1 chapter 6 computer networks and security 2 outline network overview – definition – the...
TRANSCRIPT
1
Chapter 6 Chapter 6
Computer networks and Computer networks and securitysecurity
2
OutlineOutline
Network Overview– Definition– The Internet Then and Now– Network organization
OSI Model
Categories of NetworksConnecting DevicesThe Internet and TCP/IP ProtocolSecurity
3
Objectives
• Understand the rationale for the existence of networks.
• Distinguish between the three types of networks: LANs, MANs, and WANs.
• Understand the OSI model and TCP/IP.• List different connecting devices and the OSI
layers in which each device operates.• Define virus and explain how it works.• Define four aspects of security in a network:
privacy, authentication, integrity, and nonrepudiation.
4
Data communications
• Data communications, the technology that enables computers to communicate, is defined as the transmission of text, numeric, voice or video data from one machine to another.
5
Data communications
• There are the four components of data communications: – Sender: the computer that is sending the
message.– Receiver: the computer receiving the message. – Channel: the media that carries or transports the
message. This could be telephone line, coaxial cable, microwave signal, or fiber optic.
– Protocol: the rules that govern the orderly transfer of the data sent.
6
Uses of communications
• Email • Voice mail • Fax • Video conferencing • Telecommuting • Global Positioning System (GPS) • Shared Resources • Online Services
Refer
7
Telecommuting
• Telecommuting is a work arrangement in which employees work away from a company’s standard workplace, but communicate with the office using some communications technology.
• A telecommuter often works at home and connects to the main office’s network using a personal computer equipped with communications software and a communications device.
8
Global Positioning System
• A global positioning system(GPS) consists of one or more earth-based receivers that accept and analyze signals sent by satellites in order to determine the receiver’s geographic location.
• A GPS receiver can be handheld or mounted on an object such as an automobile, boat, airplane, farm and construction equipment, or a computer.
• A GPS often is used to locate a person or object; ascertain the best route between two point; monitor the movement of a person or object; or create a map.
9
Communications channel
• Communications channel is the communications path between two devices. A communications channel is composed of one or more transmission media. Transmission media consists of materials or techniques capable of carrying a signal.
• Physical transmission media use wire, cable, and other tangible materials to send communications signals; wireless transmission media send communications signals through the air or space using radio, microwave, and infrared signals.
10
Communications protocols • A protocol is a set of rules and procedures
for exchanging information among computers. Protocols define how the communications channel is established, how information is transmitted, and how errors are detected and corrected.
• Ethernet and TCP/IP are the most widely used protocols.
11
Ethernet
• Ethernet is a LAN protocol that allows personal computer to contend for access to the network. Today, Ethernet is the most popular LAN protocol because it is relatively inexpensive and easy to install and maintain.
• Ethernet is based on a bus topology, but Ethernet networks can be wired in a star pattern by using a hub.
• The maximum transmission rate on a standard Ethernet network is 10 Mbps. Fast Ethernet can transmit at 100Mbps, Gigabit Ethernet provides an even higher speed of transmission, 1,000 Mbps.
12
TCP/IP
• Short for Transmission control protocol/Internet protocol, TCP/IP is a set of protocols used to manage the transmission of data by breaking it up into packets.
• TCP/IP is widely used on the Internet.
13
Intranets
• Internal networks that use Internet and Web technologies are called intranets (intra means inside).
• An intranet, sometimes called an enterprise network, essentially is a small version of the Internet used within an organization: it uses TCP/IP protocols; supports multimedia Web pages, and is accessible via a browser.
14
Firewalls
• To prevent unauthorized access to data and information, an intranet is often protected by a firewall.
• A firewall is a general term that refers to both hardware and software used to restrict access to data and information on a network.
• Organizations use firewalls to deny network access to outsiders and to restrict employees’ access to sensitive data such as payroll or personal records.
15
Definition
A computer network is a collection of computer and other devices that have been connected through transmission media in order to share data, hardware, and software.
--The world’s largest network, the Internet, provides connections for millions of computers all over the globe.
Network Overview
16
The Internet Then and Now
In 1957, the Soviet Union launched the first artificial satellite. In response to this display, the U.S. government set up the Advanced Research Projects Agency (ARPA).
