section 3 - networks Flashcards
A LAN is a Local Area Network
- A LAN covers a small geographical area located on a single site i.e. businesses, schools/universities
- All the hardware for a LAN is owned by the organisation that uses it.
- LANs are either wired (e.g., with Ethernet cables) or wireless (e.g., using Wi-Fi®)
Why Use A LAN?
- Sharing files is easier — network users can access the same files, work collaboratively on them (at the same time) and copy files between machines.
- You can share the same hardware (like printers) on a LAN.
- The Internet connection can be shared between every device connected to the LAN.
- You can install and update software on all computers at once, rather than one-by-one.
- User accounts can be stored centrally, so users can log in from any device on the network.
WAN
1) WAN stands for Wide Area Network.
2) A WAN connects LANs that are in different geographical locations. E.g. a business with offices in three different countries would need a WAN for all their devices to connect together.
3) Unlike a LAN, organisations hire infrastructure (e.g. communication lines) from telecommunications companies. This is because a WAN is much more expensive to set up than a LAN.
4) WANS may be connected using fibre or copper telephone lines, satellite links or radio links.
5) The Internet is one big WAN
Network Interface Controller
A Network Interface Controller (NIC) is an internal piece of hardware that allows a device to connect to a network. These used to be on separate cards, but nowadays they’re built into the motherboard. NICs exist for both wired and wireless connections.
To connect wirelessly, devices need a wireless NIC. This is often built in, but if not, you can use a dongle.
* USB dongles can be plugged into computers to allow them to connect wirelessly to the Internet.
* HDMI dongles can use wireless networks to stream high-quality video to a TV.
switches
Switches connect devices on a LAN. Switches receive data (in units called frames) from one device and transmit this data to the device on the network with the correct MAC address
Routers
Routers are responsible for transmitting data between networks. they’re always connected to at least two different networks.
Routers have a crucial role on the Internet, directing data (in units called packets) to their destination.
Routers are used in homes and offices to connect the LAN to the Internet.
ethernet connections
Ethernet (wired) networks can use different types of Ethernet cables to connect devices on a LAN.
CAT 5e and CAT 6 Ethernet cables
The most common Ethernet cables are CAT 5e and CAT 6. They are ‘twisted pair’ cables, containing four pairs of copper wires which are twisted together to reduce internal interference.
Coaxial cables
Coaxial cables are made of a single copper wire surrounded by a plastic layer for insulation and a metallic mesh which provides shielding from outside interference.
Fibre optic cables
Fibre optic cables transmit data as light. They are high performance (and therefore expensive) cables they don’t suffer interference and can transmit over very large distances without loss of signal quality.
Bluetooth®
- Usually a direct connection between two devices so that data can be shared.
- Connection range varies, but mobile devices are typically 10 meters.
- Low bandwidth compared to Wi-Fi®.
- Often used in mobile/wearable devices - smartphones/watches, headphones, etc.
Wi-Fi®
- Can be used by multiple devices to connect to a LAN at the same time.
- Connections have a range between 40 and 100 metres.
- High bandwidth compared to Bluetooth®.
- Often used in the home-routers, desktops, laptops, smartphones, etc.
Wireless networks
1) Like mobile phones and TVs, wireless networks use radio waves to transmit data.
2) Wireless networks are more convenient than wired networks as you can move around while still being connected - they are also cheaper as you need fewer wires.
3) Bluetooth® and Wi-Fi® are two common wireless technologies:
4) To set up a Wi-Fi® network, you need a Wireless Access Point (WAP) device. The WAP is basically a switch that allows devices to connect wirelessly.
Many Factors can affect the Performance of Networks
1) Bandwidth is the amount of data that can be transferred in a given time, e.g. 500 Mbps.
2) Available bandwidth is shared between the devices on a network too many devices or heavy use (e.g. streaming video) may cause congestion and slow the network. You can limit the bandwidth available to individual users to address this.
3) Wired connections are generally faster and more reliable than wireless.
4) Wireless performance depends on signal quality so is affected by the range of the device, the amount of interference from other wireless networks and physical obstructions like thick walls in buildings.
client servers and peer to peer networks are about…
the roles of individual devices on the network
client-server network
1) A client-server network is managed by a server. The devices connected to the server are clients.
2) Files and software are usually stored centrally on the server rather than on individual client devices.
