Download What is a Network Protocol?

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
Document related concepts

Cybercrime wikipedia , lookup

Transcript 
Dunoon Grammar Computing
Department
Higher Computing
Computer Networking
Topic 1 – Common Network Protocols
What is a Network Protocol?
A protocol is an agreed set of rules agreed upon in
order to communicate successfully. They are
international agreements that make communication
possible. In computer networks, a protocol is a set
of rules governing things like data format,
handshaking (who speaks first) and control
commands. The four main areas where protocols were developed are:
 Accessing computers remotely - Telnet
 Accessing information on remote computers - File Transfer Protocol
 Transferring files between computers - Hypertext Transfer Protocol
 Sending and receiving email - Simple Mail Transfer Protocol & Post
Office Protocol.
Networks are best understood as a series of software layers. All of the
protocols use ASCII code. The programs that use these protocols have
changed over time to reflect the use of Graphical User Interfaces (GUIs)
but underneath the GUI is a network communications protocol consisting
of simple ASCII text commands. All protocols rely on addressability
between computers on a network. Every computer on a network must
have a unique identity known as the Internet Protocol (IP) address.
Telnet
This allows users to log into a remote machine. The software has no
security built into it other than the initial request for a login name and
password on the remote system. Telnet has a command driven interface
and all communication between the two machines is transferred as ASCII
code. It is still used as a way of monitoring and controlling network
devices such as a hub or a print server etc. When a telnet connection is
made the connection is retained until the client disconnects.
HTTP
The Hypertext Transfer Protocol is the protocol which provides many of
the functions of the World Wide Web. For the WWW to function, a web
server needs to be running on a host machine and a web browser needs to
be running on the client machine. When you enter a web address, the
client machine issues a command to the web server requesting that the
server sends the page to the client machine. Although, essentially a file
transfer system, the WWW makes accessing information easier as the
files are transferred transparently without each one being requested
2
separately by the user and in fact the user need not even know where the
files are being transferred from, or even if they are all coming from the
same computer. Pages stored on a web server are written in Hypertext
Markup Language (HTML). HTML describes a document using tags.
When it receives the page, the browser interprets the HTML in order to
lay out the text on the screen. Pages on the WWW are identified by a
Uniform Resource Locator (URL). A URL contains the protocol used,
the server domain name or IP address, and the path name of the file.
e.g. http://servername.com/directory/filename.html
Protocol Domain Name File name File
FTP
An FTP server program must be running on a host machine before a
client FTP program can access it in order to transfer files to or from that
machine. FTP requires an ID and a password before the user can transfer
files. FTP is still the preferred option for transferring files from a local
host to a remote computer when a web-site is being created or updated.
FTP is not regarded as a particularly secure protocol since the user ID and
password are transmitted without encryption. FTP is also the preferred
option for downloading files from a remote site for such tasks as software
installation or driver upgrades. When an FTP connection is made, the
connection is retained until the client disconnects.
SMTP & POP
Email protocols – The protocols associated with electronic mail are the
Simple Mail Transfer Protocol and Post Office Protocol. SMTP specifies
how mail is delivered from one computer to another. This protocol was
originally designed for systems which were permanently connected.
The POP 3 protocol was designed to allow users to collect mail stored on
a remote mailbox. This is useful for users who connect over a dial up
connection and are not permanently connected to their mail server. POP
3 mail servers can also be set up on LANs for delivering email within an
organisation.
The structure of an email address
Username@domain_name
Username is the recipient of the email; the domain name will usually
consist of several words separated by full stops. The last item is called
the top-level domain and will consist of 2 or 3 letters. The top-level
3
domain often gives some indication of your affiliation or country of
residence. For example:
[email protected]
Two letter top level domains are allocated to countries other than the
USA.
Example is:
Top level domain
.uk
.fr
.di
.au
.jp
Country
United Kingdom
France
Germany
Austraila
Japan
Lower Layer Network Protocols
TCP/IP is the acronym for Transmission Control Protocol / Internet
Protocol. These are the two protocols which have made connecting
networks together and connecting to the Internet possible. TCP/IP was
developed by the US Defence Advanced Research Project Agency
(DARPA). DARPA implemented a Wide Area Network (WAN) called
ARPANET in the 1960s which connected mainframe computers together
over long distance telephone lines. ARPANET has since expanded into
the Internet. TCP/IP has been adopted internationally as the standard for
connecting computers to the Internet.
TCP
When a file is to be transmitted between two computers running TCP/IP,
the file is broken down into chunks of data called packets. TCP is
responsible for splitting the data into these packets and adding a header to
each one. This header includes a sequence number which allows the file
to be recreated at the receiving end by reassembling the packets in the
4
correct order. TCP is also responsible for re-transmitting packets if it
does not receive an acknowledgement that a packet has been received.
On the same layer as TCP, the User Datagram Protocol (UDP) provides
an unreliable datagram delivery channel - UDP does not request retransmission for lost packets. It is used for audio or video streaming.
IP
The IP protocol is responsible for taking each datagram packet and
adding its own header to allow the packet to be routed around and
between networks. As it is possible for packets to follow different routes
to their destination, they might take different amounts of time to arrive
and therefore be out of sequence. As long as the packets can be reassembled in the correct order by TCP using the sequence numbers then
the transmission was successful and TCP will issue an acknowledgement.
Ports
TCP and UDP introduce the concept of a port. Ports are needed because
we want several different type of network connection to be functioning at
the same time. Some common ports and services that run on them are:
Service
File Transfer Protocol
Telnet
Simple Mail Transfer Protocol
Hyper Text Transfer Protocol
Post Office Protocol 3
Port
21 and 20
23
25
80
110
By specifying ports and including port numbers with TCP/UDP data,
multiple network connections can take place simultaneously. This is
known as multiplexing and is why you can collect your email and browse
the Internet at the same time. The port number along with the source and
destination addresses for the data, together make a socket.
5
Topic 2 – The OSI network model
Introduction to network architecture
The Open Systems Interconnection (OSI) model was developed so that
communications equipment and network software would be compatible.
The OSI model divides the business of data transfer across a network into
a number of different layers. Each layer has a specific task to perform.
The top layer is the applications layer which is the layer you are using
when you send an email or view a web page. The lowest layer is the
physical layer which is concerned with the cabling and the physical
characteristics of the network. Each layer communicates with the layers
above and below it in the hierarchy.
Transparency – From the point of view of each layer on a network, it
behaves as if it is communicating directly with the equivalent layer on the
receiving network. From the user’s point of view, the application layer
on one network appears to pass information to the application layer on the
other. Each layer actually passes data to the layer below when sending
information and to the layer above when receiving information. In reality
it is the physical layer (the cabling) which actually transmits the data.
Hierarchy – As the data is passed by one layer to the layers below, the
files are split into smaller segments, each with that layers headers, error
correction and sequence information added to them, until the data
becomes a stream of bits transmitted via the physical layer. The reverse
process takes place at the receiving end with the headers getting stripped
out, segments reassembled until the application layer presents the user
with the transmitted file. Each layer is responsible to the layers above
and below it for ensuring that the data it receives and transmits is intact.
Independence – Because the layers are independent, it is possible to
replace or upgrade one layer with another software version without
having to change how the other layers communicate with it.
6
The Layers
(1) The Application layer – This is the top layer of the OSI model. It
provides a set of interfaces for applications to obtain access to networked
services. This layers protocols include HTTP, FTP, SMTP and POP3
(2) The Presentation layer – This handles data format information. This
is done by converting data into a standardised format that can be
understood by both sides. It also does compression & encryption. It also
controls file locking and security at the user level. Standards such as
MIDI, HTML, GIF and ASCII might be used at this layer.
(3) The Session layer – The session layer manages log on procedures and
password recognition. It permits two parties to hold ongoing
communications called a session across a network.
(4) The Transport layer – The transport layer breaks up a file into
segments for transport, and combines incoming segments into a
contiguous file. The transport layer is responsible for creating and
maintaining the basic end-to-end connection, ensuring that the bits
delivered to the receiver are the same as the bits transmitted by the
sender; in the same order and without modification. The TCP and UDP
protocols operate at this level.
(5) The Network layer – This layer is concerned with the path through
the network. It is responsible for routing, and controlling the flow of
information between hosts. Network hardware source and destination
addresses are added. The network layer works in units of packets. IP
protocol is used at this layer. Network routers work at this level, they are
responsible for routing packets between networks.
(6) The Data Link layer – This layer is responsible for putting data into
frames or packets along with error checking data. In an Ethernet
network, the data link layer works in units of frames. For incoming data
this layer transforms a stream of raw bits from the physical layer into a
data frame. The data link layer is a firmware layer of the Network
Interface Card (NIC) where the Ethernet network standard is
implemented. Network switches operate at this layer.
