SOHO Networking and Internet Activites
AS LEVEL
Computer Application
SOHO Networking and Internet Activities
YLLSS 2008 - 2009
1
SOHO Networking and Internet Activites
In the syllabus, we have ...
Internet Basics
Students should be able to describe the hardware and software requirements for
Internet access.
Students should know how data is transmitted over the Internet and understand
concepts of Internet Protocol (IP), Uniform Resource Locator (URL), Domain
Name System (DNS) and Hypertext Transfer Protocol (HTTP).
Internet services and
resources
Students should be able to formulate an effective strategy for searching
specific information on the World Wide Web by using search-engines,
and be able to critically analyse the sources of information.
Students should have experience of the use of the Internet for file
transfer by using ftp, remote logon, locating and using an online chat,
joining discussion forums and newsgroups.
Students should be able to use plug-ins or players for multimedia
elements found on the Internet.
Students should understand the differences between a mail client and
web mail, and the protocols (POP, IMAP, SMTP, etc.) used in sending
and retrieving emails.
Ethical and social issues on
the use of the Internet
Students should be able to discuss critically issues arising from the digital
divide, the emergence of a knowledge-based society and globalization.
Students should be keenly aware of the issues of intellectual property,
and be familiar with measures to safeguard themselves and their
information on computers, by various means such as the installation of a
firewall, filtering software, anti-spyware and anti-virus software. They
should understand the use of cookies and the impact on user tracking.
Students should understand the measures which ensure Internet
security in data transmission, such as the use of a digital certificate and
data encryption.
This module focuses on knowledge and skills essential in constructing SOHO networks. SOHO networks are
small scaled networks suitable for small-and-medium enterprises (SMEs) which make up more than 90% of
businesses in Hong Kong. Building up networking capabilities and infrastructure within SMEs will increase the
productivity and enhance communication internally among staff and externally to customers or clients
throughout the world.
Through the study of this module, students will gain an understanding of the basic principles of networking,
and the knowledge and skills associated with the design, implementation and maintenance of a SOHO
2
SOHO Networking and Internet Activites
network. Students will also be aware of the common security threats to SOHO networks and the measures
to improve network security. This module will give students a solid foundation on networking in general, and
SOHO networking, in particular. Students will appreciate the practical nature of the module, regardless of
whether they continue to pursue knowledge in this area in tertiary education or migrate to the workforce.
The time allocation for the module is about 32 hours (48 lessons).
Topics
Remarks
(8 hours)
A. SOHO Networking Basics
Basic concepts of data
Students should be able to identify and describe the basic function of
communication and
each component of a packet: header, data and trailer. They should
networking
also be able to explain briefly the use of packets in data transfer in a
packet switching network.
Students should understand the basic concepts of Internet Protocol
(IP) addressing including the scheme and classes of IP addresses.
They should understand the use of a subnet and know what a subnet an
IP address belongs to from a simple subnet mask.
Students should know the use of some common protocols including
TCP/IP and DHCP, etc.
Students should be able to explain the factors that need to be
considered in choosing between a client-server network and a
peer-to-peer network.
Students should be able to compare and contrast the common types of
communication links (e.g. modem dialup or cable modem, leased line,
broadband and wireless, etc.) for Internet access in terms of data
transfer rate, cost, and reliability.
Basic network components
Students should be able to identify and describe the functions of the
various components which make up the wired and wireless networks.
These include the network interface cards (NICs), cables, hubs,
switches, routers, broadband routers, gateways, wireless adapters,
wireless access points, wireless routers, etc. They should also be
able to describe and explain briefly the services provided by a network
operating system.
SOHO network applications
Students should be able to describe and appreciate the common
applications of SOHO networking including resources sharing, Internet
access, web serving, telecommunicating, etc.
(16 hours)
B. SOHO Network Design and Implementation
Need analysis
Students should be able to conduct a simple need analysis on a
3
SOHO Networking and Internet Activites
proposed SOHO network and translate the needs identified into
requirements and specifications.
Design
Students should be able to design a network to meet the requirements
generated in the need analysis and represent it in a diagram.
Students should be able to justify their design based on technical,
cost-effectiveness and other considerations.
Setup
Students should have the experience of setting up simple Ethernet and
wireless networks.
Students should have the experience of sharing various resources (e.g.
files, printers and Internet connection, etc.) among the networked
computers / stations.
Students should have the experience of setting folder/file-sharing
permissions including read, write and execute rights, etc.
Testing
Students should have the experience of validating a network system by
testing it according to a simple test plan based on the requirements and
specifications.
Documentation
Students should be able to document the user requirements, a
schematic diagram for the network and specifications of the network.
End-user support
Students should be aware of the importance of adequate end-user
support and training on the attainment of the benefits sought.
(8 hours)
C. SOHO Network Management and Security
Monitoring, fine-tuning and
troubleshooting
Students should develop the basic skills of monitoring and fine-tuning
the performance of a simple network.
Students should develop the basic skills of analysing problems
associated with the use of a networked environment and performing
troubleshooting for it.
Backup
Students should be aware of the importance of backup in disaster
planning and recovery measures.
Student should know the common hardware and software components
of a network backup solution, such as Redundant Array of Independent
Disks (RAID), Uninterruptible Power Supply (UPS), network backup
servers, network backup and recovery software, etc.
Security threats and
measures
Students should be able to describe the potential risks caused by the
common network security threats including virus, worm and Trojan
4
SOHO Networking and Internet Activites
programs, spyware, unauthorised access, interception, etc.
Students should be able to propose effective measures to improve
network security for both wired and wireless networks. These include
anti-virus programs, authentication, access and user right control, packet
filtering, public and private key encryption, Wired Equivalent Privacy
( WEP), and IPsec used in Virtual Private Network (VPN), etc.
5
SOHO Networking and Internet Activites
Networking
Practical implementation of network
Different Roles:
1.
A device is needed to exchange the data between computers. (e.g. hubs, switches or routers)
2.
Media of communication. (e.g. UTP cable, optical fiber, etc)
3.
Hosts (e.g. a number of PCs with network interface cards installed)
There are a number of network card, below shows some of them:
A NIC card for desktop computer. Usually,
NIC is built-in in a motherboard. This one
is a PCI NIC card.
A wireless NIC card, for desktop
computer.
A NIC installed in a motherboard. Usually,
it is inserted in a PCI slot.
6
SOHO Networking and Internet Activites
A NIC installed in a PC which will be
connected by a UTP cable.
A wireless PCMCIA NIC card,
It is usually in notebook computer.
Digital signals are sent forth and back
between the computer and the NIC card,
inside a computer, digital signals are sent
in groups (parallel), however, when
sending out of the computer, the data is
sent serially, i.e. if “01011100”, inside a
computer, it is sent in group, however,
when, it is passing through the NIC, it first
send “0”, then, “1” and so on.
Apart from network card, other connecting devices are required, for example:
Router
7
SOHO Networking and Internet Activites
Stackable switch
Here shows some common connecting media:
UTP
Optical fibre
Difference between straight-thru wire and crossover wire (UTP)
Reason:
8
SOHO Networking and Internet Activites
PC
Hub
Switch
Modem
PC
crossover
straight
straight
straight
Hub
straight
crossover
crossover
crossover
Switch
straight
crossover
crossover
crossover
Modem
straight
crossover
crossover
phone cable
Reference:
http://www.homenethelp.com/web/explain/about-ethernet-crossover.asp
9
SOHO Networking and Internet Activites
Illustration of a network
A network is illustrated as below:
Practical Situation
Schematic representation
Type of computer network
LAN (Local Area Network) is a computer network which connects a number of computers and other devices
within a limited geographical space such as a room or a office.
WAN (Wide Area Network) is usually formed by connecting various LANs spreading over a wide geographical
area into a large network.
LAN
Two popular types of LANs are peer-to-peer and client/server.
Type
Characteristics
Peer-to-Peer network
Every computer is connected directly to every other computer. Each computer
can use information from, and provide information, to every other.
Client / Server network
Individual computers, called clients or workstations, are connected to central
computer, called a server. The clients can access programs or files stored on
the server.
There are two types of LAN, they are: peer-to-peer and client/server.
Client/Server
Peer-to-Peer
10
SOHO Networking and Internet Activites
The characteristics of Peer-to-Peer and Client/Server structure are:
Peer-to-Peer
All computers are workstations (no server is assigned to maintain the
network users)
Client/Server
Security is week.
A server is assigned to maintain the network user accounts.
File server is one of the applications in client/server structure. It can provide
spaces for the user to store files in the server. And users are authenticated
by username and password.
Since the server can give different levels of rights(權力) to different users,
so securities is high.
The way the network components incorporate to form a network
These components include
Connecting devices: Router, Switch, Hub (Their appearances are very similar)
Hub
Hub is some old-fashion connecting device, it broadcast all the message to all
the ports it connected, so, it will easily slow down the transmission.
Switch
Switch is used to connect several similar networks together, it acts as a bridge.
Switch will not be able to distinguish different network, it will only recognize the
IP address and then forward the message to the PC according to the MAC
address.
Router
Router is used to connect two or more networks together. Router will be able to
make use of subnet mask to distinguish different networks.
Connecting media: UTP, Optical Fiber
UTP
It is used to connect PC to some connecting devices
Optical Fiber
It is used to make connection between switches and routers.
Network Server Software vs Network Client Software:
NOS (Network Operating System) is used to manage network resources, control the flow of data, maintain
security and track user accounts. It has two parts: Network Server Software and Network Client Software.
Network Server Software: installed in the server. It controls file access from the server’s hard disk,
manages the print queue, and tracks user data such as user IDs and passwords.
Network Client Software: installed in the local hard disk. It gathers login information, handles drive
mapping, etc.
11
SOHO Networking and Internet Activites
Wireless LANs (WLAN):
A wireless LAN requires an access point(AP, 收發
點 ) which behaves like a switch or hub. It also
requires wireless NICs(Network Interface Card)
installed in the computers. The figure on the left shows
how wireless network combine with the existing LAN.
The access point and the wireless NICs communicate by emitting and receiving radio waves. We called it
RF (Radio Frequency).
a) Access Point
b) Wireless NIC
c) Wireless network PC card
d) Wireless USB adapter
(mostly found in laptop)
Ethernet Networks(乙太網):
Ethernet is the most widely-installed local area network (LAN) technology. Specified in a standard, IEEE
802.3. An Ethernet LAN typically uses coaxial cable or special grades of twisted pair wires. Ethernet is also
used in wireless LANs.
Connection between LANs:
Different LANs will utilize different network technologies. E.g. Ethernet, Token Ring, FDDI, ATM, Frame
Relay, SMDS, and other networking technologies.
To connect different type of networks, a gateway is needed. Quite often it is the router. A gateway is
responsible to connect two different networks.
12
SOHO Networking and Internet Activites
Comparison of Speed in different network:
The speed of a network is measured in the unit bps (bit per second).
Bandwidth(頻寬)
Type of network
LAN
Wireless LAN
WAN
Modem
Ethernet (乙太網)
10M bps
Fast Ethernet
100M bps
Gigabit Ethernet
1G bps (~1000M bps)
Bluetooth
1M bps
802.11b
11M bps
802.11g
54M bps
T1
1.5M bps
T2
44.7M bps
ISDN
1.5 Mbps
Remote access through telephone line
56K bps
Some important servers
Server Name
Description
File server (DC,
A high speed computer that stores the programs and data files shared by users.
domain controller)
Most file servers also store important information, like user accounts and the
network information. Data in a file server are important and must be back up
regularly.
Mail server
A mail server provides e-mail services to users. Each user has a mailbox which
stores the incoming mails and copies of sent mails.
Print server
A print server manages one or more printers. It allows a shared printer to be
accessed by authorized users
Web server
A web server stores the contents of web pages created by users of a LAN. It
entertains requests from other users on the Internet by delivering web pages.
Proxy server
A proxy server improves the efficiency of Internet access by temporarily storing
copies of web pages visited by previous users of the same LAN. It also filters web
pages to prevent users from accessing certain sites.
Question: What are the advantages of networking of computers?
Share a folder for other network users:
Step 1
Select the property of this folder
13
SOHO Networking and Internet Activites
Step 2
Share this folder
Assign firewall setting
Step 3
Set user right
Step 4
Class work 1:
1.
Create a folder “share” in your d-drive and then share with your classmates.
2.
Use the vnc programs to remote control a pc.
14
SOHO Networking and Internet Activites
You can easily get a vnc from www.realvnc.com.
Or you can get it in school at the resources section on the web page http://yiuming.yll.edu.hk/
3.
Use command net in the DOS command window to
a)
view the computers in the same subnetwork (net view) and then, show their share folder
b)
view the users in your computer (net user).
Conventional Questions set 1:
The accounting and marketing departments of a trading company are on the 8/F and 12/F of a
commercial building respectively. All the computers in the company are connected with a structure
shown below:
a)
Name an interface card that connects computers to the network.
NIC (Network Interface Card)
b)
Suggest suitable transmission media for medium A and medium B. Explain briefly your answers.
Medium A: UTP (connecting PC to connecting device)
Medium B: Optical Fiber
c)
What are the possible devices X and Y in the figure? What are the functions of these devices.
X: Switch
Y: Router
d)
All the user files, including confidential ones (such as accounting spreadsheets, customer records,
etc.), are stored in the file server. Explain how the server can prevent unauthorized access of the
files?
Authorized users have to provide username and password to access the
system, different users can be set to have different level of rights.
e)
Server Z can improve the efficiency of Internet access by temporarily storing copies of web pages
15
SOHO Networking and Internet Activites
visited by previous users of the same LAN. Name Z.
Proxy server
f)
Suggest THREE benefits of connecting the computers to a network.
Database sharing / file sharing
Hardware sharing
Communication between users
1.
2.
In a wireless LAN,
A.
there is no limit in the number of workstations
B.
data transmitted are always encrypted
C.
the wireless access point is a server
D.
every computer has a unique Internet Protocol address.
A network is set up in a building with 15 computers and a powerful computer dedicated to managing
disk drives and printers. What type of network is this?
3.
4.
5.
A.
a peer-to-peer local area network
B.
a peer-to-peer wide area network
C.
a client-server local area network
D.
a client-server wide area network
The LANs in a WAN are connected together by
A.
hubs or switches
B.
routers
C.
wireless access points
D.
printers
Which of the following is / are function(s) of a proxy server?
(i)
Firewall
(ii)
Content filter
(iii)
Cache for web pages
A.
(i) and (ii) only
B.
(i) and (iii) only
C.
(ii) and (iii) only
D.
All of the above
Which of the following is not commonly used for wireless communication?
A.
WiFi
B.
Bluetooth
C.
HSDPA
D.
SMS
16
SOHO Networking and Internet Activites
Prerequisite for Internet Technology
We have to have some knowledge about the technology in the Internet, here, we have to know that
networking technology is one thing, Internet technology is other thing. For example, in networking, we will
have the concept of server and client computer, however, in Internet technology we will require you to have
more practical knowledge about different server, say, FTP server, Web server, SMTP server, POP3 server,
etc. So, here is some technology that you will encounter in the following section:
Server
FTP server
Web server
POP3 server
SMTP server
Streaming server
Communication
IPv4, IPv6
Technology
Domain name
VPN
WEP
WPA
SSL
Common file format
ASF, WMV, MOV, MPG, 3GP, RM, RMVB, AVI,
AU, RA, MP3
JPEG, GIF, PNG
Units
Bps
bps
G
M
K
Access Mode
Dial up
ADSL
Cable
VDSL
ISDN
T1, T3
Device and component
Router
Switch
Hub
AP
17
SOHO Networking and Internet Activites
Wireless adaptor
NIC
NAS
Bridge
Gateway
Protocols and standard
HTTP
HTTPs
POP3
SMTP
TCP
UDP
DHCP
802.11g, 802.11b
Reserved ports (e.g. 80, 21, 25 etc)
Activities
Web technology
Web server setting
Web browser setting
plug-in
Cookie
VoIP
MSN
Streaming
18
SOHO Networking and Internet Activites
Internet Technology
Internet and World Wide Web(WWW)
The Internet is a world-wide system of computers connected by communication networks. The
Internet is decentralized by design. Each Internet computer, called a host, is independent.
The administrator of a host in the Internet can choose which Internet services to use and
which local services to make available to the global Internet community.
World Wide Web (WWW) has become the most widely used part of the Internet. It is a world
wide collection of hypertext documents, Web pages, which contains links enabling users to
navigate quickly to related documents. These documents are formatted in a markup language
called HTML (HyperText Markup Language).
There are several applications called Web browsers that make it easy to access the World
Wide Web; Two of the most popular being Netscape Navigator and Microsoft's Internet
Explorer.
Question: Apart from Web Server, name 3 kinds of servers that can be found in the Internet?
Mail Server, FTP Server, DNS Server, DHCP server, Proxy Server, etc
Web Server and Web Browser
Web Server is a computer that delivers (serves up) Web pages. Every Web server has an IP
address
and
possibly
a
domain
name.
For
example,
if
you
enter
the
URL
http://www.pcwebopedia.com/index.html in your browser, this sends a request to the server
whose domain name is pcwebopedia.com. The server then fetches the page named
index.html and sends it to your browser.
Any computer can be turned into a Web server by installing server software and connecting
the machine to the Internet. There are many Web server software applications, two leading
Web servers are Apache, the most widely-installed Web server, and Microsoft's Internet
Information Server (IIS).
Web browser is a software application used to locate and display Web pages. The two most
popular browsers are Netscape Navigator and Microsoft Internet Explorer(IE). Both of these
are graphical browsers, which means that they can display graphics as well as text. In addition,
most modern browsers can present multimedia information, including sound and video,
though they require plug-ins(外掛程式) for some formats.
19
SOHO Networking and Internet Activites
Class Activities:
1.
Configure the IIS in your computer.
2.
Post a Web page at the root
3.
View your web page
4.
View the Web pages of your classmates.
NOTE: Different browsers will present a web page in a slightly different way.
ISP(Internet Service Provider 互聯網服務供應商)
Short for Internet Service Provider, a company that provides access to the Internet.
ISP will provide the connection of the Internet and your computer at your home. There are
basically two different type of connection, broadband or dial up.
Type of Connection
Broadband Connection
ADSL
Uses standard telephone lines in conjunction with an ADSL modem. The system is “asymmetric”
because the data transfer rates are higher for information being downloaded (known as the
downstream rate, varies from 1.5 to 9 Mbps) than for that being uploaded (known as the
upstream rate, varies from 16 to 640 Kbps). The Netvigator broadband service is based on
ADSL technology.
Cable Modem
Connects a computer to a cable TV network and is therefore limited to those with access to such
a connection. It has a theoretical capacity of 30 Mbps, but it has to be shared among users at the
same location. The data transfer rate typically averages about 1.5 Mbps. The I-Cable broadband
service is based on cable modem technology.
20
SOHO Networking and Internet Activites
Ethernet
Ethernet uses a bus or star topology and supports data transfer rates of 10 Mbps. A newer
version of Ethernet, called 100Base-T (or Fast Ethernet), supports data transfer rates of 100
Mbps. And the newest version, Gigabit Ethernet supports data rates of 1 gigabit (1,000
megabits) per second.
Dial up(撥號上網) Connection
To use dial up connection, a modem is the basic hardware requirement. A modem has to be
installed in both the client computer (e.g. at your home) and the server (e.g. the server in the
ISP). The usage of modem is for modulate digital signal into analog signal, and then send the
signal through the telephone line, and then demodulate the analog signal to return the original
digital signal. Through this process, data can be changed in these computers. Usually, the
connection speed of dial up would be 56 Kbps (bit per second).
Question: Determine the min. time to download a 2 M Byte file.
Question: Nowadays, broadband connection is so common that seldom people would use modem,
can you name some of usage of modem apart from dial-up connection to the Internet?
It is used to receive fax and save it in a computer’s hard disk.
Question: Apart from speed, what is the main disadvantage of using dial-up connection over
broadband connection?
You cannot use dial-up when you are using the telephone service.
21
SOHO Networking and Internet Activites
Protocol(協約)
Data from different kind of computers and computer networks can be transmitted in the Internet is because
they are using the same protocol(協約). There are a lot of protocols available in the Internet. E.g. TCP/IP,
HTTP, SMTP, FTP, UDP, telnet, etc. Above all, TCP/IP is the fundamental protocol used in the Internet. i.e.
All other protocols are built on top of this protocol.
TCP/IP
TCP/IP(Transmission Control Protocol / Internet Protocol) is the basic communication protocol
of the Internet. It may be used as a communications protocol in either an intranet or an
Internet.
To send a message/file from a computer A to computer B. TCP is responsible to breaks the
data into packets(信息包). Then IP is responsible to routes the packets.
Here is the
procedure:
1. A message is divided into packets and numbered.
2. Each packet is addressed to the destination
3. The packets travel to the destination without using a defined path
4. If a path is congested with heavy traffic or inoperable, packets can be rerouted via other
paths.
5. When the packets arrive at the destination, they are reassembled to form the original
message.
Question 1: Why we need to break up the files into packets before sending in the Internet?
22
SOHO Networking and Internet Activites
A large file will inevitably block the traffic in a network, so, packet
switching is used to allow many users make use of the network at the same
time.
Question 2: How to know that which packets are lost in the Internet?
Each packet is assigned a packet number. The files is reassembled based on
these packet number, so, if any packet is lost, the receiver will ask the
sender to send the same packet once again.
Question 3: If a web page contains a picture, a hyperlink, a table and a MIDI file. How many
files has to be transmitted from the Web server to the client computer?
3 files, the webpage itself, a picture and the midi file.
Question 4: Who is responsible to reassemble packets? Who is responsible to reconstruct the
Web page?
TCP is responsible to reassemble the packets into a file and the browser is
responsible for the reconstruction of the web page.
Question 5: When packets are sent to computer B, may be due to some routing problem, the
packets may not be able to reach the destination, will it stay at the network/Internet forever? If
not, how long will it stay?
It will die out after passing through a number of nodes (typically router),
different network will allow a specific number called TTL (Time-to-live), each
time it passed through a nodes, its valued will be decreased by 1.
HTTP (HyperText Markup Language)
Apart from TCP/IP, there are many types of protocols, e.g. HTTP, FTP, SMTP, they are called
application protocol where TCP/IP is commonly referred as communication protocols or
Internet protocol suite.
HTTP is used in WWW. It’s publicly assigned port number is 80. It is the protocol used to send
the request from the web client (web browser) to the web server through the opened port, then,
receive the files (or resources) from the web server.
FTP (File Transfer Protocol)
FTP is a commonly used protocol for exchanging files over any network that supports the
TCP/IP protocol (such as the Internet or an intranet). There are two computers involved in an
FTP transfer: a server and a client. The FTP server, running FTP server software, listens on
the network for connection requests from other computers. The client computer, running FTP
23
SOHO Networking and Internet Activites
client software, initiates a connection to the server. Once connected, the client can do a
number of file manipulation operations such as uploading files to the server, download files
from the server, rename or delete files on the server and so on.
SMTP (Small Mail Transfer Protocol)
SMTP is a relatively simple, text-based protocol, where one or more recipients of a message
are specified (and in most cases verified to exist) and then the message text is transferred.
Apart from HTTP, FTP or SMTP, there are lots of different protocols in the Internet, they
include POP3, Telnet, Finger, BT, etc.
IP Address, Domain Name, DNS (Domain Name Server)
Every host (computer) that communicates over the Internet or intranet is assigned an IP address
that uniquely identifies the device(i.e. the computer) and distinguishes it from other computers on the
Internet.
An IP address consists of 32 bits, often shown as 4 octets of numbers from 0-255 represented in
decimal form instead of binary form.
For example,
decimal form
168.212.226.204
binary form
10101000.11010100.11100010.11001100.
Question: Why decimal form is used?
Answer:
Question: Then, why binary form is used?
Answer:
An IP address consists of TWO parts, one identifying the network and one identifying the node, or
host. (i.e. A network id and a host id). The Class of the address determines which part belongs to
the network address and which part belongs to the node address. All nodes on a given network share
the same network prefix but must have a unique host number.
Class A Network -- binary address start with 0, therefore the decimal number can be anywhere from 1
to 126. The first 8 bits (the first octet) identify the network and the remaining 24 bits indicate the host
within the network.
Example:
24
SOHO Networking and Internet Activites
102.168.212.226 is a Class A IP address because it is in fact,
01100110. 10101000. 11010100. 11100010
Since the first bit is 0, it is a class A IP address. And any IP address starts from 1 to 126 belongs to
Class A. e.g.
15.X.X.X
71.X.X.X
121.X.X.X
01111001.X.X.X
Class B Network -- binary addresses start with 10, therefore the decimal number can be anywhere
from 128 to 191. (The number 127 is reserved for loopback and is used for internal testing on the
local machine.) The first 16 bits (the first two octets) identify the network and the remaining 16 bits
indicate the host within the network. An example of a Class B IP address is 168.212.226.204 where
"168.212" identifies the network and "226.204" identifies the host on that network.
Class C Network -- binary addresses start with 110, therefore the decimal number can be anywhere
from 192 to 223. The first 24 bits (the first three octets) identify the network and the remaining 8 bits
indicate the host within the network. An example of a Class C IP address is 200.168.212.226 where
"200.168.212" identifies the network and "226" identifies the host on that network.
Class D Network -- binary addresses start with 1110, therefore the decimal number can be anywhere
from 224 to 239. Class D networks are used to support multicasting.
Question: How many unique IP address rhetorically exist?
As you can see, a company can apply to have a Class A, Class B or Class C network depend on its
size. For example, a big company may own a network with the structure 25.X.X.X, i.e. it can cater for
approximately 256x256x256 IP address, i.e. provide 16,777,216 PCs with real IP on the Internet.
However, there are at most 125 companies can own a class A network. And they are already
occupied by some big enterprises like Microsoft, IBM, etc. So, most companies can only have class C
network. For example, a company can have a network with IP ranging from 200.168.212.0 to
200.168.212.255. i.e. It can only cater at most 256 PC on the Internet. Then, if a company did have
more than 256 PC connected to the Internet but it is only a class C network, how to solve the problem?
The answer is virtual IP.
Virtual IP and Real IP
Take our school as an example, from our ISP we get altogether 6 IP addresses. It seems that we can
only provide only 6 PC on the Internet. It is not true. The following figure is a simplified structure of our
school:
25
SOHO Networking and Internet Activites
Proxy Server
PC 1
192.168.0.14
PC 2
(192.168.0.221)
192.168.0.23
192.168.0.87
(218.88.64.29)
Router (Gateway)
PC 3
192.168.0.46
Internet
Virtual IP
Virtual IP means the IP itself will not go into the Internet. It will only flow inside the LAN (Local Area
Network). By this, we can solve the problem of not enough IP addresses. The common virtual IP are
10.X.X.X and 192.168.X.X, the first one is a class A network, and the latter one is class B network.
Question: Do you think is it possible to have the IP address for PC 1 to be 10.0.0.5 and the IP address
for PC 3 to be 192.168.0.22? Explain please.
No, the prefix of the IP is the network ID, obviously, these two IP address have two
different network ID.
Question: If PC 1 and PC 2 connected to the Internet, what are the IP of them?
218.88.64.29
Another IP is 127.0.0.1 is a IP for self test which will not flow inside a LAN not to mention the Internet.
Structure of IP address
An IP address is composed of two parts, Host ID and Network ID. For example, the IP of a network
ranges from 192.168.33.0 to 192.168.33.255, i.e. in binary,
From
11000000.10101000.00100001.00000000
To
11000000.10101000.00100001.11111111
<-
Network ID
->
<- Host ID ->
We, as humans, are able to extract the Network ID out of the IP address. However, how does a
computer to know the network ID and the Host ID? It uses Subnet mask.
So, to compare two IP, the first part (i.e. Network ID) is used to distinguish if they are in the same
network. The second part (i.e. the host ID) is used to distinguish the computers in the same network.
Example:
For the following IP, which of them are in the same network?
(i)
10.129.64.23
26
SOHO Networking and Internet Activites
(ii)
192.168.0.23
(iii)
10.129.64.48
Answer:
Subnet mask
Now, we are able to see PC in the same LAN should have the same IP structure, for example,
10.0.0.5 will have a different IP structure. But, how does the computer know that? It uses subnet
mask.
For example, if the PC range from 10.0.1.0 to 10.0.1.255, then, the subnet mask would be
11111111. 11111111. 11111111.00000000
For example, if the PC range from 192.168.3.96 to 192.168.3.103, i.e. ranging from
11000000. 10101000. 00000011. 01100000
to
11000000. 10101000. 00000011. 01100111
The subnet mask would be 11111111.11111111.11111111.11111000
So, the network address would be 11000000. 10101000. 00000011. 01100000
Ref: http://www.webopedia.com/TERM/s/subnet_mask.html
Example:
For the following IP, which of them are in the same network? Given that the subnet mask is
255.255.255.224
(i)
10.129.64.84
(ii)
10.129.64.92
(iii)
10.129.64.97
The subnet mask in binary form would be:
binary form of 84 is:
0101 0100
binary form of 92 is:
0101 1100
binary form of 97 is:
0110 0001
11111111. 11111111. 11111111.11100000
Static IP and Dynamic IP
Therefore, we can see that IP addresses are valuable resources so that some ISP will usually
allocate dynamic IP instead of static IP to its customer. [Static IP means that every time you get to the
Internet through your ISP, your IP is the same as before.]
Question: If your IP was 218.134.97.22 yesterday, and today it is 218.134.97.41, is it dynamic or
static? If the IP of your friend David is 218.134.97.66, do both of you belong to the same ISP?