3) Clients send requests to the server, e.g., asking for data. The server processes the request and responds. This is the client-server relationship.
4) The server stores user profiles, passwords, and access information - it may request a password before fulfilling certain requests or deny requests to users without the right access level.
client-server network - pros
-Easier to keep track of files as they are stored centrally.
-Easier to perform back-ups.
-Easier to install and update software.
-Easier to manage network security (e.g. anti-malware software and user access levels).
-Servers are very reliable and are always on.
client-server network - cons
-Expensive to set up and needs IT specialists to maintain the network and server.
-Server dependence - if the server goes down all clients lose access to their work.
-The server may become overloaded if too many clients are accessing it at once.
peer to peer networks
1) In Peer-to-Peer (P2P) networks all devices are equal, connecting directly to each other without a server.
2) You store files on individual devices and share them with others.
3) You may use a P2P network at home to share files between devices or connect devices to a printer.
peer to peer networks - pros
-Easy to maintain -you don’t need any expertise or expensive hardware.
-No dependence on server - if one device fails the whole network isn’t lost.
peer to peer networks - cons
-No centralised management - devices need their updates and security installed individually.
-Copying files between devices creates duplicate files - it’s easy to lose track of what’s stored where and which files are up to date.
-Peer machines are less reliable, and data may be lost if one fails.
-Machines are prone to slow down when other devices access them.
network topologies
Layout of the network
star topology
-In a star topology, all the devices are connected to a central switch or server that controls the network.
-The central switch allows many devices to access the server simultaneously.
-Star networks may be wired or wireless.
star topology - pros
-If a device fails or a cable is disconnected, the rest of the network is unaffected.
-It’s simple to add more devices to the network.
-Better performance than other setups data goes straight to the central device so all devices can transmit data at once and there are few data collisions.
star topology - cons
-In wired networks, every device needs a cable to connect to the central switch or server. This can be expensive, e.g., for an office building with 50 terminals.
-If there is a problem with the switch/server, the whole network is affected.
mesh topology
1It is decentralised networking devices are either directly or indirectly connected to every other one without the need for one central switch or server. Mesh networks work by sending data along the fastest route from one device to another.
2) The main advantage of a mesh topology is that there is no single point where the network can fail. If the central switch or server of a star network fails then the whole network fails - in a mesh network, if one device fails then the data is sent along a different route to get to its target.
3) The traditional problem with mesh networks has been that they were very expensive - you needed a lot of wire to connect so many devices together. But now more people are using wireless technology, mesh networks are a more practical option.
network standard
-a set of agreed requirements for hardware and software.
- Standards are important as they allow manufacturers to create products and programs that will be compatible with products and programs from other manufacturers.
network protocol
-a set of rules for how devices communicate and how data is transmitted across a network.
mac address
Communication within a network uses MAC Addresses
1) Every device needs a unique identifier so it can be found on a network.
2) MAC addresses are assigned to all network-enabled devices by the manufacturer. They are unique to the device and cannot be changed.
3)MAC addresses are 48 or 64-bit binary numbers (i.e., a long string of 48 or 64 0s and 1s). To make them easier to use they’re converted into hexadecimal.
IP Address
An IP address is a unique address that identifies a device on the internet or a local network. IP stands for “Internet Protocol”. There are 2 variations of IP addresses – IPv6 and IPv4.
IPv4 is a set of four 8 bit chunks given as denary numbers separated by periods, where as IPv6 address is represented as eight groups of four hexadecimal digits, each group representing 16 bits. The groups are separated by colons (:)
TCP/IP protocol.
TCP/IP is the protocol which dictates how data is sent between networks. It’s made up of two protocols. TCP & IP
TCP
Transmission Control Protocol (TCP) sets the rules for how devices connect on the network. It’s in charge of splitting the data into packets and reassembling the packets back into the original data once they reach the receiving device. It’s also responsible for checking the data is correctly sent and delivered.