(7) The Physical layer – The function of the physical layer is to
transform bits in a computer system into electromagnetic (or equivalent)
signals for a particular transmission medium (wire, fibre, ether etc). The
physical layer defines items like the type of cabling (coax, twisted pair
etc), the frequency of operation (10 Mbps, 100 Mbps etc), voltage levels
and network topology (start, bus, ring etc). The physical layer functions
in units of bits. Network hubs and repeaters operate at this level.
7
Topic 3 IP Addresses and the domain Name Service
An Internet Protocol (IP) address is the way Internet Protocol
distinguishes computers on the same network. On any network, you
cannot have two computers sharing an IP address, as this would make it
impossible to distinguish between them when trying to send data from
one computer to another. You can however have a single computer with
two network Interface Cards (NICs) fitted, each one with its own IP
address. In this case the computer would be connected to two different
networks. Routers are computers like this. All computers that are
connected together on the Internet need unique IP addresses. Because IP
addresses are difficult to remember, we use Domain names to identify
them instead. When we connect to a remote computer using a domain
name such as google.co.uk, a system known as the Domain Name
Service (DNS) translates the domain name into an IP address
(216.239.41.100 in this case) so that the correct computer can be found.
The Structure of an IP Address
An IP address is a 32-bit number separated in to four 8-bit parts called
octets. An IP address can be divided into 2 sections, - the network
identifier and the host identifier. There are three ways to split the IP
address.
Class A
Class B
Class C
nnn.hhh.hhh.hhh
nnn.nnn.hhh.hhh
nnn.nnn.nnn.hhh
Where n = network identifier, h = host identifier
The network identifier is used to route packets to the correct destination
network. Once a packet reaches the network which requested it, the
packet is routed to the correct host using the host identifier.
8
Classes of IP Address
There has to be some way of sharing out the IP addresses so that large
companies and organisations have one for each of their computers, while
letting smaller organisations have some as well. Ranges of IP addresses
can be allocated by giving large organisations blocks of Class A
addresses and small organisations blocks of Class B and Class C.
Class A - addresses have their first octet in the range 1 to 126. Class B
addresses have their first octet in the range 128 to 191 and Class C
addresses have their first octet in the range 192 to 223.
A very large company with very complex internal networks may be
allocated a Class A address block such as 115.***.***.***. This would
give a total of about 16 million possible IP addresses. There are only 127
Class A address blocks, and no more are to be allocated.
Class B - addresses are common for large companies, allowing a block of
around 65000 IP addresses. When a Class B IP address is allocated, (say
135.113.***.***), the first two numbers identify that company network.
Class C - addresses are the third type, giving 254 possible IP addresses
for any one block (0 and 255 are reserved for particular functions). Here,
the first three octets are specified, and the remaining field is allocated by
the owner of the address.
Networks that are directly connected to the Internet are usually connected
to an ISP via a full time connection (leased line). The ISP informs the
network administrator which IP addresses can be used on the network,
and a router controls the delivery of packets to the appropriate IP address.
When you dial up an ISP with a modem, your computer is temporarily
allocated an IP address. This will be in the range of the Class C licences
that they own.
Private IP Addresses
Private IP addresses are ranges of IP addresses that are “known not to
exist” on the Internet. This means that no computer on the Internet will
ever be assigned these addresses. These can safely be used in internal
Local Area Networks (LANs), as they have no direct connection to the
Internet. One example of a Private IP range is from 192.168.0.1 to
192.168.0.254. The private IP ranges that are not allocated on the
Internet are:
10.0.0.0 to 10.255.255.255
Class A
172.16.0.0 to 172.31.255.255
Class B
192.168.0.0 to 192.168.255.255
Class C
Note that 0 and 255 are reserved in any class. 255.255.255.255 is the
global broadcast address. The advantages to using private IP addresses
on a network is that you can use a proxy server with single public IP
address to access the network. The proxy server forwards requests for
9
web pages or other Internet services as if they were its own. This means
that only one IP address is presented to the outside world, protecting
machines on the network from external attack, and avoiding the purchase
of more than one IP address. This is known as Network Address
Translation (NAT).
Localhost
Localhost is a special term in TCP/IP. 127.0.0.1 is the localhost
(loopback interface). This is a software only interface, which is internal to
the machine, and is not accessible over any external connection. If you
have a web server running on a machine, then you can test out Internet
pages on that server without a network connection by connecting to the
address: http://localhost. The command ping localhost will return the
IP address 172.0.0.1 as well as the name of your computer.
Static and Dynamic IP Addressing
Static IP addressing is
where every host on a
network has a fixed IP
address. Dynamic IP
addressing is where hosts
are allocated IP addresses
when they are connected to
the network, but that IP
address can be used by
another machine when the
host is disconnected. Dynamic IP addressing is implemented where there
are more potential hosts than there are IP addresses available i.e. where
an ISP has a range of IP addresses and these are dynamically allocated to
customers when they connect via a modem. On a LAN, dynamic IP
addressing is used in order to avoid the possibility of two machines being
allocated the same IP address. A DHCP server (Dynamic Host
Configuration Protocol) allocates IP addresses from a range specified by
the network manager.
Domain Names
A Domain Name is the unique name that identifies an Internet site.
Domain Names always have 2 or more parts, separated by dots. The part
on the left is the most specific, and the part on the right is the most
general. For example in the domain name:
my_company.com
10
my_company refers to a specific company and .com refers to the
commercial domain. Examples of three letter top level domains are:
Top Level Domain
.com
.net
.gov
.edu
.org
.mil
Meaning
Commercial business, a company
Network provider, ISP
Government agency
Educational institution
Non-profit institution
US. Military
Note that my_company.com and my_company.co.uk are treated as
different domains, but may point to the same Internet site. Two or more
domain names may point to the same machine, but a domain name can
only ever refer to one machine. Many companies will register their names
in a number of top level domains so that people can find them easily.
Name resolution is the system of mapping a domain name to its IP
address. This is done by the Domain Name Service. The domain name
system on the WWW is regulated by an organisation called InterNIC. If a
company wishes to have a presence on the WWW then the first step is
usually to pay an accredited registrar for one or more domain names. In
the UK the organisation responsible for overseeing the registration is
Nominet. Once that has been done, the next step is to pay to host a web
site. The company hosting the web site will provide details of the name
servers which will resolve the domain name to an IP address and the
information needed to be given to the registrar. Once this information has
propagated around the WWW, typing the domain name into a browser
will result in the name being resolved to an IP address and the appropriate
web page should be accessible.
The Domain Name Service (DNS) sometimes called the Domain Name
System translates the names which we use to identify web sites into an IP
address. The DNS database is stored on a hierarchy of dedicated servers.
It is the foundation of all communication on the Internet, so the service
must be available at all times. When you request a web page on the
Internet, a piece of software called the DNS resolver, built into the
network O/S, first contacts a DNS server by sending it a UDP packet in
order to determine the web server’s IP address. (Obviously the resolver
needs to know the IP address of the DNS server in order to do this). If the
DNS server does not contain the information needed, it will in turn
forward the request to a DNS server at the next higher level in the
hierarchy. This continues until the correct IP address is returned to the
machine requesting the file.
11
Name servers are arranged in a hierarchy, with a top level domain for
each country together with the six domains: edu, com, gov, mil, org and
net. Each of these domains is sub-divided, with each sub division
maintaining a name server. On a very small scale within a LAN, each
computer may have a host file which is a text file which maps IP
addresses on the LAN to host names.
Using Ipconfig
The Ipconfig command will give you the IP address and other settings for
your machine.
Using nslookup
You can use the nslookup command from a command prompt to get a
domain name from an IP address, or an IP address from a domain name.
Limitations of the IP Address System
The Class A, B and C system of allocating IP addresses is very
inefficient, particularly where Class A and B addresses are concerned as
many allocated IP addresses may remain unused. As more devices are
connected to the Internet there is concern we will run out of IP addresses.
There are two solutions to this problem. One is to extend the number of
IP addresses using a 6-octet system known as IPv6. IPv6 is a system of
IP addressing which increases the IP address size from 32 bits to 128 bits,
making a maximum number of 3.4 x 1038 addresses. The other solution is
to dispense with the IP Class system and use Classless Inter Domain
Routing (CIDR). This uses IP addressing space more efficiently by
making it possible to allocate part of a block to a network instead of the
whole block.
12
Topic 4 – The World Wide Web (WWW)
A markup language is one
which annotates text with
additional information about
how it should be displayed.
HTML uses tags to annotate
the text of a web page.
Tags on a web page are
used to identify elements.
Elements should always
have a start and an end tag
around them.
Here is an example of a simple web page:
<html>
<head>
<title> My first web page </title>
</head>
<body>
<h1>Welcome to my first we page</h1>
<p>This section is in normal text</p>
<p> <b> This section is in bold</b><p>
<p><u>This section is underlines</u></p>
</body>
</html>
If you type this text into a text editor and save it as test.html then you can
see what this web page would look like in your browser.
