Networks

Paul McMullan

Types of Network

Mobile Phone

Cell Towers

Typically have 3 sectors, each operating at a different frequency so that they don't interfere with each other.

Cellular Backhaul

This is a connection between cell sites and switching offices (Mobile Telephone Switching Office - MTSO). The backhaul can be fiber, copper, or wireless

Early Web Access

A protocol was developed in early days to facilitate the viewing of websites on older mobile phones. The web pages were designed to support the underpowered browsers, running over UDP. The protocol was called WAP - Wireless Application Protocol.

Satellite Networks

A satellite network can be used for two stations on Earth to communicate. The sending Earth Station sends a transmission to the satellite. This stage is called uplink. The satellite transponds the signal and sends it down to the second Earth Station. This stage is called downlink.

Satellites in geostationary earth orbit (GEO) revolve around the Earth at the same speed as the Earth rotates. They maintain the same relative position over the surface of Earth.

Satellite networks serve a number of purposes:

  1. Fixed Service Satellites (FSS)
  2. Broadcase Service Satellites (BSS)
    • Satellite TV/Radio
    • Also called Direct Broadcast Service (DBS)
  3. Mobile Service Satellites (MSS)

Advantages and Disadvantages

Advantages
Disadvantages

 

The Internet

Composition

There are 4 tiers in the composition of the internet

  1. Tier-1 ISPs
    • Top level of the routing hierarchy
    • Large telecommunications companies exchange traffic directly with each other via peering agreements
  2. Tier-2 ISPs
    • Buy Internet transit from Tier-1 providers to reach some on the global Internet
    • Also engage in peering
    • May use a single T1 provider for connectivity, or implement multihoming to achieve redundancy and load balancing
  3. Access ISP
    • Provides Internet connectivity to end users
    • Via DSL, cable, wireless etc.

World Wide Web

Parts of a URL

http:// website.com /path/to/directory/ document.html
Protocol

Name of the host holding the document.

Can also be an IP address

Directory Path Document Name

Hypertext Document

Encoded as a text file and uses tags to build the structure of a web page for a web browser to render. They are often paired with CSS documents to describe how the page should be styled.

Rich Internet Application - RIA

A web application designed to deliver the same features and functions normally associated with desktop applications. They generally split processing by locating the user interface and related activities on the client side, and data manipulation and operations on the application server side.

Application Server

A server program in a computer in a distributed network that provides the business logic for an application.

Frequently viewed as part of a three-tier application consisting of:

Mobile Apps

A computer program designed to run on mobile devices. Native apps run directly on the phone rather than indirectly through a web app on a web browser.

Computer Networks

Networking

The generic term node or host refers to any device on a network. A file server is a computer that stores and manages files for multiple users on a network. A web server is an application dedicated to responding to requests for web pages from web browsers on client machines.

Types of Networks

Local area network - LAN

A network that connects a relatively small number of machines in a relatively close geographical area. Various configurations are used to administrate LANs (called topologies)

Wide area network - WAN

A network that connected two or more local area networks over a potentially large geographical distance. Often one particular node on a LAN is set up to serve as a gateway to handle communications going between that particular LAN and other networks.

Internet Connections

Internet backbone - A set of high speed networks that carry Internet traffic. These are provided by large companies such as AT&T.
Internet server provider (ISP) - A company that provides other companies or individuals with access to the Internet

Protocols

CSMA/CD

Used in Ethernet. The protocol does not work with radio.
The process is as follows:

  1. Listen to channel
  2. If idle then transmit
    • Else wait until the channel is idle, then transmit
  3. During transmission, listen in on transmission for collisions
    • If a collision is detected, then stop transmitting
    • Jam signal
    • Wait random amount of time
    • Restart from beginning

CSMA/CA

Used in WiFi. The process is as follows:

  1. Listen to channel
  2. If idle
    1. Wait short time
    2. If still idle then start transmission
  3. Else
    1. Wait until end of other transmission
    2. Wait random time
    3. Go to step 1

The hidden terminal problem

When end systems cannot hear each other, but can each communicate with a single AP.

Combining Networks

Device Description
 Repeater Repeats everything regardless of the destination
 Bridge Allows for some control and efficiency, as a signal is only repeated to the other side if the desination is on the other side
 Switch  Similar to a bridge, but can connect many networks together

Inter-process Communication

Client-Server

One continuously executing server serves many clients, whom initiate the communication.

Peer-to-peer (P2P)

Two processes communicating as equals on a one-to-one basis. Peer process are usually short lived.

Internet Addressing and Protocol

IPv4 Internet Addressing

A 32 bit number, often written in dotted decimal format. There are only 232 possible IP addresses, which have been exhausted. IPv4 addresses are assigned by InterNIC.

