- Types of Network
- The Internet
- Computer Networks
- Internet Addressing and Protocol
- Packet Transfer
- Network Security
- Cloud Computing
Types of Network
Typically have 3 sectors, each operating at a different frequency so that they don't interfere with each other.
This is a connection between cell sites and switching offices (Mobile Telephone Switching Office - MTSO). The backhaul can be fiber, copper, or wireless
Early Web Access
A protocol was developed in early days to facilitate the viewing of websites on older mobile phones. The web pages were designed to support the underpowered browsers, running over UDP. The protocol was called WAP - Wireless Application Protocol.
A satellite network can be used for two stations on Earth to communicate. The sending Earth Station sends a transmission to the satellite. This stage is called uplink. The satellite transponds the signal and sends it down to the second Earth Station. This stage is called downlink.
Satellites in geostationary earth orbit (GEO) revolve around the Earth at the same speed as the Earth rotates. They maintain the same relative position over the surface of Earth.
Satellite networks serve a number of purposes:
- Fixed Service Satellites (FSS)
- Broadcase Service Satellites (BSS)
- Satellite TV/Radio
- Also called Direct Broadcast Service (DBS)
- Mobile Service Satellites (MSS)
Advantages and Disadvantages
- The coverage area of a satellite network greatly exceeds that of a terrestrial system
- Transmission cost of a satellite is independant of the distance
- Satellite to satellite communication is very precise
- Launcing satellites into orbit is costly
- Bandwidth is limited
- Large latency compared to terrestrial equivalents due to the much larger distance signals have to travel
There are 4 tiers in the composition of the internet
- Tier-1 ISPs
- Top level of the routing hierarchy
- Large telecommunications companies exchange traffic directly with each other via peering agreements
- Tier-2 ISPs
- Buy Internet transit from Tier-1 providers to reach some on the global Internet
- Also engage in peering
- May use a single T1 provider for connectivity, or implement multihoming to achieve redundancy and load balancing
- Access ISP
- Provides Internet connectivity to end users
- Via DSL, cable, wireless etc.
World Wide Web
Parts of a URL
Name of the host holding the document.
Can also be an IP address
|Directory Path||Document Name|
Encoded as a text file and uses tags to build the structure of a web page for a web browser to render. They are often paired with CSS documents to describe how the page should be styled.
Rich Internet Application - RIA
A web application designed to deliver the same features and functions normally associated with desktop applications. They generally split processing by locating the user interface and related activities on the client side, and data manipulation and operations on the application server side.
A server program in a computer in a distributed network that provides the business logic for an application.
Frequently viewed as part of a three-tier application consisting of:
- A graphical user interface (GUI) server
- An application (business logic) server
- A database and transaction server
- A first-tier, front end, web browser based GUI
- A middle-tier business logic application, or set of applications possibly on a LAN or internet server
- A third-tier, back end database and transaction server, sometimes on a mainframe or other large server
A computer program designed to run on mobile devices. Native apps run directly on the phone rather than indirectly through a web app on a web browser.
The generic term node or host refers to any device on a network. A file server is a computer that stores and manages files for multiple users on a network. A web server is an application dedicated to responding to requests for web pages from web browsers on client machines.
Types of Networks
Local area network - LAN
A network that connects a relatively small number of machines in a relatively close geographical area. Various configurations are used to administrate LANs (called topologies)
- Ring - A configuration that connects all nodes in a closed loop on which messages travel in one direction
- Star - A configuration that centers around one node to which all others are connected and through which all messages are sent
- Bus - All nodes are connected to a single communication line that carries messages in both directions
Wide area network - WAN
A network that connected two or more local area networks over a potentially large geographical distance. Often one particular node on a LAN is set up to serve as a gateway to handle communications going between that particular LAN and other networks.
Internet backbone - A set of high speed networks that carry Internet traffic. These are provided by large companies such as AT&T.
Internet server provider (ISP) - A company that provides other companies or individuals with access to the Internet
Used in Ethernet. The protocol does not work with radio.