The Structure of a web page
Structure & text tags
In the above example, <html>, <head> and <body> tags are structure
tags. Structure tags are used to define the structural elements of a web
page. The <html> tags surround the whole file and determine what type
of file it is. The <head> tags define the heading element containing some
information about the html file (such as its title which is contained in the
<title> tag). The <body> tags surround the main content of the file.
Also in the above example, there are text tags. The <h1> (headline size
1), <p> (new paragraph), <b> (bold) and <u> (underline) tags all define
different text elements.
13
Element Attributes
An element defined by a tag can also have an attribute. An attribute gives
additional information about an element. This additional information
often relates to the appearance or layout of an element such as colour or
size. For example
<body bgcolor = “lightblue”> In this case the body element of the page
will be shown with a light blue background.
<p align = “center”> In this case the paragraph element will be centred.
Link Tags
The link and image tags on a web page are what provide the interactivity,
which we are so familiar with on web pages. Add this line to your
test.htm file and refresh it in your browser to see the effect.
<a href = “http://google.co.uk/”> Click here for google </a>
In this example the <a> tags surround the link element. Its attributes in
this case is the URL for the google web page and the text which will
show as the link.
Why understanding HTML is important
Web authoring software lets developers create web pages using a
WYSIWYG (What You See Is What You Get) approach, but it’s still
important to understand how the underlying HTML works so that you can
sort out problems. Not all browsers display HTML in the same way. Not
all versions of a browser will interpret HTML code in the same way.
Extensible Hypertext Markup Language (XHTML)
This has stricter rules for its tags but it is worth making your documents
conform to XHTML as it allows pages to be used with XML tools. XML
is a standard which describes a method of encoding data in a form which
makes it non-application specific. XHTML rules include:
 All documents must have a type declaration
 All elements must be closed (they must have start and stop tags)
 Tag names must be in lower case
Stylesheets
Early HTML specifications included style tags to allow the web designer
to specify font types and font sizes. It was realised that it is better to
separate structure from presentation as far as possible. The way to
achieve this is to keep the instructions on how to display certain types of
14
element in a separate document known as a stylesheet. For example a
stylesheet may specify a colour for all level one headers. Stylesheets are
useful because they can be used to maintain a consistent style across an
entire web site. Changing an attribute of an element in the stylesheet will
change the attributes of that element wherever they appear in the site.
Types of Browser
Modern browsers incorporate email, news and HTML editing facilities.
They provide facilities for users to save commonly used addresses; keep a
history of pages visited and have built in links to useful web sites. They
also incorporate plugins for multimedia content such as audio, animation,
video and interactive 3D. A plugin is a piece of software which allows a
browser to display content normally associated with other applications
such as a word processor or video player.
Microbrowsers
A microbrowser is one designed for use with a
wireless handheld device such as a mobile phone or
Personal Digital Assistant (PDA). Microbrowsers
are created to be as small as possible to make best
use of the low memory available on handheld devices
and the low bandwidth constraints of the wireless handheld networks.
Wireless Application Protocol (WAP)
HTTP is not ideal as a transport protocol for wireless communication via
handheld devices as it is not optimised for low bandwidth. For this
reason a new protocol was developed – WAP. Just as HTTP is used to
retrieve pages written using HTML, WAP is used to retrieve pages
written using Wireless Markup Language (WML). Typical characteristics
of WAP enabled devices are:
 Have small low-resolution screens so can’t display a lot of
information at once.
 Do not have powerful processors - can’t deal easily with multimedia.
 They don’t usually have a keyboard, so typing a URL is likely to be
much more difficult than on a normal computer.
 Wireless networks operate at a much lower bandwidth than desktop
computers so content has to be mainly text based rather that graphical.
The advantage of WAP devices is that they can access the Internet
without a physical connection – anywhere you can use a mobile phone.
The difference between HTML and WML
HTML documents are designed to be read on browsers running on
powerful desktop machines with cheap reliable connections and a user
15
may spend several minutes reading an HTML document. WML
applications are designed to run on mobile WAP devices with small
screens, low power processors and an expensive connection. Users of
WAP devices need short menus and easily read questions to find what
they need. WML files are sent to microbrowsers in a compact form
known as WAP Binary XML (WBXML).
Wireless Markup Language
A WML application consists of one or more decks containing collections
of cards. Each card typically contains some content displayed to the user
and some other content used by the microbrowser to control how the user
moves from one card to another. The idea of bundling a deck of related
cards together means that several of them can be sent together without the
browser requesting a new card from the server every time a user moves
from one card to another.
Search Engines
Introduction
Many web sites offer a search facility, which will search for a specific
word or phrase on pages within the site itself. This can be useful on
technical web sites or information web sites such as those belonging to
news organisations. Searching for information on the entire Internet is
more complicated because the Internet is so large and is rapidly changing.
For this reasons most browsers provide a means of saving frequently
visited pages in a favourites or bookmarks folder, and many organisations
provide search facilities on the web to make finding pages easier i.e.
Search Engines. There are two main types of search engine:
(A) Crawler based search engines have databases which are selected and
built by computer programs called spiders. These programs “crawl” the
web in their hunt for pages to include. They find the pages for potential
inclusion by following the links in the pages they already have in their
database, but they also rely on contributors submitting their web pages to
be indexed. The software “crawls” through the web indexing pages as it
goes, using the content of pages, their titles and content HTML tags as a
means of building the index. Google is an example.
(B) Directories are human powered indexing facilities, which are built up
by users and editors working for the directory company. Users submit a
short description to the directory for their entire site, or editors write one
for sites they review. When a query is entered, the search engine only
looks for matches in the descriptions submitted. Yahoo is an example.
16
How do indexed search engines work?
Search engines do not really search the WWW directly. Each one search
an index built from the text of web pages the search engine has looked at.
When you click on a link provided by a search engines results, you
retrieve the current version of the page. If a web page is never linked to
any other page, search engine spiders can’t find it. The only way a brand
new web page – one that no other page has ever linked to – can get into a
search engine is for its URL to be submitted by a human to the search
engine companies. Once a spider finds a page, it passes it on to another
program for ‘indexing’. This program identifies the text, links and other
content in the page and stores it in the search engine database files so it
can be searched by keyword or more advanced approaches; if offered.
Meta Tags
A Meta tag is an HTML tag which is placed in the header element of a
web page. It provides information which is not visible to browsers, but
which can be used by search engines to index web pages. The most
common Meta tags are keywords and description.
The keyword tag allows the author to list the words which describe the
page. The description tag allows the author to give a text of the summary
displayed when the page appears in the results of a search.
<Meta name = “Keywords” content = “HTML, html, html reference,
HTML tags”></Meta>
<Meta name = “description” content = “Simon’s guide to HTML
tags.”></Meta>
Meta-search engines
A meta-search engine is one, which passes queries on to several search
engines and directories and then summarises all the results, having
removed duplicate entries. This means that the results should
theoretically be the aggregate of all the best search engines on the web.
www.ask.com and www.dogpile.com are examples.
17
Topic 5 – The Implications of the WWW
The World Wide Web is a relatively new phenomenon, with implications
for the way people communicate with each other, how societies are
organised, how information is shared, and how we are governed. This
topic explores some of the commercial, social, ethical and legal issues,
which the existence of the WWW raises.
E-commerce
E-commerce is the general term used to describe buying and selling
products or services over the Internet, and this, together with Electronic
Funds Transfer (EFT), has revolutionised the way we buy many goods
and services. We now take it for granted that we can use Automated
Teller Machines (ATMs) and pay for goods in shops all over the world
using a credit or debit card, but this is only possible because of the
networked systems set up by the banking industry. A recent development
in E-commerce is the ability to buy goods and services on-line although
there is still some consumer resistance to this method of trading.
Purchasing Software over the Internet
Software is often distributed via the Internet with payment being made
using a credit card. Software can be locked, or set to expire after a period
of time unless it is registered. Payment of a fee results in the code to
unlock the software being sent by email. Once enough bandwidth
becomes available, it will be possible for software to be rented rather than
bought. Software would be installed on a web server, and your machine
would download the parts you need whenever you used it. Because
everyone would be using the same version of the software, software
companies would be able to save on support and distribution costs.
The Internet Gives Access to Mass Markets
Selling a specialised product can often be difficult if you do not have
access to a large population area or cannot advertise your product easily.
The Internet allows any business to access a world-wide market.
Although a product may be specialised or may only appeal to relatively
few, the Internet can give access to special interest groups, this allows
vendors to target their products to a particular audience.
