View
220
Download
0
Category
Preview:
Citation preview
© 2008 Prentice-Hall, Inc.1
Technology in ActionChapter 8
Behind the Scenes: Networking and Security
© 2008 Prentice-Hall, Inc.2
Chapter Topics Advantages of business networks Client/server vs. peer-to-peer networks Classifications of client/server networks Client/server network components Types of transmission media Network adapters Moving data in a client/server network Securing networks
© 2008 Prentice-Hall, Inc.3
Networking Advantages
Networks Increase productivity Enable the sharing of
hardware resources Enable the sharing of
software Facilitate communication
inside and outside the company
© 2008 Prentice-Hall, Inc.4
Network Advantages
Sharing networked hardware can reduce costs Sharing networked hardware can provide access to
a wide range of services and specialized peripheral devices
Sharing networked software can reduce costs Sharing data on a network is easy Networks enable people to work together regardless
of time and place (telecommuting)
© 2008 Prentice-Hall, Inc.5
Network Challenges
Networks may be vulnerable to unauthorized access from many sources and locations More vulnerable than standalone computers
Wireless networks can be tapped from a “snooping” computer
Networked computers are susceptible to an increasing number of worms, Trojan horses, and blended threats
© 2008 Prentice-Hall, Inc.6
Organizational Structure: Client/Server and Peer-to-Peer
Where are the resources?Centralized – Client/Server
resources in the Server(s)Distributed – Peer-to-Peer (file sharing)
resources in all the machines
© 2008 Prentice-Hall, Inc.7
Organizational Structure: Client/Server and Peer-to-Peer
© 2008 Prentice-Hall, Inc.8
Client/Server Networks
Server-based network Clients and servers
Data flows efficiently Servers respond to
requests from clients Servers perform specific
tasks Scalable network Centralized
© 2008 Prentice-Hall, Inc.9
Classifications of Client/Server Networks
LAN Local area network Computers linked
together over a small geographic region
© 2008 Prentice-Hall, Inc.10
Classifications of Client/Server Networks
WAN Wide area network Computers linked
over large geographic locations
MAN Metropolitan area
network Computers linked
together within a city or county
© 2008 Prentice-Hall, Inc.11
Classifications of Client/Server Networks
PAN Personal area network Wireless devices connected in close proximity to
each other Intranet
Private corporate network using TCP/IP Protected by a firewall from the Internet outside
© 2008 Prentice-Hall, Inc.12
Constructing Client/Server Networks Servers Transmission media Network adapters Network navigation
devices
© 2008 Prentice-Hall, Inc.13
Servers Number and type of servers
depend on network size and workload
Dedicated server Performs one specific
function Authentication server
Keeps track of network logins and services available
File server Stores and manages files
© 2008 Prentice-Hall, Inc.14
Dedicated Servers
Communications server Handles communications between networks
including the Internet Often the only device on the network directly
connected to the Internet Web server
Hosts a Web site available through the Internet
© 2008 Prentice-Hall, Inc.15
Dedicated Servers, cont'd Print server
Manages client-requested printing jobs Creates print queue (prioritizes print jobs)
Applications server Acts as a storage area for application software
Database server Provides clients with access to database information
E-mail server Processes and delivers incoming and outgoing
© 2008 Prentice-Hall, Inc.16
Transmission Media
The routes data takes to flow between devices on a network
Wired Wireless
© 2008 Prentice-Hall, Inc.17
Network Links
Wired network Twisted-pair cable Coaxial cable Fiber-optic cable
Wireless network RF signals Microwaves Infrared light
© 2008 Prentice-Hall, Inc.18
© 2008 Prentice-Hall, Inc.19
Choosing a Cable Maximum run length Bandwidth Bend radius Cable cost
Installation costs Susceptibility to interference
Comparison of Characteristics of Major Cable Types
Cable Characteristics Twisted Pair (Cat 6) Coaxial (ThinNet) Coaxial (ThickNet) Fiber-Optic
MaximumRun Length
328 feet (100 m) 607 feet (185 m) 1,640 feet (500m) Up to 62 miles (100 km)
Bandwidth 1,000 Mbps 10 Mbps 10 Mbps 100 Mbps to 2 Gbps
Bend Radius(Flexibility)
No limit 360 degrees/foot 30 degrees/foot 30 degrees/foot
Cable Cost Very low Low Moderate High
Installation Cost Very low Low Slightly higherthan ThinNet
Most expensive because of Installation training required
Susceptibilityto Interference
High Low Very low None (not susceptibleto EMI and RFI)
© 2008 Prentice-Hall, Inc.20
Twisted Pair Cable
Pairs of copper wire twisted around each other
Twists make the wires less susceptible to interference
Shielded twisted pair (STP) Layer of foil shielding
Unshielded twisted pair (UTP) Cat 5E: Bandwidth 200 Mbps Cat 6: Bandwidth 1 Gbps No foil layer
UTP
STP
© 2008 Prentice-Hall, Inc.21
Coaxial Cable
Four components Copper core Nonconductive insulating material Braided metal Plastic cover
© 2008 Prentice-Hall, Inc.22
Fiber-Optic Cable
Components include Glass or plastic fibers Cladding Outer jacket
Uses light impulses to transmit data
Immune to interference Physically smaller More difficult to install
© 2008 Prentice-Hall, Inc.23
Network Adapters
Devices that enable computers to communicate on a network
Network interface cards (NICs) Three functions
Generate network transmission signals Create data packets Act as information gatekeepers
Ethernet compliant Wireless NICs
© 2008 Prentice-Hall, Inc.
