Chapter 6 Computer networks and security 1 Outline Network Overview – – – Definition The Internet Then and Now Network organization OSI Model Categories of Networks Connecting Devices The Internet and TCP/IP Protocol Security 2 Objectives • Understand the rationale for the existence of networks. • Distinguish between the three types of networks: LANs, MANs, and WANs. • Understand the OSI model and TCP/IP. • List different connecting devices and the OSI layers in which each device operates. • Define virus and explain how it works. • Define four aspects of security in a network: privacy, authentication, integrity, and nonrepudiation. 3 Data communications • Data communications, the technology that enables computers to communicate, is defined as the transmission of text, numeric, voice or video data from one machine to another. 4 Data communications • There are the four components of data communications: – Sender: the computer that is sending the message. – Receiver: the computer receiving the message. – Channel: the media that carries or transports the message. This could be telephone line, coaxial cable, microwave signal, or fiber optic. – Protocol: the rules that govern the orderly transfer of the data sent. 5 Uses of communications • • • • • • • • Email Voice mail Refer Fax Video conferencing Telecommuting Global Positioning System (GPS) Shared Resources Online Services 6 Telecommuting • Telecommuting is a work arrangement in which employees work away from a company’s standard workplace, but communicate with the office using some communications technology. • A telecommuter often works at home and connects to the main office’s network using a personal computer equipped with communications software and a communications device. 7 Global Positioning System • A global positioning system(GPS) consists of one or more earth-based receivers that accept and analyze signals sent by satellites in order to determine the receiver’s geographic location. • A GPS receiver can be handheld or mounted on an object such as an automobile, boat, airplane, farm and construction equipment, or a computer. • A GPS often is used to locate a person or object; ascertain the best route between two point; monitor the movement of a person or object; or create a map. 8 Communications channel • Communications channel is the communications path between two devices. A communications channel is composed of one or more transmission media. Transmission media consists of materials or techniques capable of carrying a signal. • Physical transmission media use wire, cable, and other tangible materials to send communications signals; wireless transmission media send communications signals through the air or space using radio, microwave, and infrared signals. 9 Communications protocols • A protocol is a set of rules and procedures for exchanging information among computers. Protocols define how the communications channel is established, how information is transmitted, and how errors are detected and corrected. • Ethernet and TCP/IP are the most widely used protocols. 10 Ethernet • Ethernet is a LAN protocol that allows personal computer to contend for access to the network. Today, Ethernet is the most popular LAN protocol because it is relatively inexpensive and easy to install and maintain. • Ethernet is based on a bus topology, but Ethernet networks can be wired in a star pattern by using a hub. • The maximum transmission rate on a standard Ethernet network is 10 Mbps. Fast Ethernet can transmit at 100Mbps, Gigabit Ethernet provides an even higher speed of transmission, 1,000 Mbps. 11 TCP/IP • Short for Transmission control protocol/Internet protocol, TCP/IP is a set of protocols used to manage the transmission of data by breaking it up into packets. • TCP/IP is widely used on the Internet. 12 Intranets • Internal networks that use Internet and Web technologies are called intranets (intra means inside). • An intranet, sometimes called an enterprise network, essentially is a small version of the Internet used within an organization: it uses TCP/IP protocols; supports multimedia Web pages, and is accessible via a browser. 13 Firewalls • To prevent unauthorized access to data and information, an intranet is often protected by a firewall. • A firewall is a general term that refers to both hardware and software used to restrict access to data and information on a network. • Organizations use firewalls to deny network access to outsiders and to restrict employees’ access to sensitive data such as payroll or personal records. 14 Network Overview Definition A computer network is a collection of computer and other devices that have been connected through transmission media in order to share data, hardware, and software. --The world’s largest network, the Internet, provides connections for millions of computers all over the globe. 15 The Internet Then and Now In 1957, the Soviet Union launched the first artificial satellite. In response to this display, the U.S. government set up the Advanced Research Projects Agency (ARPA). ARPA proposed a project intended to help scientists communicate and share valuable computer resources. The ARPANET, created in 1969, connected computers at four universities (the University of California at Santa Barbara, the University of California at Los Angeles, the Stanford Research Institute, and the University of Utah). 16 The Internet Then and Now In 1985, the National Science Foundation (NSF) used ARPANET technology to create a similar, but larger network. The NSF network was an original internet. As this network grew throughout the world, it became known as the Internet. In 1995, the feature of Internet was changed from scientific into commercial because three corporations (Pacific BELL, Ameritech Advanced Data Services and Bell core, Sprint) began to manage. 