ARPA proposed a project intended to help scientists communicate and share valuable computer resources.
The ARPANET, created in 1969, connected computers at four universities (the University of California at Santa Barbara, the University of California at Los Angeles, the Stanford Research Institute, and the University of Utah).
17
In 1985, the National Science Foundation (NSF) used ARPANET technology to create a similar, but larger network.
The NSF network was an original internet. As this network grew throughout the world, it became known as the Internet.
In 1995, the feature of Internet was changed from scientific into commercial because three corporations (Pacific BELL, Ameritech Advanced Data Services and Bell core, Sprint) began to manage.
The Internet Then and Now
18
Internet Architecture in China
CHINAnet: 中国公用计算机互联网 CHINAGBN: 中国金桥信息网CERnet: 中国教育和科研计算机网 CSTnet: 中国科技网
INTERNETINTERNETINTERNETINTERNET
CHINANETCHINANET CERNETCERNET CSTNETCSTNETCHINAGBNCHINAGBN
19
A computer network includes several parts:
Network Organization
Computers
Connecting Devices
Transmission Media
Network Operating System
Hardware
Software
Network Protocol
20
• In a network, there are two basic types of computers: server and client.
• Most services of the application layer apply the client/server architecture.
• Client requests services and Server responds to them.
ComputersComputers
Client Server
Request
Respond
21
There are three principal types of transmission medium: Twisted-Pair cable : consists of pairs of copper wire
twisted together. Coaxial Cable : is a high-capacity communications
cable. It is used to carry television signals. Fiber-Optic Cable: is a bundle of thin tubes (optical
fiber) of glass. It cannot conduct or transmit electrical signals. However, lasers send pulses of light through the fibers.
Transmission Media
22
Twisted-Pair Cable
23Coaxial Cable
24Fiber-Optic Cable
25
A network operating system (NOS) is the software that manages network resources, controls the flow of data, maintains security, and tracks user accounts.
A NOS has two components: network server software and network client software.Network server software is installed on a file server,
controls file access from the server’s hard disk, manages the print queue, and tracks user data.
Network client software is installed on the local hard disk of each workstation, gathers user login information, handles drive mapping, and directs printouts.
Network Operating SystemsNetwork Operating Systems
26
The Open Systems Interconnection (OSI) was designed by the International Organization for Standardization (ISO).
The OSI model is a theoretical model that shows how any two different systems can communicate with each other.
The OSI model is a framework of seven layers that gives an idea of the functionality of each separate but related layer.
OSI Model
27
The seven layers of the OSI model
ApplicationApplicationApplicationApplication
PresentationPresentationPresentationPresentation
SessionSessionSessionSession
TransportTransportTransportTransport
NetworkNetwork
Data Link Data Link Data Link Data Link
PhysicalPhysicalPhysicalPhysical
77
66
55
44
33
22
11
28
Flow of data in the OSI model
29
Physical Layer: is responsible for transmitting a bit stream over a physical medium.
Data-Link Layer: is responsible for node-to-node delivery of a frame between two adjacent stations.
Network Layer: is responsible for delivery of a packet between the original source and final destination.
OSI Model
30
Transport Layer: is responsible for source-to-destination delivery of the entire message.
Session Layer: is designed to control the dialog between users.
Presentation Layer: is concerned with the syntax and semantics of the information exchanged between two systems.
Application Layer: enables the user to access the network.
OSI Model
31
We can divide networks into three broad categories:
Categories of Networks
NetworksNetworks
Local Area Network Local Area Network
(LAN)(LAN)
Metropolitan Area Network Metropolitan Area Network
(MAN)(MAN)
Wide Area Network Wide Area Network
(WAN)(WAN)
32
Local Area NetworkLocal Area Network
A network that is located within a relatively limited area such as a building or campus is referred to as a local area network (LAN).
The pattern or path of the interconnections in a communications system is referred to as Topological Structure (Topology).
There are three typical topological structures:
Bus Topology Star Topology Ring Topology
33
Bus TopologyThe bus is the physical
cable that connects the computers and other devices.
It is used primarily for LANs.
It’s flexible in that computers and other devices can be attached or detached from the network at any point without disturbing the rest of the network.