Wired Ethernet Networks
Protocol created by Xerox PARC in 70’s Bandwidth from 10/100 Mbps to 1 Gbps Connection with Unshielded Twisted Pair
Cat 5, Cat 5E, Cat 6 Network interface card added if not builtin Switch device works to send data where it
goes, avoiding collisions Routers work between two networks, like your
network and the Internet24
© 2008 Prentice-Hall, Inc.
Wireless Ethernet Networks
Use radio instead of wires Wi-Fi = 802.11 standard Need a wireless network adapter for each
machine – transmits and receives signals Radio signals can be blocked by walls,
reduced by distance WAP – wireless access point – will extend
the range
25
© 2008 Prentice-Hall, Inc.26
Wireless Media802.11 Standard
Wi-Fi, short for Wireless Fidelity 802.11b – first cost-effective wireless devices. 802.11a, 802.11g – bandwidth increased to 54 Mbps Super G – bandwidth to 108 Mbps 802.11n – will support higher throughput and greatly
increased range
© 2008 Prentice-Hall, Inc.
Grid computing
Loosely connected networks of machines volunteered to work on research
Donate your unused cycles to research CPUs are idle a lot, software has been written
to make use of those idle machine cycles Download software that connects you SETI, medicine, mathematics, astrophysics Make sure it’s a project that is legitimate
27
© 2008 Prentice-Hall, Inc.
“Cloud computing”
The Internet is “the cloud” Your data is stored on servers remotely, not on
your local hard drive Applications you run (even Office) are via a
web browser Portable Cheaper? “software as service” Like plugging into the wall vs. owning a
generator28
© 2008 Prentice-Hall, Inc.29
Network Security Threats
Human Errors and Mistakes Accidents and mistakes
Malicious Human Activity Current and former employees hacking or
planting viruses Natural Events and Disasters
Hurricanes, floods, fire
© 2008 Prentice-Hall, Inc.30
Computer Threats
Hackers and Crackers Viruses Trojan Horses Worms Bots Combating Malicious Code "Malware"
© 2008 Prentice-Hall, Inc.31
Hackers and Crackers
Why do they do it?To show off their technical expertiseblackmailespionage
industrialmilitary
TheftGlobal terrorism
© 2008 Prentice-Hall, Inc.32
Viruses
Viruses are malicious code that enters a computer and disrupts normal operation
Viruses might deliver a payload, which could either be annoying or devastating
Trigger events can unleash some viruses When you check email On a certain date/time When your computer starts up
© 2008 Prentice-Hall, Inc.33
Viruses Computer viruses attach themselves to a file,
reproduce, and spread to other files and computers File virus Boot sector virus Macro / script virus Email virus
Main goal is to reproduce itself Attempts to be unnoticed - stealth mode Depends on the user to execute a program or open a
file to get started
© 2008 Prentice-Hall, Inc.34
Trojan Horses
Seems to perform one function while doing another Keyloggers record your keystrokes Backdoors allow unauthorized access to
computers Wants to be noticed - looks desirable to get
itself installed A funny video or a cool game
© 2008 Prentice-Hall, Inc.35
Worms
Designed to spread from computer to computer - more active than a virus or Trojan
Will send ITSELF without user knowledge if there is a network connection available
Mass-mailing worms spread to addresses in the address book on the infected computer Examples include Klez, Netsky, Sasser Messages sometimes contain a spoofed address
© 2008 Prentice-Hall, Inc.36
Bots
A bot is software that can automate a task or autonomously execute a task
Bots can be useful – system administrators use them to do repetitive work more quickly than a human could, “spiders” are bots
Bots can be the payload of a virus or Trojan Botnets are linked bot-infested computers
Bots can be networked to make a botnet Used for “DOS” attacks
© 2008 Prentice-Hall, Inc.37
What can they do?
Malicious code can perform the following activities: Network traffic jam Denial of Service attacks
Bot nets Browser reconfiguration Delete and modify files Access confidential information Performance degradation Disable antivirus and firewall software
© 2008 Prentice-Hall, Inc.38
Network Security
Authentication User ID and password used to access the network Use of a possessed object for access
Access privileges Enable access to certain network systems
Physical protection measures Restrict physical access to sensitive network equipment Magnetic card readers Biometric access devices
© 2008 Prentice-Hall, Inc.39
Network Security
Firewalls Prevent access to the network by
unauthorized users Composed of software and/or hardware Screen and validate data packets Software firewalls
Norton, McAfee, ZoneAlarm, BlackICE Hardware firewalls
Usually built into routers
© 2008 Prentice-Hall, Inc.40
Network Firewall Layout
© 2008 Prentice-Hall, Inc.41
Combating Malicious Code
Use antivirus software and firewall software on every computing device you own keep them up to date Virus signatures keep changing McAfee software freely available on
download.uky.edu to all UK students AVG software www.avg.com free for home use
Do not open suspicious e-mail attachments Regularly download and install the latest
security patches available for your OS, e-mail program, and browser.
© 2008 Prentice-Hall, Inc.42
Combating Malicious Code
Limit sharing disks and other removable storage media.
Only download programs from reputable Web sites.
Limit the amount of file-sharing you do Use anti-virus software to scan all emails and all
files received from someone else Backup your files regularly Look for unexpected file extensions – like exe on a
jpg file Test your computer with Gibson Research’s free
scan
© 2008 Prentice-Hall, Inc.
Protecting a Wireless Network
Change your network’s name Disable the broadcast of its name (SSID) Change the default password on your router Turn on WEP (wired equivalent privacy)
(weak) or WPA (wi-fi protected access) Turn on MAC addresses – so only computers
whose addresses you enter are allowed on Keep software up to date
43
Recommended