27
SOHO Networking and Internet Activites
Hacking
Since when you surf on the Internet, you will have your identity (The IP address) exposed.
Sometimes, hackers will make use of some system flaws to attack you. For example, when a
hacker want to connect to you, he or she needs to use a opened port.
Port(端口)
In TCP/IP and UDP networks, an endpoint to a logical connection. The port number identifies
what type of port it is. For example, port 80 is used for HTTP traffic.
Port Number
Description
20
FTP -- Data
21
FTP -- Control
23
Telnet
25
Simple Mail Transfer Protocol (SMTP)
53
Domain Name System (DNS)
80
HTTP
110
POP3
194
Internet Relay Chat (IRC)
443
HTTPS
546
DHCP Client
547
DHCP Server
Blocking and Filtering
Sometime, some people will try to attack your system. They will first scan your computer if you
opened ports. So, if you find that there is a guy from 203.94.81.19 always scan your computer,
then, you can block any connection from the IP with that IP address. Apart from that, you can
also block some ports to avoid hacking.
Sometimes, we can filter some web pages under some web site. e.g. we can filter all files
from yahoo.com.
Question: If you are a student in a school, are we able to connect to download.yahoo.com if
the yahoo.com is being filtered by the school?
YES if we know the exact IP address of that domain.
DNS (Domain Name Servers)
28
SOHO Networking and Internet Activites
Domain name servers translate between domain names and IP address according to the
domain name system.
Question: Why DNS is required?
Exercise:
With reference to the following diagram, answer the following questions:
In the computer, type "cmd" to go to the DOS command interface, then, type in the command
"ipconfig /all", to check the following information:
IP address:
DNS:
Subnet Mask:
29
SOHO Networking and Internet Activites
2001 – AS – CA #4
(a)
When accessing the web site of the Hong Kong SAR Government, people can either type in the IP
address "202.128.227.5" or the domain name address "www.info.gov.hk". Explain the relationship
between the IP address and the domain name address.
The DNS by which hosts on the Internet have both domain name addresses and IP
addresses. The domain name address is used by human users and is automatically
translated into the numerical IP address.
(b)
Give ONE advantage of using the domain name address and ONE advantage of using the IP
address.
Domain name – easy for human to remember
IP address – language independent
URL
A URL (Uniform Resource Locator) refers to a particular Web page or a particular file residing on a
Web site, for example, the following two URLs are basically TWO different Web pages residing at the
Web site http://www.microsoft.com
URL1:
http://www.microsoft.com/downloads
URL2:
http://www.microsoft.com/directx
A URL is the address of a Web page.
It is composed of 3 parts. Protocol, Domain Name, Resources
Example: Resolve the following URL.
http://www.chinesebooks.com/term/domain_name.html
Protocol:
http
Domain Name:
www.chinesebooks.com
Resources:
Folder:
term
File:
domain_name.html
Example: Which of the following is / are valid URLs?
i)
http://www.cnn.com/page1.htm
ii)
http://www.cnn.com/page2.php
iii)
http://records.cnn.com/page3.asp
iv)
http://www.cnn.com/temp/page1.htm
v)
http://www.cnn.com/
vi)
http://62.80.9.131/
vii)
ftp://www.cnn.com/prof1/
viii)
telnet://www.cnn.com
ix)
mms://www.cnn.com:1099
x)
https://www.cnn.com/
30
SOHO Networking and Internet Activites
Domain:
A domain name can be divided into several parts. For example, “www.cityu.edu.hk” can be
divided into four parts, “www”, ”cityu”, “edu” and “hk”. From right to left, each part gives more
and more specific information about the host. For example
Specific Information
the host is a web
General Information
www.cityu.edu.hk
In Hong Kong
server
Second Level Domain
Top level Domain
As such, we say that the rightmost part contains codes to identify the top-level domain, that the one on
its left contains codes to identify the second-level domain, and so on. There are two types of codes for
top-level domains, generic and country codes.
Common codes for top-level domain
Type
com
Generic code
edu
Generic code
gov
Generic code
net
Generic code
ca
Country code
cn
Country code
hk
Country code
jp
Country code
Exercise: Try to test a network has traffic congestion or not.
1. Use the "Ping" command.
2. In the DOS command, type in "ipconfig /all" and check the IP address for default gateway.
3. In the DOS command, type in "ping X.X.X.X", the IP of default gateway.
4. To see the connection is OK or not, if not, it will give a "timeout" message.
5. In the DOS command, type in "ping www.yahoo.com.hk", DNS will give you the IP
address of www.yahoo.com.hk, then, try to type in the IP address in your browser. i.e. "
http://202.1.233.33".
Cookie
A message given to a Web browser by a Web server. The browser stores the message in a
text file(in a temporary file folder). The message is then sent back to the server each time the
browser requests a page from the server.
Purpose of cookie:
To identify users and possibly prepare customized Web pages for them.
Scenario:
31
SOHO Networking and Internet Activites
When you enter a Web site using cookies, you may be asked to fill out a form
providing such information as your name and interests. This information is packaged
into a cookie and sent to your Web browser which stores it for later use.
The next time you go to the same Web site, your browser will send the cookie to the
Web server. The server can use this information to present you with custom Web
pages.
Data Encryption(數據加密)
The translation of data into a secret code. Encryption is the most effective way to achieve data
security. To read an encrypted file, you must have access to a secret key or password that
enables you to decrypt it
Securities
SSL, https
Short for Secure Sockets Layer. SSL works by using a private key to encrypt data that's
transferred over the SSL connection. By convention, URLs that require an SSL connection
start with https: instead of http:.
Bandwidth consideration
The amount of data that can be transmitted in a fixed amount of time. It is usually expressed in
bps (bit per second). As mentioned in the type of connection, the upstream rate is different
from downstream rate.
Question:
ISP
upstream rate
downstream rate
John
ISP A
5M bps
512K bps
Mary
ISP B
10M bps
10M bps
(i)
If a 3M Byte file is transferred from John to Mary, what is the min required time?
(ii)
If a 5 M Byte file is transferred from Mary to John, what is the min required time?
File Size Consideration
Since the bandwidth of the ISP or the network is a valuable resources, so, sometimes, we will
compress the file before sending through the Internet. There are several compressed format,
e.g. zip, rar, etc. There are several programs available in the market that compress and
decompress files. They include: Winzip, PowerArchiver, etc.
32
SOHO Networking and Internet Activites
Question 1: What are the advantages of using compressed files for people to download
through the Internet?
Question 2: Can a Zip file compressed from Winzip be decompressed by PowerArchiver?
Why?
Question 3: Why sometimes the zip files will contain the self-extractor and sometimes they will
not?
Question 4: One of your friend told you that sending a zip file through the Internet do not need
to use the protocol TCP/IP because the file is compressed, do you agree?
Appendix I:
Question: What is the difference of WWW and Internet?
Many people use the terms Internet(互聯網) and World Wide Web(萬維網) (a.k.a. the Web)
interchangeably, but in fact the two terms are not synonymous. The Internet and the Web are
two separate but related things.
The Internet is a massive network of networks, a networking infrastructure. It connects millions
of computers together globally, forming a network in which any computer can communicate
with any other computer as long as they are both connected to the Internet. Information that
travels over the Internet does so via a variety of languages known as protocols(協定).
The World Wide Web, or simply Web, is a way of accessing information over the medium(媒介)
of the Internet. It is an information-sharing model that is built on top of the Internet. The Web
uses the HTTP protocol, only one of the languages spoken over the Internet, to transmit data.
Web services, which use HTTP to allow applications to communicate in order to exchange
business logic, use the the Web to share information. The Web also utilizes browsers, such as
Internet Explorer or Netscape, to access Web documents called Web pages that are linked to
each other via hyperlinks. Web documents also contain graphics, sounds, text and video.
The Web is just one of the ways that information can be disseminated over the Internet. The
33
SOHO Networking and Internet Activites
Internet, not the Web, is also used for e-mail, which relies on SMTP, Usenet news groups,
instant messaging and FTP. So the Web is just a portion of the Internet, albeit a large portion,
but the two terms are not synonymous and should not be confused.
Appendix II:
Question: How does a Web server work?
For Example, when you want to visit Webopedia, you can type its URL -http://www.webopedia.com -- into your Web browser. Through an Internet connection, your
browser initiates a connection to the Web server that is storing the Webopedia files by first
converting the domain name into an IP address (through a domain name service) and then
locating the server that is storing the information for that IP address.
Internet
Domain -webopedia.com
Router
www2(Web Server 2)
Host 1
Host 2
www(Web Server 1)
The Web server stores all of the files necessary to display Webopedia's pages on your
computer -- typically all the individual pages that comprise the entirety of a Web site, e.g. any
images/graphic files and any scripts that make dynamic elements of the site function.
Once contact has been made, the browser requests the data (files) from the Web server, and
using HTTP, the server delivers the data back to your browser. The browser in formats, or
reconstruct the Web page according to the HTML code of the Web page and the related files
like .jpg or .mov and display it in your monitor. In the same way, the server can send the files
to many client computers at the same time, allowing multiple clients to view the same page
simultaneously.
2002 – AS – CA #2
2. The figure below shows the interconnections between the Internet and the local area networks in ABC
Company. The numbers allocated to the devices indicate the IP addresses.
34
SOHO Networking and Internet Activites
(a) (i) Briefly explain what a ‘gateway’ is.
A gateway is an interface that enables dissimilar networks to communicate with one
another.
(ii)
How many local area networks are there in the figure? Explain briefly.
3 (hints from the IP addresses)
(b)
Assume the computer with the IP address ‘130.8.0.1’ in the figure is a web server and its domain
name is registered as ‘ABC130.com’. A web site with a web page named ‘index.html’ is placed in
the
web
server,
where
the
web
page
can
be
accessed
by
the
URL
‘http://www.ABC130.com/index.html’.
(i) What is the top-level domain of this web site?
com (or .com)
(ii) Is it possible to access this web site with the URL ‘http://www.ABC130.com.hk’ from Hong Kong?
Explain briefly.
No, the URL is not registered for the company.
(Or Yes, the company may register the URL separately.)
(iii) Is it possible to access this web page with the URL ‘http://130.8.0.1/index.html’ through the
Internet? Explain briefly.
Yes. The IP address is what a domain name system will supply. It is an alternate
way to specify the URL.
(iv) What will be the protocol(s) needed for browsing the web page over the Internet?
Hypertext Transfer Protocol (or HTTP) (‘Http’ or ‘http’ is not acceptable)
35
SOHO Networking and Internet Activites
2003 – AS – CA #5
John is the chairperson of a chess club in a university. He designs and builds a web site for the club.
(a)
A fixed IP address is assigned to him to establish a web server on the campus. However, John has not
yet registered a domain name for the club and so he tells the interested parties to use the URL,
`http://200.102.234.48/index.html', to access the web site.
(i)
Name the different components of the given URL.
http://
HTTP protocol
200.102.234.48
IP address
index.html
first page / home page / file / default page / resource
(ii)
Is it possible to access the home page without specifying 'index.html' in the URL? Explain briefly.
Yes, a default web page (預設網頁), index.html, is used /
No, the page may not be set in the web server.
(2 marks)
(b)
The web site provides the service of recruiting members. for members to log into the web site. John
needs to establish identification codes
(i)
Can John use members' IP addresses assigned by their Internet Service Providers (ISP) for
identification? Justify your answer.
No, IP from ISP could be dynamic (change from time to time)
An email address is a unique identification.
(ii) John decides to use the email addresses of members for identification. Give one reason to support John's
decision. Suggest one method for John to ensure that the email addresses provided by members are not fake.
Peter can send an email to the email address with initial password for
confirmation.
(3 marks)
(c)
The web site also provides a service for registered members to play online chess games through the
Internet. Is it necessary for John to keep track of the current IP addresses of the online players? Justify
your answer.
Yes, the current IP addresses for the players are required to maintain the
communication dialog / keep track of records for security.
(2 marks)
Mock Questions:
2. David is a freelancer who specializes in multimedia designing, he is planning to setup a Small Office Home
Office (SOHO) in his apartment. Generally, he will meet his customers on the Internet.
To advertise his products, he hosted a web site with the domain name “www.davidhelp.com” and one
computer is used as the web server. Apart from that, he has another computer to create the multimedia
design. A computer C is used to act as the domain controller. Files will be shared in computer A, computer B
and computer C. In this domain, virtual IPs will be used.
36
SOHO Networking and Internet Activites
Internet
Domain Controller
Computer C
Hardware D
Computer A
Computer B
Web Server
Multimedia design
a) How many servers are there in this domain? What is the use of Computer C?
(2 marks)
There are 2 servers
1.
Distribute IPs
2.
Authorize Legal Access
b) Describe all the necessary procedure David has to take to host a web server at his home.
(3 marks)
1.
Apply the domain
2.
Apply an ISP
3.
Get a fixed IP / Acknowledge the domain name to the ISP
c) Describe all the procedures and requirements (both software and hardware) to get his computers connected to
the Internet and how does he meet his clients on the Internet?
(3 marks)
1.
Apply an ISP
2.
Install a OS that supports networking in the computers
3.
Configure a router
4.
Install a LAN card
5.
Connect the computers to the router with UTP
6.
Install a Web Cam and a microphone
7.
Install a video conferencing software
d) Compare the requirements of computer A and computer B in terms of CPU, RAM, Harddisk Storage, Display
Card, Operating System and peripherals required.
(3 marks)
Computer A
CPU
Computer B
Low demand in Speed and cache High demand in Speed
High demand in Cache
RAM
Stable,
not
easy
to
functioning
Hard disk
Stable,
not
fail Large Storage
Fast speed
easy
to
functioning
fail Large Storage
Fast speed
37
SOHO Networking and Internet Activites
Display Card
No special requirement
High demand
High demand in Cache
Operating
Provide Web services
No special requirement
No special requirement
Scanner
System
Peripherals
IEEE1394
USB
CF Reader
e) David is told that to operate a web server, he has to install a DNS and a proxy server in the domain. Is that
true? Why? What is the function of DNS? What is the function of a proxy server?
(5 marks)
It is not true.
Because it is not a must to use proxy server to get to the Internet.
Proxy server is used to hold temporarily some frequently visited web pages files and it can
act like a firewall.
Also, we did not need to install a DNS in our system. Although it is a must to use a DNS,
however, it is not a must to install one by our own. It is because the ISP will provide a DNS,
we did not need to install our DNS unless we have our own needs.
f)
David created a web page for the public to download his products. However, the shape of the table in the web
page will change according to the window size. E.g.
The web page is in a small window.
The web is in full screen window.
What is the problem and how to solve it?
(2 marks)
The width of table is set by percentage instead of pixels.
All we need to do is to do the width of the table / cells in the unit of pixels.
38
SOHO Networking and Internet Activites
g) Finally, David created some web pages which David thinks they look nice, so he put them in his web server.
However, his clients found that the layout of his web pages are not that good, some of them may even have
problems in opening the web pages. What are the potential problems?
(2 marks)
The browsers of the clients are different from David’s. Different browsers will present a
web page in different way.
The browsers does not support some of the Script / embedded materials.
3.
Network Adapter or NIC is an important hardware on a network.
a)
State TWO components on a network where a NIC can be found.
Workstation, server, some connecting devices, like switch, access point, router
b)
A NIC is known to be 10/100 Mbps.
(i)
What does Mbps stands for?
(ii)
What do the numbers indicate?
(i)
Mbps stands for mega bits of data transmitted per second, i.e. 106 bits per
second.
(ii)
A 10 / 100 Mbps NIC means that the NIC can transmit data at speeds of 10 Mbps
or 100 Mbps, depending on other devices and networking medium of the
channel.
c)
All NICs carry a MAC address.
(i)
What is the purpose of this address?
(ii)
State the characteristics of this address.
(i)
MAC address is used to identify a network interface card on a network.
(ii)
It is unique universally; it cannot be modified.
The following is the result shown on the screen when a network utility of a workstation is executed:
d)
Physical Address
00–02–3F–24–11–7D
DHCP Enabled
Yes
Autoconfiguration Enabled
Yes
IP Address
192.168.1.33
Subnet Mask
255.255.255.0
Default Gateway
192.168.1.1
DHCP Server
192.168.1.1
DNS Server
202.130.97.65
What is the MAC address of the NIC?
00-02-3F-24-11-7D
39
SOHO Networking and Internet Activites
e)
How many bytes are used in the MAC address?
Six byte
f)
Which of the above data can be modified by users through configuration?
All of them except the Physical address
g)
A traditional NIC is known to convert between parallel and serial data transmissions. Describe in details
the role of a NIC in this aspect.
The buses on the motherboard, connecting the memory and CPU, are parallel; The
cable that connect the computers on a network are serial; As a NIC is the interface
between buses and cables, it converts between parallel and serial data
transmissions.
4. In a university, there is a large network, we called it a LAN, under it, there are a lot of sub networks. David is an
undergraduate in this university. He has a computer connected to the network in his dormitory. Through the
connection plug, the computer can be connected to the Intranet of the university and the Internet. The
university has its own mail server, and it offers David an email address called davidlee078@hknewu.net.
Unlike some web based email account, it provides POP3 services to the clients.
The university provides each undergraduate a unique account so that they can login the Intranet. Also, the
university provides each account with 50M Bytes storage in the Intranet.
a) Each computer (host) in any sub network would have a unique address, IP address. This address is consists
of two parts. The first part is called network id, the second part is called host id.
i)
How many bits are there in an IP address?
(1 marks)
ii)
The structure of a IP address in a sub network is as followed:
……
<-
Network ID
->
<-
Host ID ->
So, as shown in the above diagram, 5 bits are used to represent a host id. What is the maximum number
of hosts in a network? (Note that 00000 and 11111 are not legitimate host id.) What is the subnet mask
of this network, represents it in decimal form?
(4 marks)
iii)
David finds that today his IP address is 212.23.48.117 but yesterday, his IP address was 212.23.48.112.
According to the structure in part (a)(ii), what are the range of IP addresses in this network?
David knows that there are two kinds of IP addresses, real or virtual, is his IP address real or virtual?
Also, is this IP address dynamic or static?
(4 marks)
b) In this network, it has a server that distributes IP addresses to each computer (host). In David’s room, if he
40
SOHO Networking and Internet Activites
wants to connect to the Internet, he just needs to turn on the computer. (He needs not to enter any user id or
password) But if he wants to get into the Intranet, a user id and a password are required.
i)
What is the difference between Intranet and Internet?
(2 marks)
ii)
What is the disadvantage that no user id or password is required to get in to the Internet?
(1 mark)
iii)
If the user id and the password of David is “davidlee078” and “123” respectively. Is the password
good? Give reasons please. State some recommendations to the university policy so that password of
the undergraduates will not be too simple.
(2 mark)
iv)
Why do the university need to provide the students with 50M Bytes storage in the Intranet?
(1 mark)
v)
If there are altogether 5,000 undergraduates, each with 50M Bytes storage. The files are stored in
some file servers. The file servers run in raid mode, each file server can provide 80G storage. How
many file servers are required?
(1 mark)
vi)
David created a video and compressed it into another format with bit rate around 250 Kbps, the whole
video is 18 minutes long. Do you think David will have sufficient space to store the video in his server
account?
(2 marks)
c) In terms of services, what is the difference between the web based email account and the email account given
by the university?
(2 marks)
Suggested Answer:
4.
a)
i)
32 bits
ii)
max number of host = 32
255.255.255.224
iii)
212.23.48.96 to 212.23.48.127
They are real and dynamic IPs
b)
(i)
Internet – It has no geographical restraint.
Intranet – require user id and password to log in the system to avoid illegal access
(ii)
Any people even they are not authorized can make use of the bandwidth of the university if
they can reach to the connect plug.
(iii)
It is not good because it is too short and easy to guess.
Recommendation: The password should be at least 6 characters long OR
41
SOHO Networking and Internet Activites
The password has to be a combination of number and characters
(iv)
The students can store their files in anywhere in the university
(v)
The number of file server required = =5000*50/1024/80 = 3.06
At least 4 file servers are required.
(vi)
c)
Space Required = 250/8/1024*60*18=32.96 Mbytes < 50Mbytes, so it is ok.
Web based account can be reached anywhere in the globe.
Email account given from the university and provide POP3 service, i.e. you can set your email service
by the email program. E.g. New email can alert you if you are online.
42
SOHO Networking and Internet Activites
Internet Activities and its technology
How Internet influence us?
Below shows the throughput(流量) of HKIX:
Yearly based
Daily based
Weekly based
Search Engine
What is it?
A program that searches documents for specified keywords and returns a list of the
documents where the keywords were found.
How does it work?
Typically, a search engine works by sending out a spider to fetch as many documents as
possible. Another program, called an indexer, then reads these documents and creates an
index based on the words contained in each document.
Reference: http://computer.howstuffworks.com/cookie.htm
Web browsing / Web surfing
Web browsing means you use navigate the Web and traverse hypertext links.
To browse any Web pages, we need to have installed a Web Browser.
43
SOHO Networking and Internet Activites
Basic browser supports "text formatting" and some multimedia like graphics. However, if you
wants to play a movie (e.g. mpeg I, wmv, etc) you need to call the external viewer (e.g.
Window Media Player or Real player). There are quite a number of common external viewer in
the market, e.g. Real Player, Quicktime player, Acrobat Reader, Flash Player, Shockwave
player, etc. These "Plug-in program" will invoke automatically when it is needed. e.g. When
you are going to view a Web page that contain a flash file, then the flash player will be run for
you, and if you have not installed the program, it will ask you to permit the installation.
Question: Sometime if you have not installed a plug-in program, it will ask you for permission
to install it, is it safe to allow the installation? Why? (It is very similar to 2005#7(c))
Note: Java VM (Java Virtual Machine) is one of the Plug-in program.
Class work:
Insert a Java Applet in a web page. Source: http://javaboutique.internet.com/
Exercise: You will learn how to assign a default player to play a mpeg movie. And how it looks
like in the browser.
Class work:
Try to find out what settings can be changed in our web browser IE? Name 10 of them.
Settings
Description
44
SOHO Networking and Internet Activites
Below shows some of the settings:
Cookie
History
Default homepage
Color scheme
Refreshing web
page(F5)
Temporary Internet
Files allowed storage
45
SOHO Networking and Internet Activites
Trusted sites
Restricted sites
Privacy Level
Pop-up blocker
HTTP version 1.1
Java enable
Printing option
SSL 2.0
46
SOHO Networking and Internet Activites
Web hosting and Web posting
Web hosting
A web host provides storage space in its web server so that your web pages are accessible on
the Internet. It has a permanent connection to the Internet.
Web hosting is the business of housing, serving and maintaining files for one or more web sites.
In fact, you may also set up a web server at home provided you have broadband access.
Web posting
Web posting is to upload the necessary files to the web server so that web pages can be
displayed. An FTP software is needed.
The following information is needed to configure your FTP software:
The address of the web host
The remote directory
Your login and password
Question: What should be aware of when you set your password?
1. Long password is better, e.g. more than 8 characters
2. Combination of alphabet and alphanumeric,
3. Do not use birthday or telephone number or dictionary words
4. Change regularly
Question: Can we choose to host the Web site at home? What are the advantages and
disadvantages?
Question: Can we successfully host a Web site but with no domain name?
E-mail
Dedicated e-mail software (e.g. Outlook Express)
Web based e-mail account (e.g. Yahoo!, hotmail, etc.)
IRC (Internet Relay Chat)
ICQ
Video Conferencing(視像會議)
Netmeeting is a common video conferencing software provided by Microsoft.
Broadcasting
47
SOHO Networking and Internet Activites
Unicast
Communication that takes place over a network between a single sender and a single
receiver.
multicast
In networking, a distinction is made between broadcasting and multicasting.
Broadcasting sends a message to everyone on the network whereas multicasting sends
a message to a select list of recipients.
Streaming Server
Streaming is a technique for transferring data such that it can be processed as a steady and
continuous stream. Streaming technologies are becoming increasingly important with the
growth of the Internet because most users do not have fast enough access to download large
multimedia files quickly. With streaming, the client browser or plug-in can start displaying the
data before the entire file has been transmitted.
For streaming to work, the client side receiving the data must be able to collect the data and
send it as a steady stream to the application that is processing the data and converting it to
sound or pictures. This means that if the streaming client receives the data more quickly than
required, it needs to save the excess data in a buffer. If the data doesn't come quickly enough,
however, the presentation of the data will not be smooth.
There are a number of popular streaming format available in the market, they include asf, ra,
etc.
Codec
The term codec is an acronym that stands for "compression/decompression." A codec is an
algorithm, or specialized computer program, that reduces the number of bytes consumed by
large files and programs. Codecs are used in many popular Internet products, including
QuickTime, Netmeeting, Cu-Seeme, and VDOphone. Every streaming format will have different
coding method, so it requires different codec to decode the file for the viewer / player to play.
Video files especially new format will often require new codec to decode. If the player / viewer
does not have the required codec, it will ask you to download the codec to view the file.
E-commerce and e-learning
B2B – Business to Business
B2C – Business to Customer (e.g. amazon.com)
Attacks in Internet
Spam
Electronic junk mail or junk newsgroup postings. Some people define spam even more
48
SOHO Networking and Internet Activites
generally as any unsolicited e-mail.
DoS
Short for denial-of-service attack, a type of attack on a network that is designed to bring
the network to its knees by flooding it with useless traffic. Many DoS attacks, such as the
Ping of Death and Teardrop attacks, exploit limitations in the TCP/IP protocols.
Trojan Horse
A destructive program that masquerades as a benign application.
Virus
A program or piece of code that is loaded onto your computer without your knowledge
and runs against your wishes. Viruses can also replicate themselves. All computer
viruses are manmade. A simple virus that can make a copy of itself over and over again
is relatively easy to produce.
Worm
A program or algorithm that replicates itself over a computer network and usually
performs malicious actions, such as using up the computer's resources and possibly
shutting the system down. Also see virus.
Securities measures
Patch, Virus Definition, Firewall, Packet filtering, content filtering, blocking, port
2000 – AS – CA #5
5.
Suggest what Internet resources can help in the following cases:
(a)
Because of serious illness, a student is unable to attend lessons at school. Instead, he must have
lessons at home. His teacher wants to arrange interactive lessons for him to take place
simultaneously with the lessons for his classmates at school.
(b)
A student is working on a research project and would like to survey public opinion on the research
topic. He does not want to conduct direct interviews with the public.
(4 marks)
a)
by install a video camera in classroom and send the images through lnternet /
video conference.
b)
by building up a newsgroup/ICQ/email/web page with survey form
in Internet for this topics and invite public to give their ideas.
2005 – AS – CA #2
2.
(a) John buys and installs anti-virus software on his computer. After using the software for a period of time, he
finds that it is very effective. He recommends it to Mary and then she buys and installs the software on her
computer.
Later on, they open the same document file infected by the same virus in their own computers. John's
computer is infected but Mary's computer is free from infection. Give two possible reasons.
(2 marks)
49
SOHO Networking and Internet Activites
John deactivates his anti-virus software.
John has not regularly updated the database of the new definition of the virus from the
manufacturer.
The version of John's anti-virus program is older than that of Mary's.
They use different operating systems.
They use different software to open the document. (any 2)
<When you are dealing questions like “why this computer is not functioning or why this program is
not functioning, always think of the directions like OS cross platform problem, software version
compatibility, language setting, plug-in setting, firewall setting, proxy server setting, browser
setting, system updating etc. Here, e.g., we can set the firewall such that it can open some port for
Inbound connection (i.e. let outsiders use your server’s services.) and block some ports for both
inbound or outbound connection. A typical example is that, “if in case you install your web server,
however, you forgot to open your HTTP port (i.e. port 80), then, others cannot browse your web
site.
(b) Give two identification methods that anti-virus software may use to detect computer viruses.
(2 marks)
Look for virus signature /definition which is a known specific pattern of virus codes.
Check recording size/creation date of existing files and detect if viruses alter these
attributes.
MC Questions
1.
Digital Divide means
A.
someone spend too much time on the Internet so that they become socially isolated.
B.
someone spend too little time on the Internet so that they will become illiterate to the digital world.
C.
someone lack enough resources so that they will not be enough to keep in touch with the digital
environment and hence lacks the ability to find a living.
D.
someone or some companies control most of the Internet throughput that they can easily convey
their idea by making use of the Internet.
2.
Phishing means
A.
a kind of injuries caused by spending too much time on the Internet,
B.
a fake web site that disguise itself to be a faithful web site to get confidential information of the
users.
3.
C.
a behavior that irresponsibly tries to announce some false statements to fool the publics.
D.
a kind of hacking techniques for the hackers to get attack the system security holes.
Which of the following is generally not provided by web hosting service providers?
A.
Internet connection
B.
storage space for web pages
50
SOHO Networking and Internet Activites
4.
C.
a unique URL associated with a published web site
D.
free server-side program development services.
To play a video online from a streaming server, Peter finds that the data transmission rate is 500Kbps,
which of the following statements is / are not correct?
(1)
It is not possible for a 56Kbps modem to view this video.
(2)
In one second, there will be roughly 500x1024/8 Byte data downloaded.
(3)
The image size of another video with 250Kbps will be about half of this video.
A.
(1) and (2) only
B.
(1) and (3) only
C.
(2) and (3) only
D.
(1), (2) and (3)
2001 – AS – CA #6
Mr. Lee is a computer system manager. He is developing an on-line transaction system for a toy store
which allows customers to buy and pay for purchases through the Internet. Briefly describe TWO
computer crimes Mr. Lee might have to deal with and suggest ONE method of preventing each crime you
have identified.