Purchasing Services Over the Internet
A service provider is a commercial organisation which provides access to
an Internet connection, a certain amount of bandwidth and sometimes file
transfer and web hosting. Many training and on-line courses are available
over the Internet, usually accessed by using an ID and password. Access
18
to these courses may be part of a particular University qualification (like
Scholar) or may be available for purchase from the provider.
Content providers can sell access to information on the Internet by using
a subscription system. The kind of information which people would be
prepared to pay for might be up to date stock market prices, detailed
satellite data, on-line training, news feeds and other services.
Entertainment services such as access to networked games and music
downloads are services, which are likely to become subscription-based.
The Advantages and Disadvantages of E-Commerce
The advantages of E-commerce to the customer are:
 Goods and services can be purchased at any time of day or night
 Goods and services can be purchased from anywhere in the world
 E-commerce uses Electronic Funds Transfer (EFT) - no cash.
 Consumers are able to research a product more thoroughly before
purchase and compare prices from different retailers
 Goods purchased arrive by post, reducing the need to travel
The disadvantages to the customer are:
 If you purchase goods or services from another country, you may
have difficulty recovering funds if goods don’t arrive or aren’t
what was advertised.
 You rely on the security procedures of the firm you are dealing
with to keep your credit card details secure.
 You pay more for delivery & packing than it would otherwise.
 Local businesses may suffer.
If you purchase goods from another country, you may have to pay import
tax
The advantages of E-commerce to the seller are:
 Dealing directly with customers so no profit taken by retailers.
 Your customer base is not limited to those who can travel to you.
 You do not need to pay for expensive high street retail outlets
 EFT means no security problems handling cash
 You can automate the packing and delivery of your product
 Your on-line profile does not depend on the size of your business.
The disadvantages to the merchant are:
 You need good security in place to avoid credit card fraud
 You need to employ someone to keep your web-site and catalogue
up to date
19
 Your web site must be secure and your servers protected from
hacker attack
Dealing With Fraud
Concerns that credit card details being transmitted over the Internet could
be intercepted or stolen are widespread. Anyone using an on-line bank
needs to be reassured that the system they are using to access their
financial details is secure. Most e-commerce sites use the HTTPS
(HTTP over a Secure Socket Layer) protocol. HTTPS uses encryption to
protect information. Browsers will display a padlock icon when using
this protocol, so users know data is being encrypted. In the future, PCs
may come fitted with card readers so that users can insert their card and
enter their PIN to verify the authenticity of their credit card. For
customers, it can be very difficult to tell the difference between a genuine
company and a fraudulent organisation just by looking at their web-site.
“Phishing” is a recent scam which involves extracting credit card details,
passwords and even pin numbers from people by sending them emails
which pretend to come from their bank or credit card company. These
emails direct them to a fake web-site where they are asked to enter their
details.
Social Implications of the WWW
The Information-Rich and The Information-Poor
Many people feel that the Internet has accentuated the difference between
the rich and poor. People in western countries are described as
“Information rich” whereas people in the Third World are “Information
poor”, since connecting to the Internet requires expensive equipment and
access to a networking infrastructure which does not exist in many poor
countries. Governments are concerned that the Information Poor will be
unable to access government support and information, will be unable to
participate in knowledge industries, and will increasingly become more
dependent on welfare and be less employable.
Social Isolation
There is a fear that the increased use of electronic communication will
mean that many people will become physically more isolated from each
other. The Internet encourages the creation of global communities, but
may result in neighbours not seeing each other. E-commerce means that
people use high street shops less and meet together less. Tele-working
means that people work from home instead of an office with colleagues.
20
Employment and Taxation
Tele-working can mean working
from home using communications
technology to keep in touch with
your employer. The work you do
can be transferred electronically to
your employer’s Network. It could
mean working in a different
country from your employer or not
meeting your co-workers because
they live in different parts of the
world. Any job where your work can be transmitted electronically to your
employer can become a tele-working job. Tele-working may also mean
working independently as a web developer or programmer.
Advantages for the employee:
 Working from home can save on travel time and transport costs;
 As long as you produce the required results, it does not matter
where or when you work. This means that you can save on childminding or other expenses.
 You can deliver your work to your customers electronically.
Disadvantages for the employee:
 Because you are not in touch with your colleagues, you can get a
feeling of isolation, missing out on gossip or possible promotion.
 You may work harder and put more hours in than you would if you
were working in an office because you worry that your employers
may think you are having an easy time of it at home;
 You will need space in your home to work, and you may have to
insure your employer’s computer equipment.
Advantages for the employer:
 You can save money on office space because your workers are
using their own homes.
 Tele-workers often work harder.
 You can save money on wages as you can employ people in parts
of the world where wages are low.
Disadvantages for the employer:
 You will need to train your tele-workers and pay for
communications costs and computer equipment;
21
 There may be security issues you will need to consider if you want
employees to log into your company network from home;
 You may have less control of the quality of service your work
force provide if your workers are in a foreign country.
Video Conferencing
Video conferencing allows a number of people to communicate with
each other using sound & video to share data such as text and graphics
even though they are thousands of miles apart. It requires a high
bandwidth connection and is expensive, but can be cheaper that flying
people from one continent to another. Video conferencing requires a
dedicated communications channel. As the technology becomes cheaper
and more bandwidth is available, it is likely that more people will start to
use it as an alternative to travelling long distances for meetings.
Ethical Implications of the WWW
Personal Privacy - The monitoring of individuals’ Internet and emails is
a contentious issue. Many governments would like to have access to this
sort of information. Many individuals would not. With modern
communications networks it is possible to trace the movements of any
individual around the world – they use cash machines, pay with credit
cards, use the Internet, use mobile phones, appear on surveillance
cameras, etc. Even organisations who manage LANs are becoming
concerned about the security and employment issues surrounding email,
and some are monitoring all email activity on their networks. See the
section dealing with the Regulation of Investigatory Powers (RIP) Act.
Cookies - Cookies are small data files which web servers send to your
machine along with web pages. HTTP is a “stateless” protocol, which
means that the web server has no way of knowing which machine or user
a request for a web page has come from. This can be a problem if you are
using e-commerce, as the server needs to be able to track a transaction
between web pages. One solution is to store a session number in a cookie
which is sent to your machine – when you go to the checkout the server
requests the cookie so that it knows which transaction belongs to you.
Cookies are also used to store details of personalisation which people
have applied to web pages. Cookies can also be used to track your
activity, which adverts you have responded to etc, and to customise online advertising accordingly. Many people regard this as an invasion of
their privacy. There are several companies, which offer software to
check for cookies or other data collection systems on your computer.
22
Encryption. - Encrypting data is a method of coding it to make it
difficult or even impossible for someone to read it unless they have
authorisation from you. Some governments make encrypting data illegal,
others regard it as an individual right. As with all security systems, there
is a trade-off between security and convenience. The more secure you
make a communication system, the more inconvenient it is to use. At the
moment email on most networks is un-encrypted and insecure, as
messages are sent as plain ASCII text. One popular and free encryption
system currently available is Pretty Good Privacy (PGP), although
recently PGP was regarded as “munitions” by the USA government.
Netiquette - There are several conventions and a whole new vocabulary,
which has developed with regard to how you should behave on Internet
newsgroups, using email, etc. Simple rules such as not sending “Spam”
(unsolicited commercial email), not shouting (capitals) and respecting
people’s privacy may seem obvious, but it is easy to make mistakes
without realising it. The best policy when subscribing to a newsgroup or
joining a list server is to “listen” quietly for a while (called “lurking”) to
see how others behave before you submit any contributions yourself.
Misrepresentation - The ability to post messages on newsgroups or
discussion lists anonymously means that offensive statements can be
made without the person making them being held to account.
Chatrooms - Are popular with young people who use the Internet as they
enable users to communicate in real time with others from all over the
world. A chatroom on the Internet is an area where users can type
messages which can be read immediately by anyone else connected to the
same server. Communication is slow because of the need to type the
messages, but this disadvantage is outweighed by the immediacy of the
system. One problem with chatrooms is that there is no way of verifying
that the person you are communicating with is who they say they are.
Censorship and Pornography - What is legal in one country may not be
legal in another. Not all governments encourage the free debate of
political subjects and many governments try to block access to opinions
or political debate which is critical of them. Many people believe that
children should be protected from violent, pornographic or extreme
political material, tough of course what is considered to be extreme in one
society is not always considered to be extreme in every society. An
international standard of “rating” web pages for violent or sexual content
has been developed by the Internet Content Rating Association (ICRA)
which makes controlling access easier.
23
Internet Regulation
Taxation - Buying and selling on the Internet makes it very difficult
indeed to impose taxes, import duties or other fees, particularly if the item
purchased such as software, music, or access to information can be
transmitted electronically and does not have to be physically delivered to
the purchaser. If you work in one country but are employed in another,
where should you pay tax? Which country’s employment law applies?