17 Internet Architecture in China INTERNET CHINANET CERNET CSTNET CHINAGBN CHINAnet:中国公用计算机互联网 CHINAGBN:中国金桥信息网 CERnet:中国教育和科研计算机网 CSTnet:中国科技网 18 Network Organization A computer network includes several parts: Computers Connecting Devices Hardware Transmission Media Network Operating System Software Network Protocol 19 Computers • In a network, there are two basic types of computers: server and client. • Most services of the application layer apply the client/server architecture. • Client requests services and Server responds to them. Request Respond Client Server 20 Transmission Media There are three principal types of transmission medium: Twisted-Pair cable : consists of pairs of copper wire twisted together. Coaxial Cable : is a high-capacity communications cable. It is used to carry television signals. Fiber-Optic Cable: is a bundle of thin tubes (optical fiber) of glass. It cannot conduct or transmit electrical signals. However, lasers send pulses of light through the fibers. 21 Twisted-Pair Cable 22 Coaxial Cable 23 Fiber-Optic Cable 24 Network Operating Systems A network operating system (NOS) is the software that manages network resources, controls the flow of data, maintains security, and tracks user accounts. A NOS has two components: network server software and network client software. Network server software is installed on a file server, controls file access from the server’s hard disk, manages the print queue, and tracks user data. Network client software is installed on the local hard disk of each workstation, gathers user login information, handles drive mapping, and directs printouts. 25 OSI Model The Open Systems Interconnection (OSI) was designed by the International Organization for Standardization (ISO). The OSI model is a theoretical model that shows how any two different systems can communicate with each other. The OSI model is a framework of seven layers that gives an idea of the functionality of each separate but related layer. 26 The seven layers of the OSI model 7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data Link 1 Physical 27 Flow of data in the OSI model 28 OSI Model Physical Layer: is responsible for transmitting a bit stream over a physical medium. Data-Link Layer: is responsible for node-tonode delivery of a frame between two adjacent stations. Network Layer: is responsible for delivery of a packet between the original source and final destination. 29 OSI Model Transport Layer: is responsible for source-todestination delivery of the entire message. Session Layer: is designed to control the dialog between users. Presentation Layer: is concerned with the syntax and semantics of the information exchanged between two systems. Application Layer: enables the user to access the network. 30 Categories of Networks We can divide networks into three broad categories: Local Area Network (LAN) Metropolitan Area Network Networks (MAN) Wide Area Network (WAN) 31 Local Area Network A network that is located within a relatively limited area such as a building or campus is referred to as a local area network (LAN). The pattern or path of the interconnections in a communications system is referred to as Topological Structure (Topology). There are three typical topological structures: Bus Topology Star Topology Ring Topology 32 Bus Topology The bus is the physical cable that connects the computers and other devices. It is used primarily for LANs. It’s flexible in that computers and other devices can be attached or detached from the network at any point without disturbing the rest of the network. 33 Star Topology All of the devices are connected via a central device (hub or switch). Any two computers should transport data through the central device. The benefit is every connection is dedicated to one user and the user gets use of the full bandwidth of the channel. The disbenefit is the high cost of the media and equipment to individual connections. 34 Ring Topology It connects devices in a continuous loop. The signal leaves the sending device, travels in sequence to each of the devices connected to the loop, then return to the sending device. It’s the extension of the bus network in which the ends of the bus are connected. 35 Metropolitan Area Network MANs span a city or a town and provides services to individual users or organizations. MANs use services provided by a common carrier such as a telephone company. 36 Wide Area Network A network that covers a large geographical area is referred to as a wide area network (WAN). WANs, like MANs, are installed and run by common carriers. 37 Connecting Devices - NIC Network Interface Card (NIC): --- Is a small circuit board that sends data from the workstation out to the network and collects incoming data for the workstation. --- A desktop computer NIC plug into an expansion slot on the motherboard. --- A notebook computer NIC is usually a PCMCIA card. 38 Notebook computer NIC Desktop computer NIC 39 Connecting Devices - Hub Network Hub: ---The cable from a workstation NIC connects to a network hub, which is a device that joins communications lines together. ---In a typical network configuration, cables from one or more workstations connect to the hub, then a single cable connects the hub to a server. 40 41 Connecting Devices - Modem Modem: ---A device that sends and receives data to and from computers over telephone lines or cables. ---It includes two procedures: modulation and demodulation. ---Modulation process converts digital signals into analog signals. ---Demodulation process converts analog signals into digital signals. 42 43 ISP network INTERNET Telephone network PPP Account password 44 Connecting Devices - Repeater Repeater: ---It is an electronic device that regenerates data and sends data to the rest of the network. ---It operates only in the physical layer of the OSI model. ---It is popularly used in the bus topology network to increase the length of the network. 