(4 marks)
Crimes
Preventive measure
Intercepting of data through the Internet
encryption of data
Unauthorized access of data
restrict access of data
Hacking of system
use of firewall
“injection of virus” is also acceptable.
2001 – AS – CA #8
Classify each of the following eight items into one of three categories:
computer hardware, system software, or application software.
Internet browser
Router Internet
search engine
Operating system
RAM Electronic
spreadsheet
Utility program
Modem
(4 marks)
Hardware router: RAM, Modem
System software: utility program, operating system
Application: Internet browser, internet search engine, electronic spreadsheet
2000 – AS – CA #8
8.
Billy is doing a project on "The impact of computers on education today." He wants to search for useful
information from the web sites on the Internet. He enters the keywords "computer impact" in the search
menu of a browser. The web sites with the exactly matched keywords are displayed on Billy's computer
51
SOHO Networking and Internet Activites
screen.
(a)
Give TWO disadvantages of searching web sites by exact keyword matching.
(b)
The web sites that Billy found are different from those his classmates found even though they are
using the same keywords to search. Give TWO possible reasons for this difference.
(4 marks)
a)
Some useful web sites may not have the words exactly matched
with the keywords there may be thousands of useless web sites
were also found.
b)
Different time to search
Different searching engines or database for searching
Web Page design / Web Authoring
What exactly a Web page?
Web page is a Text file (Text ONLY, NO graphics, sound files etc), but why the Web page we always
see contain so many different kinds of multimedia? We can see it with the following example:
In a browser, it looks like...
The Web page itself is exactly like this...
<HTML>
<HEAD>
<TITLE> DEMO
</TITLE>
</HEAD>
<BODY>
<!-- this is the comment
-->
</BODY>
</HTML>
So, a Web page is only a text file with some standard markup language, the code(編碼) is called tag.
The markup language it used is called HTML(HyperText Markup Language). This markup language
supports hyperlink(超連結).
Understanding how Web page (HTML) works? (Pay your attention to the files structures)
Web Page in a browser
HTML code
<HTML>
<head>
</head>
<body>
</body>
</HTML>
52
Files structure
SOHO Networking and Internet Activites
Hello!
<HTML>
<head>
</head>
<body>Hello!
</body>
</HTML>
Hello! Good Morning!
<HTML>
<head>
</head>
<body>Hello!
Good Morning!
</body>
</HTML>
Hello!
<HTML>
Good Morning!
<head>
</head>
<body>Hello! <BR>
Good Morning!
</body>
</HTML>
Hello!
<HTML>
<head>
</head>
<body>Hello! <BR>
<img src=image1.jpg>
</body>
</HTML>
<HTML>
<head>
</head>
<body>Image 2
<img src=aaa\image2.jpg>
Image 2
</body>
</HTML>
Markup Language
There are a variety of markup languages, such as HTML, XML, etc. Since Markup languages work
properly as long as a web browser can support them, they are independent of the operating systems of
different computers. Therefore, markup languages are compatible with different machines. (i.e. it can
overcome the cross-platform problem)
53
SOHO Networking and Internet Activites
Basic Structure of Web pages(in HTML format)
<html>
<head>
<title>Title goes here
HTML document
Head
</title>
</head>
<body>
Body
Body goes here
</body>
</html>
Basic Tags in HTML
Tags
Meaning
Example
<IMG>
To put an image in the web page <IMG src="abc.gif" width=100>
Attribute
SRC
Width
Height
<A>
To put an anchor (hyperlink)
<A href="abc.htm" target=_blank>
Href
Target
<I>
Italic
<I>It is italic </I>
/
<Strong>
Italic
<Strong>It is italic </Strong>
/
<Table>
To add a table
<table border=0 width=500 height=50%>
Width
Height
Border
<Embed>
To insert an object
<Embed src="abc.mid">
src
width
height
<Br>
Line break
Good <BR> Morning!
<Head>
To insert some information about <head>
/
/
the web page itself, e.g. the title <meta http-equiv="Content-Type"
<Body>
of the web page or is it in
content="text/html; charset=big5">
Chinese
</head>
To define the background image, <body bgcolor="Black"></body>
bgcolor
bgcolor, etc.
<body bgcolor="#000000">
background
</body>
bgproperties
54
SOHO Networking and Internet Activites
<Script>
Insert some Script to the web
<Script language=”JavaScript”>
Language
page, the script would be
JavaScript or VBScript
<Form>
Send data from client (browser) <Form name="Form1" action="abc.asp"
name
to Web server through HTTP
action
method="Get">
method
Class Exercise:
1.
Host a web site at the student computer.
2.
Setting right to the web site.
3.
Put your default home page (index.htm) at the wwwroot and view the other home page.
4.
Writing ASP program.
Web Authoring Tools
What is it?
A software that enables the user to develop a Web site. The software will generate the
required HTML coding for the layout of the Web pages based on what the user designs.
These tools are WYSIWYG(What you see is what you get). Usually, it will have two view
mode, Code view mode and design view mode.
Example:
Dreamweaver, FrontPage, etc
Reference:
Question: What are the advantages of using Web authoring tools? Why HTML should be learnt?
Practical Requirement in the Web page design
The above are only the theories of Web page design and HTML, now, you are required to create a
web page on your own. If you know how to create Web pages, then you will have advantages, if not,
that is OK as long as you are able to finish the following techniques. And the following techniques will
be presented in the lessons and it is supposed to be useful in the TAS.
Techniques:
Description
Frames
According to pixel or percentage
Text Formatting
Colour, Size
CSS
Cascade Style Sheet
Layer
Table
Set borde. Fixing the width of table. Column Span. Row Span
55
SOHO Networking and Internet Activites
Inserting Multimedia
multimedia like mp3, mpeg, wmv, asf, etc.
Inserting Graphics
gif, jpg, jpeg,
Inserting Flash
Creating Hyperlink
Parent, Self, Blank
Creating Form
We need to use "form" to transmit data from client computer to the Web
server by using Web pages, there are two method, "Get" and "Post"
Inserting JavaScript
Inserting Java Applet
Setting Characters set
Set it to Traditional Chinese Characters (Big-5) or Simplified Chinese
Characters (GB)
Static Web page and Dynamic Web pages
Dynamic Web pages usually mean Web content that changes each time it is viewed. For example,
the same URL could result in a different page depending on the time of day, the geographical position,
etc. It is done by server side.
Static Web pages mean the content of the Web page will not change.
Note: Usually adding JavaScript is not a Dynamic Web page.
Web page editing
Since Web pages contain Text only (ASCII only), it can be edited by any text editor.
Incorporating Multimedia Elements
Web page work well with text, graphics, media files by using tags, e.g. <embed>, it is the browser (like
IE, Netscape, etc) to reconstruct the Web page and display it on the monitor.
Hyperlink and Anchor
Hyperlink is a user friendly access mechanisms to get to the other web pages, anchor is a bookmark
at the same web page.
Web Page Design consideration
Aspect ratio and Resolution
Almost all computer screens have an aspect ratio of 4:3. So for the web page with resolution 800
600 (not 600 800), 1024 768 are suitable for most of the computer monitors.
Note that, this doesn’t mean, however, that the web page can be 800 600 pixels. Rather, the
page must fit within the viewer’s browser window. The browser’s borders and title bars take up
space.
Providing feedback and interaction
Forms and Forums
Mailto (e.g. <a href=”mailto:user_name@yahoo.com.hk”>Email Us</a>
56
SOHO Networking and Internet Activites
2004 – AS – CA #4
4.
David is a secondary school student. His school provides a web page hosting service for students to upload
their web pages. David has uploaded his web pages with the following structure:
A segment of his homepage (index.html) with frames is shown below:
(a)
When David browses his homepage in the school, he finds that the photo cannot be displayed. What
mistake may he have made?
(1 mark)
Since the image file is stored in ‘image/photo.jpg’, it is likely that the path
of the image is not linked properly.
(Or use wrong case in the letters.)
(b)
The school's web page hosting service stops right after David has successfully browsed his homepage
in the school. What will happen if David clicks on the five hyperlinks of his homepage? Explain your
answers.
(5 marks)
HKEAA: It is a successful visit to the remote link (the external link will
Not involve the web hosting service (i.e. the web server) of the school.)
It is NOT successful
Because the pages are held by the school web hosting service / school
server.
57
SOHO Networking and Internet Activites
It is NOT successful
Because the pages are held by the school web hosting service / school
server.
Home: it is successful because it has been loaded in the cache. (OR:
The photo may not be displayed, as the cache size is limited.)
Go Top: It is successful as the link is done locally (link to the same
page)
Catering for users of different needs
Different browsers
Different browsers will present a web page in a slightly different way.
e.g. IE (Internet Explorer) and Navigator.
B.
Different access means
People will browse web pages by different means, e.g.
PC, Laptop, mobile phones, PDAs.
C.
USERS WITH SPECIAL NEEDS
When you design your web site, you should also make sure that it caters for users with special
needs, such as those suffering from different forms of disabilities, so that they can access to the
information there. Here are some guidelines that help you achieve this.
Special needs arising
Ways to cater for the needs
from
visual problem
•
Use larger fonts.
•
Use colours of high contrast.
•
Ensure that all information conveyed with colour can also
be conveyed in the absence of colour.
‧ Avoid causing content to blink, flicker, or be animated.
‧ Provide audio descriptions of major content of the web
page displayed.
motor problem
‧ Provide navigation means controlled by key strokes instead
of using the mouse.
‧ Avoid scrolling.
hearing problem
‧ Provide captions or transcripts of important audio content.
having insufficient
‧ Provide text-based version of multimedia web pages.
bandwidth /
‧ Display thumbnails instead of high resolution images.
transmission
‧ Provide methods to skip audio or video / animation elements.
capabilities
58
SOHO Networking and Internet Activites
Exercise 2A:
Which of the following statements is / are correct?
True
1.
HTML code is interpreted by client computer.
2.
For a static web page, the code delivered to the client computer is the exact
False
copy stored in the web server.
3.
Sometime, in order to perform a dynamic web page, the browser in the client
computer has to install the appropriate plug-in.
4.
Both Java and JavaScript are script languages.
5.
The response of client-side dynamic web pages are faster.
6.
VBScript is a server-side script language instead of a client-side script
language
7.
To validate input data before sending is one of the advantages of client-side
computing.
8.
When some simple calculation is required to perform in a web page (say
adding two numbers), it is suitable for the client computer to perform such
operation.
9.
When some complicated calculation is required to perform in a web page, it is
suitable for the web server to perform such operation.
10.
JavaScript is usually referred as a client-side script.
11.
When we are using a Windows system browser, we are able to view the web
pages in a Linux server.
12.
Dreamweaver is a web authoring tool to produce web pages.
Exercise 2B:
1.
For this HTML tag, <img src=”image/picture1.jpg” width=100 height=80>, what information you
can get?
(i)
What is it?
Picture
(ii)
What is the file name?
picture1.jpg
(iii)
What is the file type?
Jpeg
(iv)
Which folder is it in?
image
(v)
Width?
100
2.
What is HTML stands for?
3.
What is the tag to set the background color to black?
4.
Which of the following tags is green in color?
<font color=”#22AA22”>What color is it?</font>, <font color=”#AA2222”>What color is it?</font>
59
SOHO Networking and Internet Activites
5.
If the tags are in the form of
(Open tag) This is the hyperlink (Close tag)
, then, what is the HTML code to hyperlink the it to a web site http://www.abc.com.
6.
How to show the symbol < in web page?
7.
To upload files from client PC to web server through FTP, there would be two information to verify
your identity to get access to the web space, what are they?
8.
Do all web sites support FTP upload? Why?
9.
Which of the following is not true for rollover button?
10.
A.
It is favorable to have transparent backgrounds
B.
There would be two image files for a rollover button
C.
Images file size would be one of the consideration
D.
There would have an event called onMouseOver
E.
All of the above
Which of the following is not true for frames in web page?
A.
There would have one and only one frameset file.
B.
There would have a lot of different frame files.
C.
The simplest frame web page would have at least 2 web pages.
D.
It is better to name the frames.
E.
None of the above
For the following URL
http://www.anyorganisation.org.cn/image/index.htm ,
answer the questions 11 to 16.
11.
What is the domain name?
12.
What is top level domain?
13.
Which area this organization is supposed to locate at?
60
SOHO Networking and Internet Activites
14.
What is http stands for and what is the function of it?
15.
In your browser, you enter the URL www.anyorganisation.org.cn/image/, will it make any
difference? Why?
16.
Now, if you want to host your web site as the name yourname.anyorganisation.org.cn, is that
possible?
17.
What is the common method to upload files from client PC to web server?
18.
Why graphic file format like jpeg and gif are common in Internet but not the others?
19.
Apart from HTML version, why some web sites provide text version?
20.
Which of the following is not a valid URL?
21.
A.
http://www.abc.com
B.
ftp://www.abc.com
C.
http://lesson1.school.abc.com/
D.
http://203.107.212.67/
E.
None of the above
Which of the following is a valid ip address in the Internet?
A.
10.121.123.125
B.
192.168.23.54
C.
232.117.0.1
D.
189.283.187.77
E.
None of the above
61
SOHO Networking and Internet Activites
2005 – AS – CA #1
1.
David is going to write online game software.
a)
He wants to design a game that can be played through a browser. Give two kinds of browser settings
that should be considered.
(2 marks)
Plug-ins (e.g. Java Applets VM, Active X, Flash player, Shockwave player)
Security
Script running language
cookies
Temporary files (any 2)
->
Java Virtual Machine is a program that enables a computer to run Java Applets. Since usually Java
Applet is downloaded together with the web pages and hence it has to solve the cross-platform issues,
so, the Java Applet VM is in fact different for different OS.
Flash player is a program that runs flash movie (.swf). There are different version flash player, e.g.
player 5.0, 6.0 or 8.0. A flash 8.0 flash movie may not successfully played by a flash 5.0 player, i.e. we
have to update the player to enjoy the latest features. Usually, updating is prompted through Internet
and can be finished online.
b)
He wants to design this game with an additional function to cater for users with impaired vision. Give a
suggestion for the function.
(2 marks)
A sensible option for David is to create some sort of "magnify glass" utility
over the top of the software to simulate high power magnification to
different areas of the screen. The game can provide different sound
effects for specific events. (any other reasonable answer)
->It requires suitable imagination, commonly sense in using computer and some English vocabularies to
answer this question.
c)
If he decides to post the software as shareware, will the public be allowed to freely copy the
software? Explain your answer briefly.
(1 mark)
For many kinds of shareware, the public allows to freely copy the software
according to the terms and agreement.
It depends on the terms and agreement stated in the software.
->
Basically, a shareware will only offer a right to use to the user, it will not offer the right to copy (i.e.
copyright) to the user.
d)
Finally, he decides to post the software as 'Open Source' software. Give two main characteristics of
'Open Source' software.
(2 marks)
62
SOHO Networking and Internet Activites
The software is free and the source codes are released to the public.
ASCA 2003#10
7.
Steven is an IT coordinator in a school. He considers using the following two methods to filter improper
contents on the World Wide Web (WWW).
Method A: Block access to a list of domains and IP addresses.
Method B: Allow access only to a list of domains and IP addresses.
Suppose the lists of domains and IP addresses for the two methods are set as follows:
Method A
Method B
yousex.com
education.com
mypornography.com
gospel.com
tooviolence.com
news.com
202.40.218.20
202.40.218.23
a)
According to the setting of Method A, will the following URLs be blocked? Justify your answers.
(i)
‘http://gallery.mypornography.com/~john/index.htm’
(ii)
‘http://www2.tooviolence.com’
(iii)
‘http://www.yousex.com.jp’
(3 marks)
The following diagram shows the flow of the filtering of Steven’s design:
block
START:
Method A
Method B
allow
allow
Pass Filtering
block
Do Not Pass
Filtering
b)
(i)
According to Steven’s design, will the web site with URL ‘http://education.yousex.com’ be blocked?
Justify your answer.
(ii) Steven discovers that the domain ‘tooviolence.com’, which contains improper contents, can still
pass through the filtering. Give one possible reason.
(4 marks)
In order to protect students from browsing improper contents, Steven considers using a web filtering service
in the school. The Internet Service Provider (ISP) of the school provides three proposals for free filtering
service:
Proposal 1: Installing the filtering software on each computer in the school
63
SOHO Networking and Internet Activites
Proposal 2: Installing the filtering software on the school proxy server
Proposal 3: Installing the filtering software on the ISP’s proxy server
c)
Give one advantages of each of the proposals over the others.
(6 marks)
d) (i) Steven discovers that the computers in the school are always infected with computer virus. Suggest
two different ways through which computers may be infected.
(ii) Steven considers setting up a firewall to prevent computers in the school from virus infection. Is this
method effective? Justify your answer.
(4 marks)
HKCE 2003#10
Suggested Answer:
a)
b)
(i)
Yes, it is under the domain ‘mypornography.com’
(ii)
Yes, it is under the domain ‘tooviolence.com’
(iii)
No, it is not in the list of domain
(i)
Yes, it can be blocked.
It is not under the domain ‘education.com’.
(ii)
c)
Its IP address is under the list in Method B. e.g. 202.40.218.20 or 202.40.218.23
Proposal 1: It can set individual needs
Proposal 2: It can centralize the filtering policy
Proposal 3: It can cut the workload of the school (server / manpower)
d)
(i)
Backing storage such as floppy disk
Email
Files downloaded from the Internet
Computers are hacked by someone
(any two)
(ii)
No, firewall is mainly used to prevent computer from hacking /outside attack only.
Extra exercise:
1.
What are the following terms stand for? Briefly describe what they are.
(i)
HTTP
(v)
ISP
(ii)
FTP
(vi)
TCP/IP
(iii)
DNS
(vii)
NIC
64
SOHO Networking and Internet Activites
(iv)
HTML
(viii)
URL
Suggested Answer:
1
(i)
HTTP
–
HyperText Transfer Protocolis, it is a set of rules for transferring files (text,
graphic images, sound, video, and other multimedia files) on the World Wide Web.
(ii)
FTP
–
File Transfer Protocol. It is a protocol for file transfer (upload and download) in a
network.
(iii)
DNS
–
Domain Name Server, it is an Internet service that translates domain names into IP
addresses.
(iv)
HTML
–
Hypertext Markup Language, it is the authoring language used to create
documents on the World Wide Web.
(v)
ISP
–
Internet Service Provider, it is a company that provides access to the Internet.
(vi)
TCP/IP
–
Transmission Control Protocol/Internet Protocol, it is the suite of communications
protocols used to connect hosts on the Internet.
(vii)
NIC
–
Network Interface Card, it is a network card for the computer to get access to the
network or the Internet.
(viii)
URL
–
Uniform Resource Locator, it is the global address of documents and other
resources on the World Wide Web.
65
SOHO Networking and Internet Activites
2.
3.
Why markup language is used?
(1)
It uses ASCII coding system.
(2)
It overcomes the cross-platform problem.
(3)
It can be regarded as a kind of high level program.
A.
(1), (2) only
B.
(1), (3) only
C.
(2), (3) only
D.
(1), (2) and (3)
Which of the following is not a type of markup language?
A.
HTML
B.
CLASS
C.
XML
D.
SGML
2001 – AS – CA #3
3.
Classify each of the following eight items into one of four categories:
Internet resources, protocol, operating system, or others:
HTTP
TCP/IP
ISP
BBS
HTML
UNIX
URL
WWW
(4 marks)
Internet resources: BBS, WWW
Protocol: HTTP, TCP/IP
OS: UNIX
Others: HTML, ISP, URL
-> Common application protocol includes FTP, SMTP, HTTP, HTTPS, TELNET, POP3
Common data transmission protocol includes TCP, IP, UDP
Common OS includes UNIX, Linux, Mac, Windows
Common browser includes I.E., Netscape, Firefox
Common Web server includes IIS, Apache
Common server side programming language includes ASP, PHP, ASPX, CGI
Common server in the Internet includes DNS, DHCP, Proxy, Mail, etc.
Company provides Internet technology includes
HKDNR – Domain name registration, it register all the domain with top level domain “.hk”
Cisco – network equipment, like, router, switch, etc.
Oracle – database management system
HKIX – information exchange center in HKCU.
Netvigator, i-cable -> ISP
Web hosting company
66
SOHO Networking and Internet Activites
2000 – AS – CA #5
5.
Suggest what Internet resources can help in the following cases:
(a)
Because of serious illness, a student is unable to attend lessons at school. Instead, he must have
lessons at home. His teacher wants to arrange interactive lessons for him to take place
simultaneously with the lessons for his classmates at school.
(b)
A student is working on a research project and would like to survey public opinion on the research
topic. He does not want to conduct direct interviews with the public.
(4 marks)
a)
by install a video camera in classroom and send the images through lnternet /
video conference.
b)
by building up a newsgroup/ICQ/email/web page with survey form
in Internet for this topics and invite public to give their ideas.
-> This questions asked the knowledge of common technology. Technology has advanced much in these
several years, nowadays, it is mostly related to e-business or mobile devices. E.g. nowadays, there are
more and more PDA support GPS (Global Positioning System), i.e. it can direct you to the destination
any time any where by making use of satellite. Also, since many people are using PDA (or mobile
phones which have PDA functions), we need to take the design of web page into consideration, for
example, usually, web page are designed for the resolution 800x600, however, nowadays, we should
design a specific page for this users with say, 320x240 resolution. Also, we need to take the
communication of these devices with computer into consideration when choosing these kind of
appliances, usually, it should support blue tooth(for headset, file transfer) or WiFi(Internet, GPS).
Since it is mobile device, battery is always a consideration. Last but not the least, storage media is
another consideration, of course, external memory would be flash memory, usually, SD card, Mini-SD.
Apart from that, more and more people will perform e-commerce on the Internet. Asymmetric key
infrastructure (Public key and Private key encryption) has been widely used in e-banking(in this case,
public key is used to do encryption and private key is used to do decryption), and digital signature(in
this case, public key is used to do encryption and private key is used to decryption). Usually, VPN
(Virtual Private Network) will use symmetric key infrastructure of which both are using the same set
of private keys.
Nowadays, Weblog is very popular, many people like to share their ideas with others by making use of
the Internet, we called this phenomenon “Web 2.0”, i.e. every users can be a editors and contribute to
the community.
BT is another P2P (Point to Point file sharing technology), a group of people can download a very large
file in a short period of time.
2000 – AS – CA #7
7.
(a)
A warehouse manager would like to computerize the inventory control system in his company. He
67
SOHO Networking and Internet Activites
can either purchase a ready-made application package or invite a consulting firm to develop an
application. Give ONE advantage of each option.
(b)
The company has two warehouses. The manager would like to connect the computers installed in
the two warehouses via a telephone line. Draw a diagram to show the necessary components and
links.
a)
(4 marks)
Ready-made: less expensive, less time-consuming, less bugs
Custom-made: match the company’s requirement exactly
b)
computer
modem
computer
modem
->Advantage of ready-made software (Packaged software):
Less cost for training.
More updated versions available.
Basic operation of modem would be: Convert digital signal to analog signal and vice versa.
The basic connection between a SOHO and an ISP is as shown below:
LAN
Web server
Switch
Router
Content
Filter
Firewall
ISP
You need to note the order and its proper position.
2000 – AS – CA #8
8.
Billy is doing a project on "The impact of computers on education today." He wants to search for useful
information from the web sites on the Internet. He enters the keywords "computer impact" in the search
menu of a browser. The web sites with the exactly matched keywords are displayed on Billy's computer
screen.
(a)
Give TWO disadvantages of searching web sites by exact keyword matching.
(b)
The web sites that Billy found are different from those his classmates found even though they are
using the same keywords to search. Give TWO possible reasons for this difference.
(4 marks)
a)
Some useful web sites may not have the words exactly matched
with the keywords there may be thousands of useless web sites
were also found.
b)
Different time to search
Different searching engines or database for searching
->There are some preferences that can be set to facilitate the searching of web sites. E.g. we can limit to
68
SOHO Networking and Internet Activites
some web sites with certain country codes (e.g. hk, cn, tw, etc). Or, we can exclude some file type like
wav, etc.
In fact, different search engines will use different policies to rank its findings, and hence its findings wil
be different.
2001 – AS – CA #4
4.
(a)
When accessing the web site of the Hong Kong SAR Government, people can either type in the IP
address "202.128.227.5" or the domain name address "www.info.gov.hk". Explain the relationship
between the IP address and the domain name address.
The DNS by which hosts on the Internet have both domain name
addresses and IP addresses. The domain name address is used by
human users and is automatically translated into the numerical IP
address.
(b)
Give ONE advantage of using the domain name address and ONE advantage of using the IP
address.
Domain name – easy for human to remember
IP address – language independent
2002 – AS – CA #2
2. The figure below shows the interconnections between the Internet and the local area networks in ABC
Company. The numbers allocated to the devices indicate the IP addresses.
(a) (i) Briefly explain what a ‘gateway’ is.
A gateway is an interface that enables dissimilar networks to communicate with one
another.
(ii)
How many local area networks are there in the figure? Explain briefly.
3 (hints from the IP addresses)
(b)
Assume the computer with the IP address ‘130.8.0.1’ in the figure is a web server and its domain
name is registered as ‘ABC130.com’. A web site with a web page named ‘index.html’ is placed in
69
SOHO Networking and Internet Activites
the
web
server,
where
the
web
page
can
be
accessed
by
the
URL
‘http://www.ABC130.com/index.html’.
(ii) What is the top-level domain of this web site?
com (or .com)
(ii) Is it possible to access this web site with the URL ‘http://www.ABC130.com.hk’ from Hong Kong?
Explain briefly.
No, the URL is not registered for the company.
(Or Yes, the company may register the URL separately.)
(iii) Is it possible to access this web page with the URL ‘http://130.8.0.1/index.html’ through the
Internet? Explain briefly.
Yes. The IP address is what a domain name system will supply. It is an alternate
way to specify the URL.
(iv) What will be the protocol(s) needed for browsing the web page over the Internet?
Hypertext Transfer Protocol (or HTTP) (‘Http’ or ‘http’ is not acceptable)
2003 – AS – CA #5
5.
John is the chairperson of a chess club in a university. He designs and builds a web site for the club.
(a)
A fixed IP address is assigned to him to establish a web server on the campus. However, John has not
yet registered a domain name for the club and so he tells the interested parties to use the URL,
`http://200.102.234.48/index.html', to access the web site.
(i)
Name the different components of the given URL.
http://
HTTP protocol
200.102.234.48
IP address
index.html
first page / home page / file / default page / resource
(ii)
Is it possible to access the home page without specifying 'index.html' in the URL? Explain briefly.
Yes, a default web page (預設網頁), index.html, is used /
No, the page may not be set in the web server.
In fact, a web server can set any web page as the default home page, but most likely, it would be
index.htm or index.html or index.asp or index.php or index.aspx, etc. You should also note that you
can set a number of files as the default home page with different priorities.
Apart from that you can also set the read / write / index options for different folders, remember, when
you open a forum, you have to grant the write authorities to the users so that they can write the data
(post message) to the database of the forum.
You can also set the virtual directories which maps with another computer.
Rather open port 80 for HTTP connection, you can also reassign another port number to the web
server.
Because there are so many different settings in the web server, so, even a simple HTTP requests, e.g.
http://www.abc.com/demo/ may give a number of different effects on the client’s browser.
(2 marks)
70
SOHO Networking and Internet Activites
(b)
The web site provides the service of recruiting members. for members to log into the web site. John
needs to establish identification codes
(i)
Can John use members' IP addresses assigned by their Internet Service Providers (ISP) for
identification? Justify your answer.
No, IP from ISP could be dynamic (change from time to time)
An email address is a unique identification.
(ii) John decides to use the email addresses of members for identification. Give one reason to support John's
decision. Suggest one method for John to ensure that the email addresses provided by members are not fake.
Peter can send an email to the email address with initial password for
confirmation.
(3 marks)
(c)
The web site also provides a service for registered members to play online chess games through the
Internet. Is it necessary for John to keep track of the current IP addresses of the online players? Justify
your answer.
Yes, the current IP addresses for the players are required to maintain the
communication dialog / keep track of records for security.
(2 marks)
2006 – AS – CA #3
3.
Web-based software is developed in a secondary school to support teaching and learning. A teacher,
Mrs. Lee, gives online multiple-choice tests using this software.
a)
Is the web-based software application software or system software? Explain briefly.
Application Software. It is designed for a specific task.
b)
Mrs. Lee organizes a multiple-choice test on the software for her students to take in a computer
room. Suggest three software packages, which could perform functions A, B and C, as shown
below.
A
B
Allow student to answer
Internet
multiple-choice
questions
directly
on
web.
A:
c)
BROWSER
B:
Web server
C
Host
Keep
multiple-choice
multiple-choice
tests and maintain
questions in an
web pages.
item bank.
C:
Database(DBMS)
Mrs. Lee also organizes a discussion forum on the software. What is the main advantage of this
approach?
It enhances the communications between teachers and students.
(Other reasonable answer, such as ‘discussion’)
71
SOHO Networking and Internet Activites
2005 – AS – CA #5
5.
David creates a web page with frames and animation.
a)
(i)
David can successfully browse the animation in the web page on one computer but cannot
browse it on another one. The web pages is only displayed as shown above. Give a possible
reason for this.
No suitable plug-ins for the animation is installed in the browser in the
computer.
(ii)
Give one unsatisfactory aspect of the design of the above web page presentation, other than
the animation.