The process is as follows:
- Listen to channel
- If idle then transmit
- Else wait until the channel is idle, then transmit
- During transmission, listen in on transmission for collisions
- If a collision is detected, then stop transmitting
- Jam signal
- Wait random amount of time
- Restart from beginning
Used in WiFi. The process is as follows:
- Listen to channel
- If idle
- Wait short time
- If still idle then start transmission
- Wait until end of other transmission
- Wait random time
- Go to step 1
The hidden terminal problem
When end systems cannot hear each other, but can each communicate with a single AP.
|Repeater||Repeats everything regardless of the destination|
|Bridge||Allows for some control and efficiency, as a signal is only repeated to the other side if the desination is on the other side|
|Switch||Similar to a bridge, but can connect many networks together|
One continuously executing server serves many clients, whom initiate the communication.
Two processes communicating as equals on a one-to-one basis. Peer process are usually short lived.
Internet Addressing and Protocol
IPv4 Internet Addressing
A 32 bit number, often written in dotted decimal format. There are only 232 possible IP addresses, which have been exhausted. IPv4 addresses are assigned by InterNIC.
Subnets used to split networks up to expand the number of IP addresses available, however routers outside these networks did not know the subnet details.
The Internet Protocol (IP)
The IP is a Network Layer Protocol. Version 4 is the prodominantly used version currently. It is the highest layer protocol that is implemented at both routers and hosts.
IP breaks data into datagrams limited to 64KB each. These prevent long flows of data from monopolizing the network for a long period of time. Some modern networks can have the 64KB limit increased. Datagrams can further be fragmented depending on the packet size of the data link layer (such as Ethernet)
IP Datagram Service
IP provides an unreliable and connectionless service (datagram service). It is unreliable as IP does not guarentee delivery, and connectionless as each packet is handled independantly.
The consequences of this are that there is a chance for packets to be lost, packets being delivered out of sequence, and duplicated packets getting delivered.
ICMP - Error Reporting
Internet Control Message Protocol is the protocol used for error and control messages on the Internet.
Messages are either query messages or error messages.
ICMP query messages
- Echo request/echo reply
- Router advertisement/Router solicitation
- Timestamp request/Timestamp reply
- Address mask request/Address mask reply
ICMP error messages
- Host unreachable
- Source quench
- Parameter problem
PING - Packet InterNet Groper
A program that utilises the ICMP echo request and echo reply messages. PING is used to verify if a certain host is running. It is used for fault isolation in IP networks. Each ping is translated into an ICMP echo request, and the target host responds with an ICMP echo reply.
ARP - Address Resolution Protocol
Converts IP addresses into Data Link addresses (Such as Ethernet)
DNS - Domain Name System
Chiefly used to translate hostnames into numeric IP addresses. It is an example of a distributed databases. If any particular DNS server can resolve the hostname, then it does so, otherwise it will make a request with another DNS server for the name.
Application - Contructs message with address
Transport - Splits message into packets
Network - Handles routing through the Internet
Link - Handles actual transmission of packets
These are high level protocols built on the foundation of the TCP/IP protocol suite.
|20||File Transfer Protocol - FTP|
|22||Secure Shell - SSH|
|25||Simple Mail Transfer Protocol - SMTP|
|69||Trivial File Transfer Protocol - TFTP|
|80||Hypertext Transfer Protocol - HTTP|
|110||Post Office Protocol - POP3|
|115||Simple File Transfer Protocol - SFTP (not to be confused with SSH File Transfer Protocol, which operates on a different port)|
|119||Network News Transfer Protocol - NNTP|
|123||Network Time Protocol - NTP|
|143||Internet Message Access Protocol - IMAP|
|443||Secure Hypertext Transfer Protocol - HTTPS|
Internet backbone - A set of high speed networks that carry Internet traffic. These are provided by large telecomms companies
Internet Service Provider - A company that provides other companies or individuals with access to the Internet
To improve the efficiency of transferring information over a shared communication line, messages are divided into fixed-sized, numbered packets. Network devices called routers are used to direct packets between networks.