Subnets used to split networks up to expand the number of IP addresses available, however routers outside these networks did not know the subnet details.

The Internet Protocol (IP)

The IP is a Network Layer Protocol. Version 4 is the prodominantly used version currently. It is the highest layer protocol that is implemented at both routers and hosts. 

Screenshot-from-2017-05-16-13-18-23.png

IP breaks data into datagrams limited to 64KB each. These prevent long flows of data from monopolizing the network for a long period of time. Some modern networks can have the 64KB limit increased. Datagrams can further be fragmented depending on the packet size of the data link layer (such as Ethernet)

IP Datagram Service

IP provides an unreliable and connectionless service (datagram service). It is unreliable as IP does not guarentee delivery, and connectionless as each packet is handled independantly.

The consequences of this are that there is a chance for packets to be lost, packets being delivered out of sequence, and duplicated packets getting delivered.

ICMP - Error Reporting

Internet Control Message Protocol is the protocol used for error and control messages on the Internet.

Messages are either query messages or error messages.

ICMP query messages
ICMP error messages

PING - Packet InterNet Groper

A program that utilises the ICMP echo request and echo reply messages. PING is used to verify if a certain host is running. It is used for fault isolation in IP networks. Each ping is translated into an ICMP echo request, and the target host responds with an ICMP echo reply.

ARP - Address Resolution Protocol

Converts IP addresses into Data Link addresses (Such as Ethernet)

DNS - Domain Name System

Chiefly used to translate hostnames into numeric IP addresses. It is an example of a distributed databases. If any particular DNS server can resolve the hostname, then it does so, otherwise it will make a request with another DNS server for the name.

Packet Transfer

Network Stack

Application - Contructs message with address
Transport - Splits message into packets
Network - Handles routing through the Internet
Link - Handles actual transmission of packets

Common Ports

These are high level protocols built on the foundation of the TCP/IP protocol suite.

Port Service
20 File Transfer Protocol - FTP
21 FTP control
22 Secure Shell - SSH
23 Telnet
25 Simple Mail Transfer Protocol - SMTP
69 Trivial File Transfer Protocol - TFTP
80 Hypertext Transfer Protocol - HTTP
110 Post Office Protocol - POP3
115 Simple File Transfer Protocol - SFTP (not to be confused with SSH File Transfer Protocol, which operates on a different port)
119 Network News Transfer Protocol - NNTP
123 Network Time Protocol - NTP
143 Internet Message Access Protocol - IMAP
443 Secure Hypertext Transfer Protocol - HTTPS

Internet backbone - A set of high speed networks that carry Internet traffic. These are provided by large telecomms companies
Internet Service Provider - A company that provides other companies or individuals with access to the Internet

Packet Switching

To improve the efficiency of transferring information over a shared communication line, messages are divided into fixed-sized, numbered packets. Network devices called routers are used to direct packets between networks.

The message is split into packets. Packets are sent over the Internet by the most expedient route. Packets are reordered then reassembled into the original message.

Advantages of Packet Switching

Disadvantages of Packet Switching

Open Systems

Proprietary system - A system that uses technologies kept private by a particular commercial vendor
Interoperability - The ability for software and hardware on multiple machines and from multiple commercial vendors to communicate
Open systems - Systems based on a common model of network architecture and a suite of protocols used in its implementation

The ISO established the Open Systems Interconnection Reference Model - OSI. Each layer deals with a particular aspect of network communication.

Network Protocols

They are layered such that each one relies on the protocols that underlie it. Somtimes this results in it being referred to as a protocol stack.

TCP/IP

TCP stands for Transmission Control Protocol

TCP software breaks messages into packets, hands them off to the IP software for delivery, and then orders and reassembles the packets at their destination.

IP stands for Internet Protocol

IP software deals with the routing of packets through the Internet to their final destination

UDP

UDP stands for User Datagram Protocol

It is a TCP alternative. The main difference being that TCP is highly reliable at the cost of descreased performance, while UDP is less reliable, but generally faster.

MIME Types

Multiplexing

A method by which multiple signals are data streams are combined into one signal over a shared cable. The goal is to share an expensive resource.

Time Division Multiplexing

Screenshot-from-2017-05-16-14-51-30.png

Frequency Division Multiplexing

Screenshot-from-2017-05-16-14-51-37.png

Statistical Multiplexing

A smarter kind of multiplexing that can dedicate larger or smaller channels of bandwidth depending on the application. A large bandwidth application such as streaming TV, can be dedicated more bandwidth than an email application.

Client/Server

Sockets

A door between an application process and the transport protocol (be it TCP or UDP). Applications may have many sockets.