The content cannot be completely displayed on screen. David has to adjust
the scroll bar to view the wording (HKEAA
b)
All rights reserved) at the bottom.
When clicking the hyperlink ‘Contact Us’, an email program on the computer is launched and an
email with David’s email address is created and ready to send.
(i)
Describe a kind of common web page design which can replace the above messaging
method.
The web page can include a form for writing messages with server-side scripts
to transmit the messages to the server. (direct personal contact)
(ii)
Do you think that ‘Discussion Forum’ should replace ‘Contact Us’? Explain briefly.
Yes, a discussion forum is more convenient for users to see responses of
messages they have left. OR No, email is a better channel for private
communication.
72
SOHO Networking and Internet Activites
2007 – AS – CA #2
2.
Sam and May work in an office. Its network diagram is shown below:
a)
What is Device A? Justify your answer.
(2 marks)
router
It connects the intranet at the office with the Internet.
<- You should note that there are 3 different networks here, 10.0.1.0 and 10.0.2.0 and the
Internet, you need to know that network is according to its IP address structure.
b)
The network administrator allows May to access to Web browser B, but does not allow Sam to do
so. Briefly describe how the administrator can configure Device A to achieve this.
(2 marks)
The administrator configures the router to block Sam’s IP address (MAC) to
access the network. / The administrator reconfigures the router to establish the
router to establish two sub-networks and block Sam’s IP address to access the
sub-network of the Web Server B.
<-
c)
Explain, in terms of IP configuration, how web server B can be publicly accessed through the
Internet.
(2 marks)
10.X.X.X is a private network and the private IP address should be translated
into a public IP address to access from outside (Port forwarding / NAT).
73
SOHO Networking and Internet Activites
2007 – AS – CA #3
3.
a)
Paul uses an e-mail client program to pen an overseas e-mail sent by Mary and finds that it
contains a lot of unknown characters, as shown below:
He changes a setting in the e-mail client program so that the content of the e-mail can display
normally. Which setting has he changed?
(1 mark)
Language
b)
Paul uses the e-mail client program that supports POP3 e-mail service.
(i)
Give two configurations that must be set before enabling receiving e-mail.
Username and password, POP3 server
(ii)
Name another kind of common e-mail service, other than POP3 e-mail service.
SMTP
In the syllabus, it states
“Students should understand the differences between a mail client and web mail, and
the protocols (POP, IMAP, SMTP, etc.) used in sending and retrieving emails.”
2008 – AS – CA #2
2.
A school library network with a router, a switch and a wireless access point (AP) is built for students
to connect to the Internet, as shown below:
a)
Components in the network are connected to either the switch or the AP.
(i)
Why should the web server and workstation be connected to the switch?
This is a stable / fast connection (Increase effective bandwidth)
(iI)
Why should the visitors’ notebook computers be connected to the AP?
74
(2 marks)
SOHO Networking and Internet Activites
No connection port is needed. / Increase the mobility of computer (advantage of
wireless connection)
b)
(i)
Other than notebook computer, give a kind of mobile device that can be connected to the
AP to access the Internet.
PDA / Mobile phone / Tablet PC / UMPC/ ULCPC / MID
<- Basically, it is unusual for someone to answer something like UMPC, ULCPC or MID, I cannot
find ULCPC and MID in webopedia.com, so, the best answer is PDA or PDA phone or Tablet PC.
Tablet PC is not popular anyway, but, a tablet PC is characterized by its touch screen technology,
i.e. not keyboard or mouse required.
(ii)
When using a mobile device to access the Internet through the AP, two sets of
information are needed, for network authentication and authorization respectively. What
are the two sets of information?
(3 marks)
username and password/ MAC address (NIC) / SSID
Encryption method (e.g. WPA, WPA2, WEP)
<- Below shows a common AP setting interface:
There are several points that we have to pay attention to, they include:
1. Why private IP is used?
2. What is SSID?
3. Why broadcast of SSID is not allowed?
4. What is WEP key setting?
5. Why to set obtain an IP automatically?
75
SOHO Networking and Internet Activites
c)
Some students cannot use the Internet service due to the configuration/limitation of the AP.
Suggest two different types of issues that may lead to this connection problem.
(2 marks)
The coverage of the access point / exceed the maximum number of users/ Users
are blocked / The compatibility of the network standard (802.11 / protocol /
encryption method)
2008 – AS – CA #3
3.
A router is used to connect two subnets in a café which provides Internet access. The network
information is listed below:
Subnet A:
From
223.1.1.0
to
223.1.1.24
Subnet B:
From
223.1.2.0
to
223.1.2.24
Router IP:
223.1.1.1
and
223.1.2.1
a)
The following dialog box shows part of the network setting of a workstation in Subnet A. Fill in
the information in the space provided.
(3 marks)
->
The suggested answer for this questions is:
IP address: (any IP address between 223.1.1.2 and 223.1.1.24)
Subnet Mask: 255.255.255.0 / 255.255.255.224 (other reasonable answers)
Default Gateway: 223.1.1.1
But this question is badly designed. The range of a subnet should be according to its subnet
mask. So, if the subnet mask is 255.255.255.0, then, the range of that subnet should range from
223.1.1.0 to 223.1.1.255, which is not aligned with the requirement of the question.
So, next time, HKEAA may modify the question as:
“Now, Peter is a account clerk in a company, his IP is 223.1.2.82, suppose
76
SOHO Networking and Internet Activites
the subnet mask is 255.255.255.248, then what is the possible range of IP
addresses in his network?”
The answer would be first, identify the network address, it would be 223.1.2.80, so, it’s range is
from 223.1.2.80 to 223.1.2.87.
b)
Give one reason why two subnets are used in the café.
(2 marks)
-> As mentioned before, whenever we come across questions like why or give reason on
something, then, we should always have directions like
1.
Safety
2.
Speed / access mode
3.
Compatibility
4.
Reliability
5.
Cost like manpower
6.
Way of management like centralized or not
Here, the answer gives “customers and staff in the two subnets for security purpose./ better
traffic control.” So, obviously, if you follow the directions listed above, you can think of the
answers yourself.
77
SOHO Networking and Internet Activites
Keywords:
Access Point
Navigate
Address book
Network ID
Anchor
Network Client Software
Aspect Ratio
Network Server Software
Bandwidth
Optical fiber
Blocking
Packets
Bps
Peer-to-Peer Network
Broadcasting
Plug-in
Browser
port
Buffer
Protocol
Client / Server
Real IP
Coaxial cable
Resolution
Codec
RJ-45
Cookie
routers
Data Encryption
Satellite
Dial up
Search Engine
Domain
SPAM
DoS
Denial of Service
SSL
DNS
Domain Name Server
Static IP
Download
Streaming
Downstream
Subnet Mask
Dynamic IP
Switches
Ethernet Network
TCP/IP
Fiber Optic
Trojan Horse
FTP
File Transfer Protocol
Upload
Filtering
Upstream
Forward a mail
URL
Gateway
UTP
Hack
Video Conferencing
Host
Virtual IP
Host ID
Virus
HTML
WAN
HTTP
Web Authoring
hubs
Web Browser
Hyperlink
Web server
ISP
Local Area Network
Web Surfing
LAN
Internet Service Provider
Wireless LAN
78
Untwisted Pair
Wide Area Network
SOHO Networking and Internet Activites
Appendix - Client Side programming and CSS
JavaScript
To create interactive operation in web pages, usually, we will use Scripting language. In the market,
there are two main scripting languages in web page design, they are JavaScript and VBScript.
JavaScript is the first to be promoted and is up to now the most popular scripting language in the
market.
Scripting language(小程式), it is usually referred as a kind of programming language which will has a relatively
limited use.
There are two methods to include JavaScript in a web page, they are:
(i)
Embed the script
(ii)
Link to an external script file
As illustrated in the following figure, some of the script (programs) is embedded in the web page. (i) Also, an
external script file (hp_first_20051101.js) is linked (ii)
(i)
(ii)
Now, here comes a question: What is the advantage and disadvantage of using (i) over (ii)?
79
SOHO Networking and Internet Activites
Advantage:
Files needs not to be downloaded by two times, first HTML file and
second the js file.
Disadvantage:
Several HTML can use one js file, i.e. reusable.
If modification needed, it is easier if the script is in one js file instead of
scattering all over several hundred HTML files.
As you can see, there is a js file in the URL
http://hk.yimg.com/i/home/js/hp_first_20051101.js
so, when it is entered in the address of the browser, it will download the js file as shown in below:
After opening the JS file in a web authoring tool (Dreamweaver), it shows
As you can see, the scripting language is in plain text and hence is compatible in all platform. Also, it is not in
80
SOHO Networking and Internet Activites
binary code, so, it only requires the browser (as the interpreter) to execute the program, these programs, we
called “client-side programs”.
CSS
As you can see, a css file can be linked in a web page as shown below:
81
SOHO Networking and Internet Activites
SOHO Networking Basics
Author’s remarks
A substantial amount of materials in this set of handout is adapted from Wikipedia and Guide to
Networking Essentials (2nd edition) published by Course Technology.
This set of materials is co-developed by Chung, C.F. Jeffrey and Alvin C. M. Kwan.
What is Computer Networking?
Computer networking involves connecting computer systems for the purpose of sharing information and
resources. It requires a great deal of technology and there is a number of decisions to be made regarding
the choices for physical connection as well as related communication software.
What Does Computer Networking Offer?
Some advantages of computer networking are as follows:
It permits users to share information, e.g., through file sharing, as well as computer hardware, e.g.,
network printers.
Tasks of distributed nature can be processed by networked computer systems by exchanging data and
intermediate results among themselves.
For example, Fedex tracks the courier items during their
delivery.
It helps improve human communication by reducing physical document flow and transposition error, e.g.,
through e-mail.
Communication Overheads
In addition to the extra software and hardware, data communications involve a number of overhead costs too.
Such overheads exhibit in form of extra control information and processing time that are required to make the
data communication feasible and reliable. Some overheads are listed below:
Each computer/terminal/node in a network must be assigned with a unique address so that messages
can be directed to the right destinations. This implies that every message has to be tagged with a
destination node’s address which is stored in the header of a packet.
Instead of transmitting entire message through the network in one shot, a message is divided into small
pieces, often referred to as packets, before it is directed to the network so that a transmission error will
only require the retransmission of the problematic packet instead of the entire message. Typically a
sequence number is included in each packet header for the reconstruction of the original message.
To ensure an error-free communication, messages are usually tagged with control information (e.g.,
checksum) for error detection and probably error recovery too. To avoid negotiating with the source host
for a retransmission of a packet that encounters a transmission error, control information that support
error recovery instead of error detection only is often included in the trailer of a packet.
To reduce communication cost, messages are often compressed before transmission. Compressed
messages are decompressed at the receiving end.
For applications like e-commerce, data security is needed and thus messages are encrypted before
transmission and decrypted at the other end.
82
SOHO Networking and Internet Activites
For large computer networks, communication nodes may be linked together in more than one way (e.g.,
via different paths on the Internet). Thus, a decision must be made to choose which communication path
(or route) to use. In practice, the decision is typically made by a kind of data communication equipment
called router.
The above points indicate the necessity of including additional control information to the message before
transmission. Those control information may either be stored in the header or trailer of the data packet.
For example, node address is typically stored in the header whereas checksum is typically stored in the
trailer.
Teaching remark
One way to introduce the topic communication overheads is to use the analogy of posting a letter. The
purpose of sending a letter is of course to bring a message across to the recipient. However we need to
write the message down on a piece of paper (encoding), enclosing the letter with an envelope (like control
information in data communication) with an address written on (recipient address to locate the address).
The letter is to be carried forward to the recipient by a postman from the post office (which is an external
party). A similar analogy is on moving to a new home. In this case, the idea of packing and unpacking
belongings into boxes before and after the moving would be useful to illustrate the idea of fragmenting
and reconstruction of the message before and after the transmission respectively.
Protection film or
foam rubber that wraps up stuff in the moving example is analogous to the inclusion of control information
(in form of header or trailer) to help achieve a secured data transmission in a networked environment.
Layered Nature of Network Communications (out of syllabus)
Communicating computers need to comply with a set of communication protocols and standards or computer
networking will not succeed. Thus some standard reference framework for computer networking is required.
Nevertheless, as indicated in the last section, data communication among computers is a huge and
complicated task and involves a number of subtasks.
Teaching remarks
A protocol is a convention that enables the connection, communication, and data transfer between two
computing endpoints. A protocol can be defined as the rules governing the syntax, semantics, and
synchronization of communication.
Protocols can be found in daily life too.
Handshaking is an example.
Extending our right hands
outwards (at the syntactic level) is how the handshaking protocol begins. The gesture is a sign for
friendly greeting (at the semantic level). It is expected that the other party will extend their hands to grip
on our hands as a consequence (at the synchronization level).
A standard reference framework based on a monolithic architecture is not only difficult to be understood, it
also entails a lot of practical concerns. In particular, small and even medium size companies will never be
able to get into the market because they do not have enough capitals to tackle the diverse ranges of research
83
SOHO Networking and Internet Activites
and development issues involved in computer networking. In order to avoid those problems, the Open
Systems Interconnection Reference Model (OSI Model or OSI Reference Model for short) was proposed. It
is a layered abstract description for communications and computer network protocol design, developed as
part of the Open Systems Interconnect (OSI) initiative. The OSI seven layers model are depicted in Figure 1.
Figure 1.
The layered OSI model for computer networking. (Extracted from Wikipedia)
The three lower layers define how data are transmitted along the networking media (e.g., cables) and
equipment (e.g., switches and routers) whereas the upper four layers describe how data are received from
the network and go through the host computer.
The layered model offers the following advantages.
It provides a reference framework for network designers and programmers to follow.
Developing networking technology in a specific layer does not need to know the services to be provided
by non-adjacent layers. This simplifies development efforts.
It allows specialization as (even small and medium size) companies can focus their development effort in
selected networking layer(s).
The OSI Model Analogy (out of syllabus)
Wikipedia gives a good analogy to explain the key ideas of the OSI Model (see Figure 2).
84
SOHO Networking and Internet Activites
Figure 2.
Letter communication analogy. Extracted from Wikipedia)
The analogy is about the delivery of letter for the manager of a company to the manager of another company.
Figure 2 is self-explanatory but there are a few points worth mentioning.
From the managers’ viewpoint, they communicate through the letter. They don’t know and don’t care
how the letter was delivered as long as the delivery is done. They only know that the letter is sent out for
(or delivered to) them by their assistants. Similarly, the assistants do not know how the letter would be
delivered but they know the secretaries will arrange the letter delivery for them.
In general, the
secretaries only care about the services that are available from their immediate subordinates (i.e., the
secretaries) and the services that they need to provide to their bosses (i.e., the managers). This reflects
precisely how layers in the OSI Model function.
Only adjacent layers will talk to one another.
In the analogy, every party (from the managers to the deliverymen) plays a part in the letter delivery
process.
This is also the same in the OSI Model. Each layer plays a part in ensuring a secured data
transmission across the networking media.
In the analogy, some parties may add extra things around the original message. For example, the letter
is put into an envelope before mailing. This is the same in the OSI Model. Extra control data (usually
stored as a part of the message header or trailer) are often introduced by the layers at the sender side
85
SOHO Networking and Internet Activites
and removed by the corresponding layers at the receiver side. When considering data content, peer
layers of communicating computers may be considered as communicating with one another using a
“virtual” channel because the data content in the corresponding peer layers of the communicating
computers are essentially the same.
Figure 3.
“Virtual” communication between peer layers of communicating computers.
An Overview of the OSI Model (out of syllabus)
Although the OSI Model gives a reference framework regarding what services that each of the seven layers
are supposed to offer, the practitioners find it difficult to implement standards for the higher level layers
(application, presentation, session and even part of the transport layers) to support ranges of application
programs because the services provided by those layers could be rather different for various application
programs. Compared to the lower level layers (physical, data link, network layers) which are associated with
a popular set of standards, the degree of standardization in the higher level layers lags behind.
Application Layer (out of syllabus)
The application layer provides interfaces to permit applications to request and receive network services with
the use of application programming interfaces (APIs). It handles general network access, flow control and
error recovery at the application level such as dialogue design and incorrect data input handling.
For
example, if a user would like to use a file transfer program to download a file, the typical dialogue would be as
follows:
1. invoke the file transfer program;
2. specify the remote machine to be connected to;
3. log in the remote machine using valid login details;
4. go to the folder or directory where the desired file resides;
5. select whether the file is to be transmitted in text mode or in binary mode;
86
SOHO Networking and Internet Activites
6. issue a command to download the file;
7. sign off from the remote machine; and
8. end the file transfer program.
It is clear that each application program needs to have a dialogue design to fit its own need. With the APIs
provided by the application layer, an application program can define the dialogues that it requires for different
purposes. As to data input validation, the local machine can sometimes determine whether a data input is
correct without communicating with the remote machine.
For example, if the remote machine has not been
logged on to, commands 4 and 6 (and probably 7 too) should not be accepted.
Presentation Layer (out of syllabus)
The presentation layer handles data format information for networked communications so that it can be
understood by systems across the network, e.g., all integers are expressed in a 32-bit format. It manages
protocol conversion, data compression and decompression, data encryption and decryption, character set
issues, and graphics commands. An example of a presentation service would be the conversion of
ASCII-coded text to Unicode-coded text.
In brief, the presentation layer needs to ensure the data that it
passes to the application layer is ready for the application to use and the data that it passes to the session
layer are suitable for network transmission (e.g., compressed for reducing data traffic and encrypted for data
security).
Session Layer (out of syllabus)
The session layer sets up, maintains, and ends ongoing sequences of communications (sessions) between
end-user application processes across networks. It describes whether message is to be sent half-duplex or
full-duplex and provides synchronization services between tasks on both ends of a connection, e.g., if a client
requests for a web page from a web server, the web browser at the client side will wait until the requested
page is received (or a timeout is detected).
Transport Layer (out of syllabus)
The transport layer provides transparent transfer of data between end users, thus relieving the upper layers
from any concern with providing reliable and cost-effective data transfer. The transport layer controls the
reliability of a given link. On the sender side, it fragments large protocol data units (PDUs) from the session
layer into segments.
The layer implements sufficient integrity controls (e.g., sequence number and
checksum) and manages delivery mechanisms to allow for their error-free reassembly on the receiving end of
a network transmission.
For example, backup copies of data (i.e., PDU) are kept so that any data
transmission problem encountered at lower layers that requires a PDU retransmission can be handled by the
transport layer without bothering the upper layers.
Transport layer provides the last chance for error recovery regarding any data error due to networking
problem. The PDUs reconstructed from segments are assumed to be correct. Thus all integrity control
information will be stripped off before those PDUs are passed to the upper layers.
The layer is also
responsible for creating several logical connections over the same physical network connection by
87
SOHO Networking and Internet Activites
multiplexing.
For example, in the Transport Control Protocol (TCP), each software element with the
transport layer is given a transport address, usually is a combination of the network layer address and a 16-bit
numeric value called port number (e.g., FTP uses port number 21 whereas HTTP uses port number 80).
With the use of the TCP address that comprises of an IP address and a port number, data exchanged
between multiple applications that run on the same pair of networked computers will not be mixed up. The
best known example of the transport layer protocol is the Transport Control Protocol (TCP).
Network Layer (out of syllabus)
The network layer provides the functional and procedural means of transferring variable length data
sequences called packets from a source to a destination via one or more networks while maintaining the
quality of service requested by the transport layer. The layer breaks segment into packets and handles
addressing messages for delivery. It translates logical network addresses (e.g., IP address) and names into
their physical counterparts (e.g., network card’s medium access control or MAC address, or physical address)
and vice versa. It decides how to route transmissions from sender to receiver, based on network conditions,
quality of service (QoS) information, cost of alternative routes, and delivery priorities. It also performs flow
control, segmentation/desegmentation, and error control functions. Routers operate at this layer. The layer
permits packets from one kind of medium to traverse another kind of medium. Copy of segments (from the
transport layer) may be stored temporarily for error recovery purpose). The best known example of the
network layer protocol is the Internet Protocol (IP).
Data Link Layer (out of syllabus)
The data link layer manages access to the networking medium and ensures error-free delivery of data frames
(derived from packets) from sender to receiver. Copy of each packet is temporarily kept for error recovery
purpose. The layer provides the functional and procedural means to transfer data frames between network
entities and to detect and possibly correct errors that may occur in the physical layer. The addressing scheme
is physical which means that the addresses (medium access address or MAC) are hard-coded into the
network cards at the time of manufacture. This is the layer at which bridges and switches operate.
Connectivity is provided only among locally attached network nodes. Some functions of the data link layer
may be implemented in a network interface card.
Physical Layer (out of syllabus)
The physical layer defines all the electrical and physical specifications for the communication devices. This
includes the layout of pins, voltages, and cable specifications. Cables, hubs and repeaters are physical-layer
devices. NIC also work at the physical layer. The major functions and services performed by the physical
layer are:
establishment and termination of a connection to a communications medium.
participation in the process whereby the communication resources are effectively shared among multiple
users. For example, contention resolution and flow control.
88
SOHO Networking and Internet Activites
modulation, or conversion between the representation of digital data in user equipment and the
corresponding signals transmitted over a communications channel. These are signals operating over the
physical cabling -- copper and fibre optic, for example - or over a radio link.
Teaching remark (out of syllabus)
Don’t mix up physical layer and physical media.
A physical layer specifies details of physical
connections in a network but it does not include any physical media.
Data Encapsulation and De-encapsulation
When a host computer transmits data across a network to another device, the data are encapsulated with
protocol information at each layer of the OSI model. Figure 4 shows how different protocol information (or
control data) in form of headers and trailers are added or removed in different layers of the OSI model
between the communicating computers. In general, relevant protocol information is inserted as a
fragmented message is moved to the next lower layer and such information will be removed by the destination
host as the bit stream at the physical layer moves up to the upper layers.
Figure 4.
Addition and removal of control data in different layers of the
OSI Model between two communicating computers.
Teaching remark
A lecture-based presentation on how the OSI model works with English narration can be found here.
Similar presentations on several other networking topics can be found at http://www.learntcpip.com/.
Note that the presentations may not be suitable to be shown to students as they cover additional
networking concepts and facts that are irrelevant to the ASCA and ALCS curricula.
Teachers are
advised to scrutinize the presentations before using them in their teaching.
Data Transmission Across Packet Switched Network (Discussion on “circuit switching” is out of syllabus)
In a large network or a network of networks, there is often more than one path or data link that a packet can
traverse from a source host to a destination host.
The OSI model does not define how packets are
transmitted across a network. Instead it specifies decisions that a protocol needs to make when considering
the issue. For example, must all packets of a message be following the same data link? The dominant
89
SOHO Networking and Internet Activites
communications paradigm, packet switching, allows packets to be individually routed over different data links
(see Figure 5). This contrasts with another paradigm, circuit switching, which sets up a dedicated data link
between the source and destination nodes for their exclusive use for the duration of the communication.
Figure 5.
Data transmission across a packet switched network
There are several deficiencies in a circuit switched network.
1. The overhead of setting up a dedicated link before any application data is transferred can be costly
especially when the amount of data to be transferred is small.
2. When any network node in the dedicated data link malfunctions, a new end-to-end connection is needed
to be established before any remaining data can be transmitted.
3. Any spare data transmission capability (which is more commonly known as bandwidth) that is not taken
up by a data transfer in a circuit switched network will be wasted, e.g., when the source host is unable to
transmit data to the network at a speed that reaches the network bandwidth.
Although it may appear that packet switching is far better than circuit switching, such an understanding is not
always correct because of the following reasons.
1. A routing decision is to be made for the transmission of each packet but a routing decision is made once
only in a circuit switched network.
2. In packet switched networks, such as the Internet, each data packet is labeled with the complete
destination address and routed individually. However circuit switched networks, such as the voice
telephone network, allow large amounts of data be sent without continually repeating the complete
destination address as a dedicated data link is used exclusively.
90
SOHO Networking and Internet Activites
In general, packet switching can optimize the use of the network bandwidth (as it can be shared by multiple
data transfers between multiple source and destination hosts) and increase robustness of communication (as
data transfer can be conducted on different data links and any failure on a network node will have minimal
impact to a packet switched network). However circuit switching is not of no value. It aims to achieve
minimal data delay and thus a better quality of services (which is often defined by a maximal tolerable data
delay). Such a property is critical to computer applications that require a smooth data transfer between the
source and destination hosts, e.g., audio and video data.
Applications of Small Office/Home Office (SOHO) Networking
A SOHO network is a small office/home office local area network. A local area network (LAN) is a collection of
computers and other networked devices that fit within the scope of a single physical network. LAN covers a
small local area, like a home, office, or small group of buildings such as a university. Communication media
are owned by the LAN owner. This contrasts to wide area network or WAN which is a computer network
covering a wide geographical area, involving a vast array of computers, e.g. the Internet.
SOHO networks generally are confined to a single room. Such networks generally connect communicating
devices to a router, small switch, or hub through physical cables (in a wired network) or wirelessly (in a
wireless network).
Conceptually the networking technology and basic network components involved in
SOHO networking are not much different from large networks. The major differences are in the scale and
complexity.
Generally SOHO networks are used to share information and hardware like files and printers as well as to
share an Internet access connection. A SOHO network may also have a server, e.g., a web server, which
needs to be accessed.
SOHO networking facilitates a new way of work arrangement called telecommuting, telework or working from
home (WFH). Employees enjoy flexibility in working location and hours (within limits). The motto is that
“work is something you do, not something you travel to”. A successful telecommuting programme requires a
management style which is based on results, i.e., “managing by objective”, and not on close scrutiny of
individual employees, i.e., “managing by observation”.
Wikipedia has the following description about the potential benefits of telecommuting.
Telecommuting is seen as a solution to traffic congestion (due to single-car commuting) and the
resulting urban air pollution and petroleum use. Initial investments in the network infrastructure and
hardware are balanced by an increased productivity and overall greater well-being of telecommuting
staff (more quality family time, less travel-related stress), which makes the arrangement attractive to
companies, especially those who face large office overhead and other costs related to the need for a
big central office (such as the need for extensive parking facilities).
91
SOHO Networking and Internet Activites
The above excerpt indicates that the impact of networking technology is far beyond the technology arena. In
fact, many large companies in the United States (of America) have successfully taken advantage of the
networking technology to save their operational costs. One example is that many USA companies establish
their telephone support services in India. When their clients make a phone enquiry to them, the calls are
actually connected to their staff in India with the use of Internet phone technology. The labour cost in India is
perhaps less than one-tenth of the America counterpart.
A Computer Network Scenario
To help explain concepts about SOHO networking, the following scenario is created (see Figure 6).
Note
that the computer network being described is a LAN instead of a SOHO network. The LAN is composed of
three smaller LANs and a web server which are separated by a firewall (which will be introduced later). The
network adopts the TCP/IP protocol and thus each of the network devices is allocated with an IP address.
Note that some IP addresses are reserved for special purposes. For instance, some IP addresses are used
for message broadcasting and some others support message multicasting to predefined groups of network
devices.
Figure 6.
A computer network scenario.
92
SOHO Networking and Internet Activites
The given network scenario describes the computer network of a small trading company. It has a sales
department and an inventory section. The company is managed by a manager who has a personal assistant.
All the parties mentioned above need to use computers to support their duties in the company. Considering
the confidentiality issue, computers of the manager and his assistant are connected to a peer-to-peer
subnetwork (which will be detailed later) which is separated from the other two subnetworks of the company
network – one for the inventory section and another for the sales department. The subnetwork for the
inventory section is a wireless network composed of wireless access points (which will be introduced later)
and a combination of desktop and handheld computers. Some access points are installed in the warehouse to
enable the inventory clerks to update the inventory database online during inventory checks. The last
subnetwork is owned by the sales department. It is a client-server subnetwork (which will be detailed later).
In order to save cost, a printer server is set up to allow users to share the network printer. Besides, instead
of allocating one computer to each staff member in the department, a pool of computers is kept. To access a
computer, a user needs to log in. All user files are kept in the file server instead of the local machines so that
the sales staff does not need to remember on which computer systems that they have stored their file in the
past. For promotion purpose, the company has set up its company website. All computers in the company
are Internet enabled.
Peer-to-Peer Network vs. Client-Server Network
Server Computer
A server computer or simply a server is a computer that provides a (remote) service to other computer(s) by
some kind of network. As shown in Subnet A in Figure 6, the services can lead to sharing of information (e.g.
file sharing), hardware (e.g., printer sharing) or other types of resource sharing (e.g., IP address sharing
through the use of a DHCP server which will be elaborated later). Web services provided by a web server is
another example on resource sharing (see top of Figure 6).
Client Computer
A client computer or simply a client is a computer that accesses a (remote) service on another computer by
some kind of network. In Subnet A (in Figure 6), four computers can access the services of the DHCP, file
and printer servers within the subnet and the services of its own web server (outside the subnet).
Peer-to-Peer Network
In a peer-to-peer network, any computer can function as either a client or a server, e.g. one computer shares
its DVD-recorder while another shares its printer for one another. No one computer has any higher priority to
access, or heightened responsibility to provide, shared resources on the network. The user access privilege
for each computer resource in a peer-to-peer network is maintained separately.