The message is split into packets. Packets are sent over the Internet by the most expedient route. Packets are reordered then reassembled into the original message.
Advantages of Packet Switching
- No wasted bandwidth - Links are not reserved during idle periods
- Serivce - more connections of lesser quality, and no blocking of users
- Adaptation - If there is a failure point, the network can recover and work around it
Disadvantages of Packet Switching
- No guaranteed bandwidth - Harder to build applications requiring QoS
- Per packet overhead - packet headers etc
- Complex end-to-end control - Packets can be lost, corrupted during transit, or delivered in the incorrect order
- Delay and congestion - due to no congestion control, arbitrary delays and packet drops can occur
Proprietary system - A system that uses technologies kept private by a particular commercial vendor
Interoperability - The ability for software and hardware on multiple machines and from multiple commercial vendors to communicate
Open systems - Systems based on a common model of network architecture and a suite of protocols used in its implementation
The ISO established the Open Systems Interconnection Reference Model - OSI. Each layer deals with a particular aspect of network communication.
They are layered such that each one relies on the protocols that underlie it. Somtimes this results in it being referred to as a protocol stack.
TCP stands for Transmission Control Protocol
TCP software breaks messages into packets, hands them off to the IP software for delivery, and then orders and reassembles the packets at their destination.
IP stands for Internet Protocol
IP software deals with the routing of packets through the Internet to their final destination
UDP stands for User Datagram Protocol
It is a TCP alternative. The main difference being that TCP is highly reliable at the cost of descreased performance, while UDP is less reliable, but generally faster.
A method by which multiple signals are data streams are combined into one signal over a shared cable. The goal is to share an expensive resource.
Time Division Multiplexing
Frequency Division Multiplexing
A smarter kind of multiplexing that can dedicate larger or smaller channels of bandwidth depending on the application. A large bandwidth application such as streaming TV, can be dedicated more bandwidth than an email application.
A door between an application process and the transport protocol (be it TCP or UDP). Applications may have many sockets.
Client / Server Interaction
Server starts by getting ready to receive client connections. The server must be running and listening before a client can initiate a communication.
- Create a TCP socket
- Close the connection
- Create a TCP socket
- Accept new connection
- Close connection
- Start an endless loop to deal with each conversation with the client. Without a loop, the server would communicate with one client, then terminate
- The server waits (is blocked) on the client beginning the communication
- Client begins communication with the server. A socket is created to point to the server, using the same port that the server is using
- Client sends data via a stream to the server. The stream gets sent to the socket
- Data sent by the client is detected by the server and the connection is accepted
- Data is read from the socket on the server's side in "buffers"
The server can send data back to the client by the same socket used to receive client data. Some data might be large, so it can be split up into several smaller chunks.
Sending data via Ethernet
There are three main types of data transmission.
Sending of messages to a single network destination identified by a unique address
Transmitting the same data to all possible destinations
Sends data only to interested destinations by using special address assignments
Whenever two or more nodes transmit at the same time, the signals would collide and interfere with one another. All transmissions involved would fail as a result.
- Before transmission, wait for the line to become quiet
- While transmitting, continually monitor the line for signs that a collision has occured
- If a collision has occured, cease transmissing and use a backoff-and-retransmit strategy
If a collision occurs, the nodes will try to send the transmission again after a certain period of time.
After the first collision, there are two different back-off times available. One is chosen at random by each of the nodes involved in the collision. Transmission probability is now 50%.
After a second consecutive collision, 4 different back off times are made available, from which one is chosen at random again. This makes the transmission probability 75%
Also called a MAC address. This address is globally unique for every device as it is burnt into ROM at the time of manufacture, and cannot be modified. (It can be spoofed though).