The Copyright Act - Copyright in the UK is governed by the Copyright,
Designs and Patents Act 1988. The Internet has made the distribution of
software cheap and easy, but this also means that the distribution of
illegal copies of software is just as easy. Software piracy is a major
problem in parts of the world. People argue that software piracy increases
the cost of software because software distributors need to charge more to
recover the cost of research and development. In addition to conventional
software licensing, there are a number of alternative software distribution
models in existence, including shareware, adware and even freeware.
The Internet has made many of these distribution models viable because
it provides a large enough market and removes the cost of distribution
from the developer. The fact that data is on a web page and anyone can
access it does not make it available for anyone to take and publish it
under their own name. Peer to peer file sharing software enables users to
share music or other files, which may be subject to copyright legislation.
In the US, the Recording Industry Association of America (RIAA) is
conducting a legal campaign to stop users sharing music files this way.
The Computer Misuse Act - In the United Kingdom, The Computer
Misuse Act (1990) covers using computers to damage or steal data. The
Computer Misuse Act covers crimes such as breaking into computer
systems or networks to destroy or steal data and propagating viruses.
Before this act was passed, hackers were often only able to be prosecuted
for mundane offences such as “stealing electricity”.
The Data Protection Act - In the United Kingdom, the Data Protection
Act (1998) describes the duties and responsibilities of those holding data
on individuals (Data Users). It also describes the rights of those
individuals (Data Subjects). In general, it is the duty of those holding data
on individuals to register with the Data Protection Register, to keep the
information secure, make sure it is accurate, and to divulge it only to
those persons who are authorised to view it. It is the right of an individual
who has data stored concerning them to view that information and to have
it changed if it is inaccurate. There are a number of organisations, which
24
may be given exemption from this act – namely the Police, Customs,
National Security and Health Authorities.
The Regulation of Investigatory Powers Act 2000 (RIP) - This gives
government and employers rights to monitor employee’s e-mails and
telephone calls to ensure that they relate to work. It has been condemned
as an invasion of privacy but the government argues it is necessary to
crack down on Internet crime and paedophilia. There are two main areas
of controversy in the RIP act.
The first concern is that Security services, such as MI5, will be able to
monitor people’s Internet habits by recording the websites and chatrooms
they visit and the addresses of emails they send and receive. The Home
Office says that the interception procedures are in line with the right to
privacy enshrined in article eight of the European Convention on Human
Rights and simply brings the monitoring of the Internet in line with that
of telephone calls. Currently all telephone numbers are logged and some
telephone companies are required to enable security services to intercept
calls. Internet activity is different however as web addresses show exactly
what people have been looking at and enable security services to build up
profiles of where people go online and who they communicate with.
The act also allows employers to intercept emails and Internet use by
their staff, on grounds such as monitoring for computer viruses and
checking inappropriate use of company email.
Many people think that this law is disproportionate to the problem it is
trying to tackle, and that it allows an invasion of the right to privacy of
communication in Article eight of the convention on human rights.
Under RIP, some UK Internet service providers (ISPs) will be asked “to
maintain a reasonable intercept capability”. This would mean that they
would be required to install a device enabling the security services to
monitor the flow of data. Critics say that these devices would be hugely
expensive and will have difficulty keeping pace with fast-changing
Internet technology as well as the ever-growing volume of Internet
traffic. The Home Office claims that the power of interception is rarely
used. The second concern is over the legislation’s reverse burden of
proof. If intercepted communications are encrypted, the act will force
people to surrender the decryption keys on pain of jail sentences of up to
two years. The government says keys will only be required in special
circumstances. Human rights campaigners argue that the act reverses the
burden of proof in UK law as the person sending or receiving the
communication must prove their innocence rather than the authorities
proving their guilt. However, the Home Office says that the burden
remains on the prosecution to prove “beyond reasonable doubt”.
25
Topic 6 – Network security
Introduction
Security on a network is a
compromise between security and
convenience. The security must
always be appropriate to the
importance of the data being
protected. If you impose too
strict a security policy, such as
one that forces users to change
their passwords daily, then the danger is that they will write their
passwords down somewhere. If you let users choose their own passwords
and make no restrictions on what kind of passwords they use, then the
danger is that they will use passwords which are easy to guess.
As well as internal security on a network, measures are needed to protect
the network from outside. Security from hacker attack is best achieved
by having one connection between the network and the outside world,
then applying security to that connection (Proxy). Security from virus
infection is dealt with by installing anti-virus software at the point where
the network connects to the outside world. Organisations have strict
policies on their users installing their own software.
Threats to network security
The purpose of security on a network is categorised into three main areas:
 Protecting data on a network
 Protecting the network software and resources
 Protecting the users of the network
Protecting these areas can be done by:
 Imposing network security on users and network hardware
 Additionally installing virus protection and a firewall
 Filtering Internet content
On most networks all of these security precautions are in place.
26
Protecting data on the network
Problem source
Pupils / students
Hackers
Employees
Disgruntled ex-employees
Accountants
Fraudsters
Hackers / Spies
Activity
Non-malicious breaching of
network security.
Malicious breaching of network
security features via virus or worm
infestation. Stealing network
resources such as bandwidth, hard
disk space, mail servers etc.
Gaining access to confidential files
and data for personal benefit.
Sabotaging the network system by
gaining administrative access and
deleting or changing system files.
Embezzling money
Using stolen credit card details to
purchase goods and services over
the Internet.
Taping into wireless networks to
gain information or steal data.
User access rights
Security within a LAN is important. There may be confidential
information on the network which not all users should have access to.
There may be a number of different types of user on the network and
these different groups may need access restricted in different ways. For
instance, in a school or college, students should not have access to
assessment materials or private tutor areas.
Software Solutions
When network users log on they are asked for a network ID and
password. Once supplied, the network Operating System (NOS) checks
the combination of ID and password against an encrypted database, if
they match, the user is given access to the files and resources, which they
have the permissions to use. The NOS can enforce password security at
a number of levels. At its lowest, the user has a free choice of password
and is never prompted to change it, however more strict settings include:
 The password must be more than a set number of characters.
 The password must have one number or other characters i.e.? / }
 The password must not be one, which that person has used before
 The password must not be a word which appears in the dictionary.
 The password must be changed every set number of days.
27
In addition to the normal ID and password check, the NOS can restrict
particular users to particular network stations. Restriction can be
achieved using station IP addresses. The resources which a users has
access to on a network are determined by their security level. Some NOS
allow the network manager to give each user on the network a restriction
policy graded from 1 to 6 in terms of what resources they get when they
log on. Users with restriction policy 1 would see a screen with very few
icons inferring that their network provision is minimal. Restriction
policy 6 would give full system access for the administrator only.
Every file and directory on the network will have permissions set by the
network O/S. It is these permissions which are checked when a user
attempts to access a file or resource. Normally a user would have full
read/write access to their own files on the network, other shared files may
be read only, and other files such as those which are part of the network
O/S will be inaccessible altogether.
Encryption
The network traffic created by a ‘log on’ ID and
password is encrypted in case it is intercepted by a
machine, which an unauthorised individual has
placed on the network. Encryption can also be
used to protect data from prying eyes within a
network as well as from outside. As with network security, there is a
trade off between convenience and security. The value of the data should
determine the level of encryption, which is used to protect it. Encryption
should never be considered to be impossible for someone else to
decipher, only that it needs to be strong enough so that the time it would
take someone to decipher it would render the information worthless.
Encryption is classified according to the number of bits needed for the
key used to encode the data. The more bits that are used, the longer it
takes for the code to be cracked.
Hardware Solutions
Network servers are normally locked away in secure rooms. Backup
tapes and emergency repair disks are also a security risk unless they are
protected by lock and key. It is possible to exclude access to other parts
of the network by physically locking workstations. Entry can be made
via magnetic swipe card, smart key or by punching in a code. Other
hardware solutions may involve biometric security systems such as
fingerprint, face or iris pattern recognition systems. Using switches
instead of hubs increases security because switches direct network traffic
28
to a specific machine rather than to every machine on their segment.
Since a Network Interface Card receives every packet on its segment and
can be set to display their contents on the machine they are fitted in, a
hacker could use a laptop equipped with a ‘packet sniffer’ plugged into
the network to extract ID and password information. Wireless networks
are particularly prone to this sort of attack as there is no physical
connection needed, and many wireless networks can be accessed from
outside the building they are installed in. Wireless networks need to be
configured so that the packets are encrypted.
Human Engineering
Since the ID and passwords on a network are effectively the key to much
of its security, it is this area that inevitably attracts most of the efforts of
those trying to break in. A number of tricks can be employed including
fake logon screens, which then save ID and password details to a file
which the hacker accesses later, or keystroke loggers which can be
inserted in between a keyboard and a computer case. These devices log
every key pressed and this data can be trawled through at leisure once the
hacker removes the device.
