Beruflich Dokumente
Kultur Dokumente
Computer Networks
Table of Contents:
Introduction ....................................................................................2
Types of Networks ...........................................................................2
Ethernet .........................................................................................2
Network Connections........................................................................3
Bus Network ...................................................................................3
Clients and Servers ..........................................................................6
Protocols ........................................................................................6
TCP/IP ...........................................................................................7
IP Addresses ...................................................................................8
Static or Dynamic? ...........................................................................8
Computer Names .............................................................................8
Security .........................................................................................9
Encryption ......................................................................................9
Virus Software.................................................................................9
Access Control.................................................................................9
Firewalls....................................................................................... 10
Conclusion .................................................................................... 11
Types of Networks
Just as there is no limit to the number of systems in a network, there is also no limit
to the geographical size of a network. As a practical matter though, there are some
structural differences between a network of computers all in the same room, and a
network connecting computers in Los Angeles to ones in Sydney Australia.
The most common network includes computers that are close together, usually in the
same building or office. This is called a Local Area Network, abbreviated LAN.
The computers in a LAN are usually connected with cable made up of pairs of wires,
but faster (and more expensive) cables are made from glass fibers, called fiber
optic cable. A network may even use radio waves, in which case it is a wireless
LAN.
When the computers being connected are far apart, typically in different cities, it is
called a WAN or Wide Area Network. The connection is usually done with special
high-speed lines leased from the phone company, but it is also possible to connect
over an ordinary phone line using a device called a modem. It’s slow, but possible.
Accessing a network through a phone line and modem is called a dial-up
connection.
The biggest of all networks is the Internet. The backbone of the Internet consists
of powerful computers all over the world with high-speed connections between them.
Individual computers such as yours then connect to this backbone through an
Internet Service Provider or ISP.
Ethernet
Header
Packet diagram
Then, each computer looks at the address on each packet that comes by on the
network cable, and copies the ones that have the right address. The computer that
sent the packet is called the source, and the one that is supposed to receive it is
called the destination.
Network Connections
When a packet comes out of the computer that originated it, that packet must have
a complete electrical path to every other computer. The simplest way to do this is to
have a cable that goes from one computer to the next until it has connected to each
one. This is called a bus network.
Bus Network
A bus network is the simplest to explain and draw, but it’s not often the simplest one
to use, especially if computers are distributed around various offices in a building,
and then get added, taken away, moved around and so forth.
A much more practical way to connect more than a couple of systems is to connect
each one to a device called a hub. Each system has a cable that goes from it to the
hub, and inside the hub an electrical connection is made between all of the cables.
Each place where a cable plugs into the hub is called a port.
To create larger networks, hubs can use one or more of their connections to connect
to other hubs. This is called a star network, but as far as the electrical signals are
concerned, they go from one computer to every other computer, no different than
the bus network.
When networks get really big, with 100s of systems or more, it’s no longer such a
good idea to have each computer look at every packet, because almost none of the
packets will be for that computer. The large network can be broken up into smaller
groups called subnets, and these are connected with a device called a data switch,
or just a switch.
Within each subnet, all of the computers still see every packet, and so does the
switch. Normally the switch won’t pass those packets on to the other subnets, but if
the packet has an address for a destination in another subnet, the switch will pass
the packet to the port for that subnet. All of the systems in that subnet will then see
the packet, including the system it is actually addressed to. In order to know where
to send a packet, the switch must have a table of addresses for each subnet.
The simplest form of a switch is called a bridge, and it connects just two subnets. A
bridge only needs two ports then, one for each of the subnets.
Sometimes a network will be so big and complex that one switch isn’t enough to
connect all of the subnets. In that case the subnet receiving a packet might be
connected to a different switch than the subnet where the packet started. This is a
more complicated problem, because the switch would need to know not only the
packet’s destination, but also where to send it next to make sure it got there.
For this, a smarter device is needed, called a router. The router needs to know not
only the subnet addresses, but also the best path, or route, to get from one to
another.
One place where routers are used in a big way is the Internet. If you send a
message on the Internet, it might go through many routers before it reaches its
destination. And when you surf to a website, all of the graphics and text showing up
on your screen had to go through routers to find their way from the web site to your
computer.
The more common arrangement is called client-server. One system, called the
server, is responsible for a particular activity or resource. The other systems are
called clients, and they go through the server when they want to use the function or
resource that the server is responsible for.
Some of the things servers are commonly used for include network administration,
e-mail, printers, file storage, and Internet access. Often several of these functions
will be combined into one machine. There is no rule that says a network server and
a print server can’t be the same system.
Clients Server
print server
There is also no rule that says a server must serve the entire network. It is usually
convenient to have a separate network server for each subnet. There are other
divisions that can occur even within a subnet. Computers that need to share the
same resources can be organized into workgroups. With the Windows NT operating
system, the LAN can be divided into sections called domains, and each domain
needs its own server called a domain controller.
Protocols
A protocol is an agreed-upon standard for how something will be done. When your
mother taught you to chew with your mouth closed and keep your elbows off the
table, that was a protocol for proper dining. Computer protocols are the rules for
connecting with other computers and exchanging information with them.
TCP/IP
TCP/IP is actually in two parts. The TCP portion covers the agreements between
systems about how they will carry on their ‘conversation’, and the IP portion deals
with addressing the packets and routing them.
The TCP part all happens in the background and we don’t really need to concern
ourselves with it under normal circumstances. However, in a network that uses
TCP/IP, every system must have a unique IP address, and that is something that
requires human intervention in one way or another.