IP
Internet Protocol (IP) is responsible for directing packets to their destination across the network.
other protocols
Several other protocols build upon TCP/IP to do specific Internet-based tasks:
other protocols - HTTP
Hyper Text Transfer Protocol - Used by web browsers to access websites and communicate with web servers.
other protocols - HTTPS
HTTP Secure - A more secure version of HTTP. Encrypts all information sent and received.
other protocols - FTP
File Transfer Protocol - Used to access, edit and move files between devices on a network, e.g. to access files on a server from a client computer.
other protocols - POP3
Post Office Protocol version 3 - Used to retrieve emails from a server. The server holds the email until you download it, at which point it is deleted from the server.
other protocols - IMAP
Internet Message Access Protocol - Used to retrieve emails from a server. The server holds the email until you delete it - you only download a copy. Used by most web-based email clients
other protocols - SMTP
Simple Mail Transfer Protocol - Used to send emails. Also used to transfer emails between servers.
network protocol layers
1) Layers are self-contained - protocols in each layer don’t need to know what’s happening in other layer
2) Each layer serves the layer above it- it does the hidden work needed for an action on the layer above
3) data can only be passed between adjacent layers
Application layer
Application layer - turn data into websites and other applications and vice versa - HTTP, FTP, SMTP
Transport layer - 3
Transport layer - splits data into packets and checks if the data is sent and delivered – TCP.
Internet layer - 2
Internet layer - making Connections between networks and directing data – IP.
Network Access layer - 1
Network Access layer - passing data (as electrical signals) over the physical network - ethernet/Wi-Fi.
Advantages of Using Layers
-It breaks network communication into manageable pieces. This helps developers concentrate on only one area of the network without having to worry about the others.
-As layers are self-contained, they can be changed without the other layers being affected.
-Having standards for each layer forces companies to make compatible, universal hardware and software, so different brands will work with each other and always work in basically the same way.
Internet
The Internet is a network of networks - it’s a WAN which connects devices and networks from all over the world. It’s based around the protocol TCP/IP.
The World Wide Web (WWW)
The World Wide Web (WWW) is a collection of websites that are hosted on web servers and accessed through the http protocol.
URLs (uniform resource locator)
URLs are addresses used to access web servers and resources on them.
Domain Name Service (DNS)
A Domain Name Service (DNS) is used to translate website domain names into IP addresses - this means you don’t need to remember IP addresses to access websites you can use domain names instead. These services use a network of Domain Name Servers which store IP addresses and matching domain names.
Hosting
-Hosting is when a business uses its servers to store files of another organisation.
-The traditional use for this on the Internet is the hosting of websites on web servers.
pros of hosting and using the cloud
-Users can access files and applications from any connected device.
-Easy to increase how much storage is available
-No need to buy expensive hardware to store data or run complex applications.
-No need to pay IT staff to manage the hardware.
-Cloud host provides security and backups for you.
-Cloud software will be updated automatically.
cons of hosting and using the cloud
-Need connection to the Internet to access files or applications.
-Dependent on host for security and back-ups.
-Data stored in the cloud can be vulnerable to hackers.
-Subscription fees for using cloud storage and software may be expensive.
passive attack
A passive attack is where someone monitors data travelling on a network and intercepts any sensitive information they find. They use network-monitoring hardware and software such as packet sniffers. Passive attacks are hard to detect as the hacker is quietly listening. The best defence against passive attacks is data encryption.
active attack
An active attack is when someone attacks a network with malware or other planned attacks, They are more easily detected. The main defense against them is a firewall
insider attack
In an insider attack someone within an organisation exploits their network access to steal information.
brute force attack
A brute force attack is a type of active attack used to gain information by cracking passwords through trial and error. Brute force attacks use automated software to produce hundreds of likely password combinations, e.g. combining real words with predictable number sequences. Simple measures like locking accounts after a certain number of failed attempts and using strong passwords will reduce the risk of a brute force attack.
denial-of-service attack (DoS)
A denial-of-service attack (DoS) is where a hacker tries to stop users from accessing a part of a network or website. Most DoS attacks involve flooding the network with useless traffic, making the network extremely slow or completely inaccessible.
Malware
Malware (malicious software) is installed on someone’s device without their knowledge or consent.
Typical actions of malware
- Deleting or modifying files.
- Scareware
- Locking files
- Spyware
Scareware
it tells the user their computer is infected with loads of viruses to scare them into following malicious links or paying for problems to be fixed.
Locking files
ransomware encrypts all the files on a computer. The user receives a message demanding a large sum of money be paid in exchange for a decryption key.
Spyware
secretly monitors user actions, e.g. key presses, and sends info to the hacker. Rootkits alter permissions, giving malware and hackers administrator-level access to devices.