The advantages of peer-to-peer networking are:
Easy to install and configure
Needs no dedicated administrator
Not dependent on a dedicated server (and thus no single point of failure)
93
SOHO Networking and Internet Activites
Individual users control their own shared resources
Needs no additional equipment or software beyond a suitable operating system, e.g., MS Windows XP
Inexpensive to purchase and operate
Works best for simple networks with a few users
The disadvantages of peer-to-peer networking are:
Network security applies only to a single resource at a time
Users may be forced to use as many passwords as there are shared resources (unless some
“centralized” coordination effort
Each machine must be backed up individually to protect all shared data
Access of a shared resource causes a reduced performance of the machine where the resource resides
suffers
No centralized organizational scheme to locate or control access to data
Does not work well as the number of users grows or for complex networks
Client-Server Network
In a client-server network, user computers act as clients of dedicated server machines that handle network
requests from their clients. As a server needs to respond to the requests of a number of clients, it usually
requires a more powerful machine.
The advantages of client-server networking are:
Simplified network administration due to the use of centralized user accounts, security, and access
controls
More powerful equipment enables clients to have more efficient access to network resources
Appropriate for networks with five or more users or any networks where resources are used heavily
The disadvantages of client-server networking are:
Server failure can result in a network unusable, or at least in loss of network resources
Complex, special-purpose server software requires allocation of expert staff, which increases expenses
Dedicated hardware and specialized software add to the cost
Basic Network Components
A number of network components are used in the computer network scenario given in Figure 6. They are
client computers, server computers (e.g., web server, file server and printer server), dial-up and cable
modems, hubs, switches, routers including the Internet Service Provider (ISP) (broadband) routers, gateways,
and wireless access points. Other network components that are not explicitly shown in the diagram include
network interface cards (NIC) and networking media, etc. There are also some network components which
are omitted in the diagram such as repeaters and bridges. All those components will be introduced below.
Networking Media
94
SOHO Networking and Internet Activites
A networking medium, which may be tangible (e.g., cables in a wired network) and intangible (e.g., radio
signal in a wireless network), is a medium across which network data can travel in the form of a physical
signal, whether it is a type of electrical transmission or some sequence of light pulses. Examples of tangible
media are coaxial cable, twisted pair cable, and fiber-optic cables.
Examples of intangible media are
infrared, microwave and radio wave. Details about networking media will be given later.
Figure 7.
A network cable.
Network Interface Card
A network interface card (NIC)or network adaptor establishes and manages the network connection of a
network device. It translates parallel digital computer data into serial signals appropriate for transmission
along the network medium and serial signals into parallel digital computer data for incoming network data.
Figure 8.
A network interface card.
Teaching remark
To test an NIC, issue a ping command to the loopback IP address 127.0.0.1 in a command window.
Virtually any data written to a network that starts with the number 127 will be written to the output buffer of
the NIC and then read in form the input buffer of the same NIC. If the NIC works properly, a screen
output similar to the one below will be displayed.
95
SOHO Networking and Internet Activites
Dial-up Modem
Telephone lines are not suitable for carrying digital signal as it was designed for carrying voice which is
analog in nature. A dial-up modem (a short form of modulator-demodulator) modulates digital signal from a
source host to analog signal before it gets into the telephone network and analog signal is demodulated back
to digital signal for the destination host at the other end. A dialup modem can be either internal (like a PCI
card) or external (see Figure 9). Due to the slow data rate (i.e., bandwidth) of the telephone network, it is
almost obsolete nowadays.
Figure 9.
A dial-up modem.
A specific type of modem is called the Asymmetric Digital Subscriber Line (ADSL or DSL) modem. For most
Internet users, the download data rate is far more important than the upload rate as most of their data traffics
are of the download type. ADSL modems enable faster data transmission over copper telephone lines by
supporting faster data flow in one direction than the other, i.e., asymmetrically. The basic design rationale is
that there is likely to be more crosstalk (i.e., undesirable electrical interference) from other circuits at the
digital subscriber line access multiplexer end (where the wires from many local loops are close together) than
at the customer premises. Thus the upload signal is weakest at the noisiest part of the local loop, while the
download signal is strongest at the noisiest part of the local loop. This explains why the download data rate
is configured to be higher than the upload data rate.
Cable Modem
96
SOHO Networking and Internet Activites
A cable modem (see Figure 10) is a special type of modem that is designed to modulate a data signal over
cable television infrastructure by taking advantage of unused bandwidth on a cable television network (e.g.
i-CABLE of CableTV). It is primarily used to deliver broadband Internet access. Cable modems usually
deliver speeds comparable to that of ADSL modems though the latter generally have better upload speeds.
Users in a neighborhood share the available bandwidth provided by a single coaxial cable line. Therefore,
connection speed can vary depending on how many people are using the service at the same time. Since
cable networks tend to be spread over larger areas than ADSL services, more care should be taken to ensure
good network performance.
Figure 10.
A cable modem.
Hub
A hub is a device for connecting multiple network devices together (see Figure 11), making them act as a
single segment and providing bandwidth which is shared among all the connected devices. A hub typically
provides four or more ports (through which data are sent and received) into which a plug or cable connects.
Figure 11.
A hub.
Nowadays most hubs are active in the sense that they serve as a repeater too. A repeater is an electronic
device that receives a weak or low-level signal, then amplifies, reshapes, retimes, or performs a combination
of any of these functions on the received signal and finally retransmits it at a higher level or higher power, so
that the signal can cover longer distances without degradation. Data signals are weakened or degraded as
they traveled along the media due to energy loss. For example, data signals in form of electrical pulse lose
energy, usually in form of heat, as they pass along a conductive wire. Such a phenomenon is known as
signal attenuation. An attenuated signal may be too weak to be discerned and that is why repeaters are
sometimes introduced in a computer networks.
Teaching remark
Hubs, repeaters and network cables work at the physical layer of OSI Model.
97
SOHO Networking and Internet Activites
Switch
A switch (see Figure 12) offers the link management that a hub can provide, with greater bandwidth and
intelligence. Unlike hubs which are designed to connect network devices in a particular way (i.e., network
topology), a switch can be “programmed” to support a variety of networking topologies.
Figure 12.
A switch.
A switch can also be configured to organize groups of devices into virtual LANs to route transmission among
one or more groups of selected attached devices. Data received by a hub is broadcast to all connected
devices including any non-destination nodes through the hub’s port and it is up to those devices to decide
whether they need to act on the received data. Switches are intelligent enough to identify and use only the
port(s) to which the destination devices are connected. Thus, unlike a hub, a switch allows multiple data
transmissions across a switch at the same time as long as the data transmissions do not involve the use of
the same ports. This means that a switch can potentially support a larger bandwidth than a hub.
Nowadays, switches are often used to replace network hubs and some people may refer a switch to as an
intelligent hub.
Teaching remark
Switches work at the physical layer of OSI Model.
Bridge (out of syllabus)
A network bridge or bridge connects multiple segments of a local area network together. Unlike repeaters
which work at the physical layer, bridges work along the data link layer of the OSI Model.
The key
advantage of bridges over repeaters is that bridges can filter traffic to ease congestion of network traffic. A
bridge keeps a list of MAC addresses and the network segment of each address. When the bridge receives
a data packet, it compares the packet’s source and destination addresses to its bridge table. If the two
addresses are found to be on the same network segment, the bridge discards the data packet as there is no
need to forward it to another network segment. Otherwise, the bridge sends the packet to all segments
except the one that received the packet. As a bridge table will be examined for each data transfer, the speed
of bridges is slower than that of repeaters.
Router
A router (see Figure 13) forwards data packet across different networks, if necessary, through a process
known as routing until it reaches its destination.
98
SOHO Networking and Internet Activites
Figure 13.
A router.
Teaching remark
Routing work at the network layer of OSI Model.
Wikipedia gives a brief description of routers (including Figure 14) as follows:
In non-technical terms, a router acts as a junction between two networks to transfer data packets
among them. A router is essentially different from a switch that connects devices to form a Local Area
Network (LAN). One easy illustration for the different functions of routers and switches is to think of
switches as neighborhood streets, and the router as the intersections with the street signs. Each
house on the street has an address within a range on the block. In the same way, a switch connects
various devices each with their own IP address(es) on a LAN. However, the switch knows nothing
about IP addresses except its own management address. Routers connect networks together the
way that onramps or major intersections connect streets to both highways and freeways, etc. The
street signs at the intersection (routing table) show which way the packets need to flow.
Figure 14.
Routers are like intersections whereas switches are like streets.
In the above diagram, the disc symbols represent routers whereas the rectangles represent switches. Other
network devices are shown by their IP addresses only. As a router connects two networks together and thus
it uses two IP addresses, one in each network. A router that connects clients to the Internet, usually
provided by an Internet Service Provider (ISP), is called an edge router or ISP router.
Wireless Access Point
A wireless access point (WAP or AP) is a device that connects wireless communication devices together to
99
SOHO Networking and Internet Activites
form a wireless network (see Figure 15). The WAP usually connects to a wired network, and can relay data
between wireless devices and wired devices.
Figure 15.
A wireless access point.
In SOHO networking, a wireless broadband router is often used instead of a WAP as most wireless
broadband router is really three devices in one box. First, there is a WAP. Second, it serves as a hub to
connect to several networking devices. Finally, the router function ties it all together and lets the whole
network share a high-speed cable or DSL Internet connection.
Gateway
Gateways, also called protocol converters (see Figure 16), can operate at any layer of the OSI model.
Typically, a gateway converts one protocol stack into another.
It is much more complex than that of a router
or switch. A gateway is commonly positioned at the common intersection between a LAN and a WAN (which
is typically the Internet in a SOHO network). There the gateway commonly performs address translation
(NAT), presenting all of the LAN traffic to the WAN as coming from the gateway’s WAN IP address and doing
packet sorting and distribution of return WAN traffic to the local network.
Figure 16.
A gateway.
Firewall
A firewall aims at preventing any communications forbidden by the security policy.
It can be implemented in
a piece of hardware (see Figure 17) and/or software. It has the basic task of controlling traffic between
different zones of trust. Typical zones of trust include the Internet (a zone with no trust) and an internal
network (a zone with high trust). The goal is to provide controlled connectivity between zones of different trust
levels through the enforcement of a security policy and connectivity model based on the least privilege
principle (see Figure 18). Proper configuration of firewalls requires considerable understanding of network
protocols and of computer security. Small mistakes can render a firewall worthless as a security tool.
100
SOHO Networking and Internet Activites
Figure 17.
Figure 18.
A (hardware) firewall.
Controlling traffic between different zones of trust with firewalls.
The DMZ indicated in Figure 18 stands for a demilitarized zone. It is a network area (a subnet) that sits
between an organization’s internal network and an external network such as the Internet. Connections from
the internal and the external network to the DMZ are permitted, whereas connections from the DMZ are only
permitted to the external network – hosts in the DMZ may not connect to the internal network. This allows the
DMZ’s hosts to provide services to the external network while protecting the internal network in case intruders
compromise a host in the DMZ. For someone on the external network who wants to illegally connect to the
internal network, the DMZ is a dead end. The DMZ is typically used for connecting servers that need to be
accessible from the outside world, such as e-mail, web and domain name servers.
Internet Access Methods
A network can access the Internet through a dedicated leased line or a usual phone line of the public
telephone network (using a dial-up modem), or the cable TV network (using cable modem) or other ISP
broadband networks (using ADSL modem, for instance). Broadband connections to the Internet through
cable or ADSL modems support both wired and wireless networks.
Table 1 gives the characteristics of various Internet access methods in terms of the equipment required, cost,
data transfer rate, service reliability and number of users that the Internet access can support. Although it
may sound reasonably to use a broadband Internet access instead of a leased line from a cost view point, the
latter has the advantage of being more reliable due to the use of a dedicated line. For some time critical
101
SOHO Networking and Internet Activites
applications which require a guarantee quality of service in the response time, there may be a point to stick to
the seemingly more expensive leased line option.
Modem dialup
Leased line
Broadband
Cable or ADSL modem,
Equipment
Dialup modem,
Modem,
ISP router,
required
telephone lines
telephone lines
Category 5e/6 cable
and/or optical fiber cable
Monthly
cost
Data
transfer
rate
Very low. Less than
High.
HKD$100
Typically costs
HK$1000+
Low to high.
HKD$100-1000+ per
month
Medium to fast.
Fast to very fast.
Slow, support up to
128Kbps (ISDN
56Kbps only
connection) to 45Mbps
(T3 connection)
Typically
1.5Mps-1000Mbps
Low. Internet
Excellent as the
Good. Data noise may
Service
connection can be
connection is not
occur occasionally due to
reliability
interrupted by
shared with any other
bandwidth sharing within
incoming phone calls.
people
the same building.
The bandwidth is
The bandwidth is
adequate for supporting
adequate for supporting a
dozens to a few
few to a few dozens of
hundreds of users.
users.
No. of
users
(rough
Single user only. May
consider it as a backup
resource.
estimate)
Table 1.
Characteristics of various Internet access methods in terms of equipment required, cost, data
transfer rate, service reliability and number of supported users.
Wired LAN vs. Wireless LAN
Table 2 compares the characteristics of wired and wireless networks.
Wired network
Wireless network
Equipment
Network interface card (NIC)
Wireless NIC (or WNIC)
required
Network cable
Wireless Access Point
Cost
Lower
Higher
Data transfer rate
100-1,000Mbps (various Ethernet
Supported up to 54Mbps (IEEE
(for home use)
implementations)
802.11g)
Data security
Not a serious concern
Reliability
An important issue (as data are
broadcast over the air)
Network reliability is good. Data
Network reliability can be
retransmission is rarely required.
seriously affected by the
102
SOHO Networking and Internet Activites
surrounding environment.
Data
retransmission is almost a norm.
Mobility
Little
Good
Restricted by network structure
LAN
(which is set during physical
Interconnection
network configuration)
Table 2.
No pre-defined network structure
restriction
Characteristics of wired network and wireless network.
SOHO Networking Basics
Author’s remarks
Part of the materials in this set of handout is adapted from Wikipedia and Guide to Networking Essentials
(2nd edition) published by Course Technology.
This set of materials is co-developed by Chung, C.F. Jeffrey and Alvin C. M. Kwan.
What is Internet Protocol?
The Internet Protocol (IP) is a connectionless protocol (at the network layer of OSI Model) used by source and
destination hosts for communicating data across a packet-switched inter-network. IP is well known as it is the
network layer protocol adopted by the Internet.
As a connectionless protocol, IP has the following
characteristics:
Data exchange occurs between source and destination hosts with no path setup – IP can immediately
start sending packets
each IP packet is individually routed through the network
Send data across the network to its destination without guaranteeing receipt
Higher layers handle packet sequencing and certain data integrity control issues
IP packets in a connectionless communication are also referred to as datagrams. Figure 1 displays the
structures of two IP packets that adopt two different transport layer protocols – User Datagram Protocol (UDP)
and Transmission Control Protocol (TCP).
Teaching remark
UDP is a connectionless protocol but TCP is a connection oriented protocol. TCP requires a connection
establishment before sending data and a connection termination on completion of sending data. More
succinctly, TCP connections have three phases: (1) connection establishment; (2) data transfer, and (3)
connection termination.
103
SOHO Networking and Internet Activites
Figure 1.
Structures of TCP packet and UDP packets.
For implementing the Internet Protocol, a unique number must be assigned manually or by Dynamic Host
Configuration Protocol (DHCP) server to every device in the network in order to allow them to identify each
other. We called those unique numbers as IP address. Any participating device – including routers, client
computers, servers, and printers – must have its own address. This allows information passed onwards on
behalf of the sender to indicate where to send it next, and for the receiver of the information to know that it is
the intended destination.
Dynamic IP Allocation with Dynamic Host Configuration Protocol (DHCP)
Assigning IP addresses to network devices statically have a number of drawbacks.
Every newly added network device must be manually assigned with an unused IP address within the
network.
Network devices that are switched off still occupy IP addresses.
Devices that are moved from a sub-network to another sub-network need to have their IP addresses
altered.
One way to reduce the above effort is to assign an IP address dynamically to each network device when it is
turned on. That can be done with the use of dynamic host configuration protocol (DHCP), which is a
client-server protocol that allows automatic IP addresses and subnet mask assignment to network devices.
Wikipedia has the following description about the dynamic IP address allocation using DHCP
A network administrator assigns a range of IP addresses to DHCP, and each client computer on the
LAN has its TCP/IP software configured to request an IP address from the DHCP server when that
client computer's network interface card starts up.
Dynamic IP address allocation can resolve all the mentioned problems regarding the assignment of static IP
address to network devices. Note that dynamic IP address allocation is not suitable for systems that require
a static address, such as web servers.
104
SOHO Networking and Internet Activites
IP Addressing
IP Address Format (IPv4)
IP address is a logical address of 32-bit long which is written as four numbers separated by 8-bit octets. Each
number ranges from 0 to 255. Thus, the numbers used in IP addresses range from 0.0.0.0 to
255.255.255.255
in
decimal
form
or
00000000.00000000.00000000.00000000
to
11111111.11111111.11111111.11111111 in binary form, though some of these values are reserved for
specific purposes.
An IP address has specified the particular network a host was attached to, and a rest
field, which gave the address of the host within that network.
IP Address Class
Originally, the 32-bit IP address consisted of an 8-bit network number field which specified the particular
network a host was attached to, and a rest field, which gave the address of the host within that network.
These mean originally, the 32-bit IP address is designed for a few, large, networks and supported 28=256
networks only. This is definitively not enough for the modern Internet and LANs. In order to overcome the
problem, the definition of the meaning of IP addresses was changed, to classify 5 different classes IP address
and allow 3 different sizes of network and number of host supported. The five classes are Class A, Class B,
Class C, Class D and Class E. The first three classes of IP addresses are used to large, medium, and small
networks whereas the Classes D and E addresses are normally not used.
The following table introduces you 5 different classes of IP address:
n indicates a binary slot used for network ID.
s indicates a binary slot used for host ID.
x indicates a binary slot (without specified purpose).
Class A (0.0.0.0 – 127.255.255.255)
From: 0.0.0.0 = 00000000.00000000.00000000.00000000
To: 127.255.255.255 = 01111111.11111111.11111111.11111111
Pattern: 0nnnnnnn.ssssssss.ssssssss.ssssssss
Class A IP addresses support large-sized networks and supports 167,77,214 hosts per network.
Class B (128.0.0.0 – 191.255.255.255)
From: 128.0.0.0 = 10000000.00000000.00000000.00000000
To: 191.255.255.255 = 10111111.11111111.11111111.11111111
Pattern: 10nnnnnn.nnnnnnnn.ssssssss.ssssssss
Class B IP addresses support medium-sized networks and supports 65,534 hosts per network.
105
SOHO Networking and Internet Activites
Class C (192.0.0.0 – 223.255.255.255)
From: 192.0.0.0 = 11000000.00000000.00000000.00000000
To: 223.255.255.225 = 11011111.11111111.11111111.11111111
Pattern: 110nnnnn.nnnnnnnn.nnnnnnnn.ssssssss
Class C IP addresses support small-sized networks and supports 254 hosts per network. We
almost always use Class C in a SOHO network.
Class D (224.0.0.0 – 239.255.255.255) (For multicast only)
From: 224.0.0.0 = 11100000.00000000.00000000.00000000
To: 239.255.255.255 = 11101111.11111111.11111111.11111111
Pattern: 1110XXXX.XXXXXXXX.XXXXXXXX.XXXXXXXX
Class D IP addresses will not be used normally.
Class E (240.0.0.0 – 255.255.255.255) (Reserved for the future)
From: 240.0.0.0 = 11110000.00000000.00000000.00000000
To: 255.255.255.255 = 11111111.11111111.11111111.11111111
Pattern: 1111XXXX.XXXXXXXX.XXXXXXXX.XXXXXXXX
Class E IP addresses will not be used normally.
Table 1.
IP address classes.
Such a change was enough to work in the short run, only. The principal problem was that most sites were too
big for a “class C” network number, and received a “class B” number instead. With the rapid growth of the
Internet, the available pool of class B addresses (basically 214, or about 16,000 total) was rapidly used up.
Classful networking was replaced by Classless Inter-Domain Routing (CIDR), starting in about 1993, to solve
this problem (and others). However the discussion of CIDR is beyond the scope of the ACSA and ALCS
curricula.
Special Address Ranges
Some IP addresses are reserved for special uses. Table 2 gives some special address ranges.
Addresses
0.0.0.0 0.255.255.255
10.0.0.0 10.255.255.255
CIDR Equivalent
Purpose
Class
Total # of
0.0.0.0/8
Zero Addresses
A
16,777,216
A
16,777,216
10.0.0.0/8
Private IP
addresses
106
SOHO Networking and Internet Activites
127.0.0.0 127.255.255.255
169.254.0.0 169.254.255.255
172.16.0.0 172.31.255.255
192.0.2.0 192.0.2.255
192.88.99.0 192.88.99.255
192.168.0.0 192.168.255.255
198.18.0.0 198.19.255.255
224.0.0.0 239.255.255.255
240.0.0.0 255.255.255.255
127.0.0.0/8
169.254.0.0/16
172.16.0.0/12
192.0.2.0/24
192.88.99.0/24
192.168.0.0/16
198.18.0.0/15
Localhost
Loopback Address
Zeroconf
Private IP
addresses
Documentation and
Examples
IPv6 to IPv4 relay
Anycast
Private IP
addresses
Network Device
Benchmark
A
16,777,216
B
65,536
B
1,048,576
C
256
C
256
C
65,536
C
131,072
224.0.0.0/4
Multicast
D
268,435,456
240.0.0.0/4
Reserved
E
268,435,456
Table 2.
Special IP address ranges.
It is important to note that there is a range of IP addresses reserved for private use within each of the
Classes A, B and C. Those addresses are often used for network devices on a LAN.
Subnet
Sub-network (usually known as a subnet) is the “all ones” bit pattern that masks the network portion of an IP
address in a classful network. Subnetting an IP network allows you to break down what appears (logically) to
be a single large network into smaller ones. It was introduced to allow a single site to have a number of local
area networks. It reduces the number of entries in the Internet-wide routing table (by hiding information
about all the individual subnets inside a site). As a side benefit, it also resulted in reduced network overhead,
107
SOHO Networking and Internet Activites
by dividing the parts which receive IP broadcasts. Note that only devices which have IP address within the
same subnet can communicate with each other. You will need a router for communication between subnets.
A subnet mask is created by setting high-order bits to one in a 32-bit binary number.
A logical AND
operation is done on a selected IP address and its subnet mask to compute the subnet number that the
current network device resides.
Only network devices of same subnets can communicate among
themselves. Below are some examples regarding the use of subnet masks.
Example 1:
Example 2:
Example 3:
108
SOHO Networking and Internet Activites
Note that a subnet mask must be set to have successive ones followed by successive zeroes. Thus it is
illegal to have a subnet mask of 255.255.255.1 but 255.255.255.128 is fine.
Security Threats
The First Security Threat – Virus
Introduction
A computer virus is a type of program that can replicate itself by making (possibly modified) copies of it. The
main criterion for classifying a piece of executable code as a virus is that it spreads itself by means of “hosts”.
A virus can only spread from one computer to another when its host is taken to the uninfected computer, for
instance by a user sending it over a network or carrying it on a removable media. Additionally, viruses can
spread to other computers by infecting files on a network file system or a file system that is accessed by
another computer such as file server’s files. Viruses are sometimes confused with worms. A worm, however,
can spread itself to other computers without needing to be transferred as part of a host.
A virus is a type of program created by some programmers called “virus writers”. Virus writers can have
various reasons for creating and spreading viruses. Viruses have been written as research projects, pranks,
vandalism, to attack the products of specific companies, to distribute political messages, and to obtain
financial gain from identity theft or spyware. Some virus writers consider their creations to be works of art, and
see virus writing as a creative hobby. Therefore the damages causes by virus are mainly depending on the
virus writer’s skill and wish. Virus can damage computer files and systems, steal information from you and
even damage your computer hardware.
Viruses can infect different types of hosts. The most common targets are executable files that contain
application software or parts of the operating system. Viruses have also infected the executable boot sectors
of floppy disks, script files of application programs, and documents that can contain macro scripts.
109
SOHO Networking and Internet Activites
Additionally, viruses can infect files in ways other than simply inserting a copy of their code into the code of
the host program. For example, a virus can overwrite its host with the virus code, or it can use a trick to ensure
that the virus program is executed when the user wants to execute the (unmodified) host program. Viruses
have existed for many different operating systems, including MS-DOS, Mac OS and even Linux; however, the
vast majority of viruses affect Microsoft Windows.
Replication Strategies
In order to replicate itself, a virus must be permitted to execute code and write to memory. For this reason,
many viruses attach themselves to executable files that may be part of legitimate programs. If a user tries to
start an infected program, the virus’ code may be executed first. Viruses can be divided into two types, on the
basis of their behaviours when they get executed. Non-resident viruses immediately search for other hosts
that can be infected, infect these targets, and finally transfer control to the application program they infected.
Resident viruses do not search for hosts when they are started. Instead, a resident virus loads itself into
memory on execution and transfers control to the host program. The virus stays active in the background and
infects new hosts when those files are accessed by other programs or the operating system itself.
Nonresident viruses can be thought of as consisting of a finder module and a replication module. The
finder module is responsible for finding new files to infect. For each new executable file the finder module
encounters, it calls the replication module to infect that file.
Here is a sample of viruses replicate task:
1.
Locate an unchecked executable file
2.
Check if the executable file has already been infected (if it is, return to the finder module of the virus)
3.
Append the virus code to the executable file
4.
Save the executable’s starting point
5.
Change the executable’s starting point so that it points to the start location of the newly copied virus
code
6.
Save the old start location to the virus in a way so that the virus branches to that location right after its
execution.
7.
Save the changes to the executable file
8.
Close the infected file
9.
Return to the finder so that it can find new files for the virus to infect.
Resident viruses contain a replication module that is similar to the one that is employed by non-resident
viruses. However, this module is not called by a finder module. Instead, the virus loads the replication module
into memory when it is executed and ensures that this module is executed each time the operating system is
called to perform a certain operation. For example, the replication module can get called each time the
operating system executes a file. In this case, the virus infects every suitable program that is executed on the
computer.
110
SOHO Networking and Internet Activites
Avoiding Detection (out of syllabus)
In order to avoid detection by users, some viruses employ different kinds of obfuscation. Some old
viruses, especially on the MS-DOS platform, make sure that the "last modified" date of a host file stays
the same when the file is infected by the virus. This approach does not fool anti-virus software,
however.
Some viruses can infect files without increasing their sizes or damaging the files. They accomplish this
by overwriting unused areas of executable files. These are called cavity viruses. For example the CIH
virus, or Chernobyl Virus, infects Portable Executable files. Because those files had many empty gaps,
the virus, which was 1 KB in length, did not add to the size of the file.
Recent viruses avoid any kind of detection attempt by attempting to kill the tasks associated with the
virus scanner before it can detect them.
Here are some other methods to avoid detection by users or antivirus program:
1. Stealth – Some viruses try to trick anti-virus software by intercepting its requests to the operating
system. The virus can then return an uninfected version of the file to the anti-virus software, so that
it seems that the file is “clean”.
2. Self-modification – Most modern antivirus programs try to find virus-patterns inside ordinary
programs by scanning them for called virus signatures. Some viruses employ techniques that make
detection by means of signatures difficult or impossible. These viruses modify their code on each
infection. That is, each infected file contains a different variant of the virus.
3. Encryption with a variable key – A more advanced method is the use of simple encryption to
encode the virus. In this case, a virus scanner cannot directly detect the virus using signatures.
Fortunately, virus scanner can still detect the decrypting module, which makes indirect detection of
the virus possible.
4. Polymorphic code – Polymorphic code was the first technique that posed a serious threat to virus
scanners. Just like regular encrypted viruses, a polymorphic virus infects files with an encrypted
copy of itself, which is decoded by a decryption module. In the case of polymorphic viruses however,
this decryption module is also modified on each infection.
Solution – Anti-virus Software
To protect our system from virus, we must install anti-virus software to our system. Anti-virus software
consists of computer programs that attempt to identify, thwart and eliminate computer viruses and other
malicious software. To accomplish this, anti-virus software typically uses two different techniques:
1.
Examining (scanning) the contents of the computer’s memory (its RAM, and boot sector) and the files
stored on fixed or removable drives (hard drives, floppy drives), to look for known viruses matching
definitions (e.g. virus signatures) in a virus dictionary
2.
Identifying suspicious behaviours from any computer program which might indicate infection. Such
analysis may include data captures, port monitoring and other methods.
111
SOHO Networking and Internet Activites
Some anti-virus software can also warn a user if a file is likely to contain a virus based on the file type; some
antivirus vendors also claim the effective use of other types of heuristic analysis. Some anti-virus programs
are also able to scan opened files in addition to sent and received emails “on the fly” in a similar manner. This
practice is known as “on-access scanning”.
Anti-virus software does not change the underlying capability of host software to transmit viruses. There have
been attempts to do this but adoption of such anti-virus solutions can void the warranty for the host software.
Users must therefore update their software regularly to patch security holes. Anti-virus software also needs to
be regularly updated in order to gain knowledge about the latest threats and hoaxes.
Anti-virus software examples include Norton Antivirus, McAfee and Sophos.
The Second Security Threat – Worm
Introduction
A computer worm is a self-replicating computer program, similar to a computer virus. A virus attaches itself to,
and becomes part of, another executable program; however, a worm is self-contained and does not need to
be part of another program to propagate itself. They are often designed to exploit the file transmission
capabilities found on many computers. In addition to replication, a worm may be designed to do a number of
things, such as delete files on a host system or send documents via email. More recent worms may be
multi-headed and carry other executables as a payload. However, even in the absence of such a payload, a
worm can cause havoc just with the network traffic generated by its reproduction. Advanced worm, for
example Mydoom, can even cause a noticeable worldwide Internet slowdown at the peak of its spread.