Client / Server Interaction

Server starts by getting ready to receive client connections. The server must be running and listening before a client can initiate a communication.

Client

Server

  1. Start an endless loop to deal with each conversation with the client. Without a loop, the server would communicate with one client, then terminate
  2. The server waits (is blocked) on the client beginning the communication
  3. Client begins communication with the server. A socket is created to point to the server, using the same port that the server is using
  4. Client sends data via a stream to the server. The stream gets sent to the socket
  5. Data sent by the client is detected by the server and the connection is accepted
  6. Data is read from the socket on the server's side in "buffers"

The server can send data back to the client by the same socket used to receive client data. Some data might be large, so it can be split up into several smaller chunks.

Ethernet

Sending data via Ethernet

There are three main types of data transmission.

Unicast

Sending of messages to a single network destination identified by a unique address

Broadcast

Transmitting the same data to all possible destinations

Multicasting

Sends data only to interested destinations by using special address assignments

Collision Handling

Whenever two or more nodes transmit at the same time, the signals would collide and interfere with one another. All transmissions involved would fail as a result.

Collision Avoidance

  1. Before transmission, wait for the line to become quiet
  2. While transmitting, continually monitor the line for signs that a collision has occured
  3. If a collision has occured, cease transmissing and use a backoff-and-retransmit strategy

Backoff algorithm

If a collision occurs, the nodes will try to send the transmission again after a certain period of time.
After the first collision, there are two different back-off times available. One is chosen at random by each of the nodes involved in the collision. Transmission probability is now 50%.

After a second consecutive collision, 4 different back off times are made available, from which one is chosen at random again. This makes the transmission probability 75%

Ethernet

Ethernet Address

Also called a MAC address. This address is globally unique for every device as it is burnt into ROM at the time of manufacture, and cannot be modified. (It can be spoofed though).

A MAC address is 6-bytes in length - 12 hex digits - 48 bits

Ethernet Data

There is preamble of 56 bits of alternating 1's and 0's at the beginning of the data packet.The next byte is the start frame delimiter flag (SFD)

The next 6 bytes is the destination address. The next 6 is the source address. The next 2 bytes is the length or type of the data, the next section is the data itself (with padding). The length is stored in the section previous. The last 4 bytes of the packet is CRC (redundancy checks)

The minimum payload of data for a packet is 46 bytes, the maximum is 1500 bytes. Making the overall packet minimum frame length 64 bytes, or a maximum of 1518 bytes

Physical Ethernet

Four generations of Ethernet - All are backwards compatible

  1. Standard - 10Mbps - coaxial or UTP cat 3
    1. 10Base5 - Bus, thick coaxial
    2. 10Base2 - Bus, thin coaxial
    3. 10Base-T - Star, UTP (unshielded twisted pair)
    4. 10Base-F - Star, fiber
  2. Fast - 100Mbps - UTP cat 5 or optical fibres
    1. 100Base-TX - Two wires, cat 5 UTP
    2. 100Base-FX - Two wires, optical fibre
    3. 100Base-T4 - Four wires, cat3 UTP
  3. Gigabit - 1Gbps - UTP cat 5e or optical fibres
    1. 1000Base-SX - Two wire short wave optical fibre
    2. 1000Base-LX - Two wire, long wave optical fibre
    3. 1000Base-CX - Two wire, copper (STP)
    4. 1000Base-T - Four wire UTP
  4. Ten-Gigabit - 10Gbps - UTP cat 5e or optical fibres

Repeaters and hubs

A repeater can join cables to extend the length of Ethernet reach. A hub splits the signal/bandwidth to reach many hosts. Like a broadcaster

 

Network Security

Firewalls

Network applications and protocols have security issues that are fixed over time. A solution to this is to limit access to end hosts by using a firewall. It acts as a single entry point into the network. It can be hardware or software.

Firewall rules - allow or block applications and/or ports. Exceptions and exclusions can be created on top of this.

Intrusion Detection

Used to monitor suspicious activity on a network. Protects against known software exploits such as buffer overflows.

It detects suspicious activity using "intrusion signatures", which can be described as well known patterns of behaviour. EG, ping sweeps, port scanning, web server indexing, OS fingerprinting, DoS attempts, etc.

IDS (Intrusion detection software) is only useful if contingency plans are in place to stop attacks as they are occuring.

Dictionary Attack

Passwords are generally encrypted with a one-way hash. In other words, when they are encrypted, they can not be unencrypted by the same method. A dictionary attack is when a list of values (words, numbers, common passwords etc) is taken, hashed using the same method as the passwords are hashed, and then comparing hashed values with the hashed passwords. If there is a match, then the hashed password is whatever the value of the hashed dictionary word was.