Anti Virus Software
Viruses and worms are pieces of software, which can both damage data
on a network and also damage the network software itself. They can
make the network unusable by their attempts to copy themselves to other
machines or networks. They are usually small sections of code, which
hide themselves inside legitimate applications. When the user runs the
application, the extra code may delete files; infect other applications or
attempt to propagate itself. Viruses may lie dormant until a particular
date or set of circumstances. They may attempt to disguise themselves
from anti-virus software and may change themselves as they propagate.
A worm is similar to a virus although its prime concern is to propagate
itself as efficiently as possible, consuming machine resources in the
process. Many viruses and worms use the Internet and email to propagate
themselves, using address books and masquerading as genuine messages.
Protecting a network against viruses, Trojans and worms is achieved by
installing anti-virus software on to the network servers and workstations.
The anti-virus server also downloads the latest virus signatures from the
software vendor for updating itself and all the network stations.
Proxy servers
As well as enabling private IP addresses to be used on a LAN, a proxy
server is also a convenient way of helping to secure a network because
the private internal IP addresses are hidden from the outside world, using
29
a system known as Network Address Translation (NAT). This protects
these internal machines from external attack because without knowing the
IP address of a machine, a hacker can’t access it.
Firewalls & Routers
A firewall is a piece of
software installed on
the computer, which
controls the network
access to the outside
world. A firewall can
be installed on a
dedicated machine, or
may be part of a proxy server. It will normally block network traffic by
examining each packet as it passes through. Each packet can be
identified by its source address, its destination address and the port
number it is using. A firewall can block network traffic on all incoming
and outgoing ports except the ones the network manager knows are for
legitimate use of protocols such as HTTP, FTP, SMTP and POP3.
Protecting resources against external attack
There are a number of reasons why a hacker might wish to gain access to
a network. They might wish to make illegal use of the network resources
such as hard disk space and bandwidth – storing and distributing pirate
software or pornography for example, or using the mail server to
distribute spam or to propagate a virus. They might wish to deface the
company web site or compromise the web server so that it can be used as
a secure platform for an attack on another system.
Monitoring & logging network activity
Monitoring software can be set to inform the network manager of unusual
activity which might signify a problem. Logs of network activity such as
logins, file activity, network traffic etc can help a network manager to
track down the source of an intrusion or the route by which network
security was breached.
Internet filtering
Internet filtering can restrict the web sites which users of a network can
access. Filtering may be imposed by a company to prevent the
employees from surfing the web for their own entertainment, or it may be
imposed by a school or college to protect their students from accessing
30
unsuitable material. Internet filtering may also be installed in homes,
where parents wish to protect their children.
Filtering software
Filtering software takes the approach of letting the user access anything
on the web other than those sites, which have been identified as
unsuitable. A very low-tech approach is to simply use a list of banned
words which are used to block any sites whose URL contains these
words. More sophisticated systems use a regularly updated list of
banned sites or a proxy server maintained by the company providing the
filtering software. Network managers can submit additional sites, which
they wish to ban. The danger with this approach is that the decision on
what sites to ban and what sites to permit is taken out of the hands of the
organisation who own the network and is under the control of the filtering
software company.
Walled garden
The “walled garden” approach only allows users to access certain parts of
the WWW. The software will only allow users to access a web site if its
IP address matches one of those on the list of permitted ones. This list
may be supplied by the software vendor, or may be compiled by the
organisation themselves. While this approach is very effective at filtering
content, it can be restrictive and reduces the functionality of the WWW.
31
Topic 7 – DoS & Disaster recovery
A Denial of Service (DoS) attack is an attack on
a network server, which significantly reduces the
capacity of that server to provide resources to
legitimate users. DoS attacks are almost always
launched from outside an organisation, and are
directed towards the services which the network
is providing to the external users of that
network. DoS attacks may be designed to put a competitor out of
business, to bring down a high profile organisation or just to cause
trouble.
Types of DoS attack
Physical attack – The simplest form of physical DoS attack is to cut the
cables between the company providing the service and their customers.
This type of attack is rare and relatively east to protect against.
Exploitation of software flaws – The complexity of modern O/S and
server software, as well as the pressures on companies to bring out
software before competitors’ means that there will be bugs and loopholes
which have not been spotted before the software is on general release.
Although no longer a threat, exploits which have been used in the past
are: sending emails which have attachments with 256 character files
names to Netscape and Microsoft mail programs, or the ping of death,
where a ping message larger than the permitted size was sent to a server.
In both cases the software suffered a buffer overflow. Usually when a
buffer overflow attack is successful, the application that has been
attacked crashes in a way which allows the hacker to gain control of a
system or to execute code as the system crashes.
When a flaw in O/S software is discovered, the business of issuing a fix
or ‘patch’ varies according to the distribution model. Open source
software such as Linux relies on the programmer community to spot the
flaw and issue a fix, but the act of publishing a fix often alerts the hacker
to the flaw, leaving those who do not immediately apply the patch
vulnerable. Where commercial software like Windows is concerned,
patches are produced by the software producer.
Resource Starvation – The services provided by a network server
depend on the bandwidth available to that server. Any attack which
monopolises bandwidth can effectively deny users access to those
services. One type of attack known as the ‘Smurf’ attack sends out a
specially constructed ping message to a large number of intermediary
32
machines. These intermediary machines simultaneously send this ping
message to the ‘broadcast’ address on their network. The machines on
their network reply to the ping message but the reply address is actually
the address of the target server which gets flooded with simultaneous
ping replies. Viruses and worms can also be regarded as DoS attacks.
The effects of a DoS attack
The effects of a DoS attack can be devastating for a company,
particularly if they are high profile or rely on 24-hour connectivity. Apart
from the loss of business, there is the loss in confidence by their users, the
cost of repair and response and the disruption to the organisation.
Why do DoS attacks occur? – In September 2003 a number of ‘Antispam’ sites which supply spam blocking lists were hit by DoS attacks by
hackers who had been hired by spammers. Some attacks are merely
malicious but business competition may well become an increasing
reason as well as politically motivated attacks.
Avoiding Disaster
The effort put into avoiding disaster should be proportional to the amount
of work that has gone into building the system, which needs to be
protected. Disaster can come in a number of guises, such as a virus or
hacker attack, or physical disasters such as fire, flood, theft or even just
deleting crucial files by accident. The important thing to remember is
that the data held on a computer system is many times more valuable that
the physical equipment itself. Obviously avoiding hardware failure is a
sensible strategy by having replacement parts, backup servers etc
available even though they may never be used.
Software solutions
The best solution to recover from disaster is to make regular backups, that
your backup is kept in a safe and secure place, and you are sure that you
can recover files from the backup when you need them. A backup
schedule is an automatic system, which runs at specific times – usually
during the night when network activity is at a minimum.
A backup strategy is a system, which is put in place to ensure that data
loss is minimised in the event of a disaster. A simple backup strategy is
one where servers are backed up to tape every night, and the tapes are
taken off site to a secure location the next day. Tapes are used because
they are cheap and portable, although tape drives are expensive.
A simple strategy would be that tapes are rotated every 5 days, with an
additional weekly tape being rotated every 4 weeks, so as to enable
recovery of data up to a month before.
33
Friday 1
Friday 2
Friday 3
Monday
Tuesday
Wednesday
Thursday
Friday 4
With a system like this, there would be backup versions available every
weekday up to a week before plus every Friday up to a month before.
Backup strategies will vary according to the size of the organisation and
the importance of the data to its survival.
Hardware Solutions
Fault Tolerance Components – This is making sure to install
components which have duplication built in so that if one part fails, the
other can take over. Many servers are fitted with dual power supplies.
Hardware redundancy - This takes the idea of fault tolerance a stage
further by making sure that there are quickly available duplicates of
crucial equipment like servers, switches and routers, so that if one of
these fails, it can be quickly replaced.
Uninterruptible Power Supplies (UPS) – A UPS is a device which
contains a battery to supply a server with electricity to keep it running in
the event of a power cut and to shut down the server gracefully in the
event of a longer problem. A UPS can also act as a filter for erratic or
dirty power supplies, avoiding large changes in voltage or frequency
which might damage a server. Large institutions may have their own
generators which take over in the event of a power cut, but need a UPS
bridge the gap between the power cut and the generators starting.
Disk mirroring and RAID – An alternative and/or complimentary
strategy to tape backup is to use a disk mirroring system or a server which
runs a Random Array of Inexpensive Disks (RAID). The best versions of
RAID enable the recreation of data from a failed hard disk from the
information on other disks in the array, and will also often allow the ‘hot
swapping’ of failed hard disks so that the server does not need to be shut
down or re-booted when a disk fails. Another option is to write to two
hard disks simultaneously, this is called disk mirroring.