Replication Strategies
In order to replicate itself, worm always install a backdoor in the infected computer, as was done by Mydoom.
These zombie computers are used by spam senders for sending junk email or to cloak their website’s address.
Spammers, person who sends “junk” e-mail messages, are thought to pay for the creation of such worms, and
worm writers have been caught selling lists of IP addresses of infected machines, others try to blackmail
companies with threatened denial-of-service (DoS) attacks. The backdoors can also be exploited by other
worms, such as Doomjuice, which spreads using the backdoor opened by Mydoom.
Worm Example – Mydoom
Mydoom, also known as Novarg, Mimail.R and Shimgapi, is a computer worm affecting Microsoft Windows. It
was first sighted on January 26, 2004. It became the fastest spreading email worm ever as of January 2004.
Mydoom is primarily transmitted via e-mail, appearing as a transmission error, with subject lines including
"Error," "Mail Delivery System," "Test" or "Mail Transaction Failed" in different languages, including English
and French. The mail contains an attachment that, if executed, resends the worm to email addresses found in
local files such as a user’s address book. Mydoom also installs a backdoor on port 3127/tcp on the subverted
PC to allow remote control by hackers and establishes a denial of service attack against the website of the
controversial company SCO Group, timed to commence 1 February 2004.
Solution
Some commonly adopted measures to stop worms from spreading are as follows:
112
SOHO Networking and Internet Activites
Anti-virus software – Anti-virus software can effectively identify, thwart and eliminate computer worms. Please
refer to previous section for more information.
Patch – Worm make use of bugs to spread. Operating System such as Windows needs to be regularly
patched in order to gain knowledge and fix the latest bugs.
Firewall – Firewall is a piece of hardware and/or software which functions in a networked environment to
prevent some communications forbidden by the security policy. Firewall is also called a packet filter which
means it does not allow packets to pass through the firewall unless they match the rules. The firewall
administrator may define the rules; or default built-in rules may apply. A more permissive setup could allow
any packet to pass the filter as long as it does not match one or more “negative-rules”, or “deny rules”. Modern
firewalls can filter traffic based on many packet attributes like source IP address, source port, destination IP
address or port, destination service like WWW or FTP. They can filter based on protocols, domain name of
the source, and many other attributes.
Therefore, we can filter all the network packets and traffics which we don’t want including the network packets
created by worm. Hence we can successfully block worm, Trojan horse, back door, unauthorised assess and
DoS attack.
Examples of firewall are Norton Internet Security, ZoneAlarm.
The Third Security Threat –Trojan Horse
Introduction
Trojan horse, also known as Trojan, is a malicious program that is disguised as legitimate software. The term
is derived from the classical myth of the Trojan horse. In the siege of Troy, the Greeks left a large wooden
horse outside the city. The Trojans were convinced that it was a gift, and moved the horse to a place within
the city walls. It turned out that the horse was hollow, containing Greek soldiers who opened the city gates of
Troy at night, making it possible for the Greek army to pillage the city. Trojan horse programs work in a similar
way: they may look useful or interesting (or at the very least harmless) to an unsuspecting user, but are
actually harmful when executed.
Trojan horse programs cannot replicate themselves, in contrast to some other types of security threats, like
viruses or worms. A Trojan horse can be deliberately attached to otherwise useful software by a cracker, or it
can be spread by tricking users into believing that it is a useful program. Trojan Horses often contain spying
functions, such as a packet sniffer, or backdoor functions that allow a computer, unknown to the owner, to be
remotely controlled from the network by hackers, creating a “zombie computer”, resulting in data loss, data
stolen and system damage.
113
SOHO Networking and Internet Activites
It’s basic difference from computer viruses is that a Trojan horse is technically a normal computer program
and does not possess the means to spread itself. Originally Trojan horses were not designed to spread
themselves. They relied on fooling people to allow the program to perform actions that they would otherwise
not have voluntarily performed. Trojans of recent times also contain functions and strategies that enable their
spreading. This moves them closer to the definition of computer viruses, and it becomes difficult to clearly
distinguish such mixed programs between Trojan horses and viruses.
Replication Strategies
As mentioned, Trojan horse programs cannot replicate themselves. So how a computer can be infected?
Here are some examples:
Websites: You can be infected by visiting a rogue website. Internet Explorer is most often targeted by
makers of Trojans and other pests. Even using a secure web browser, such as Mozilla's Firefox or
Opera, if Java is enabled, your computer has the potential of receiving a Trojan horse.
Instant message: Many get infected through files sent through various messengers. This is due to an
extreme lack of security in some instant messengers, such of MSN messenger.
E-mail: Attachments on e-mail messages may contain Trojans.
Trojan Horse Example - Sub7
Sub7, or SubSeven, is the name of a popular Trojan or backdoor program. It is mainly used by script kiddies
for causing mischief, such as hiding the computer cursor, changing system settings or loading up
pornographic websites. However, it can also be used for more serious criminal applications, such as stealing
credit card details with a keystroke logger.
Sub7 is usually stopped by antivirus software and a firewall, and with popular operating systems providing
these features built in, it may become less of a computer security problem.
In common with other backdoor programs, Sub7 is distributed with a server and a client. The server is the
program that victims must be enticed to run in order to infect their machines, and the client is the program with
a GUI that the cracker runs on his own machine to control the server. Sub7 allows crackers to set a password
on the server, theoretically so that once a machine is owned; no other crackers can take control of it.
However, the Sub7 server also has a master password, allowing anyone who knows the master password to
take over the machine. In older versions, the master password is now known to be 14438136782715101980
but this does not work on the most recent version.
Solution
Anti-virus software – Anti-virus software can effectively identify, thwart and eliminate computer Trojan
horse.
Firewall – can filter all the network packets and traffics which we don’t want including the network
packets created by worm. Hence we can successfully block worm, Trojan horse, back door,
unauthorised assess and DoS attack.
Precautions – Trojan horses can be protected against through end user awareness. If a user does not
open unusual attachments that arrive unexpectedly, any unopened Trojan horses will not affect the
114
SOHO Networking and Internet Activites
computer. This is true even if you know the sender or recognize the source’s address. Even if one
expects an attachment, scanning it with updated antivirus software before opening it is prudent. Files
downloaded from file-sharing services such as BT are particularly suspicious, because (P2P)
file-sharing services are regularly used to spread Trojan horse programs.
The Fourth Security Threat – Spyware
Introduction
Spyware covers a broad category of malicious software designed to intercept or take partial control of a
computer’s operation without the informed consent of that machine’s owner or legitimate user. While the term
taken literally suggests software that secretly monitors the user, it has come to refer more broadly to software
that subverts the computer’s operation for the benefit of a third party.
Spyware differs from viruses and worms in that it does not usually self-replicate. Like many recent viruses,
however, spyware - by design - exploits infected computers for commercial gain. Typical tactics furthering this
goal include delivery of unsolicited pop-up advertisements; theft of personal information which including
financial information such as credit card numbers, monitoring of web-browsing activity for marketing purposes;
or routing of HTTP requests to advertising sites.
Replication Strategies
As mentioned, spyware programs cannot replicate themselves. Instead, spyware gets on a system through
deception of the user or through exploitation of software vulnerabilities.
The most direct route by which spyware can get on a computer involves the user installing it. However, users
are unlikely to install software if they know that it may disrupt their working environment and compromise their
privacy. So many spyware programs deceive the user, either by piggybacking on a piece of desirable
software, or by tricking the user to do something that installs the software without realizing it. For example,
Bonzi Buddy, a spyware program targeted at children, claims that:
He will explore the Internet with you as your very own friend and sidekick! He can talk, walk, joke, browse,
search, e-mail, and download like no other friend you've ever had! He even has the ability to compare prices
on the products you love and help you save money! Best of all, he's FREE!
Spyware can also come bundled with shareware or other downloadable software, as well as music CDs. The
user downloads a program such as a music program or a file-trading and installs it; the installer additionally
installs the spyware. Although the desirable software itself may do no harm, the bundled spyware does. In
some cases, spyware authors have paid shareware authors to bundle spyware with their software. In other
cases, spyware authors have repackaged desirable software with installers that add spyware.
A third way of distributing spyware involves tricking users by manipulating security features designed to
prevent unwanted installations. The security features of the design of the Internet Explorer web browser
militate against allowing Web sites to initiate an unwanted download. Instead, a user action, such as clicking
on a link, must normally trigger a download. However, links can prove deceptive: for instance, a pop-up ad
may appear like a standard Windows dialog box. The box contains a message such as "Would you like to
optimize your Internet access?" with links which look like buttons reading “Yes” and “No”. No matter which
“button” the user presses, a download starts, placing the spyware on the user’s system.
115
SOHO Networking and Internet Activites
Spyware Example - Bonzi Buddy
Figure 1. Bonzi Buddy’s user interface.
Bonzi Buddy is an on-screen software agent from BONZI Software. It is a well-known example of spyware,
with computer speed, privacy and ease of use all affected by installing the program. When someone installs
Bonzi Buddy, his or her homepage gets set to www.bonzi.com.
Solution - Anti-spyware programs
Many programmers and commercial firms have released products designed to remove or block spyware.
Anti-spyware programs can combat spyware in two ways: real-time protection, which prevents spyware from
being installed and scanning and removal of spyware. Scanning and removal is usually simpler, and so many
more programs have become available which do so. The program inspects the contents of the Windows
registry, the operating system files, and installed programs, and removes files and entries which match a list
of known spyware components. Real-time protection from spyware works identically to real-time anti-virus
protection: the software scans incoming network data and disk files at download time, and blocks the activity
of components known to represent spyware. In some cases, it may also intercept attempts to install start-up
items or to modify browser settings. Anti-spyware program needs to be regularly updated in order to gain
knowledge about the latest spywares.
An anti-spyware program example is Lavasoft's Ad-Aware.
The Fifth Security Threat –Unauthorised Access
Introduction
Through its authorization service, an operating system protects computer resources by only allowing resource
consumers that have been granted authority to use them. Examples of resources are individual files or data
items, computer programs, computer devices and functionality provided by computer applications. Examples
of consumers are computer users, computer programs and other devices on the computer.
So why do we need authorization to access various sorts of resources? Simply put, we may not want
expensive computer resources, such as colour laser printers, being accessed by everyone. We do not want
116
SOHO Networking and Internet Activites
our intranet which contains internal information be accessed by public and we do not want our students be
allowed to install software in the school network, etc.
Solution – Access and User Right Control
Access and user right control includes authentication, authorization and audit. Those means can be
implemented through the use of biometric scans, metal locks, digital signatures, encryption, and monitoring
(by humans and automated systems), etc.
Authorization may be implemented using role based access control, access control lists. Role-Based Access
Control (RBAC) is an approach to restricting system access to authorized users. Within an organization, roles
are created for various job functions. The permission to perform certain operations or permissions are
assigned to specific roles. Members of staff, or other system users, are assigned particular roles, and through
those role assignments acquire the permissions to perform particular system functions.
Since users are not assigned permissions directly, but only acquire them through their role(s), management of
individual user rights becomes a matter of simply assigning the appropriate roles to the user (see Figure 2),
which simplifies common operations such as adding a user, or changing a user's department.
Figure 2. Example of role based access control.
Access control list (ACL) is a list used to enforce privilege separation. It is a means of determining the
appropriate access rights to a given object depending on certain aspects of the process that is making the
request, principally the process’s user identity.
The list is a data structure, usually a table, containing entries that specify individual user or group rights to
specific system objects, such as a program, a process, a file or a directory. Each accessible object contains
an identifier to its ACL. The privileges or permissions determine specific access rights to the object, such as
read from, write to or execute an object. Figure 3 shows the access control list for a file (“bob.gif”) in MS
Windows.
117
SOHO Networking and Internet Activites
Figure 3. Example of access control list.
The difference between ACL and RBAC is that RBAC is used in traditional discretionary access control
systems in that it assigns permissions to specific operations with meaning in the organization, rather than to
low level system objects. The assignment of permission to perform a particular operation is meaningful,
because the operations are fine grained and themselves have meaning within the application.
Authentication concerns ways to ensure users are who they say they are and who attempts to perform
functions in a system is in fact the user who is authorized to do so.
If a computer system is supposed to be used only by those authorized users, it must be able to detect and
exclude any unauthorized usage. Access to the computer system is usually controlled by an authentication
procedure to establish with some degree of confidence the identity of the user, thence granting those
privileges as may be authorized to that identity. To accomplish this, authentication, such as user login,
biometric scans and digital signatures must be implemented.
User login – users using their own login name, password and even biometric scans such as finger print to
login into the system and identify themselves. Hence suitable authorization and permission will be granted
depends on their identity.
Digital signatures – is a type of method for authenticating digital information analogous to ordinary physical
signatures on paper, but implemented using techniques from the field of public-key cryptography. A digital
signature method generally defines two complementary algorithms, one for signing and the other for
verification, and the output of the signing process is also called a digital signature. Digital signature’s
118
SOHO Networking and Internet Activites
public-key cryptosystems allow anybody to identify themselves and sending message using the public key. A
signature allows the recipient of a message to be confident that the sender is indeed who he or she claims to
be. Hence suitable authorization and permission will be granted depends on their identity.
The public-key cryptography which digital signature is using is a form of cryptography which generally allows
users to communicate securely without having prior access to a shared secret key, by using a pair of
cryptographic keys, designated as public key and private key, which are related mathematically. In public key
cryptography, the private key is generally kept secret, while the public key may be widely distributed. In a
sense, one key “locks” a lock; while the other is required to unlock it. It should not be possible to deduce the
private key of a pair given the public key.
The most obvious value of a public key encryption system is confidentiality; a message which a sender
encrypts using the recipient’s public key can only be decrypted by the recipient’s paired private key.
Public-key digital signature algorithms can be used for sender authentication. For instance, a user can
encrypt a message with his own private key before sending it. If another user can successfully decrypt it using
the corresponding public key, this provides assurance that the first user (and no other) sent it.
These characteristics are useful for many other applications, like digital cash, password-authenticated key
agreement, multi-party key agreement, etc.
Audit – audit trail is a record of transactions or communications related to a single person, account or other
entity (see Figure 4). It shows who has accessed a computer system and what operations he or she has
performed during a given period of time. To keep an audit trail, we can make use of the audit function
provided by the operating system or some audit software.
The Sixth Security Threat – Interception
Introduction
Interception means someone intercept the network packet in the middle of the network during the packet
transmitting process. The one who intercepted the packet can read, delete or even retransmit after editing the
message in the packet or the packet itself. This is a serious threat to data security.
To accomplish interception, we can make use of some software programs or computer hardware called sniffer.
They can intercept and log traffic passing over a computer network. As data stream back and forth over the
network, the sniffer captures each packet and eventually decodes and analyzes its content according to the
corresponding specifications. Besides wired sniffer, we also have wireless sniffer. A wireless sniffer captures
the packets sent from a computer through the computer’s wireless network card to an access point or another
computer. It captures these packets as raw data with the packet information header.
119
SOHO Networking and Internet Activites
Figure 4. Example of audit trail.
Sniffer Example - Ace Password Sniffer
Ace Password Sniffer is a powerful password sniffer and password monitoring utility. Ace Password Sniffer
can listen on LAN and capture passwords of any network user. Currently Ace Password Sniffer can monitor
and capture passwords through FTP, POP3, HTTP, SMTP, and Telnet, etc.
Figure 5 gives a snapshot of
the running of the software.
WEP is part of the IEEE 802.11 standard ratified in September 1999. WEP uses the stream cipher RC4 (see
http://en.wikipedia.org/wiki/RC4_cipher for an introduction of RC4) for confidentiality and the CRC-32
checksum for integrity.
Note that in 2001, a research revealed the encryption key in RC4 could be discovered by analyzing large
number of messages encrypted with this key. This in turn becomes a potential weakness in WEP. A more
secured scheme for encrypting data transmitted over a radio network is wi-fi protected access (WPA and
WPA2).
For wired network, we can use IP security (IPSec). IPSec is a set of cryptographic protocols for securing
Internet Protocol (IP) communications by encrypting and/or authenticating all IP packets. There are two IPSec
components, they are Encapsulating Security Payload (ESP) which provides authentication, data
confidentiality and message integrity, and Authentication Header (AH) which provides authentication and
message integrity, but does not offer confidentiality. Originally AH was only used for integrity and ESP was
used only for encryption; authentication functionality was added subsequently to ESP.
To achieve additional security, we can use Virtual Private Network (VPN). VPN use tunnelling protocols to
provide the necessary confidentiality (preventing snooping), sender authentication (preventing identity
spoofing), and message integrity (preventing message alteration) to achieve the privacy intended. When
properly chosen, implemented, and used, such techniques can provide secure communications over
unsecured networks. Because such choice, implementation and use are not trivial, there are insecure VPN
schemes on the market. One secure VPN implementation uses Layer 2 Tunnelling Protocol and IPSec
together (L2TP/IPSec). So far, no one can intercept the transmitting data packet in a L2TP/IPSec VPN
connection.
120
SOHO Networking and Internet Activites
Figure 5. Password sniffer.
Solution – IPSec, VPN and WEP (technical details are out-of-syllabus)
To avoid data being eavesdropped during transmission, data can be encrypted before transmission so that
any intercepted data cannot be interpreted easily.
For wireless radio network like IEEE-802.11g, we may use Wired Equivalent Privacy (WEP), one of the
schemes to achieve a secure wireless networks in a certain degree. WEP was intended to provide
comparable confidentiality to a traditional wired network, hence the name.
VPN
How many times have you been at a friends house or at work and said 'Gosh, I wish I could get at that file on
my hard drive at home'. With a broadband Internet connection and a shiny new 'VPN Router', you can
connect to your home network over the Internet from anywhere on the planet SECURELY.
Our goal will be to establish an
IPSec
VPN
connection
from
somewhere on the Internet to your
home network. In addition, the
remote computer will be able to
mount network file shares (and
printers too!) located on the home
network.
121
SOHO Networking and Internet Activites
Most of the consumer level VPN routers operate just about the same way because they all licensed the same
IPSec code. The only differences are the number of simultaneous 'VPN Tunnels' they support and how many
different 'VPN Profiles' they support at once. They also have the same performance levels - 500kbps to
700kbps max IPSec throughput.
A 'VPN Tunnel' is simply an IPSec VPN connection in this case. Each remote computer connecting to your
home network is one VPN Tunnel.
A 'VPN Profile' is a set of parameters that define how your router will connect to other VPN end points. Some
routers support multiple profiles making it easy to use for connecting to your work Intranet 'and' using it to dial
into from the road.
Configuration Overview
In this example, we will be working with two computers and a VPN Router. Throughout the screen shots and
the rest of the article, I will refer to the following IP address. Please write them down or print them for
reference, it will help you understand the rest of the article.
Home WAN IP: 24.60.60.100 (from your ISP)
Home LAN Router IP: 192.168.100.1
Home LAN IP Network: 192.168.100.0: Subnet 255.255.255.0
Computer on Home LAN: 192.168.100.2
Remote (friends) computer on the Internet: 24.60.60.200
http://www.homenethelp.com/vpn/router-config.asp
122
SOHO Networking and Internet Activites
Introduction to Disaster Recovery
"He didn't backup the data, so our team lost last week's work"
Have you ever heard or experienced of that? Although disaster rarely happens, once it does the price is
always higher than what you thought. Try to image your personal computer suddenly broke down and you
lost all of your teaching materials, PowerPoint and worksheets for which you have spent weeks or even
months to prepare. The trouble is severe. Now imagine the serious of the trouble if a computer network
breaks down.
In order for you and your organization to effectively protect your resources from potential disaster, you
should invest in implementing a disaster recovery plan to minimize data loss and allow data recovery
even disaster happened.
Disaster recovery is the ability of an infrastructure or system to restart operations after a disaster. Disaster
recovery is used both in the context of data loss prevention and data recovery.
There are two primary metrics to demonstrate recoverability following failure:
Recovery Point Objective (RPO) is the point in time that the restarted infrastructure will reflect. Essentially,
this is the roll-back that will be experienced as a result of the recovery. Reducing RPO requires increasing
synchronicity of data replication.
Recovery Time Objective (RTO) is the amount of time that will pass before an infrastructure is available.
Reducing RTO requires data to be online and available at a failover site.
Disaster Examples
Before a disaster recovery plan is created, we must understand what kinds of disaster we will face and
how to solve these problems. Here are some examples.
Physical damage
A wide variety of failures can cause physical damage to storage media. CD-ROMs can have their metallic
substrate or dye layer scratched off; hard disks can suffer any of several mechanical failures, such as
head crashes and failed motors; and tapes can simply break. Physical damage often causes some data
loss, and in many cases damages the logical structures of the file system. This causes logical damage
that must be dealt with before any files can be used again.
Most physical damages cannot be repaired by end users. For example, opening a hard disk in a normal
environment can allow dust to settle on the surface, causing further damage to the platters. End users
generally do not have the right tools or technical expertise to make these sorts of repairs.
Logical damage
Far more common than physical damage is logical damage to a file system. Logical damage is primarily
caused by power outages that prevent file system structures from being completely written to the storage
medium, but problems with hardware and drivers, as well as system crashes, can have the same effect.
The result is that the file system is left in an inconsistent state. This can cause a variety of problems, such
as drives reporting negative amounts of free space, system crashes, or an actual loss of data. Various
123
SOHO Networking and Internet Activites
programs exist to correct these inconsistencies, and most operating systems come with at least one
rudimentary repair tool for their native file systems. Linux, for instance, comes with the fsck utility, and
Microsoft Windows provides chkdsk. Third-party utilities are also available, and some can produce
superior results by rescuing data even when the disk cannot be recognized by the operating system’s
repair utility.
Two main techniques are used by these repair programs. The first, consistency checking, involves
scanning the logical structure of the disk and checking to make sure that it is consistent with its
specification.
The second technique for file system repair is to assume very little about the state of the file system to be
analyzed and to rebuild the file system from scratch using any hints that any undamaged file system
structures might provide. This strategy involves scanning the entire drive and making note of all file
system structures and possible file boundaries, then trying to match what was located to the
specifications of a working file system. Some third-party programs use this technique, which is notably
slower than consistency checking. It can, however, rescue data even when the logical structures are
almost completely destroyed. This technique generally does not repair the underlying file system, but
merely allows for data to be extracted from it to another storage device.
Creating Disaster Recovery Plan
As mentioned, disaster recovery should include data loss prevention and data recovery. In the following
paragraphs, some important techniques for data loss prevention and data recovery will be highlighted.
Data Loss Prevention
Technique 1 – Using Uninterruptible Power Supply (UPS)
At power failures, disk controller may report file system structures have been saved to the disk when it
has not actually occurred. This can often occur if the drive stores data in its write cache at the point of
failure, resulting in a file system in an inconsistent state such that the journal itself is damaged or
incomplete. One solution to this problem is using disk controllers equipped with a battery backup so that
the waiting data can be written when power is restored. Finally, the entire system can be equipped with a
battery backup that may make it possible to keep the system on in such situations, or at least to give
enough time to shut down properly. This battery backup is called “Uninterruptible Power Supply (UPS)”.
UPS, is a device or system that maintains a continuous supply of electric power to certain essential
equipment that must not be shut down unexpectedly. The equipment is inserted between a primary power
source and the equipment to be protected for the purpose of eliminating the effects of a temporary power
outage and transient anomalies. They are generally associated with telecommunications equipment,
computer systems, and other facilities such as airport landing systems and air traffic control systems
where even brief commercial power interruptions could cause injuries or fatalities, serious business
disruption or data loss.
In order to prevent blackouts, UPS will use a process called load shedding. This reduces the amount of
124
SOHO Networking and Internet Activites
power being sent to the consumers but does not eliminate it entirely. This drop in voltage is also
sometimes called a voltage sag or a brownout. UPS will also protect equipment upon the occurrence of a
brownout by using its internal batteries to correct the drop in voltage. The single biggest event that
brought attention to the need for UPS power backup units was the big power blackout of 2003 in the
north-eastern US and eastern Canada.
There are nine standard power problems that a UPS may encounter. They are as follows:
1.
Power failure.
2.
Power sag (under voltage for up to a few seconds).
3.
Power surge (over voltage for up to a few seconds).
4.
Brownout (long term under voltage for minutes or days).
5.
Long term over voltage for minutes or days.
6.
Line noise superimposed on the power waveform.
7.
Frequency variation of the power waveform.
8.
Switching transient (under voltage or over voltage for up to a few nanoseconds).
9.
Harmonic multiples of power frequency superimposed on the power waveform.
Technique 2 – Using Redundant Array of Independent Disks (RAID)
RAID is a system of using multiple hard drives for sharing or replicating data among the drives.
Depending on the version chosen, the benefit of RAID is one or more of increased data integrity,
fault-tolerance, throughput or capacity compared to single drives. Its key advantage is the ability to
combine multiple low-cost devices into an array that offered greater capacity, reliability, or speed, or a
combination of these things, than was affordably available in a single device.
RAID specification suggested a number of prototype “RAID levels”, or combinations of disks. Each has
theoretical advantages and disadvantages. The most common as well as provide functionality to prevent
data loss and fault-tolerance one are RAID 1 and RAID 5. A simple animation that illustrates how a
RAID
system
delivers
its
fault-tolerance
behavior
http://www.adtron.com/expertise/activeraid.html.
RAID 1
Figure 1. RAID 1 configuration.
125
can
be
found
at
SOHO Networking and Internet Activites
RAID 1 creates an exact copy (or mirror) of a set of data on two or more disks. This is useful when write
performance is more important than minimizing the storage capacity used for redundancy. The array can
only be as big as the smallest member disk, however. A classic RAID 1 mirrored pair contains two
identical disks, which increases reliability over a single disk, but it is possible to have more than two disks.
Since each member can be addressed independently if the other fails, reliability increases with the
number of disks in the array. To truly get the full redundancy benefits of RAID 1, independent disk
controllers are recommended, one for each disk. Some refer to this practice as splitting or duplexing.
When reading, both disks can be accessed independently. Thus the average seek time is reduced. The
transfer rate would be almost doubled as data can be accessed in parallel. In general, the more disks are
used in the array, the better the performance of the disk array. The only limit is how many disks can be
connected to the controller and its maximum transfer speed.
RAID 1 has many administrative advantages. For instance, in some 365*24 environments, it is possible to
“Split the Mirror”: make one disk inactive, do a backup of that disk, and then “rebuild” the mirror. This
requires that the application supports recovery from the image of data on the disk at the point of the mirror
split. This procedure is less critical in the presence of the “snapshot” feature of some file systems, in
which some space is reserved for changes, presenting a static point-in-time view of the file system.
Alternatively, a set of disks can be kept in much the same way as traditional backup tapes are.
RAID 5
Figure 2. RAID 5 configuration.
RAID 5 uses block-level striping with parity data distributed across all member disks. RAID 5 has
achieved popularity due to its low cost of redundancy. Generally RAID-5 is implemented with hardware
support for parity calculations.
Every time a data block is written on a disk in an array, a parity block is generated within the same stripe.
A block is often composed of many consecutive sectors on a disk. A series of blocks from each of the
disks in an array is collectively called a “stripe”. If another block, or some portion of a block, is written on
126
SOHO Networking and Internet Activites
that same stripe the parity block is recalculated and rewritten. The disk used for the parity block is
staggered from one stripe to the next, hence the term “distributed parity blocks”. RAID-5 writes are
expensive in terms of disk operations and traffic between the disks and the controller.
The parity blocks are not read on data reads, since this would be unnecessary overhead and would
diminish performance. The parity blocks are read, however, when a read of a data sector results in a
cyclic redundancy check (CRC) error. In this case, the sector in the same relative position within each of
the remaining data blocks in the stripe and within the parity block in the stripe are used to reconstruct the
errant sector. The CRC error is logged down but this would not hinder the operations of the computer
system. Likewise, should a disk fail in the array, the parity blocks from the surviving disks are combined
mathematically with the data blocks from the surviving disks to reconstruct the data on the failed drive “on
the fly”. This is sometimes called Interim Data Recovery Mode. The operating system knows that a disk
drive has failed and it notifies the administrator that a drive needs replacement; applications running on
the computer are unaware of the failure. Reading and writing to the drive array continues seamlessly,
though with some performance degradation. In RAID 5, where there is a single parity block per stripe,
the failure of a second drive results in total data loss.
The maximum number of drives in a RAID-5 redundancy group is theoretically unlimited, but it is common
practice to limit the number of drives. The tradeoffs of larger redundancy groups are greater probability of
a simultaneous double disk failure, the increased time to rebuild a redundancy group, and the greater
probability of encountering an unrecoverable sector during RAID reconstruction. In a RAID 5 group, the
mean time between failures (MTBF) can become lower than that of a single disk. This happens when the
likelihood of a second disk failing out of (N-1) dependent disks, within the time it takes to detect, replace
and recreate a first failed disk, becomes larger than the likelihood of a single disk failing.
RAID-5 implementations suffer from poor performance when faced with a workload which includes many
writes that are smaller than the capacity of a single stripe because parity must be updated on each write,
requiring read-modify-write sequences for both the data block and the parity block. More complex
implementations often include non-volatile write back cache to reduce the performance impact of
incremental parity updates.
In the event of a system failure while there are active writes, the parity of a stripe may become
inconsistent with the data. If this is not detected and repaired before a disk or block fails, data loss may
ensue as incorrect parity will be used to reconstruct the missing block in that stripe. This potential
vulnerability is sometimes known as the “write hole”. Battery-backed cache and other techniques are
commonly used to reduce the window of vulnerability of this occurring.