34
Star Topology All of the devices are connected via a central device (hub or switch).
Any two computers should transport data through the central device.
The benefit is every connection is dedicated to one user and the user gets use of the full bandwidth of the channel.
The disbenefit is the high cost of the media and equipment to individual connections.
35
It connects devices in a continuous loop.
The signal leaves the sending device, travels in sequence to each of the devices connected to the loop, then return to the sending device.
It’s the extension of the bus network in which the ends of the bus are connected.
Ring Topology
36
MANs span a city or a town and provides services to individual users or organizations.
MANs use services provided by a common carrier such as a telephone company.
Metropolitan Area NetworkMetropolitan Area Network
37
A network that covers a large geographical area is referred to as a wide area network (WAN).
WANs, like MANs, are installed and run by common carriers.
Wide Area NetworkWide Area Network
38
Network Interface Card (NIC):
--- Is a small circuit board that sends data from the workstation out to the network and collects incoming data for the workstation.
--- A desktop computer NIC plug into an expansion slot on the motherboard.
--- A notebook computer NIC is usually a PCMCIA card.
Connecting Devices - NIC
39
Desktop computer NIC
Notebook computer NIC
40
Network Hub:
---The cable from a workstation NIC connects to a network hub, which is a device that joins communications lines together.
---In a typical network configuration, cables from one or more workstations connect to the hub, then a single cable connects the hub to a server.
Connecting Devices - Hub
41
42
Modem:---A device that sends and receives data to and
from computers over telephone lines or cables.
---It includes two procedures: modulation and demodulation.
---Modulation process converts digital signals into analog signals.
---Demodulation process converts analog signals into digital signals.
Connecting Devices - Modem
43
44
Telephone Telephone networknetwork
PPP PPP Account Account
passwordpassword
INTERNETINTERNET
ISP network
45
Connecting Devices - Repeater
Repeater:
---It is an electronic device that regenerates data and sends data to the rest of the network.
---It operates only in the physical layer of the OSI model.
---It is popularly used in the bus topology network to increase the length of the network.
46
Connecting Devices - BridgeBridge:---It is a traffic controller, which divides a long bus into
smaller segments so that each segment is independent trafficwise.
---It operates at the first two layers of the OSI model.---It not only can make two or more pairs of stations to
communicate at the same time, but also can regenerate the frame.
47
Router:---It is the device that connect LANs, MANs, and
WANs.---It routes a packet based on the logical address
(network layer) of the packet.---It operates at the first three layers of the OSI
model.---It connects two independent networks: a LAN
to a WAN, a LAN to a MAN, a WAN to another WAN, and so on.
Connecting Devices - Router
48Routers in an Internet
49Cisco 12000 Series Internet Routers
50
Gateway:
---It is a connecting device that acts as a protocol convert.
---It allows two networks (each with different set of protocols for seven OSI layers) to be connected to each other and communicate.
---It is actually a computer installed with the necessary software.
Connecting Devices - Gateway
51
A gateway connects a network of PCs with a network of Apple Macintosh computers.
52
Cisco AS5800 Series
Universal Gateway
53
Connecting devices and the OSI model
54
Internet Technologies:Data can travel over the Internet according to the following essentials. The cables, wires and satellites carry Internet
data from an interlinked communications network.
NSP and ISP maintain a series of communications link for Internet data.
TCP/IP knits together the Internet and allows data to travel smoothly over the communications links provided by NSPs worldwide.
The Internet and TCP/IP ProtocolThe Internet and TCP/IP Protocol
55
NSP and ISP:NSP (network service provider): supply ISPs
with access to high-speed transmission lines that form the backbone of the Internet, also provide routers at network connection points, such as China Telecom, China Unicom, China Netcom, China Tietong, Sprint, or AT&T.
--- Links between NSPs interconnect at several network access points (NAPs) so data can travel between NSPs.
--- Internet backbone are the major Internet communications links.
NSP and ISP - NSPNSP and ISP - NSP
56
The Internet backbone in the continental U.S. maintained by MCI.
57
NSP and ISP - ISP NSP and ISP:
ISP (Internet Service Provider): is a company that maintains an Internet host computer providing Internet access to businesses, organizations and individuals.
