© 2008 Prentice-Hall, Inc. 1 Technology in Action Chapter 8 Behind the Scenes: Networking and Security

© 2008 Prentice-Hall, Inc.1

Technology in ActionChapter 8

Behind the Scenes: Networking and Security


Chapter Topics Advantages of business networks Client/server vs. peer-to-peer networks Classifications of client/server networks Client/server network components Types of transmission media Network adapters Moving data in a client/server network Securing networks


Networking Advantages

Networks Increase productivity Enable the sharing of

hardware resources Enable the sharing of

software Facilitate communication

inside and outside the company


Network Advantages

Sharing networked hardware can reduce costs Sharing networked hardware can provide access to

a wide range of services and specialized peripheral devices

Sharing networked software can reduce costs Sharing data on a network is easy Networks enable people to work together regardless

of time and place (telecommuting)


Network Challenges

Networks may be vulnerable to unauthorized access from many sources and locations More vulnerable than standalone computers

Wireless networks can be tapped from a “snooping” computer

Networked computers are susceptible to an increasing number of worms, Trojan horses, and blended threats


Organizational Structure: Client/Server and Peer-to-Peer

Where are the resources?Centralized – Client/Server

resources in the Server(s)Distributed – Peer-to-Peer (file sharing)

resources in all the machines


Organizational Structure: Client/Server and Peer-to-Peer


Client/Server Networks

Server-based network Clients and servers

Data flows efficiently Servers respond to

requests from clients Servers perform specific

tasks Scalable network Centralized


Classifications of Client/Server Networks

LAN Local area network Computers linked

together over a small geographic region



WAN Wide area network Computers linked

over large geographic locations

MAN Metropolitan area

network Computers linked

together within a city or county



PAN Personal area network Wireless devices connected in close proximity to

each other Intranet

Private corporate network using TCP/IP Protected by a firewall from the Internet outside


Constructing Client/Server Networks Servers Transmission media Network adapters Network navigation

devices


Servers Number and type of servers

depend on network size and workload

Dedicated server Performs one specific

function Authentication server

Keeps track of network logins and services available

File server Stores and manages files


Dedicated Servers

Communications server Handles communications between networks

including the Internet Often the only device on the network directly

connected to the Internet Web server

Hosts a Web site available through the Internet


Dedicated Servers, cont'd Print server

Manages client-requested printing jobs Creates print queue (prioritizes print jobs)

Applications server Acts as a storage area for application software

Database server Provides clients with access to database information

E-mail server Processes and delivers incoming and outgoing

e-mail


Transmission Media

The routes data takes to flow between devices on a network

Wired Wireless


Network Links

Wired network Twisted-pair cable Coaxial cable Fiber-optic cable

Wireless network RF signals Microwaves Infrared light



Choosing a Cable Maximum run length Bandwidth Bend radius Cable cost

Installation costs Susceptibility to interference

Comparison of Characteristics of Major Cable Types

Cable Characteristics Twisted Pair (Cat 6) Coaxial (ThinNet) Coaxial (ThickNet) Fiber-Optic

MaximumRun Length

328 feet (100 m) 607 feet (185 m) 1,640 feet (500m) Up to 62 miles (100 km)

Bandwidth 1,000 Mbps 10 Mbps 10 Mbps 100 Mbps to 2 Gbps

Bend Radius(Flexibility)

No limit 360 degrees/foot 30 degrees/foot 30 degrees/foot

Cable Cost Very low Low Moderate High

Installation Cost Very low Low Slightly higherthan ThinNet

Most expensive because of Installation training required

Susceptibilityto Interference

High Low Very low None (not susceptibleto EMI and RFI)


Twisted Pair Cable

Pairs of copper wire twisted around each other

Twists make the wires less susceptible to interference

Shielded twisted pair (STP) Layer of foil shielding

Unshielded twisted pair (UTP) Cat 5E: Bandwidth 200 Mbps Cat 6: Bandwidth 1 Gbps No foil layer

UTP

STP


Coaxial Cable

Four components Copper core Nonconductive insulating material Braided metal Plastic cover


Fiber-Optic Cable

Components include Glass or plastic fibers Cladding Outer jacket

Uses light impulses to transmit data

Immune to interference Physically smaller More difficult to install


Network Adapters

Devices that enable computers to communicate on a network

Network interface cards (NICs) Three functions

Generate network transmission signals Create data packets Act as information gatekeepers

Ethernet compliant Wireless NICs

© 2008 Prentice-Hall, Inc.