192.168.42.122
Each of these sets of numbers is called an octet, because they started out as 8-digit
binary numbers. By changing them into 3-digit decimal numbers, the whole address
is shorter and easier to remember. The highest value for any octet is 255, because
the highest number you can make with eight binary digits is equal to 255 in decimal.
In most networks, the first three octets are the same for all systems, and the last
octet is different for every machine. If there are more than 255 computers in a
network, it is usually divided into smaller subnets.
Static or Dynamic?
There are two ways to associate a unique IP address to a specific computer. One
way is for the administrator to assign a number, which stays the same unless
somebody decides to change it some day. That number is then a static IP address.
The other way is to assign a group of addresses to a server, and let the server hand
them out as needed to any system that wants to communicate on the network. This
produces a dynamic IP address. It is sometimes important to know which method
is in use on a network, because with dynamic addressing, the IP address of a
machine may be different each time you try to communicate with it.
Computer Names
The example address 192.168.42.122 is only one digit longer than a phone number
with area code, but that’s plenty long enough to give most of us a hard time. It’s
much easier for people to remember a name instead of a number, and for this
reason computers in a network are also given a unique name. It may be something
mundane like Sales14, but at least it’s a name and not a number.
This is not only easier to remember, but it solves the problem of a dynamic address
that changes all the time, because the computer name doesn’t normally change. It
does create another problem though, because the computers use only the addresses
and not the names to keep track of each other. Fortunately there is a part of the
TCP/IP protocol called address resolution, and it matches up the names and
addresses so things keep rolling smoothly along.
The problem with connecting computers to the Internet is that they are then sharing
a network with many other computers from all over the world, and the users of some
of those other computers are not such nice folks. Protecting the network and the
information on it is one of the most important parts of a network administrator’s job.
Encryption
Encrypting and decrypting information slows things down a bit, so a decision must be
made about when to use it. For packets going around the LAN, it depends on how
likely it is that someone will gain unauthorized access to the LAN, called hacking. It
also depends on how much damage would be done if that happened. If the threat is
severe, encryption can be done not only on the transmitted packets but also to
information stored on the disk drive.
For information going over the Internet, encryption is much more important unless
it’s all right for the whole world to see the information. If you send your credit card
number to a vendor, you must trust that vendor to encrypt and safeguard the
information.
Virus Software
A computer virus is a little program that makes copies of itself to send to other
computers. It’s very similar in some ways to contagious germs spreading a disease
from one person to the next. And like diseases, some of these computer viruses
have some really nasty side effects, like wiping out important files in the operating
system or filling up the hard drive with garbage data.
As we will discuss a little later, there are ways to keep these virus programs from
getting to your computer, but they are not foolproof. A lot of viruses come in
attached to e-mail, and then they will mail copies of themselves to everyone in your
e-mail address folder. You can’t completely block them without blocking e-mail, and
most of us like to get e-mail from our friends and coworkers.
The most important prevention for viruses is to have a good anti-virus program
installed on your computer. Norton, McCaffey and Panda are probably the most
popular. The next most important thing is to keep the anti-virus software up-to-
date, because the delinquents who write virus software are always coming up with
new tricks, and the anti-virus companies are just as quickly coming up with new
versions to stop them.
Access Control
If you have ever had a computer that was connected to a local area network, you
almost certainly had to type in a user name and password to get network access.
It’s two forms of ID, just like when you cash a check at department store.
1. First, if you share files on your computer, use password protection for them
even if they are available to everyone in the network. That way they can’t be
tampered with if a hacker breaks in.
2. In choosing a password, never use your name, your birthday or other obvious
personal information. The best is a random combination of letters and
numbers.
3. Commit the password to memory, and if you must write it down, hide it. A
password written on a post-it note stuck to your monitor is probably worse
than no password at all.
4. Don’t give your password to someone you don’t know personally just because
they claim to be tech support, the phone company, the police or your long-
lost Aunt Matilda. Refer them to the network administrator, or better yet, get
their phone number and have the network administrator call them back.
Firewalls
In a building, a firewall is a wall to keep fire from spreading from one area to
another. In a computer network, a firewall is a boundary that can block unwanted
data packets. The firewall may be program running on the server or router, or it
may be a separate piece of hardware or even a complete computer system just for
that purpose. In any case, its purpose is to look at all of the packets coming
through, and decide which ones can pass and which ones get blocked.
Ports – Several pages ago, we defined a port as the place in a hub that a cable
plugs into. There is another completely different kind of thing called a port, and that
is a location in a computer’s memory that is used by a device or application to send
and receive data. Each application will have one (or more) of these locations for its
own use.
For instance, there is a common e-mail program that has port # 110, which means
that the program exchanges information with the rest of the system at memory
location 110. The popular game called Doom uses port # 666.
When a packet is sent over a network, it will contain not only the destination
address, but also the port number of the application that will use it at that
destination. One of the ways a firewall controls the packets is by looking at the port
number, and only passing packets with ports that are appropriate for the destination.
If nobody should be playing Doom on the network’s computers, then it would make
sense to block port 666.
Another way a firewall can control traffic is to look at the source of the packet. It
can have a ‘prohibited’ list that keeps out packets from certain IP addresses, or it
Conclusion
There is much more to know about security, and about networks in general, if one is
to be involved in managing them. The purpose of this paper is to present just
enough information to enable you talk with network administrators and to
understand their concerns when presenting network products to them. For
additional training in this subject, we recommend the Micro2000 A+ and Network+
courses.