Data Recovery
Technique – Using Backup
127
SOHO Networking and Internet Activites
Backup means copying of data for the purpose of having an additional copy of an original source. If the
original data is damaged or lost, the data may be copied back from that source, a process which is known
as data recovery or data restore. The “data” in question can be either data as such, or stored program
code, both of which are treated the same by the backup software. Backups differ from an archive in that
the data is necessarily duplicated, instead of simply moved.
Backups are most often made from hard disk based production systems to large capacity magnetic tape,
hard disk storage, or optical write-once read-many (WORM) disk media like CD-R, DVD-R and similar
formats. As broadband access becomes more widespread, network and remote backups are gaining in
popularity. There are quite a few companies (found by Google Keyword Search) offering Internet-based
backup. During the period 1975–95, most personal/home computer users associated backup mostly with
copying floppy disks. However, recent drop in hard disk prices, and its number one position as the most
reliable re-writeable media, makes it one of the most practical backup media.
To plan for Backup, several strategies should be considered:
1.
A backup should be easy to do.
2.
A backup should be automated and rely on as little human interaction as possible.
3.
Backups should be made regularly.
4.
A backup should rely on standard, well-established formats.
5.
A backup should not use compression. Uncompressed data is easier to recover if the backup
media is damaged or corrupted.
6.
A backup should be able to run without interrupting normal work.
7.
Rely on standard formats.
8.
If a backup spans multiple volumes, recovery should not rely on all volumes being readable or
present.
9.
If you use certain medium to do your backup on, you also need to have a drive available that can
read it.
10.
Backup media needs to be read from time to time, to make sure the data is still readable. Also,
the data needs to be copied to a new medium if it's about to disappear. Will you be able to read
a CD-R in 10 years' time?
11.
Each of the different media has benefits and drawbacks. Also consider the cost per gigabyte
when comparing different solutions.
12.
Proper backup relies on at least two copies, stored on different media, kept at different locations.
13.
In the case of a disaster, no one will be able to think clearly, and act accordingly. For this reason,
checklists need to exist that outline what to do.
14.
Staff needs proper training in what to do in case of disaster occurred.
To perform backup, you should use some backup software to help such as ntbackup in Windows XP
environment (see Figure 3).
128
SOHO Networking and Internet Activites
Figure 3. ntbackup – a data backup and recovery tool in Windows XP.
To perform network backup, which means backup data to network backup server through the network,
you should set up your client computers and network backup server with proper IP and subnet mask.
129
SOHO Networking and Internet Activites
Networking (Advance Level)
Theory by itself
Packets (Frames)
Data in the LAN (Ethernet LAN) or the Internet is in the form of packets, it is encapsulated as below:
Data in an Ethernet is constructed as the above.
IP Packet Structure
All IP packets are structured the same way - an IP header followed by a variable-length data field.
A summary of the contents of the internet header follows:
The header
has to be at
least 20
bytes
Version: 4 bits
The Version field indicates the format of the internet header. There are two commonly used version,
they are IPv4 and IPv6. This document describes version 4 (IPv4). The main difference of IPv4 and
IPv6 is that IPv4 uses 32bits to represent an address where IPv6 uses 128bit to represent an
address.
IHL: 4 bits
Internet Header Length is the length of the internet header in 32 bit words, and thus points to the
beginning of the data. Note that the minimum value for a correct header is 5.
130
SOHO Networking and Internet Activites
Type of Service: 8 bits
The Type of Service provides an indication of the abstract parameters of the quality of service desired.
These parameters are to be used to guide the selection of the actual service parameters when
transmitting a datagram through a particular network. Several networks offer service precedence,
which somehow treats high precedence traffic as more important than other traffic (generally by
accepting only traffic above a certain precedence at time of high load). The major choice is a three
way tradeoff between low-delay, high-reliability, and high-throughput.
Bits 0-2: Precedence.
Bit 3:
0 = Normal Delay, 1 = Low Delay.
Bit 4:
0 = Normal Throughput, 1 = High Throughput.
Bit 5:
0 = Normal Relibility, 1 = High Relibility.
Bit 6-7: Reserved for Future Use.
Precedence
111 - Network Control
011 - Flash
110 - Internetwork Control 010 - Immediate
101 - CRITIC/ECP
001 - Priority
100 - Flash Override
000 - Routine
A defined Quality of Service may be required for certain types of network traffic, for example:
streaming multimedia may require guaranteed throughput
IP telephony or Voice over IP (VOIP) may require strict limits on jitter and delay
Total Length: 16 bits
Total Length is the length of the datagram, measured in octets (8 bits), including internet header and
data. This field allows the length of a datagram to be up to 65,535 octets. Such long datagrams are
impractical for most hosts and networks. All hosts must be prepared to accept datagrams of up to 576
octets (whether they arrive whole or in fragments). It is recommended that hosts only send datagrams
larger than 576 octets if they have assurance that the destination is prepared to accept the larger
datagrams.
The number 576 is selected to allow a reasonable sized data block to be transmitted in addition to the
required header information. For example, this size allows a data block of 512 octets plus 64 header
octets to fit in a datagram. The maximal internet header is 60 octets, and a typical internet header is
20 octets, allowing a margin for headers of higher level protocols.
131
SOHO Networking and Internet Activites
Identification: 16 bits
An identifying value assigned by the sender to aid in assembling the fragments of a datagram.
Flags: 3 bits
Various Control Flags.
Bit 0: reserved, must be zero
Bit 1: (DF) 0 = May Fragment, 1 = Don't Fragment.
Bit 2: (MF) 0 = Last Fragment, 1 = More Fragments.
Fragment Offset: 13 bits
This field indicates where in the datagram this fragment belongs. The fragment offset is measured in
units of 8 octets (64 bits). The first fragment has offset zero.
Time to Live: 8 bits
This field indicates the maximum time the datagram is allowed to remain in the internet system. If this
field contains the value zero, then the datagram must be destroyed. This field is modified in internet
header processing.
The time is measured in units of seconds, but since every module (hop, say router) that processes a
datagram must decrease the TTL by at least one even if it process the datagram in less than a
second, the TTL must be thought of only as an upper bound on the time a datagram may exist.
The intention is to cause undeliverable datagrams to be discarded, and to bound the maximum
datagram lifetime.
Protocol: 8 bits
This field indicates the next level protocol used in the data portion of the internet datagram. The
values for various protocols are specified in "Assigned Numbers" .
Header Checksum: 16 bits
A checksum on the header only. Since some header fields change (e.g., time to live), this is
recomputed and verified at each point that the internet header is processed.
The checksum algorithm is:
The checksum field is the 16 bit one's complement of the one's complement sum of all 16 bit
words in the header. For purposes of computing the checksum, the value of the checksum
field is zero.
This is a simple to compute checksum and experimental evidence indicates it is adequate, but it is
provisional and may be replaced by a CRC procedure, depending on further experience.
132
SOHO Networking and Internet Activites
Source Address: 32 bits
The source address. See section 3.2.
Destination Address: 32 bits
The destination address. See section 3.2.
NAT
Short for Network Address Translation, an Internet standard that enables a local-area network (LAN) to
use one set of IP addresses for internal traffic and a second set of addresses for external traffic. A NAT
box located where the LAN meets the Internet makes all necessary IP address translations.
NAT serves three main purposes:
Provides a type of firewall by hiding internal IP addresses
Enables a company to use more internal IP addresses. Since they're used internally only, there's
no possibility of conflict with IP addresses used by other companies and organizations.
Allows a company to combine multiple ISDN connections into a single Internet connection.
Static NAT
A type of NAT in which a private IP address is mapped to a public IP address, where the public address
is always the same IP address (i.e., it has a static address). This allows an internal host, such as a Web
server, to have an unregistered (private) IP address and still be reachable over the Internet.
Dynamic NAT
A type of NAT in which a private IP address is mapped to a public IP address drawing from a pool of
registered (public) IP addresses. Typically, the NAT router in a network will keep a table of registered IP
addresses, and when a private IP address requests access to the Internet, the router chooses an IP
address from the table that is not at the time being used by another private IP address. Dynamic NAT
helps to secure a network as it masks the internal configuration of a private network and makes it
difficult for someone outside the network to monitor individual usage patterns. Another advantage of
dynamic NAT is that it allows a private network to use private IP addresses that are invalid on the
Internet but useful as internal addresses.
133
SOHO Networking and Internet Activites
Dynamic NAT with overloading:
Given there is just one unique IP address (real IP, not the virtual IP in the LAN) connected to the
Internet and a group of clients computers behind the NAT router, it will use the feature called
overloading to make the Internet connection sharing works.
When the client computer wants to make an outbound connection, e.g. a web server outside of the
LAN, of course it has its own IP address and its local port number, when the packet passes through
the NAT router, it then will store the IP address and the corresponding port number into its Address
Translation Table and replace it with the unique outgoing IP address with another port number. It is
illustrated in the following table:
Source
Source
Computer's
Computer's
IP Address
Port
A
192.168.32.10
400
215.37.32.203
1
B
192.168.32.13
50
215.37.32.203
2
C
192.168.32.15
3750
215.37.32.203
3
D
192.168.32.18
206
215.37.32.203
4
Source
Computer
NAT Router's
IP Address
NAT Router's
Assigned
Port Number
Look at this table to see how the computers on a stub domain might appear to external networks.
As you can see, the NAT router stores the IP address and port number of each computer in the address
translation table. It then replaces the IP address with it's own registered IP address and the port number
corresponding to the location, in the table, of the entry for that packet's source computer. So any external
134
SOHO Networking and Internet Activites
network sees the NAT router's IP address and the port number assigned by the router as the
source-computer information on each packet.
Now, the sender of the packet will no longer be the real sender but the NAT router and the receiver
will have no idea it is the router or the computer or has it applied the technique "NAT" or not.
When a packet comes back from the destination computer, the router checks the destination port on
the packet. It then looks in the address translation table to see which computer the packet belongs to.
It changes the destination address and destination port to the ones saved in the address translation
table and sends it to that computer.
The computer receives the packet from the router. The process repeats as long as the computer is
communicating with the external system.
Since the NAT router now has the computer's source address and source port saved to the address
translation table, it will continue to use that same port number for the duration of the connection. A
timer is reset each time the router accesses an entry in the table. If the entry is not accessed again
before the timer expires, the entry is removed from the table.
The number of simultaneous translations that a router will support are determined mainly by the amount of
DRAM (Dynamic Random Access Memory) it has. But since a typical entry in the address-translation table
only takes about 160 bytes, a router with 4 MB of DRAM could theoretically process 26,214 simultaneous
translations, which is more than enough for most applications.
135
SOHO Networking and Internet Activites
ROUTING
To effectively routes packets in packet switching networks like the Internet, routers should have constructed a
routing table that stores the cost (here, the more the cost, the slower the network) to different routers (nodes).
Distance Vector Algorithm (DV algorithm, Also known as Dijkstra's Algorithm)
The forward search algorithm can be described informally thus:
C(i,n) is the cost of the least cost path from i to n
l(i,n) is the link cost from i to n
for each node i
for all other nodes set C(i,n) to L(i,n)
repeat
find a node w (not yet considered by the algorithm) such
that C(i,w) is a minimum for all unconsidered nodes
for each node n other than i and w
do
if C(i,w)+L(w,n) < C(i,n)
then
C(i,n) = C(i,w)+L(w,n)
path(i,n) = path(i,w)+path(w,n)
endif
end do
add the node w to the set of nodes considered so far
until all nodes considered
Here's an example of a simple network showing how the forward search algorithm may be used.
Now, we are going to construct the routing table in Node 1 (node, usually means a device with an IP address,
here, it is a router.) So, with respect to node 1, the cost to other node is shown in the following routing table.
Node
1
2
3
4
5
6
7
Cost
0
2
Infinite
5
Infinite
Infinite
Infinite
136
SOHO Networking and Internet Activites
By default, node 1 to node 1 is set to have a cost 0. Since node 3, 5, 6 and 7 do not connect to node 1 directly,
so, their costs have been set to be infinite.
However, since node 3 is connected to node 4 and node 2, so, with respect to node 1, the cost of node 3
would be either
Node 1 -> Node 2 -> Node 3 (which has a cost 2+5=7) OR
Node 1 -> Node 4 -> Node 3 (which has a cost 5+2=7) OR
Node 1 -> Node 2 -> Node 4 -> Node 3 (which has a cost 2+1+2=5)
So, with respect to Node 1, the cost of Node 3 now would be 5. Also, the cost to Node 4 would be changed
into 3. So, the table changed into
Node
1
2
3
4
5
6
7
Cost
0
2
5
3
Infinite
Infinite
Infinite
Route
1-1
1-2
1-2-4-3
1-2-4
/
/
/
Similarly, Forward Search Algorithm will give a routing table as below to show the cost to different nodes with
respect to Node 1. Of course, to ease the loading, we would utilize those low cost routes.
Node
2
3
4
5
6
7
Least cost path
2
5
3
5
6
6
Route
1-2
1-2-4-3
1-2-4
1-2-4-5
1-2-4-5-6
1-2-7
In using this algorithm, we need to assume the network itself is very consistent, i.e. the cost of each node
does not change for a long period of time, however, in the real world, it is not really possible.
To overcome this problem, in a specific period of time, it sends its table to its neighbor routers (not to all
routers) and receives the routing table of each of its neighbors. Based on the information in its neighbors'
routing tables, it updates its own.
Apart from the above imperfection, this algorithm in fact will produce an infinite looping flaw, i.e. after
constructing a routing table for Node 1, the cost to different nodes will be referred in Node 2, and hence, it
may changed the cost of some other nodes with respect to Node 2 (because the least cost node has to be
chosen), and then, it will again affect the cost in the routing table in Node 1 and so on. We call this problem
“Count to infinity”
As the network size grows, the number of routers in the network increases. Consequently, the size of routing
tables increases, as well, and routers can't handle network traffic as efficiently. We use hierarchical routing
to overcome this problem. Let's examine this subject with an example:
We use DV algorithms to find best routes between nodes. In the situation depicted below, every node of the
network has to save a routing table with 17 records. Here is a typical graph and routing table for A:
137
SOHO Networking and Internet Activites
Destination
Line
Weight
A
---
---
B
B
1
C
C
1
D
B
2
E
B
3
F
B
3
G
B
4
H
B
5
I
C
5
J
C
6
K
C
5
L
C
4
M
C
4
N
C
3
O
C
4
P
C
2
Q
C
3
Network graph and A's routing table
In hierarchical routing, routers are classified in groups known as regions. Each router has only the
information about the routers in its own region and has no information about routers in other regions. So
routers just save one record in their table for every other region. In this example, we have classified our
network into five regions (see below).
138
SOHO Networking and Internet Activites
Destination
Line
Weight
A
---
---
B
B
1
C
C
1
Region 2
B
2
Region 3
C
2
Region 4
C
3
Region 5
C
4
Hierarchical routing
If A wants to send packets to any router in region 2 (D, E, F or G), it sends them to B, and so on. As you can
see, in this type of routing, the tables can be summarized, so network efficiency improves. The above
example shows two-level hierarchical routing. We can also use three- or four-level hierarchical routing.
In three-level hierarchical routing, the network is classified into a number of clusters. Each cluster is made up
of a number of regions, and each region contains a number or routers. Hierarchical routing is widely used in
Internet routing and makes use of several routing protocols.
The following article describes how Microsoft Win2003 server works with routing table.
The routing table is built automatically, based on the current TCP/IP configuration of your computer. Each
route occupies a single line in the displayed table. Your computer searches the routing table for an entry that
most closely matches the destination IP address.
Description
Default route
Network
destination
0.0.0.0
139
Netmask
Gateway
Interface
Metric
0.0.0.0
10.0.0.1
10.0.0.169 30
SOHO Networking and Internet Activites
Description
Network
destination
Netmask
Gateway
Interface
Metric
127.0.0.1
1
Loopback network
127.0.0.0
255.0.0.0
127.0.0.1
Local network
10.0.0.0
255.0.0.0
10.0.0.169 10.0.0.169 30
Local IP address
10.0.0.169
255.255.255.255 127.0.0.1
127.0.0.1
30
(1?)
Multicast addresses
224.0.0.0
240.0.0.0
10.0.0.169 10.0.0.169 30
Limited broadcast
255.255.255.255
255.255.255.255 10.0.0.169 10.0.0.169 1
address
Your computer uses the default route if no other host or network route matches the destination address
included in an IP datagram. The default route typically forwards an IP datagram (for which there is no
matching or explicit local route) to a default gateway address for a router on the local subnet. In the above
example, the default route forwards the datagram to a router with a gateway address of 10.0.0.1.
Because the router that corresponds to the default gateway contains information about the network IDs of the
other IP subnets within the larger TCP/IP internet, it forwards the datagram to other routers until the datagram
is eventually delivered to an IP router that is connected to the specified destination host or subnet within the
larger network.
Network destination
The network destination is used with the netmask to match the destination IP address. The network
destination can range from 0.0.0.0 for the default route through 255.255.255.255 for the limited broadcast,
which is a special broadcast address to all hosts on the same network segment.
Netmask
The netmask is the subnet mask that is applied to the destination IP address when matching it to the value in
the network destination. When netmask is written in binary, a "1" must match and a "0" need not match. For
example, a default route uses a 0.0.0.0 netmask that translates to the binary value 0.0.0.0, so bits need not
match. A host route--a route that matches an IP address--uses a 255.255.255.255 netmask that translates to
the binary value 11111111.11111111.11111111.11111111, so all of the bits must match.
Gateway (閘口, 對外的窗口)
140
SOHO Networking and Internet Activites
The gateway address is the IP address that the local host uses to forward IP datagrams to other IP networks.
This is either the IP address of a local network adapter or the IP address of an IP router (such as a default
gateway router) on the local network segment.
Interface (對外的身份)
The interface is the IP address that is configured on the local computer for the local network adapter that is
used when an IP datagram is forwarded on the network.
Metric
A metric indicates the cost of using a route, which is typically the number of hops to the IP destination.
Anything on the local subnet is one hop, and each router crossed after that is an additional hop. If there
are multiple routes to the same destination with different metrics, the route with the lowest metric is selected.
Classless Inter-Domain Routing (CIDR)
IP addresses were originally separated into two parts: the network address (which identified a whole network
or subnet), and the host address (which identified a particular machine's connection or interface to that
network). This division was used to control how traffic was routed in and among IP networks.
Historically, the IP address space was divided into three main 'classes of network', where each class had a
fixed size network address. The class, and hence the length of the network address and the number of hosts
on the network, could always be determined from the most significant bits of the IP address. Without any way
of specifying a prefix length or a subnet mask, routing protocols necessarily used the class of the IP address
specified in route advertisements to determine the size of the routing prefixes to be set up in the routing
tables.
e.g. The prefix bit for class A is 0, class B is 01 and class C is 001, and the number of hosts of class C is 256.
As the experimental TCP/IP network expanded into the Internet during the 1980s, the need for more flexible
addressing schemes became increasingly apparent. This led to the successive development of subnetting
and CIDR. Because the old class distinctions are ignored, the new system was called classless routing.
141
SOHO Networking and Internet Activites
CIDR is principally a bitwise, prefix-based standard for the interpretation of IP addresses. It facilitates routing
by allowing blocks of addresses to be grouped together into single routing table entries. These groups,
commonly called CIDR blocks, share an initial sequence of bits in the binary representation of their IP
addresses. IPv4 CIDR blocks are identified using a syntax similar to that of IPv4 addresses: a four-part
dotted-decimal address, followed by a slash, then a number from 0 to 32: A.B.C.D/N. The dotted decimal
portion is interpreted, like an IPv4 address, as a 32-bit binary number that has been broken into four 8-bit
bytes. The number following the slash is the prefix length, the number of shared initial bits, counting from the
left-hand side of the address. When speaking in abstract terms, the dotted-decimal portion is sometimes
omitted, thus a /20 is a CIDR block with an unspecified 20-bit prefix.
How router works
A router acts as a junction (gateway) between two or more networks to transfer data packets among
them. A router is different from a switch. A switch connects devices to form a Local area network (LAN).
In order to route packets, a router communicates with other routers using routing protocols and using
this information creates and maintains a routing table. The routing table stores the best routes to certain
network destinations, the "routing metrics" associated with those routes, and the path to the next hop
router.
Routing differs from bridging in its assumption that address-structures imply similar addresses located
within the local network, thus allowing a single routing-table entry to represent the route to a group of
addresses. Therefore, routing outperforms bridging in large networks, and it has become the dominant
form of path-discovery on the Internet.
There are different types of routers. E.g. NAT router, home use router, wireless routers etc.
142
SOHO Networking and Internet Activites
How switch works
Switches maintain a list (called a translation table) that maps individual MAC addresses (remember not
IP address) on the network to the physical ports on the switch. This enables it to only send data out of
the physical port where the recipient computer is located, instead of indiscriminately broadcasting the
data out of all ports like a hub (yeah, hub broadcast but not switch). The advantage of this method is
that data is only routed to the computer that the data is specifically destined for.
There are two kinds of switches, cut-through switch and store and forward switch:
Cut-through switches read the MAC address as soon as a packet is detected by the switch.
After storing the 6 bytes that make up the address information, they immediately begin
sending the packet to the destination node, even as the rest of the packet is coming into the
switch.
A switch using store-and-forward will save the entire packet to the buffer and check it for CRC
(cyclic redundancy check, a common technique for detecting data transmission errors)
errors or other problems before sending. If the packet has an error, it is discarded. Otherwise,
the switch looks up the MAC address and sends the packet on to the destination node. Many
switches combine the two methods, using cut-through until a certain error level is reached and
then changing over to store-and-forward. Very few switches are strictly cut-through, since this
provides no error correction.
Port forwarding
Port forwarding (sometimes referred to as tunneling) is the act of forwarding a network port from one
network node to another. This technique can allow an external user to reach a port on a private IP
address (inside a LAN) from the outside via a NAT-enabled router.
For example
For all HTTP request (port 80), a NAT router is set to referred to an IP address 10.129.64.50 (it is in fact
a web server of the domain). So, whenever an HTTP request from a client computer, i.e. by indicating
http://www.abc.com/, originally, the DNS will resolve to give the IP address of the router (which is the
real IP address) and of course, the virtual IP address 10.129.64.50 cannot be indicated by the DNS,
however, when the packets come to the router, since it is a port 80 message, so, it will automatically
redirected to the corresponding web server.)
143
SOHO Networking and Internet Activites
Common Questions:
1.
What is the use of the command “Ping” in computer networking?
“Ping” is a command that sends a number of packets from a computer to another node (it can be a PC
or a network device like a router) to test its connection. By using interval timing and response rate, ping
estimates the round-trip time and packet loss rate between hosts.
2.
Some people will argue that if they are using a router at home, then, it can provide a much more secure
environment to the user, do you agree, explain please.
If you are using a router which provides NAT functions (By default, most of the routers will have this
function), then, the outsiders, theoretically, cannot invade your computer system because now you are
using a virtual IP address.
It is because NAT enables multiple computers to access to the Internet over a single high-speed link.
NAT also typically has the effect of preventing connections from being established inbound into your
computer, whilst permitting connections out. Getting a router in your home improves the security of a
home LAN; some people consider that they don't need a firewall if they have a router.
3.
What is the usual way for a firewall to block unauthorized access?
Usually, there are several ways to a firewall to block and allow access from the Internet.
Block port, it can block a specific range of ports either it is inbound connection or outbound connection.
Inbound connection, a computer with an IP address 212.33.44.55 with port
number 1234 send a HTTP request to our web server (IP address is
218.33.55.66).
Outbound connection, a computer is going to make a connection with a remote
computer, it is called outbound connection.
Block IP address, it can block a range or a specific IP address. E.g. block IP address ranging from
212.33.44.1 to 212.33.45.100.
144
SOHO Networking and Internet Activites
Block domain, it can block a specific domain. E.g. block abc.com.hk
To allow connection, we can set up the firewall so that it can
4.
allow ports.
establish “Trusted IPs”.
establish “Trusted domain”.
How many ports can be opened by a computer?
216=65536
5.
For the OSI model, which layers belong to “Application Sets” and which layers belong to “Transport
Sets”?
In OSI model, layer 1 to 4 (Layer 1: physical layer, Layer 2: Data Link layer, Layer 3: Network layer,
Layer 4: Transport Layer ) are grouped to call “Transport Sets” because they are responsible for the
transportation of the data (packets). Layer 5 to 7 are grouped to call “Application Sets”. (Layer 5:
Session Layer, Layer 6: Presentation Layer; Layer 7: Application Layer)
6.
In OSI model, which layer is responsible for the interaction with the OS?
Application layer
7.
In OSI model, which layer does TCP belong to?
Transport layer
8.
In OSI model, which layer does IP belongs to?
Network layer
9.
In OSI model, which layer does router belongs to?
Network layer
10.
In OSI model, which layer does switch belongs to?
Data link layer
11.
What is the Internet belongs to? Packet switching or circuit switching? What is the advantage?
Packet switching. It can efficiently utilize the bandwidth of the Internet because if it is circuit switching
(as voice telephone network), the connection is made and no other user is allowed to use the routes, so,
lots of its bandwidth is wasted.
145
SOHO Networking and Internet Activites
Computer Concept on Wireless LAN
Sometimes we called it WiFi, a technology based on 1EEE 802.11. In the market, there are several standards
devices available, their simple comparisons are listed below:
Maximum transmission rate
Effective Range
802.11a
10 Metres
54 Mbit/s
802.11b
30 Meters
11 Mbit/s
802.11g
30 Meters
54 Mbit/s
Of course, there will be other standards, the above are some commonly used standard in the market.
A simple wireless LAN (WLAN) is configured as below:
As you can see in the above figure, it shows an AP (Access Point, a wireless router) provides wireless
connection services to 3 notebook computers. It is wired in a LAN that is monitored by a domain server. In
the LAN, it has router to provide connection to the Internet.
In view of the above configuration, you should ask yourself several questions:
1.
What should be used as the backbone?
Usually UTP or Fiber optics.
2.
How an AP provides wireless connection?
It uses electromagnetic wave (RF, Radio Frequency) as the medium to transmit and receive signals,
different standards, like 802.11a, 802.11b, etc will use different range of frequency and hence different
penetrating(穿透性) power.
3.
How a notebook computer can receive signals from the AP?
Notebook computer should have some adaptors.
4.
How is a wireless router different from an ordinary router?
Antenna included. Antenna is used to magnify the signals.
146
SOHO Networking and Internet Activites
To get signals from a wireless LAN, computers should have wireless adaptors. Examples are shown below:
PCI adaptor
PCMCIA adaptor
USB 2.0 adaptor
PC
PC
PC
Notebook Computer
Notebook Computer
Notebook Computer
Practical consideration of Wireless LAN
It is impossible for an AP to cover the whole if it’s size is considerable. To solve it, several AP should be
installed. It is shown below:
A
B
C
D
E
So, obviously, laptop A will receive signals from device D and laptop C will receive signals from device E.
However, laptop B can receive signals from either D or E. Which one would you guess, D or E? The answer
is:
It depends on the signal strength of the AP. If the laptop B receives a stronger signal from device D, then it
would use D.
147
SOHO Networking and Internet Activites
Practical usage
Internet café
Wireless LAN in an organization
What is the difference in setting in Internet café and a WLAN in an organization?
Internet café allows all users to get access in the LAN, however, in an organization, only authorized
persons are allowed to get access to the LAN. The problem is how it can differentiate which one is
authorized and which one is not. The answer is SSID (service set identifier).
SSID - Service Set Identifier, it is a 32-character unique identifier attached to the header of packets sent over
a WLAN that acts as a password when a mobile device (PDA, Laptop) tries to connect to the network. The
SSID differentiates one WLAN from another, so all access points and all devices attempting to connect to a
specific WLAN must use the same SSID. A device will not be permitted to join the network unless it can
provide the unique SSID. An SSID is also referred to as a network name because essentially it is a name that
identifies a wireless network. Since it is weak by itself in security, data encryption (WEP or WPA, the latter is
supposed to be more secure) should be deployed to strengthen the securities.
SSID – Setting example:
Note: Data encryption is not being set in the above example. And so, it can be easily cracked by some tools.
Example is shown below:
148
SOHO Networking and Internet Activites
Hotspot
A terminology that describes an area that provides Internet connection to the public is called “hotspot”.
Internet café is an example of hotspot.
Other wireless technology
Bluetooth
GSM
3G
Advantages and disadvantages of using wireless LAN? (It is important in examination!)
Advantages
Low cost because no cabling needed.
Mobility and relocation.
Wireless adaptor is built in feature in most notebook computers.
More and more hotspots available in cities.
Disadvantages
Power consumption is still high for battery.
Securities concern, even though it is correctly configured, it is still breakable.
149
SOHO Networking and Internet Activites
Access Points typically default to an open (encryption-free) mode. Novice users may not be aware the
danger.
Limited range
Interference between different APs.
Since it is important in the exam, please memorize them!!!
Keywords:
Adaptor
Penetrating power
Antenna
PCI
AP Access Point
PCMCIA
Effective range
RF
Hotspot
Signal strength
IEEE 802.11
SSID
Simple revision questions:
1.
What is the unit in measuring the transmission rate of a wireless router?
M bps
2.
What are used as the measures to secure a wireless LAN?
SSID, WEP, WPA
3.
802.11g is fast in data transmission, so, what will you comment if a 802.11g wireless router is being
used to view a video, say 2.0 M bps?