--- It works in much the same way as your local telephone company. You arrange for service, and ISP charges you a monthly fee.
--- It typically provides you with a user account that includes Internet access and an e-mailbox.
58
NSP and ISP :
In order to connect user’s computer to the Internet, we need to connect the computer to an ISP that in turn connects to the backbone (NSP).
NSP and ISP
59
60
TCP/IP:The Transmission Control Protocol/Internet Protocol is a suite or a stack of protocols that officially controls the Internet.In other words, it is a standard set of communication rules used by every computer that connects to the Internet.The layers in the TCP/IP protocol do not exactly match those of the OSI model.
TCP/IP
61
TCP and OSI modelTCP and OSI model
ApplicationApplicationApplicationApplication
PresentationPresentationPresentationPresentation
SessionSessionSessionSession
TransportTransportTransportTransport
NetworkNetwork
Data LinkData LinkData LinkData Link
PhysicalPhysicalPhysicalPhysical
77
66
55
44
33
22
11
……FTPFTP SMTPSMTP HTTPHTTPTELNETTELNET
TCPTCPTCPTCP UDPUDPUDPUDP
IPIPIPIP
Other ProtocolsOther ProtocolsOther ProtocolsOther Protocols
62
TCP/IP (cont.): IP:
is one of the main protocols of TCP/IP that is responsible for addressing packets for routing to their destinations.
IP Address:
a unique identifying number assigned to each computer connected to the Internet.
--- Each IP address consists of 4 bytes (32 bits).
--- Each IP address is written in decimal form with decimal points separating the bytes (dotted-decimal notation).
IP
63
The range of IP address
00000000 00000000 00000000 00000000
11111111 11111111 11111111 11111111
0 0 0 0
255 255 255 255..
.
...
The structure of an IP address:
10 1 0 81. . .Network address Host No.
64
Although an IP address works for distinguishing computers on the Internet, it is so difficult to remember long strings of numbers.---The host computer also have an easy-to-remember name, “Domain name”.
By DNS (domain name system), any IP address could be changed into domain name.
A domain name includes: host computer, network or organization name and top-level domain.
Domain Name
65
Internet Top-level Domains
Domain Description
com Commercial businesses
edu Four-year colleges and universities
gov Government agencies
int Organizations established by international treaties
mil Military organizations
net Internet administrative organizations
org Professional and nonprofit organizations
66
TCP & FTP
TCP/IP (cont.): TCP:
is one of the main protocols of TCP/IP that is responsible for establishing a data connection between two hosts and breaking data into packets.
FTP (File Transfer Protocol):
is a standard protocol on the Internet for transferring a file from one machine to another.
---Establishes two connections: one for data transfer and the other for control information.
67
FTPFTP server
files
clientclient
files
request
respond
Control
Data
download upload
FTP architecture
68
TELNET
TCP/IP (cont.): TELNET:
is a general client-server program on the Internet that allows remote login to control another computer or server.
69
HTTP
TCP/IP (cont.): HTTP:
is a client-server program that is used to access and transfer documents on the World Wide.
URL (Uniform Resource Locator):is the address of a Web page by using the special method.
--- It defines four things: method, host computer, port and path.
70
URL & Domain Name
Compare domain name and URL: Both are Internet addresses.
Domain name represents the IP address of a computer, but URL is the address of a document on a computer.
MethodMethod::http; ftp; http; ftp;
telnettelnet
Host Host computercomputer
PathPath
71
World Wide Web (WWW or Web):---The Web was born in 1990 at the European Laboratory for Particle Physics (CERN).---Unlike the Internet, which is simply a mass of cables and connection points that form a communications network, the Web is an Internet service that stores and provides information.---As an easy-to-use, graphical source of information, the Web opened up the Internet to millions of people.
WWW
72
WWW
World Wide Web (cont.):---The official description of the Web is a “wide-area hypermedia information retrieval initiative aiming to give universal access to a large universe of documents”. ---The Web uses Hypertext that contain special text, words and phrases that can create a link to other documents containing text, images, audio or video.---A document of hypertext available on the Web is called a Web page. The main page for an organization or an individual is known as a home page.
73
There are three different types of documents on the Internet:
Static documents have fixed contents. They are created at the server site and can only be copied. They usually use Hypertext Markup Language (HTML).