Denial Of Service (DOS)

The goal of a DoS attack is to make a network service unusuable, usually done by overloading the server or network.

Types of DoS attack

Ingress filtering

If the source IP of a packet comes in on an interface which does not have a route to the packet, then drop it.

TCP Attacks

If an attacker learns the associated TCP state for a connection, the connection can become hijacked. The attacker can insert malicious data into the TCP stream, and the recipient host will believe it came from the original, trusted source.

Encryption

Encryption is the process of encoding information so only those with information on how to decrypt it can access it.

Two types: Symmetrical and Asymmetrical

Password Hashing

Password is stored after being hashed. The use of a salt can further reduce the chance of unintended decryption. Hashing is one way. When authenticating, the entered password attempt will be hashed, and this value is compared with the stored hashed password. Authentication only suceeds if the two hashed passwords match.

OWASP

An online community which creates freely-available articles, documentation, tools and technology in the field of web app security.

SQL Injection

SELECT * FROM users
WHERE username = "john"
AND password = "1234"

Application may check these credentials with a database. If there is a result, then login

SELECT * FROM users
WHERE username = "admin"
AND password = "" OR 1="1"

 

Cloud Computing

Cloud computing provides the means of accessing applications as utilities over the Internet. It removes the need for locally installed desktop based applications. Cloud computing itself is the configuring and accessing of hardware and software resources remotely.

Applications such as email, web conferencing, customer relationship management can be executed on the cloud. It offers platform independency as the software is not required to be installed locally on each machine that will use it.

There are two working models for cloud computing: Deployment models and service models.

Deployment Models

Defines the type of access to the cloud

Public Cloud

The public cloud allows systems and services to be easily accessible to the general public. They may be less secure because of its openness

Private Cloud

The private cloud allows systems and services to be accessible within an organisation. It is more secure because of this nature

Community Cloud

The community cloud allows systems and services to be accessible by a group of organisations.

Hybrid Cloud

A mixture of public and private clouds. Critical activities are performed on the more secure private cloud, while the non-critical activities are performed on the public cloud.

Service Models

Cloud computing is based on service models.

There are three basic service models:

Infrastructure as a Service - IaaS

Provides access to fundamental resources such as physical machines, virtual storage, networking, etc.

Platform as a Service - PaaS

PaaS provides the runtime environment for applications, development and deployment tools etc.

Software as a Service - SaaS

SaaS allows for the use of software applications as a service to end users...

Type of SaaS applications include

The software applications are maintained and updated by the vendor. The license to the software can be subscription based or usage based, and can be billed on a recurring basis. SaaS applications are cost effective since they do not require any maintenance on the end user's part.

They are available on demand, can be quickly scaled to meet demand, and they offer a shared data model, so that multiple users can share a single instance of infrastructure. All users run the same version of the software, meaning there are fewer compatibility issues, and appropriate training can be completed easily.

 

Advantages of Cloud Computing

Risks with Cloud Computing

Security and Privacy

Since data management is provided by a 3rd part, it is always a risk to hand over data to these providers. Although appropriate measures are taken to secure information, a security breach may result in the loss of customers for that cloud provider

Lock in

It is difficult for the customer to switch between cloud providers. This results in dependancy on a particular service provider.

Isolation failure

Involves that failure of the isolation mechanism that separates storage, memory and routing between different customers of the cloud provider

Incomplete data deletion

Extra copies of the data may be stored nearline or offline for backup reasons, so when a deletion request is sent for a particular set of data, it may not be completely removed from the provider's cloud.

Characteristics of Cloud Computing

On demand self service

Cloud computing allows users to use web services and resources on demand.

Broad network access

Since cloud computing is completely web based, it can be accessed from anywhere and at any time.

Resource Pooling

Cloud computing allows multiple customers to share a pool of resources. One can share single physical instances of hardware, database and other basic infrastructure

Rapid Elasticity

It is very easy to scale the resources vertically or horizontally at any time. Scaling of resources means the ability to deal with increasing or decreasing demand in a timely manner.

Email

POP Server

List of common commands used to interact with the POP server

A POP server connects to port 110.

A problem with POP email is that once an email client fetches the emails, they are removed from the server. This makes it difficult to access the same emails from any other device or system. 

IMAP Server

Internet message access protocol. More capable than POP. The most prominent feature of an IMAP server is that it provides central access to emails. IMAP servers keep the email messages on the server itself so that they can be access from any device with access to the server.

The server also provides easy management of emails like searching, categorizing the emails and placing them into various subfolders etc.

The email client connects to the server via port 143.