Wired Ethernet Networks

Protocol created by Xerox PARC in 70’s Bandwidth from 10/100 Mbps to 1 Gbps Connection with Unshielded Twisted Pair

Cat 5, Cat 5E, Cat 6 Network interface card added if not builtin Switch device works to send data where it

goes, avoiding collisions Routers work between two networks, like your

network and the Internet24


Wireless Ethernet Networks

Use radio instead of wires Wi-Fi = 802.11 standard Need a wireless network adapter for each

machine – transmits and receives signals Radio signals can be blocked by walls,

reduced by distance WAP – wireless access point – will extend

the range

25


Wireless Media802.11 Standard

Wi-Fi, short for Wireless Fidelity 802.11b – first cost-effective wireless devices. 802.11a, 802.11g – bandwidth increased to 54 Mbps Super G – bandwidth to 108 Mbps 802.11n – will support higher throughput and greatly

increased range


Grid computing

Loosely connected networks of machines volunteered to work on research

Donate your unused cycles to research CPUs are idle a lot, software has been written

to make use of those idle machine cycles Download software that connects you SETI, medicine, mathematics, astrophysics Make sure it’s a project that is legitimate

27


“Cloud computing”

The Internet is “the cloud” Your data is stored on servers remotely, not on

your local hard drive Applications you run (even Office) are via a

web browser Portable Cheaper? “software as service” Like plugging into the wall vs. owning a

generator28


Network Security Threats

Human Errors and Mistakes Accidents and mistakes

Malicious Human Activity Current and former employees hacking or

planting viruses Natural Events and Disasters

Hurricanes, floods, fire


Computer Threats

Hackers and Crackers Viruses Trojan Horses Worms Bots Combating Malicious Code "Malware"


Hackers and Crackers

Why do they do it?To show off their technical expertiseblackmailespionage

industrialmilitary

TheftGlobal terrorism


Viruses

Viruses are malicious code that enters a computer and disrupts normal operation

Viruses might deliver a payload, which could either be annoying or devastating

Trigger events can unleash some viruses When you check email On a certain date/time When your computer starts up


Viruses Computer viruses attach themselves to a file,

reproduce, and spread to other files and computers File virus Boot sector virus Macro / script virus Email virus

Main goal is to reproduce itself Attempts to be unnoticed - stealth mode Depends on the user to execute a program or open a

file to get started


Trojan Horses

Seems to perform one function while doing another Keyloggers record your keystrokes Backdoors allow unauthorized access to

computers Wants to be noticed - looks desirable to get

itself installed A funny video or a cool game


Worms

Designed to spread from computer to computer - more active than a virus or Trojan

Will send ITSELF without user knowledge if there is a network connection available

Mass-mailing worms spread to addresses in the address book on the infected computer Examples include Klez, Netsky, Sasser Messages sometimes contain a spoofed address


Bots

A bot is software that can automate a task or autonomously execute a task

Bots can be useful – system administrators use them to do repetitive work more quickly than a human could, “spiders” are bots

Bots can be the payload of a virus or Trojan Botnets are linked bot-infested computers

Bots can be networked to make a botnet Used for “DOS” attacks


What can they do?

Malicious code can perform the following activities: Network traffic jam Denial of Service attacks

Bot nets Browser reconfiguration Delete and modify files Access confidential information Performance degradation Disable antivirus and firewall software


Network Security

Authentication User ID and password used to access the network Use of a possessed object for access

Access privileges Enable access to certain network systems

Physical protection measures Restrict physical access to sensitive network equipment Magnetic card readers Biometric access devices


Network Security

Firewalls Prevent access to the network by

unauthorized users Composed of software and/or hardware Screen and validate data packets Software firewalls

Norton, McAfee, ZoneAlarm, BlackICE Hardware firewalls

Usually built into routers


Network Firewall Layout


Combating Malicious Code

Use antivirus software and firewall software on every computing device you own keep them up to date Virus signatures keep changing McAfee software freely available on

download.uky.edu to all UK students AVG software www.avg.com free for home use

Do not open suspicious e-mail attachments Regularly download and install the latest

security patches available for your OS, e-mail program, and browser.


Combating Malicious Code

Limit sharing disks and other removable storage media.

Only download programs from reputable Web sites.

Limit the amount of file-sharing you do Use anti-virus software to scan all emails and all

files received from someone else Backup your files regularly Look for unexpected file extensions – like exe on a

jpg file Test your computer with Gibson Research’s free

scan


Protecting a Wireless Network

Change your network’s name Disable the broadcast of its name (SSID) Change the default password on your router Turn on WEP (wired equivalent privacy)

(weak) or WPA (wi-fi protected access) Turn on MAC addresses – so only computers

whose addresses you enter are allowed on Keep software up to date

43

Documents

© 2008 Prentice-Hall, Inc. 1 Technology in Action Chapter 8 Behind the Scenes: Networking and Security