A MAC address is 6-bytes in length - 12 hex digits - 48 bits
There is preamble of 56 bits of alternating 1's and 0's at the beginning of the data packet.The next byte is the start frame delimiter flag (SFD)
The next 6 bytes is the destination address. The next 6 is the source address. The next 2 bytes is the length or type of the data, the next section is the data itself (with padding). The length is stored in the section previous. The last 4 bytes of the packet is CRC (redundancy checks)
The minimum payload of data for a packet is 46 bytes, the maximum is 1500 bytes. Making the overall packet minimum frame length 64 bytes, or a maximum of 1518 bytes
Four generations of Ethernet - All are backwards compatible
- Standard - 10Mbps - coaxial or UTP cat 3
- 10Base5 - Bus, thick coaxial
- 10Base2 - Bus, thin coaxial
- 10Base-T - Star, UTP (unshielded twisted pair)
- 10Base-F - Star, fiber
- Fast - 100Mbps - UTP cat 5 or optical fibres
- 100Base-TX - Two wires, cat 5 UTP
- 100Base-FX - Two wires, optical fibre
- 100Base-T4 - Four wires, cat3 UTP
- Gigabit - 1Gbps - UTP cat 5e or optical fibres
- 1000Base-SX - Two wire short wave optical fibre
- 1000Base-LX - Two wire, long wave optical fibre
- 1000Base-CX - Two wire, copper (STP)
- 1000Base-T - Four wire UTP
- Ten-Gigabit - 10Gbps - UTP cat 5e or optical fibres
Repeaters and hubs
A repeater can join cables to extend the length of Ethernet reach. A hub splits the signal/bandwidth to reach many hosts. Like a broadcaster
Network applications and protocols have security issues that are fixed over time. A solution to this is to limit access to end hosts by using a firewall. It acts as a single entry point into the network. It can be hardware or software.
Firewall rules - allow or block applications and/or ports. Exceptions and exclusions can be created on top of this.
Used to monitor suspicious activity on a network. Protects against known software exploits such as buffer overflows.
It detects suspicious activity using "intrusion signatures", which can be described as well known patterns of behaviour. EG, ping sweeps, port scanning, web server indexing, OS fingerprinting, DoS attempts, etc.
IDS (Intrusion detection software) is only useful if contingency plans are in place to stop attacks as they are occuring.
Passwords are generally encrypted with a one-way hash. In other words, when they are encrypted, they can not be unencrypted by the same method. A dictionary attack is when a list of values (words, numbers, common passwords etc) is taken, hashed using the same method as the passwords are hashed, and then comparing hashed values with the hashed passwords. If there is a match, then the hashed password is whatever the value of the hashed dictionary word was.
Denial Of Service (DOS)
The goal of a DoS attack is to make a network service unusuable, usually done by overloading the server or network.
Types of DoS attack
- SYN flodding
- Sending SYN packets with a faked source address
- The server responds with SYN ACK and keeps a half open TCP connection state
- This is repeated until server memory is exhausted
- Solution: SYN cookies
- In response to SYN, create a special cookie for the connection and forget everything else about it
- The forgotten information can be recreated when the ACK comes from a legitimate connection
- Source IP address of a broadcast ping is forged
- A large number of machines respond back to the victim, overloading it
- Distributed attacks
- Same techniques, but on a much larger scale using a large number of machines
If the source IP of a packet comes in on an interface which does not have a route to the packet, then drop it.
If an attacker learns the associated TCP state for a connection, the connection can become hijacked. The attacker can insert malicious data into the TCP stream, and the recipient host will believe it came from the original, trusted source.
Encryption is the process of encoding information so only those with information on how to decrypt it can access it.
Two types: Symmetrical and Asymmetrical
Password is stored after being hashed. The use of a salt can further reduce the chance of unintended decryption. Hashing is one way. When authenticating, the entered password attempt will be hashed, and this value is compared with the stored hashed password. Authentication only suceeds if the two hashed passwords match.
An online community which creates freely-available articles, documentation, tools and technology in the field of web app security.