Web documents
Web DocumentWeb DocumentWeb DocumentWeb Document
StaticStaticStaticStatic DynamicDynamicDynamicDynamic ActiveActive
74
There are three different types of documents on the Internet (cont.):
Dynamic documents are programs residing at the server site. The server runs the program and sends the result to the browser. They use a technology called Common Gateway Interface (CGI) to handle the documents.
Active documents are also programs, but they cannot be run at the server site. The program is first transferred to the browser site and then run. They are normally written in the Java language.
Web Documents
75
How the email works?
• Email (electronic mail) is the transmission of messages and files via a computer network.
• To receive messages, you need an email address, which is a combination of a user name and a domain name that identifies a server. When you receive an email message, the message is placed in your mailbox. The mailbox is a storage location residing on the mail server.
76
How the email works? • When you send a message, the message is transmitted
according to a communications protocol called SMTP (simple mail transfer protocol). The mail server uses SMTP to determine how to route the message though the Internet and then sends the message. When the message arrives at the recipient’s mail server, the message is transferred to a POP or POP3 server. POP (Post Office protocol) is a communications protocol used to retrieve email from a mail server. The POP server holds the message until the recipient retrieves it with his or her email software.
77
Netiquette
• Golden rule: Treat others as you would like them to treat you.
• In email, newsgroups, and chat rooms: – Keep messages brief, using proper grammar and
spelling. – Be careful when using sarcasm and humor, as it
might be misinterpreted. – Be polite. Avoid offensive language.
78
Netiquette
• In email, newsgroups, and chat rooms: – Avoid sending or posting flames, which are
abusive or insulting messages. Do not participate in flame wars, which are exchanges of flames.
– Avoid sending spam, which is the Internet’s version of junk mail. Spam is an unsolicited email message or newsgroup posting sent to many recipients or newsgroups at once.
79
Netiquette
• In email, newsgroups, and chat rooms: – Do not use all capital letters, which is the
equivalent of SHOUTING. – Use emoticons to express emotion. Popular
emoticons include::) Smile :( Frown :| Indifferent :\ Undecided :o Surprised
80
Netiquette
• In email, newsgroups, and chat rooms: – Use abbreviations and acronyms for phrases
such as:• BTW by the way
• FYI for your information
• IMHO in my humble opinion
• TYVM thank you very much
– Clearly identify a spoiler, which is a message that reveals a solution to a game or ending to a movie or program.
81
Netiquette
• Read the FAQ (frequently asked questions), if one exists. Many newsgroups and Web sites have an FAQ.
• Use your user name for personal purpose only.
• Do not assume material is accurate or up to date. Be forgiving of other’s mistakes.
• Never read someone’s private email.
82
Net LOSS?
• Question: What are some of the downside issues relating to use of the Internet and Web? – The Internet isn’t a library. It’s a television. – The Internet isn’t about information. It’s about
marketing. – Kids want to use the Internet for entertainment. – Other reliable high-tech resources are better for
educational uses than the Internet.
83
What is a computer virus?
• A computer virus is a program that attaches itself to a file, reproduces itself, and spreads to other files. A virus can corrupt and/or destroy data, display an irritating message, or otherwise disrupt computer operations.
• Although numerous variations are known, four major types of viruses exist: boot sector viruses, file viruses, Trojan horse viruses, and macro viruses.
84
How a virus spreads
85
Tips for preventing virus infections
86
Security
• There are four aspects of security: privacy (confidentiality), message authentication, message integrity, and nonrepudiation.
87
Security
• Privacy means only the sender and the receiver of the message are able to understand the contents of the message.
• Authentication means the receiver needs to be sure of the sender’s identity.
• Integrity means the message should not be tampered during transmission.
• Nonrepudiation means the prevention of repudiation (denial) from the sender.
88
Objectives
• Understand the rationale for the existence of networks.
• Distinguish between the three types of networks: LANs, MANs, and WANs.
• Understand the OSI model and TCP/IP.• List different connecting devices and the OSI
layers in which each device operates.• Define virus and explain how it works.• Define four aspects of security in a network:
privacy, authentication, integrity, and nonrepudiation.
89
That’s all for this chapter!