Network Topology - Different network topologies can have difference
tolerances to failures. Channel failures will normally only affect the node
which they are connected to unless that channel is one from server to
switch or router. Star and tree topologies are better as a channel failure
only affects the node which it serves unless the channel which fails is the
one which serves the node at the centre.
34
Topic 8 – Data Transmission
Introduction
Data transmission is the technology at the heart of networking, and
concerns the second layer of the OSI model – the Data Link Layer which
is responsible for putting data into frames or packets and providing an
error free transfer from one node to another. This topic looks at Ethernet,
which implements the data link layer in many Local Area Networks.
Units of measurement
It is important to be aware of the units used in computer networking,
particularly where transmission speed is concerned, as there are a number
of confusions, which can arise.
Since transmitting data over networks often involves sending extra bits in
order to cope with error detection, error correction and the information
needed to identify where a message starts and a message stops, the unit
for measuring the quantity of data transmitted is the bit and the
transmission speed is measured in megabits per second (Mbps) or
Kilobits per second (Kbps). It is important to distinguish these units from
Megabytes and Kilobytes which are normally used to measure file size
and storage capacity. There is additional confusion over the meaning of
the prefixes Kilo and Mega. When describing file or memory sizes, Kilo
means 210 (1024) and Mega means 220 (1048576) whereas when
describing network transmission speeds, Kilo usually means 10 3 (1000)
and Mega usually means 106 (1000000). This is because the transmission
speed is governed by the speed of the clock, which paces the transmission
of the bits. A clock that is running at 10 Megahertz (MHz) is used to
transmit bits at 10 Mbps.
Asynchronous & Synchronous Data Transmission
Asynchronous data transmission (where the sending and receiving
machine are not synchronised) uses a transmission system where each
byte is sent individually with its accompanying stop and start bits.
Asynchronous transmission is a fairly primitive method of data
transmission as the proportion of data to incidental information such as
start and stop bits is low compared to synchronous transmission.
Asynchronous data transmission is used for low speed transmission and
the protocols used do not include error checking (since the transmitter
receives no information about the success or failure of the transfer).
Synchronous data transmission (where the sending and receiving
machines are synchronised) uses a start frame to tell the receiving station
that a packet is on its way and is used to synchronise the receiving station
with the transmitting one. Synchronous transmission is much more
efficient because a start and stop frame is only needed at the beginning
35
and end of a block of characters which can be up to 8KB in length. Error
checking information can be included in the block. Synchronous
transmission is more difficult and expensive to implement since it
requires the transmitter and receiver clocks to be synchronised. It is used
with higher transfer rates of information: such as 100Mbps Ethernet.
Circuit and Packet Switching
Connections between nodes on
different networks can be achieved by
circuit switching or packet switching.
Circuit switching is where there is a
direct connection established between
the two networks. All data follows the
same physical path. Circuit switching is expensive because it means
dedicating a particular connection for the time the communication is
occurring. Asynchronous Transfer Mode (ATM) is a popular circuit
switching technology based on transferring data in blocks of a fixed size.
ATM is used to connect networks over a leased telephone line. This is
expensive but provides a high bandwidth connection. A circuit switching
network is often referred to as a connection orientated.
Packet switching is where the data
to be exchanged is broken up into
blocks of data called ‘packets’.
These packets are given a
destination address and a sequence
number, and this information is
used to reassemble the
communication when it reaches its
destination. Breaking the data down into packets means the packets can
follow different routes between the transmitter and the receiver, but is
extremely efficient as packets from different users can be mixed, and the
network hardware decides the most efficient route. Packet switching is
cheaper than circuit because it does not need a dedicated connection.
Most Internet traffic uses packet switching.
36
Unicast, Broadcast & Multicast transmission
Unicast transmission - is communication where a packet is sent from a
single source to a specified host. It is still the main form of transmission
on LANs and the Internet. It uses TCP and UDP protocols. Broadcast
transmission – is a method of delivering a packet to every host on a
network or group of hosts on the Internet. It does not retransmit
‘dropped’ packets or wait for acknowledgement of their delivery, so the
protocol used is UDP. Examples of broadcast technology are streaming
audio or video applications. Multicast transmission – is where packets
are sent from one or more points to a set of other points. In this case
there may be one or
more senders, and
the information is
distributed to a set
of receivers. As
with broadcast
transmission UDP
is used.
Ethernet
Ethernet is a
networking system
where all nodes are
connected together on a common bus but where only one node can
transmit at any one time. The system used for making sure that only one
machine is transmitting at a time is called ‘Carrier Sense Multiple Access
/ Collision Detection (CSMA/CD). The Ethernet standard operates on the
Data Link Layer of the OSI model. It is the most commonly used
technology for LANs.
Ethernet frames and transmission rates
When data is being passed between two computers on the same Ethernet
segment, the computers are identified by their MAC addresses. The
actual data to be transmitted is packaged up into a frame. The table
below shows the structure of an Ethernet frame:
8 Bytes
6 Bytes
6 Bytes
Preamble
Destination Source
address
address
2 Bytes
Frame
type
46 to 1500 4 Bytes
Bytes
Data
Checksum
The original Ethernet transmission rate was 10 Mbps, but the standard is
now 100 Mbps with 1 Gbps and 10 Gbps available.
37
A collision is when 2 devices transmit simultaneously. The propagation
delay of a network is the time it takes for a signal to travel from one end
of a segment to another. Collisions can only be detected if you can
guarantee that the frame will be transmitted for a length of time that is at
least twice the propagation delay of the network. This means that the
maximum physical length of a segment, the minimum frame size and the
transmission rate are related. If the transmission rate doubles, either the
maximum length has to be halved or the minimum frame length has to be
doubled.
Carrier Sense Multiple Access / Collision detection (CSMA/CD)
Any node can transmit a frame on an Ethernet network but must check no
other machine is transmitting at the same time. If there is no other
transmitting node, then the transmission is started. Once a transmission is
started, if a collision is detected, transmission stops and the machine
waits for a short random time before attempting to re-transmit. On a busy
network, this delay can reduce network performance.
Network Interface Card (NIC) & MAC address.
Every Ethernet NIC has its own unique (MAC) address, which identifies
it on the network. It is this address which is used by the Ethernet protocol
to direct data around the network from one host to another. The data to
be transmitted is packaged into a frame. The frame contains the
destination MAC address, the source MAC address, error detection and
transmission information along with the actual data.
On an Ethernet network, a NIC can accept:
 Frames with the destination as its own MAC address
 Frames with the destination as the broadcast address (all 1s)
 Frames with the destination as a multicast address if programmed.
 All frames if it has been put into promiscuous mode.
The last item in the list is why a switched network is more secured than
one which uses hubs and why unsecured wireless networks are a security
risk. Someone wishing to break into an Ethernet network could connect a
laptop with a NIC set to promiscuous mode, and use software to read all
packets on that particular segment. Any traffic where passwords and IDs
were sent in unencrypted form would be a security risk.
Machine Identification
All nodes on a network, whether they are servers or network stations, will
have a unique identity which identifies it. The type of identity a node has
will be determined by the protocols running on the network. The
38
Ethernet standard requires that every NIC has a MAC address in the form
of a 6 byte number. With the TCP/IP protocol used for access to Internet
services, every node has its own IP address in the form of a 4 byte
number. Also, nodes on a network may have a user-friendly name, which
identifies them to users on the network. The network Operating System
is responsible for making sure that all of these different ways of
identifying a machine are mapped to the same physical machine.
Computer Name
MAC address
IP address
RoomC1PC1
00-0A-C9-AB-12-59
192.168.0.45
Error detection & Correction
Error detection is determining whether an error has occurred during the
transmission of data from one machine to another. If an error is detected,
then the solution is to ask the transmitting machine to retransmit the data.
If error correction is in place, depending on the amount of extra data sent
with the original, errors may be able to be corrected without re-sending.
Parity
Parity is an error detection technique used to detect errors in the
transmission of single characters. An extra bit called a parity bit is added
to each unit of information transmitted. If odd parity is used then the
parity bit will be set so that the number of 1s on the transmitted data is
always an odd number. The receiver counts the number of bits whose
value is 1. If this comes out to an odd number then it assumes that the
data has been transmitted correctly. If it comes out to an even number
then it will request that the data be retransmitted.
Checksums
A checksum is used when blocks of data are being transmitted. A
checksum is generated by performing a calculation on the data – usually
by performing a calculation involving the numerical value of all the bits
in the block. The checksum is transmitted along with the data and an
identical calculation is done by the machine at the receiving end. If the
results match, it’s assumed that the data has been transmitted correctly. If
they don’t match then a retransmission of the data is requested.
Cyclic Redundancy Check (CRC)
CRC uses more complicated mathematics than a checksum, although the
principle is similar. A calculation is done on the data to be transmitted
resulting in additional data which is added to the packet. The receiving
machine performs the same calculation and if it gets the same answer,
then the data is assumed to be error free. A simplified illustration of the
idea behind CRC is to treat the data to be transmitted as a single binary
number, which is divided by a number known to both sender and
39
receiver. The remainder is transmitted along with the data and if the
receiving machine gets the same remainder when it divides the data by its
number, then it assumes that the data is correct.