Methods that malware can access your device with - virus
Viruses attach (by copying themselves) to certain files, e.g. .exe files and autorun scripts. Users spread them by copying infected files and activate them by opening infected files.
Methods that malware can access your device with - worms
Worms are like viruses but they self-replicate without any user help, meaning they can spread very quickly. They exploit weaknesses in network security.
Methods that malware can access your device with - Trojans
Trojans are malware disguised as legitimate software. Unlike viruses and worms, Trojans don’t replicate themselves - users install them not realising they have a hidden purpose.
SQL injection
1) Networks which make use of databases are vulnerable to SQL injection attacks.
2) SQL stands for Structured Query Language - it’s one of the main coding languages - used to access information in databases.
4) A website may allow you to view your account information, if you enter your password into an input box. If the website’s SQL code does not have strong enough input validation, then someone may be able to enter a piece of SQL code which allows them to access other people’s account information as well as their own.
SQL injection example
For example, to access an online retail account you may need to put in a PIN number. When you put in your PIN number, 12345, the website’s SQL code may be executed like this:
* SELECT name, address, account number WHERE pin = 12345
* However, this SQL code does not have strong validation because it doesn’t specify that the PIN value must be numerical. This can be exploited by entering the code “12345 OR 1=1”. This code is an SQL injection. Now the SQL query looks like this instead…
* SELECT name, address, account number WHERE pin = 12345 OR 1=1
* 1=1 is always true in SQL, so rather than just showing your details, the website instead shows the details of everyone on the website’s database.
social engineering
Social engineering is a way of gaining sensitive information or illegal access to networks by influencing people, usually the employees of large companies.
A common form of social engineering
A common form of social engineering takes place over the telephone someone rings up an employee of a company and pretends to be a network administrator or somebody else within the organisation. The social engineer gains the employee’s trust and persuades them to disclose confidential information -this might be personal (e.g., their login details) or sensitive company data.
social engineering - phishing
Phishing is when criminals send emails or texts to people claiming to be from a well-known business, e.g., a bank or online retailer. The emails often contain links to spoof versions of the company’s website. They then request that the user update their personal information (e.g., password or bank account details). When the user inputs this data into the website they hand it all over to the criminals, who can then access their genuine account.
Phishing emails are often sent to thousands of people, in the hope that someone will read the email and believe its content is legitimate.
Many email programs, browsers and firewalls have anti-phishing features that will reduce the number of phishing emails received. There are often giveaways that you can spot, e.g., poor grammar. Emails asking users to follow links or update personal details should always be treated with caution.
methods of security - Penetration Testing
- Penetration testing (or pentesting) is when organisations employ specialists to simulate potential attacks on their network.
Pentesting is used to identify possible weaknesses in a network’s security by trying to exploit them. The results of the pentest are then reported back.
methods of security - Physical Security
Physical security protects the physical parts of a network from either intentional or unintentional damage (e.g. fire, flooding, theft, vandalism, etc).
Physical security can involve many different things, for example: - Locks and passcodes to restrict access to certain areas, e.g. server rooms. - Surveillance equipment, e.g. cameras or motion sensors to deter intruders.
methods of security - passwords
- Passwords help prevent unauthorised users accessing the network.
- Passwords should be strong- they should be they should be many characters long, use a combination of letters, numbers and symbols and be changed regularly.
methods of security - user access levels
- User access levels control which parts of the network different groups of users can access They may also have write access to files that others can only read and the ability to change employees’ access levels.
User access levels help limit the number of people with access to important data, so help prevent insider attacks on the network.
methods of security - Anti-malware software
Anti-malware software is designed to find and stop malware from damaging a network and the devices on it. There are lots of different types of anti-malware software, including antivirus programs which isolate and destroy computer viruses.
Companies use firewalls to block unauthorised access. Firewalls examine all data entering and leaving the network and block any potential threats.
methods of security - encryption
Encryption is when data is translated into a code which only someone with the correct key can access, meaning unauthorised users cannot read it.
Encrypted text is called cipher text, while non-encrypted data is called plain tex
Encryption is essential for sending data over a network securely.
cloud computing / the cloud
-Businesses also use their servers to offer a greater range of services - clients can access data storage, software, and processing power remotely over the Internet.