SELECT * FROM users
WHERE username = "john"
AND password = "1234"
Application may check these credentials with a database. If there is a result, then login
SELECT * FROM users
WHERE username = "admin"
AND password = "" OR 1="1"
Cloud computing provides the means of accessing applications as utilities over the Internet. It removes the need for locally installed desktop based applications. Cloud computing itself is the configuring and accessing of hardware and software resources remotely.
Applications such as email, web conferencing, customer relationship management can be executed on the cloud. It offers platform independency as the software is not required to be installed locally on each machine that will use it.
There are two working models for cloud computing: Deployment models and service models.
Defines the type of access to the cloud
The public cloud allows systems and services to be easily accessible to the general public. They may be less secure because of its openness
The private cloud allows systems and services to be accessible within an organisation. It is more secure because of this nature
The community cloud allows systems and services to be accessible by a group of organisations.
A mixture of public and private clouds. Critical activities are performed on the more secure private cloud, while the non-critical activities are performed on the public cloud.
Cloud computing is based on service models.
There are three basic service models:
- Infrastructure as a Service - IaaS
- Platform as a Service - PaaS
- Software as a Service - SaaS
- (Anything as a Service - XaaS)
- Network as a Service
- Business as a Service
- Identity as a Service
- Database as a Service
- Strategy as a Service
Infrastructure as a Service - IaaS
Provides access to fundamental resources such as physical machines, virtual storage, networking, etc.
Platform as a Service - PaaS
PaaS provides the runtime environment for applications, development and deployment tools etc.
Software as a Service - SaaS
SaaS allows for the use of software applications as a service to end users...
Type of SaaS applications include
- Billing and invoicing systems
- CRM applications
- Help desk applications
- HR solutions
The software applications are maintained and updated by the vendor. The license to the software can be subscription based or usage based, and can be billed on a recurring basis. SaaS applications are cost effective since they do not require any maintenance on the end user's part.
They are available on demand, can be quickly scaled to meet demand, and they offer a shared data model, so that multiple users can share a single instance of infrastructure. All users run the same version of the software, meaning there are fewer compatibility issues, and appropriate training can be completed easily.
Advantages of Cloud Computing
- High efficiency, reliability and flexibility
- Cost effective
- On demand self service
- Resources are available on network
- No additional software is required (or a minimal amount)
- Cloud computing offers load balancing
- Optimum utilisation of hardware (resulting in cost efficiency) - It just requires a network connection
Risks with Cloud Computing
Security and Privacy
Since data management is provided by a 3rd part, it is always a risk to hand over data to these providers. Although appropriate measures are taken to secure information, a security breach may result in the loss of customers for that cloud provider
It is difficult for the customer to switch between cloud providers. This results in dependancy on a particular service provider.
Involves that failure of the isolation mechanism that separates storage, memory and routing between different customers of the cloud provider
Incomplete data deletion
Extra copies of the data may be stored nearline or offline for backup reasons, so when a deletion request is sent for a particular set of data, it may not be completely removed from the provider's cloud.
Characteristics of Cloud Computing
On demand self service
Cloud computing allows users to use web services and resources on demand.
Broad network access
Since cloud computing is completely web based, it can be accessed from anywhere and at any time.
Cloud computing allows multiple customers to share a pool of resources. One can share single physical instances of hardware, database and other basic infrastructure
It is very easy to scale the resources vertically or horizontally at any time. Scaling of resources means the ability to deal with increasing or decreasing demand in a timely manner.
List of common commands used to interact with the POP server
LIST- provide message list
DELE- delete a message
QUIT- End the interaction
A POP server connects to port 110.
A problem with POP email is that once an email client fetches the emails, they are removed from the server. This makes it difficult to access the same emails from any other device or system.
Internet message access protocol. More capable than POP. The most prominent feature of an IMAP server is that it provides central access to emails. IMAP servers keep the email messages on the server itself so that they can be access from any device with access to the server.
The server also provides easy management of emails like searching, categorizing the emails and placing them into various subfolders etc.
The email client connects to the server via port 143.