Types of Internet Connection
Dialup Connection –A modem converts the digital signal from a
computer into a modulated analogue signal that can be transmitted down
a telephone line. It also converts the analogue signal back to a digital one
in the opposite direction. The connection rate depends on the quality of
the telephone line, but the current maximum bandwidth available is 56
Kbps. Typically a dialup modem will take 15 to 20 seconds to connect.
The original protocol used for dialup connections was Serial Line Internet
Protocol (SLIP) which was designed to allow IP packets to be transmitted
using a modem. A more secure protocol called Point to Point Protocol
(PPP) is now used, which includes features like Address Notification
which allows a server to inform a dialup client of its IP address, password
authentication and better compression.
Integrated Services Digital Network (ISDN) – This is used for digital
transmission over ordinary copper telephone wire. A single ISDN line
consists of two 64 Kbps channels which can carry data or voice, and one
16 Kbps channel used for transmitting control information. The two 64
Kbps channels can be used independently (one for telephone, one for
Internet access) or can be combined together to provide a single digital
connection. This means that if both channels are used for an Internet
connection a user can have a 128 Kbps connection. The customer must
normally be within 5.5 Km of the telephone exchange. ISDN lines are
often used for video conferencing. Three ISDN lines will provide a high
quality videoconference link but costs the same as six telephone calls.
Asymmetric Digital Subscriber Line (ADSL) – This requires an ADSL
modem but uses a normal copper telephone line. The data rate of ADSL
depends on the length and quality of the line connecting the user to the
telecom provider with an upper limit currently around 5Km. An ADSL
circuit must be configured to connect two specific locations, similar to a
leased line. ADSL can download at speeds of up to 9 Mbps and upload
at speeds of up to 640 Kbps although the commonest configuration is
more like 2 Mbps download and 128 Kbps upload. ADSL is an “always
on” connection which means the user will have a ‘static’ IP address
making them more vulnerable to “hacker attack”. User of ADSL
connections need to have a reliable firewall.
Cable – If you want to use the cable television distribution system to
provide Internet access, you need a cable modem. A cable modem can be
added to or integrated with a set-top box that provides a TV set with
channels. The possible bandwidth for Internet services over a cable TV
40
line can be up to 27 Mbps, but this is shared by other users on the line and
the actual bandwidth available to the home user is usually only slightly
higher than that available using ADSL. Like ADSL, cable is also an
“always on” connection so users need to have a good firewall is in place.
Leased Line – A leased line is an agreement with a communications
company to provide a permanent dedicated circuit between two points.
The traditional telephone system utilises the same lines for many different
conversations by using packet switching whereas leased lines maintain a
single open circuit at all times. Leased lines are most commonly rented
by businesses to connect branch offices. Leased lines are expensive to set
up and maintain but provide a 1.544 Mbps connection, often called a T1.
Benefits of High Bandwidth – A high bandwidth connection provides a
number of benefits to an organisation. Using Voice Over IP (VOIP) the
saving in telephone charges for an organisation which has a number of
branches distributed around the world is large if they are able to use a
system where their Internet connection provides a telephone service, as
the connection is already being paid for through the ISP.
Videoconferencing is another service which again saves costs.
41
Topic 9 – Wireless Data Applications
Wireless Personal Area Network (WPAN)
A WPAN is a network for interconnecting devices centred around an
individual person – in which the connections are wireless. Typically, a
WPAN uses technology that permits communication within about 10
metres such as Bluetooth. A WPAN could interconnect ordinary
computing and communication devices that people carry with them such
as mobile phone, mp3-player, laptop and Personal Digital Assistant.
Bluetooth
Each Bluetooth device has a unique 48-bit address. When any two
WPAN-equipped devices come within several meters of each other they
will be able to communicate e.g. when someone with a bluetooth enabled
laptop comes close to a bluetooth enabled printer, they should be able to
connect to it. Bluetooth uses radio waves with a speed of up to 2Mbps.
Bluetooth devices can function in two modes:
 Circuit switched (for voice communications); this has
asynchronous speeds of 57.6 to 721Kbps.
 Packet switched (for Internet data and mobile communication
systems like the General Packet Radio Service (GPRS)).This
connection is synchronous with at a speed of 64 Kbps.
Piconet and Scatternet
A Bluetooth network (known as Piconet) can allow the interconnection of
eight devices in a radius of 10 meters. This network can be fixed or
temporary. In a Piconet, one device is the network controller or master
device, and it finds other slave devices by broadcasting requests. The
slave answers with its identification number. As many as10 Piconets can
overlap to form a Scatternet, linking up to 80 Bluetooth appliances.
WIRELESS LOCAL AREA NETWORK (WLAN)
A Wireless Local Area Network (WLAN) effectively replaces cables
and NICs with wireless signals and wireless network cards. Wireless
networks are useful where the portability of network stations is important,
if the network is in a temporary building, or where it is difficult or
expensive to fit cables. A network station on a WLAN will be fitted with
a wireless Ethernet card, which communicates with a wireless base
station (sometimes called a wireless hub). The base station must be
connected to the server in some way (often by cable). In a small network
for the home user, the wireless hub may be replaced by a wireless router
combined with an ASDL or cable modem. There may be a number of
base stations throughout a building. The range of wireless networks can
42
be 100 metres or less if the walls of the building are very thick or use
reflective metal foil in their
construction. The base stations
are normally set up so that
users can “roam” from one to
another transparently without
losing a connection.
Security on WLAN
Securing a network which uses
wireless workstations is more
difficult than a cabled network
because it is difficult to
physically check which
stations are connected to the
network. The area within
which a wireless laptop can connect is difficult to control and often will
extend beyond the walls of the building it is in. Wireless technologies
come equipped with encryption and other security features to restrict
which machines can connect to the network, and to ensure that anyone
intercepting the wireless signals will be unable to extract much useful
information from them.
Wireless networks are often referred to as Wi-fi networks and these are
becoming increasingly popular in hotels, airports, coffee shops and even
fast food outlets, where customers are attracted by the ability to surf the
WWW from their wireless laptops. Some of these organisations will
charge for the Wi-fi service and a culture has developed where people use
scanners to identify unsecured Wireless networks and post the details on
web pages or mark the details of these networks on pavements.
Wireless networks can be made secure by a number of strategies
 Using the MAC address of the wireless network card to
authenticate legitimate users
 Use an encryption technology such as Virtual Private
Networking (VPN) to ensure that signals which are intercepted
cannot be used to extract information about the network which a
hacker could use.
 Use the IEEE 802.11b built in Wireless Equivalent Privacy
(WEP) to encrypt wireless traffic. This should never be relied
upon as it is a weak form of security.
43
Wireless Wide Area Networks (WWAN)
Introduction
There are a number of Wireless Wide Area Network (WWAN)
solutions available. A simple but expensive and low speed solution is to
use your mobile phone to connect your laptop to the telephone system.
This may be the only solution if you want mobile connectivity, but at the
moment is not practical for transferring large amounts of data. A satellite
modem is another expensive but more effective solution if you want
mobile connectivity, and can work anywhere in the world where the
satellite can be accessed. Wireless Broadband is likely to be the most
viable solution for rural and metropolitan areas.
Wireless Broadband
Wireless broadband is under development, but it will only succeed
economically if it can deliver the same bandwidth as is available over
cable or ADSL at a similar price. It uses a hub, which transmits to
transceivers mounted on buildings. These transceivers in turn amplify and
relay the signal to additional buildings, acting as repeaters would in an
Ethernet network. Wireless Broadband requires a line of site connection
between each repeater. The fact that each building which uses the service
acts as a repeater for the signal means that the network is dependent on a
reliable power supply being available for the equipment. For this reason
most wireless broadband networks will build a substantial amount of
redundancy into the system so that the failure of any one node does not
take any large part of the network down. There are a number of
competing wireless technologies with speeds varying form 10Mbps over
30 miles to 45 Mbps over 5 miles.
44
Related documents
Chpt 10 - 07 test.doc
Chpt 10 - 07 test.doc
(P1) How networks communicate
(P1) How networks communicate
Network - Missouri State University
Network - Missouri State University
Polytel® Remote Data Termininal (RDT)
Polytel® Remote Data Termininal (RDT)
Network Configurations - Super Substitute Teachers
Network Configurations - Super Substitute Teachers
Wireless and going mobile
Wireless and going mobile
Networks
Networks
15.1 Networking
15.1 Networking
10 the internet and the new information technology infrastructure
10 the internet and the new information technology infrastructure
IT 601: Mobile Computing
IT 601: Mobile Computing