The maximum transmission rate is 54 Mbps which depends on the environment (obstacles, distance,
etc) So, the ordinary speed would be only half of it, i.e. 25 Mbps. Also, this speed is being shared with
other users in the same LAN. i.e. if there are too many people, say, 20 persons, the speed may not be
enough.
150
SOHO Networking and Internet Activites
Integrated Exercise 01
David is a senior coordinator in an international company, he has to use email to communicate with his
subordinates and his clients.
a)
What kind of protocols will be used in sending and retrieving email?
SMTP, Small Mail Transfer Protocol
POP, Post Office Potocol
b)
For the following email features, briefly describe in what way they can help David communicating
effectively with his subordinates and his clients?
(i)
carbon copy (cc)
(ii)
blind carbon copy (cc)
(iii)
hard bounce
(iv)
forward
(v)
redirect
(i)
cc is used to send the email to a group of people other than the receiver alon.
(ii) bcc is used to send the email to a group of people secretly which does not let the
receiver know.
(iii) hard bounce is used to send a message back to the sender which indicates that
the mail has not been sent successfully to the assigned receiver.
(iv) forward can be used to forward a received email to other people, i.e. share the
email.
(v)
redirect can be used to redirect all the received email to a newly assigned email
account. It is useful when you want to centralize the emails into one frequently
used email account.
c)
Apart from the features appears in part (b), can you think of other features? Name four of them.
reply to all, filters, address book, email signature, attachment (any four)
d)
There may be some problems accompanied by using email, name two of them.
Phishing
SPAM
151
SOHO Networking and Internet Activites
Integrated Exercise 02
David is a software engineer in a web design and web hosting company. His company can help their clients to
register the domain names of their companies. David developed an application for the clients to logon to his
company’s computer system through Internet. The client can logon the system by using the URL
“telnet://clients.webdesign.com.hk/admin/logon.cgi:1010”.
a)
Dissolve the URL.
Protocol: telnet
Registered Domain: webdesign.com.hk (Domain name: clients.webdesign.com.hk)
Resources: admin/logon.cgi
Port number: 1010
Since Blog is very popular nowadays, David developed an interface together with some templates for his
potential clients to create their Blogs. Blog needs to use RSS to share their contents.
b)
Is RSS a kind of HTML, if not, what is it? What is the main use of RSS?
RSS is not a kind of HTML, it is a kind of XML (Extensible Markup Language)
RSS is mainly used for subscription of contents by others.
This company provides web hosting services, so, there is a main server that provides storage for the web
pages of their clients. There are two grades of clients, they are “general grade” and “premium grade”, general
clients will have 500M Byte storage and premium clients will have 2G Byte storage. This server has three 72G
Byte hard disks and run on RAID 5 mode.
c)
(i)
Describe what is RAID 5 mode?
A file is striped into 2 or more hard disks and one of the hard disk is used to store the
party data such that the data in the other hard disk can be retrieved the redundancy
hard disk.
(ii)
Can this server support 50 premium member and 80 general members?
The minimum storage = 50*2 + 80*0.5 = 140G
RAID 5 mode can give maximum 72*2 = 144G storage, since OS will occupy around
3G, so, 1G for temporary storage is not enough, so, it cannot support this number of
clients.
(iii) Apart from the server computer, name two other hardware peripherals that should be installed to
provide a stable environment for the server.
UPS
Firewall (Web hosting company)
152
SOHO Networking and Internet Activites
David wants to setup a wireless LAN in the office. Here is the drawing of the office.
Internet
connection
Wall Plate
Supervisor’s
A
Room
B
Manager’s
Room
Desks for
the staffs
C
E
d)
D
Which zone, A, B, C, D or E, should these devices be put?
Zone
e)
Clients
Servers
Access Point
Cabled Router
/
A
C
B
Now, David has to decide to adopt a technology to implement this wireless LAN, should he choose
Bluetooth, 802.11b or 802.11g? Briefly explain please.
We will not use Bluetooth, it is because Bluetooth is designed for short distance
usage.The effective length for Bluetooth is 10 meters.
We will choose 802.11g, it is because it has a long effective length, say, 100 meter
with high speed Transfer rate (54M bps)
f)
David uses a technology called NAT to sharing the Internet connection in his office. Briefly describe
what it is.
Network address translation (NAT) involves re-writing the source and/or destination
addresses of IP packets as they pass through a router or firewall by making use of
different port number.
g)
Do David needs to provide different IP to different clients(web hosting) ?
No need.
<End of Integrated Exercise 02 (Internet)>
153
SOHO Networking and Internet Activites
Integrated Exercise 03
Mary works in one of the local offices of a big organization as a clerk.
a)
She has to type a lot of documents everyday. Occasionally, she needs to work on the company accounts
by performing some calculations. Besides, she has to communicate with colleagues in other offices.
(4 marks)
(i)
Suggest how she can use IT in accomplishing these tasks.
She can use a word processor to prepare the documents; use a spreadsheet
program for calculations; and send electronic mails to colleagues for
communication.
(ii)
Her company is going to setup a system to sell product through the Internet. However, usually,
customers do not have enough confidence to the small scaled company like hers. What would be
the usual practical way to do a safe transaction online?
The transaction can be done through trustworthy 3rd party online payment
company like paypal.
b)
To enable e-commerce as mentioned in part (a), a web site has been established. A customer has to
register to become a member before doing any transaction. The registration is done by a online form
which is shown below:
( 6 marks)
The following shows the corresponding HTML codes:
10
<form name="form1" action="register.php" method="GET">
20
UserName: <input type="text" name="username"><br>
30
Sex:<input type="radio" name=”sex” value=”M”> Male
40
<input type="radio" value=”F”> Female <br>
50
Age: <input type="text" name="age"><br>
60
Password: <input type="password" name="password"><br>
70
Re-enter Password: <input type="password" name="re_password"><br>
80
<input type="submit" value="submit">
90
</form>
(i)
Which two lines should be modified? And how should be modified?
Line 10, method = “Post”
Line 40, input type=”radio” name=”sex” value=”F”
(ii)
Why age is not a good choice?
154
SOHO Networking and Internet Activites
It is because age will keep changing regularly, we should use date of birth instead.
(iii)
Suggest a suitable validation check for the field “sex”.
Completeness check
(iii)
The webpage is in fact encoded by Unicode (shown in below),
If the user has used ‘Traditional Chinese’ as the coding, what will happen?
The web page will not change much because the content is using ASCII code. OR
The web page will give lots of meaningless characters the web page contains not
only English characters (i.e. ASCII characters)
(iv)
After successful registration, a user ID is generated by the system. The structure of the user ID is
as follows:
X1
X2
X3
X4
X5
Check digit
If the first letter (X1) would be an English letter varies from ‘A’ to ‘Z’ and the others are digits varies
from ‘0’ to ‘9’. Then, what is the maximum number of members allowed in this system?
=26x10x10x10 = 26000
<End of Integrated Exercise 03 (Internet)>
155
SOHO Networking and Internet Activites
Integrated Exercise 04
2.
The following shows the layout of antivirus software, PC-cillin. Answer the following questions
according to the layout.
a)
In the usual setting, anti-virus software like PC-cillin will run on the background automatically
during the time of booting without manual action taken by the users. What is the reason for that?
What other software will do the similar operation?
(2 marks)
No manual action required because it can safeguard the system even though
the users forgot to activate the anti-virus program.
Firewall will perform similarly.
b)
“Scan Now” is an option to scan and check all the files in the computer system whether there is any
files get infected. Since obviously the computer system is under the protection of the anti-virus
software, then, why this option “Scan Now” required?
(2 marks)
Computer virus will not take any action unless human intervention happens.
That means computer files will contain some viruses even though it is under the
protection of anti-virus program only if this infected file has not been executed.
This option enable no virus has been hidden in the computer system.
c)
Briefly describe what the function of the option “Update Now” is.
(2 marks)
Virus signature: Virus signature is similar to the fingerprint of an offender. When
the antivirus software company receives a new type of virus, it will extract a
small and unique segment of binary code from the virus program which can
represent the virus type. It forms the basis of identifying the viruses by the
antivirus software.
d)
What is the function of ‘Quarantine’?
(1 mark)
156
SOHO Networking and Internet Activites
It isolates the suspected infected files.
e)
This anti-virus program PC-cillin provided a shareware version for the users to try the software.
(7 marks)
(i)
Some people argued that since it does not need to have a license to use the shareware, so,
this program is not copyrighted. Do you agree?
No, the company has the copyright.
(ii)
To get the free download of this software, a user has to sign up as a member of the company.
In the registration form, it shows an image which contains a distorted word string. The user is
requested to fill in the string into the registration form. (See the figure below.)
Explain what the reason to require a user to enter this code is.
To avoid other computers using some programs to get the membership
automatically. i.e. To make sure that a membership can be applied by human
beings.
(iii)
If your membership has been successfully applied, the system would send you a confirmation
email to your email account. In the confirmation email, there is a hyperlink which requires you
to click on it to activate your membership account. The hyperlink is shown below:
http://www.pc-cillin.com/confirm.php?acc=2617&code=31882657
Explain what would happen when this hyperlink is being clicked?
This hyperlink will send a two data ‘acc’ and ‘code’ to a program called
‘confirm.php’ resided in the server of the web site www.pc-cillin.com. This
server side program will contact with the database of the members and update
the membership.
(iv)
At last, you can login the system of the web site www.pc-cillin.com. Before you enter your
username and password, a warning message has been popped up, it shows:
“You are going to enter a secured network of which the data will be encrypted by a secured
key (256 bits, SSL)”.
One of friend told you that 256 bits data encryption enable to support 256 different keys so it
is very secured. What is your comment? Give a brief explanation to the popped up statement.
256 bits data encryption not only 256 different keys, it supports 2256 different
keys. This data encryption uses asymmetric key infrastructure which it sends a
public key to the users to encrypt the data, the encrypted data is then sent
through the Internet to the web server. The encrypted data cannot be decrypted
except the private key in the web server.
<End of Integrated Exercise 04 (Internet)>
157
SOHO Networking and Internet Activites
SOHO Revision Exercise 01
1.
Which of the following is a class B IP addresses? Justify your answer.
a)
(i)
23.66.77.88.112
(ii)
132.65.88.3
(iii)
221.98.102.43
(1 mark)
(ii) is a class B IP address. It is because the leading 2 bits for part (ii) is 10 (
10000100.X.X.X), so, it is a class B IP address.
b)
How many bits are used for the subnet mask for a class B network
(1 mark)
16 bits
c)
What is the maximum number of hosts that a class C network support.
(2 marks)
28 or 256
d)
What does it mean if a network is described as 192.168.128.0/24? What is the difference between
192.168.128.0/24 and 192.168.128.0/20?
It means it uses 20 bits for the subnet mask. Its available IP addresses ranges
from 192.168.128.0 to 192.168.128.255.
For 192.168.128.0/20, its IP addresses ranges from 192.168.128.0 to
192.168.255.255.
2.
A server uses RAID technology to secure its system.
a)
It uses RAID 5 technology and it works with 4 hard disks (with each 200GB). What is the maximum
storage in GB that it can use to store data? Justify your answer.
(2 marks)
It can use at the maximum 3x200GB = 600GB storage. It is because one of the
hard disk is used for the parity checking for the recoveries, that is, it is
redundant. So, the storage available is 600GB instead of 800GB.
b)
It uses RAID 0 technology and it works with 2 hard disks (with each 200GB). What is the maximum
storage in GB that it can use to store data? Justify your answer.
(2 marks)
It can use at the maximum 2x200GB = 400GB storage. Since files will be divided
into two separate parts and then they will be delivered into different hard disks.
c)
It uses RAID 1 technology and it works with 2 hard disks (with each 200GB). What is the maximum
storage in GB that it can use to store data? Justify your answer.
158
(2 marks)
SOHO Networking and Internet Activites
It can use at the maximum 1x200GB = 200GB storage. Since files will be imaged
into two hard disks. That is, an exactly the same files will be copied into another
hard disks for the sack of data recoveries.
c)
It uses RAID 1 technology and it works with 2 hard disks (with each 200GB). What is the maximum
storage in GB that it can use to store data? Justify your answer.
(2 marks)
It can use at the maximum 1x200GB = 200GB storage. Since files will be imaged
into two hard disks. That is, an exactly the same files will be copied into another
hard disks for the sack of data recoveries.
3.
Wireless network is widely used nowadays, but data security is always a matter to be concerned.
a)
Suggest a suitable method to avoid important data being captured by hackers. State a problem it
raises by this method.
(2 marks)
Data encryption should be used.
Usually, authorized users are given a special key. This key would be used for data
encryption by symmetric key system, i.e. the same key would be used for both
the encryption and decryption.
The problem of this method is that like the password for the gate of a building,
it is very easy for users to disclose this secret key to other users. Also, when
you to change the key, it is troublesome to notify to all other authorized users.
b)
Suggest a suitable method to avoid unauthorized users to get access to the network.
(2 marks)
The physical address (MAC address) of the wireless NIC of the authorized users
should be recorded and registered so that they are allowed to get access to the
network, for those whose MAC addresses are not registered will not be allowed
to get access to the network.
c)
As a school, we want to let the students uses the wireless network at the school, however, we don’t
want to the students to use the wireless network after school, what would you suggest.
(2 marks)
We can set the AP (Access Point) such that it will work only at a specific time
zone, e.g. from 8:00 a.m. to 5:00 p.m. so that users cannot use the wireless
network after school.
159
SOHO Networking and Internet Activites
4.
To secure the LAN for the attack from the Internet, a firewall would be installed between the LAN
and the Internet.
LAN
a)
File Server
The Internet
DM Zone
PC1
PC2
PC3
Firewall
PC4
PC5
PC6
PC7
A DM Zone (Demilitarized Zone) will be arranged between the Intranet and the Internet. Describe
what kinds of devices will be installed in this area.
(2 marks)
Devices that have to be connected the public from the Internet. E.g. Web server,
mail server. E.g. Inevitably, web servers has to be opened to the public (Internet)
However, we want to secure the LAN, so, just part of the network, i.e. DMZ is
opened but not all the LAN.
b)
Describe what are the main characteristics of the DM Zone? Why it can improve the security of the
LAN?
(2 marks)
It allows connections from the PC in the LAN to the PC / servers in the DMZ.
Also, the public can access to the DM Zone. However, connection from the DMZ
to the PC in the LAN is not allowed. This can strengthen the securities as hackers
cannot access the LAN by controlling the PC in the DM Zone.
c)
There are many different kinds of servers in the network, what is the main difference between a web
server and a file server?
(2 marks)
Web server is used to process and then deliver web pages to the clients, also, it
is opened to the public. File server is used to manage the network, e.g. user
account setting, right setting. It’s accessibility is limited within a LAN.
d)
To send a file from PC1 to PC6, we can use FTP. However, To send a file from PC1 to PC3, should
we use FTP? Why?
(2 marks)
We should not use FTP. For FTP is used to transfer file through the Internet. It will
consume a lot data for the overhead (data checking) so that it will diminish the
efficiency, therefore, for transferring data inside a LAN, we should not use FTP.
160
SOHO Networking and Internet Activites
e)
Why do the staffs of the company would save the documents into the file server instead of the local
computers like PC1, PC2 or PC3?
(2 marks)
Files can be centralized so that the most up-to-date files can be kept in the
server. So, we can share the files easily. Also, the files in the file server will be
backup frequently which will strengthen the files protection.
5.
To enable e-commerce through the Internet, data encryption / data decryption were adopted. There
are two kinds of methodologies. They are, symmetric key infrastructure and asymmetric keys
infrastructure. Describe briefly how these technologies can help the following scenarios.
a)
A bank provides e-banking services to the users such that the clients can access the web site of the
bank through the Internet and performing jobs like checking the account and transfer some money
from account A to account B.
(3 marks)
Asymmetric keys should be used. When a user want to access the web site of the
bank through the Internet, the server of the bank will distribute a public key to
the users. This key is public so every user can get the same key, this key is used
only for data encryption, this encrypted data cannot be decrypted by this key.
The encrypted data can only be decrypted by a private key which is stored in the
web server of the bank. So, when the encrypted data can be transferred safely
from the users to the server through the Internet..
b)
A client ordered a pair of earrings from an e-auction company by using digital signature.
(3 marks)
The emphasis of digital signature is that the sender is the digital signature
owner. In digital signature, a smart HKID card and a card reader should be
installed / (usually) a program is installed in the users computer. There is a
private key (from the program installed or from the smart card) to encrypt the
data. So, when a user ordered anything online, the order data is encrypted. The
encrypted data cannot be decrypted except for its public key (which can be
obtained from the post office). By using this asymmetric key infrastructure,
ordered data can be proved if it is sent by the owner.
<End of SOHO Revision Exercise 01>
161
SOHO Networking and Internet Activites
SOHO Revision Exercise 02
Peter is responsible for setting up a LAN for a small company. There are a number of tasks for him to perform:
1.
Setup a Client/Server network that has a file server and a printer shared in the network.
2.
Setup a web server so that the public can browse the web pages of the company.
3.
Setup a mail server so that the staff and other business partners can communicate.
4.
Setup a firewall to enforce the network securities.
5.
Enable a service so that the staff can access to the LAN of the office in a safe way.
With the information above, answer the following questions:
a)
What are the strengths of client/server network over peer-to-peer network? What is the difference
between individual user right and group user right under a domain? How these two authority system
facilitate the network management?
Since users has to logon the domain / system in order to gain access to the network,
so, different user right can be assigned to different users.
Individual user rights are assigned according to a particular user. Group user rights
are assigned according to a particular group. This practice can facilitate the
network management because a person should be able to access to certain
resources based on his working group (e.g. IT folder for I.T. group or Maths folder for
Maths group) or based solely on his own account. i.e. When a person changed from IT
department to Maths department, all the network administrator have to do is to
assign the group policy Maths to him and delete his IT group policy.
b)
State the reasons why hardware like switches and routers are required in the above scenarios?
In a network, there would have a number of computers. Switches are needed to
connect all the computers in the same network, i.e. network under the same LAN. A
router is needed also because a LAN is going to connect to the Internet. To a LAN,
the Internet is another network, so, a router is needed to enable communication
between different networks.
c)
What is the role of file server in the above network? Is there any hardware requirement for a file server?
A file server is used to
(1)
Share network resources like hard disk spaces.
(2)
Assign users policies (individual user or group users)
(3)
Distribute IP addresses
(4)
Control the domain structure
(5)
System logging and event logging
The utmost requirement of a file server is stability. So, the hardware requirement of
a file server is:
162
SOHO Networking and Internet Activites
Data recovery concern: The system should be run under RAID-1 or RAID-5
technology.
Backup concern: There should be backup system like FULL backup by magnetic
tape.
Electricity supply concern: UPS should be installed to avoid system crash
because of sudden short of electricity supply.
d)
What kind of printer will you suggest in this scenario? State how a printer can be shared in a network.
Multifunctional printer will be suggested in this SOHO, it is because it can provide
several functions like fax, photocopy, printer and scanner in just one machine. But if
you want to have a heavy duty printer, you should choose laser printer because it is
the fastest in printing.
A printer can be shared in the same network if
(1)
it is connected to a PC and this PC shared this printer in the same network.
(2)
the printer is connected to a print server (it is a small machine box), this
print server has its own MAC address and hence can be assigned an IP
address, so, computers in the same network can access to the printer
through this print server.
(3)
Connect to a network printer. This printer has its own IP address and hence
can be shared in a network without the help of any PC.
e)
State the procedure required to host a web site
(i)
in the company.
(ii)
in web hosting company
(i)
For hosting web site in the company
(1)
Install the web server software
(2)
Register a domain name
(3)
Get a fixed IP address from ISP
(4)
Map the domain name into the fixed IP address which is done by the ISP
(5)
Set the appropriate firewall setting, e.g. Open the HTTP port (port number
80) so that the public can get access to the web server.
(ii) For hosting web site in web hosting company
f)
(1)
Register a domain name which is usually done by the web hosting company
(2)
Rent the service for the web hosting
What are the advantages for hosting web sites by
(i) self-development (i.e. hosting web server in the company) and
(ii) web hosting company.
163
SOHO Networking and Internet Activites
(i)
Self-development
(1)
Unlimited storage
(2)
Fast and easy of updating information
(3)
choice of server-side programs is more, e.g. php, aspx, cgi, etc.
(4)
no limit to the throughput
(ii) Web hosting company
g)
(1)
No experts needed to setup a website
(2)
Initial investment cost is low
(3)
Better securities protection by some experts.
(4)
Upload speed usually is faster
If the registered domain name of this company is “abc.com.hk” and peterchan is peter’s user account
under the domain, what would be the email address for peter?
It may probably (but not necessarily) be peterchan@abc.com.hk
h)
What are the advantages and disadvantages of web based email over dedicated email account?
Advantages:
(1)
mails can be sent and received anytime anywhere
(2)
no special (non-free) software needed
(3)
unlike dedicated mail software, usually, it will not be attacked by virus
Disadvantages:
(1)
usually, no data encryptions provided, it is very inconvenient for some
business activities.
(2)
usually, no POP3 services provided, i.e. you will not be notified a new mail
even you are online.
i)
(3)
unlike dedicated mail software, it does not support newsgroup
(4)
unlike dedicated mail software, it does not support digital certificate
What is a firewall?
Firewall is a device (it may be software based or hardware based) that can block or
allow connection between LAN and the Internet. We can set rules to allow or block
services according to
(i)
Port number
(ii)
Particular range of IP addresses
(iii) Particular domains
j)
For the above information, there is one security concern that has been missed. What is it and how is it
prevented?
Computer virus attacks should be concerned. Anti-virus software should be installed
164
SOHO Networking and Internet Activites
to in proxy server, the client computer and the file server to protect the system.
k)
What is your suggestion to “Enable a service so that the staff can access to the LAN of the office in a
safe way”?
A VPN server should be setup. All data transmitted will be encrypted with a private
key and then, this data will pass through the Internet. The receiver will have the
same private key to decrypt the data. In this way, data will be secured.
l)
Sketch a diagram for the above network.
Switch
Firewall
Router
(DMZ), web, mail server……
Internet
Keywords in this revision exercise:
Individual user right
Group user right
Group policy
Switches
Distribute IP address
System logging
Event logging
RAID-1, RAID-5
FULL backup
magnetic tape
UPS
Multifunctional printer
fax
photocopy
scanner
heavy duty
print server
MAC address
Map domain name
HTTP Port
Server-side program
throughput
dedicated mail software
POP3 services
digital certificate
Proxy server
VPN server
Private key
DMZ
<End of SOHO Revision Exercise 02>
165
SOHO Networking and Internet Activites
SOHO Revision Exercise 03
1.
Peter is an I.T. professional, his boss asked him to form a network in the office. He suggested a
client-server network to his boss. Below shows the simplified diagram for his suggestion.
a)
If the boss does not want to form a client / server network. Is there any other suggestion? What are
they? And what are the differences?
(2 marks)
We can choose to use peer-to-peer network. The difference between client server
and peer to peer network is that client server requires user and password logon
system which enable higher security to the network.
b)
What is the topology it is using?
(1 mark)
It is using a bus topology.
c)
Apart from the network, new computers should be purchased. Peter proposed two kinds of
computers to his boss. The following are the comparison of the two proposed computers:
Computer A
Computer B
CPU
3.2 G Hz, 4MB L2 Cache
2.8 G Hz, 4MB L2 Cache
RAM
2x1GB, 533M Hz
2x2GB, 400M Hz, ECC
Hard disk
2x200 GB, 10000 rpm, 8MB
3x200 GB, 10000 rpm, 8MB
Optical Device
DVD RW
DVD ROM
Extra features
256MB 3D Display Card
RAID5 enabled
Why should he propose two different kinds of computer to his boss? State with explanation one
main difference between these two computers.
(2 marks)
The network requires two different kinds of computers. One is a common
desktop PC and the other one is a server computer. Obviously, computer A is for
desktop PC and computer is for the server. The main concern of the server would
be stability, so, it should be run in the RAID5 environment. RAID 5 enable the data
protection even though one of the hard disk is crashed during the time of
processing.
166
SOHO Networking and Internet Activites
d)
In the above diagram, the printer is connected to the server and is being shared in the network. That
is other desktop PC can connect to the printer in the LAN, that means the printer can receive the
print job from the desktop PC in the LAN.
(7 marks)
(i)
Usually, the printer works fine, however, sometimes, the other desktop PC cannot connect to
the printer in some occasions. Suggest a situation that why it happens like this and also
suggest a solution for it.
A printer cannot be shared in this network if the server is not switched on. (It is
because this printer is shared through the server.) To avoid this problem, a
network printer (or a printer with a print server, i.e. a printer with an IP address)
should be installed instead of a ordinary printer.
(ii) To select a suitable printer, we need to focus on the requirement of the office. There are in fact
3 different printers required in the office.
1)
A shared printer in the LAN for ordinary document. This printer should be able to handle
heavy duty. That is, it can finish a lot of print jobs in short time.
2)
A printer for the design department. This printer should produce high quality color printouts
for various sizes.
3)
A printer for the boss, this printer is being restricted for the boss use only. He would require
it to print some confidential documents, also, it would scan some images for himself and
most importantly, it can receive some faxes.
Suggest suitable printers for each case. Point out what would be the useful measurement for
the printer in the cases of (1) and (2).
For case 1, a laser printer (mono or color) is recommended. The useful
measurement would be ppm (i.e. Page Per Minute), the higher the faster. / The
buffer would be the useful measurement, the greater the buffer, the more printer
it can handle. For case 2, a plotter is recommended. The useful measurement
would be dpi (dot per inch). For case 3, a all-in-one printer is recommended.
e)
Apart from hardware, software like operating system should be installed. State what kinds of OS
should be installed in the server. What kind of OS would be needed for PDA?
Network Operating System (NOS)
Mobile Operating System
<End of SOHO Revision Exercise 03>
167
(2 marks)
SOHO Networking and Internet Activites
SOHO Revision Exercise 04
1.
The above diagram shows a network configuration of a company. There are 8 computers in the internal
network (LAN). These PCs in the internal network can be assigned real IPs or virtual IPs.
a)
(i)
Give one possible real IP address (class C) for PC 1.
(1 mark)
218.34.128.63
(ii)
Give one possible virtual IP address (Class C) for PC 1.
(1 mark)
192.168.1.1
b)
Give one advantage and one disadvantage of using real IP address for the computers in the
internal network.
(2 marks)
Advantage: It is easier for setting up some application to connect the internal PC
with the external network.
Disadvantage: It is easier for the hackers to attack the internal PC in the
network.
c)
Name the devices A, B and C.
(2 marks)
A: Switch
B: Router
C: Firewall
d)
Which device would usually have more than one IP address? Give the reason why it should have
more than one IP address?
(2 marks)
Router
One IP is for internal network and the other one is for the external network.
e)
If a web server is going to be added in this network, which device should this server be connected
to? Device A, B or C? Why?
(2 marks)
168
SOHO Networking and Internet Activites
Device C / the firewall.
It should be connected to the DMZ of the firewall to reduce the risk of intrusion
from the external network.
2.
The following shows some hardware and their quantities:
Hardware
Quantity
ADSL modem
1
Wireless Router
X
A server
1
PC
5
Laptop
3
UTP
Y
Wireless adapter
Z
You are a staff for a company and are assigned to form a network with the above hardware. The
requirement of the network is that all the computers should be able to connect to the server and connect
to the Internet. (It is assumed that all the PC has installed a network card, but the laptop computer has
no network card installed)
a)
To successfully setup this network, what should be the number of X, Y and Z?
(2 marks)
X: 1
Y: 6
Z: 3
b)
Sketch the diagram for this network. You should label each device clearly.
(2 marks)
c)
To save money, the company chooses to use open source program for the office automation.
What is open source program and why can it save money?
(1 mark)
Open source program would provide the source program code to the public
and allow the others to use and to modify the program code without any
169
SOHO Networking and Internet Activites
charge.
d)
For the OS, the company has to buy some OS licenses. What kinds of and how many licenses
should the company buy?
(2 marks)
For the server, we should buy a server license, for the PCs and the laptops, we
should buy desktop OS. So, altogether we should buy 9 licenses.
3.
David is a staff in a company, his department has 25 staff and there are altogether 10 PCs installed in
this department and they are opened to the staff so that they can share to use these 10 computers.
Also, there is a file server installed in the company but it is not opened to for other users to use. It is
mainly used for the users to store files and data.
The network for this department is 10.129.77.128/28.
a)
Unlike at home, David has to provide username and password to get the right to use the computer
in the office. Why there should be such difference?
(2 marks)
At home, he can set the access mode such that no username and password required
to get the access. However, at the office, because the computers are shared among
the staff, so, each staff should have a different username for logging onto the system
/ domain.
b)
Apart from files storage, what is another important function that a file server provides? (1 mark)
It is always assigned to perform as a DHCP server, i.e. distribute IP addresses. /
Domain Controller. To authorize the user rights.
c)
Now, the company provides each staff an individual computer for their daily duties, what would
you suggest?
(2 mark)
Because there are 25 staffs, so, the network should support at least 25 computers,
however, as the IP address for this network is 10.129.77.128/28, i.e. 28 bits for the
subnet mask, only 4 bits are left for the host. i.e. it can at most support 16 hosts in
this network, i.e. it is not enough for this network.
<End of SOHO Revision Exercise 04>
170
SOHO Networking and Internet Activites
New notes:
What will be downloaded from a web server if you type a URL in a browser as follows:
http://www.yll.edu.hk/index.htm
171