45 Connecting Devices - Bridge Bridge: ---It is a traffic controller, which divides a long bus into smaller segments so that each segment is independent trafficwise. ---It operates at the first two layers of the OSI model. ---It not only can make two or more pairs of stations to communicate at the same time, but also can regenerate the frame. 46 Connecting Devices - Router Router: ---It is the device that connect LANs, MANs, and WANs. ---It routes a packet based on the logical address (network layer) of the packet. ---It operates at the first three layers of the OSI model. ---It connects two independent networks: a LAN to a WAN, a LAN to a MAN, a WAN to another WAN, and so on. 47 Routers in an Internet 48 Cisco 12000 Series Internet Routers 49 Connecting Devices - Gateway Gateway: ---It is a connecting device that acts as a protocol convert. ---It allows two networks (each with different set of protocols for seven OSI layers) to be connected to each other and communicate. ---It is actually a computer installed with the necessary software. 50 A gateway connects a network of PCs with a network of Apple Macintosh computers. 51 Cisco AS5800 Series Universal Gateway 52 53 Connecting devices and the OSI model The Internet and TCP/IP Protocol Internet Technologies: Data can travel over the Internet according to the following essentials. The cables, wires and satellites carry Internet data from an interlinked communications network. NSP and ISP maintain a series of communications link for Internet data. TCP/IP knits together the Internet and allows data to travel smoothly over the communications links provided by NSPs worldwide. 54 NSP and ISP - NSP NSP and ISP: NSP (network service provider): supply ISPs with access to high-speed transmission lines that form the backbone of the Internet, also provide routers at network connection points, such as China Telecom, China Unicom, China Netcom, China Tietong, Sprint, or AT&T. --- Links between NSPs interconnect at several network access points (NAPs) so data can travel between NSPs. --- Internet backbone are the major Internet communications links. 55 The Internet backbone in the continental U.S. maintained by MCI. 56 NSP and ISP - ISP NSP and ISP: ISP (Internet Service Provider): is a company that maintains an Internet host computer providing Internet access to businesses, organizations and individuals. --- It works in much the same way as your local telephone company. You arrange for service, and ISP charges you a monthly fee. --- It typically provides you with a user account that includes Internet access and an e-mailbox. 57 NSP and ISP NSP and ISP : In order to connect user’s computer to the Internet, we need to connect the computer to an ISP that in turn connects to the backbone (NSP). 58 59 TCP/IP TCP/IP: The Transmission Control Protocol/Internet Protocol is a suite or a stack of protocols that officially controls the Internet. In other words, it is a standard set of communication rules used by every computer that connects to the Internet. The layers in the TCP/IP protocol do not exactly match those of the OSI model. 60 TCP and OSI model 7 Application 6 Presentation FTP SMTP TELNET HTTP … 5 Session 4 Transport 3 Network TCP UDP IP 2 Data Link 1 Physical Other Protocols 61 IP TCP/IP (cont.): IP: is one of the main protocols of TCP/IP that is responsible for addressing packets for routing to their destinations. IP Address: a unique identifying number assigned to each computer connected to the Internet. --- Each IP address consists of 4 bytes (32 bits). --- Each IP address is written in decimal form with decimal points separating the bytes (dotted-decimal notation). 62 The range of IP address 00000000 00000000 00000000 00000000 11111111 11111111 11111111 . 0 . 0 . 255 . 255 . 255 . The structure of an IP address: 10 . 1 . 0 . 0 Network address 11111111 0 255 81 63 Host No. Domain Name Although an IP address works for distinguishing computers on the Internet, it is so difficult to remember long strings of numbers.---The host computer also have an easy-to-remember name, “Domain name”. By DNS (domain name system), any IP address could be changed into domain name. A domain name includes: host computer, network or organization name and top-level domain. 64 Internet Top-level Domains Domain com edu gov int mil net org Description Commercial businesses Four-year colleges and universities Government agencies Organizations established by international treaties Military organizations Internet administrative organizations Professional and nonprofit organizations 65 TCP & FTP TCP/IP (cont.): TCP: is one of the main protocols of TCP/IP that is responsible for establishing a data connection between two hosts and breaking data into packets. FTP (File Transfer Protocol): is a standard protocol on the Internet for transferring a file from one machine to another. ---Establishes two connections: one for data transfer and the other for control information. 66 FTP architecture FTP server client request Control files respond files Data download upload 67 TELNET TCP/IP (cont.): TELNET: is a general client-server program on the Internet that allows remote login to control another computer or server. 68 HTTP TCP/IP (cont.): HTTP: is a client-server program that is used to access and transfer documents on the World Wide. URL (Uniform Resource Locator): is the address of a Web page by using the special method. --- It defines four things: method, host computer, port and path. 69 URL & Domain Name Method: http; ftp; telnet Host computer Path Compare domain name and URL: Both are Internet addresses. Domain name represents the IP address of a computer, but URL is the address of a document on a computer. 