphical
interface, but gufw is included in Ubuntu’s software repositories. You can install
it with the following command:
• sudo apt-get install gufw
QUESTIONS?
Related documents
Fundamental Functions of the Internet 1
Fundamental Functions of the Internet 1
Networked Car Race Game CSE 704 Spring 2011 Pankaj kumar Yadav
Networked Car Race Game CSE 704 Spring 2011 Pankaj kumar Yadav
1-07 ICS2O3C - Warriors of the Net
1-07 ICS2O3C - Warriors of the Net
Download
advertisement