70 WWW World Wide Web (WWW or Web): ---The Web was born in 1990 at the European Laboratory for Particle Physics (CERN). ---Unlike the Internet, which is simply a mass of cables and connection points that form a communications network, the Web is an Internet service that stores and provides information. ---As an easy-to-use, graphical source of information, the Web opened up the Internet to millions of people. 71 WWW World Wide Web (cont.): ---The official description of the Web is a “wide-area hypermedia information retrieval initiative aiming to give universal access to a large universe of documents”. ---The Web uses Hypertext that contain special text, words and phrases that can create a link to other documents containing text, images, audio or video. ---A document of hypertext available on the Web is called a Web page. The main page for an organization or an individual is known as a home page. 72 Web documents Web Document Static Dynamic Active There are three different types of documents on the Internet: Static documents have fixed contents. They are created at the server site and can only be copied. They usually use Hypertext Markup Language (HTML). 73 Web Documents There are three different types of documents on the Internet (cont.): Dynamic documents are programs residing at the server site. The server runs the program and sends the result to the browser. They use a technology called Common Gateway Interface (CGI) to handle the documents. Active documents are also programs, but they cannot be run at the server site. The program is first transferred to the browser site and then run. They are normally written in the Java language. 74 How the email works? • Email (electronic mail) is the transmission of messages and files via a computer network. • To receive messages, you need an email address, which is a combination of a user name and a domain name that identifies a server. When you receive an email message, the message is placed in your mailbox. The mailbox is a storage location residing on the mail server. 75 How the email works? • When you send a message, the message is transmitted according to a communications protocol called SMTP (simple mail transfer protocol). The mail server uses SMTP to determine how to route the message though the Internet and then sends the message. When the message arrives at the recipient’s mail server, the message is transferred to a POP or POP3 server. POP (Post Office protocol) is a communications protocol used to retrieve email from a mail server. The POP server holds the message until the recipient retrieves it with his or her email software. 76 Netiquette • Golden rule: Treat others as you would like them to treat you. • In email, newsgroups, and chat rooms: – Keep messages brief, using proper grammar and spelling. – Be careful when using sarcasm and humor, as it might be misinterpreted. – Be polite. Avoid offensive language. 77 Netiquette • In email, newsgroups, and chat rooms: – Avoid sending or posting flames, which are abusive or insulting messages. Do not participate in flame wars, which are exchanges of flames. – Avoid sending spam, which is the Internet’s version of junk mail. Spam is an unsolicited email message or newsgroup posting sent to many recipients or newsgroups at once. 78 Netiquette • In email, newsgroups, and chat rooms: – Do not use all capital letters, which is the equivalent of SHOUTING. – Use emoticons to express emotion. Popular emoticons include: :) :( :| :\ :o Smile Frown Indifferent Undecided Surprised 79 Netiquette • In email, newsgroups, and chat rooms: – Use abbreviations and acronyms for phrases such as: • • • • BTW by the way FYI for your information IMHO in my humble opinion TYVM thank you very much – Clearly identify a spoiler, which is a message that reveals a solution to a game or ending to a 80 movie or program. Netiquette • Read the FAQ (frequently asked questions), if one exists. Many newsgroups and Web sites have an FAQ. • Use your user name for personal purpose only. • Do not assume material is accurate or up to date. Be forgiving of other’s mistakes. • Never read someone’s private email. 81 Net LOSS? • Question: What are some of the downside issues relating to use of the Internet and Web? – The Internet isn’t a library. It’s a television. – The Internet isn’t about information. It’s about marketing. – Kids want to use the Internet for entertainment. – Other reliable high-tech resources are better for educational uses than the Internet. 82 What is a computer virus? • A computer virus is a program that attaches itself to a file, reproduces itself, and spreads to other files. A virus can corrupt and/or destroy data, display an irritating message, or otherwise disrupt computer operations. • Although numerous variations are known, four major types of viruses exist: boot sector viruses, file viruses, Trojan horse viruses, and macro viruses. 83 How a virus spreads 84 Tips for preventing virus infections 85 Security • There are four aspects of security: privacy (confidentiality), message authentication, message integrity, and nonrepudiation. 86 Security • Privacy means only the sender and the receiver of the message are able to understand the contents of the message. • Authentication means the receiver needs to be sure of the sender’s identity. • Integrity means the message should not be tampered during transmission. • Nonrepudiation means the prevention of repudiation (denial) from the sender. 87 Objectives • Understand the rationale for the existence of networks. • Distinguish between the three types of networks: LANs, MANs, and WANs. • Understand the OSI model and TCP/IP. • List different connecting devices and the OSI layers in which each device operates. • Define virus and explain how it works. • Define four aspects of security in a network: privacy, authentication, integrity, and nonrepudiation. 88 That’s all for this chapter! 89