|
Intelligentedu.com
Home
-> Learn
About Computers, Software Development & Information Technology
-> Table of Contents
|
| |
Network architectures in the home or small office can be of two types:
Peer-to-peer
Client server
In a peer-to-peer network, personal computers are connected to each other with a cross over cable. These computers have Network Interface Card (NICs) installed on them and use a Hub or a switch that ties them together. Usually, a peer-to-peer network comprises of no more than ten computers. In this type of architecture, file storage is scattered among the computers and the security mechanism is very weak. Peer-to-peer networks are very vulnerable to outside intrusions and virus attacks due to lack of a proper security policy.
A more structured form of a SOHO network is client-server architecture. In this network, one machine is a server and the rest of the machines are clients. This type of network is commonly used where applications are to be shared among the larger number of users and security of higher importance is required. All the clients have to log in to the server in order to gain access to their files. Administrator controls the privileges and rights of the users on the network. User data and information is protected using a proper implementation of security policies, hence these networks are less susceptible to the outside attacks.
Introduction to Protocols
Protocols in computers are the set of rules using which two computers or networks communicate with each other. That means a protocol governs the issues like what information is to be send, how to send that information, who should get that information, etc. One such networking protocol is TCP/IP (Transmission Control Protocol / Internet Protocol). TCP/IP consists of two network protocols used on the Internet, namely Transmission Control Protocol and Internet Protocol. These network protocols are part of a larger collection of protocols also known as protocol suite and are collectively referred to as the TCP/IP suite. Protocols in the TCP/IP suite allow the transmission of the data transport over the Internet. In other words, the TCP/IP protocols provide nearly all the services available to the Internet users such as transmission of email, file transfers, access to the World Wide Web, etc.
There are two classes of protocol within the TCP/IP suite, the network-level protocol and the application-level protocol. The network-level protocols are responsible for data transfer and are invisible to the users like Internet Protocol (IP). On the other hand, application protocols are visible to the users to a certain extent like the File Transfer Protocol (FTP). In the TCP/IP suite, protocols are divided into a four-layer conceptual model known as the DARPA model. These four layers are: Application, Transport, Internet, and Network Interface.
The TCP/IP suite is a series of interconnected protocols known as the core protocols of TCP/IP, are the basis for all other protocols and applications in the TCP/IP protocol suite. These core protocols are:
On a network, information transmits in form of chunks or series of bits of data together with necessary address and administration information. These chunks are known as packets. In the IP network, grouping of the data to be sent in each packet is known as a datagram. IP is responsible for addressing and routing of these datagrams. IP is a connectionless and unreliable protocol because in IP a session is not established before the exchanging of data and also the delivery of data is not guaranteed. Minimal functionality is required in IP as network layer routers can be used to forward IP datagrams across the networks.
TCP is a connection oriented reliable protocol that transfers data from one computer to another without error. TCP passes the packets to the IP only when the connection is established between the hosts and verifies that the data has reached the other end using acknowledgment. TCP consists of three phases: connection establishment, data transfer and connection termination. TCP also handles sequencing by which data packets can be sent in any sequence and can later be rearranged in order. A TCP connection is initialized through a three-way handshake consisting of the synchronization of the sequence number and acknowledgment numbers of both sides of the connection, exchanging of TCP Window sizes, and exchanging other TCP options such as the maximum segment size, etc.
TCP/IP Architecture
TCP/IP Protocols
Internet Protocol (IP)
Transmission Control Protocol (TCP)
User Datagram Protocol (UDP)
UDP provides a connectionless datagram service that offers unreliable, best-effort delivery of data transmitted in messages. This means that the arrival of datagrams is neither guaranteed nor is the correct sequencing of delivered packets. UDP doesn't have the handshake overhead of TCP to establish connections, and does not have features like flow control and reliability like TCP. UDP deals with single packet delivery, provided by the underlying IP. UDP is used by applications that do not require an acknowledgment of receipt of data and that typically transmit small amounts of data at one time.
Address Resolution Protocol (ARP)
ARP is used for mapping addresses between the Network logical addresses and MAC (Media Access Control) layer physical addresses. The sender broadcasts an ARP packet containing the Internet address of another host and waits for it (or some other host) to send back its Ethernet address. Each host maintains a cache of address translations to reduce delay and loading.
Internet Control Message Protocol (ICMP)
ICMP is a protocol within the TCP/IP suite that is used to provide control, troubleshooting, and error messages. This protocol is actually a part of an IP implementation and is used to report errors in IP datagram routing. It is also a form of flow control, although ICMP messages are not guaranteed to be received or transmitted, its merely a way to provide feedback to the sender of IP datagrams.
Computer Ports
TCP/IP Port Filtering
Filtering TCP/IP ports allows the user to control the types of traffic that reach to the computers and network devices. Although firewall software deployed at the Internet access point is typically used to restrict traffic that originates outside the private network, network firewalls might not protect servers from backdoor attacks or internal attacks originated by malicious users within the private network. TCP/IP port filtering allows selective enabling or disabling of TCP ports and UDP ports on computers or network devices. It is used along with other security mechanisms and applying port filters to intranet and Internet servers insulates systems from many TCP/IP-based security attacks, including internal attacks. To guard against such attacks, users can configure port filters on the individual systems or network servers. This provides an additional layer of protection against many TCP/IP-based security attacks.
TCP/UDP Port
TCP uses the notion of port numbers to identify sending and receiving applications. Each side of the TCP connection has an associated 16-bit unsigned port number assigned to the sending or receiving application. Ports are the means for providing connections so that devices can be connected to a computer or so that the computer can be connected to other computers over the network. Ports are needed for communication to flow to and from input, output, and storage devices. TCP uses the notion of port numbers to identify sending and receiving applications. Each side of the TCP connection has an associated 16-bit unsigned port number assigned to the sending or receiving application. In context of Internet, ports on personal computers can be classified as Well Known ports, Registered ports and dynamic or private ports. The Well Known ports are those from 0 through 1023 and are used only by system (or root) processes or by programs executed by privileged users. The Registered ports can commonly be used by ordinary user processes or programs executed by ordinary users and are numbered from 1024 through 49151. The Dynamic or Private Ports are those from 49152 through 65535 and are generally used by the end user applications but does not contain any meaning outside a particular TCP connection.
Well-known TCP and UDP Ports
Below is the table of some well known ports assigned by the Internet Assigned Numbers Authority
(IANA).
| Port Number | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| 1 | TCP Port Service Multiplexer (TCPMUX)
| 5 | Remote Job Entry (RJE)
| 7 | ECHO
| 18 | Message Send Protocol (MSP)
| 20 | FTP � Data
| 21 | FTP � Control
| 22 | SSH Remote Login Protocol
| 23 | Telnet
| 25 | Simple Mail Transfer Protocol (SMTP)
| 37 | Time
| 42 | Host Name Server (Nameserv)
| 43 | WhoIs
| 49 | Login Host Protocol (Login)
| 53 | Domain Name System (DNS)
| 69 | Trivial File Transfer Protocol (TFTP)
| 70 | Gopher Services
| 80 | HTTP
| 103 | X.400 Standard
| 108 | SNA Gateway Access Server
| 109 | POP2
| 110 | POP3
| 115 | Simple File Transfer Protocol (SFTP)
| 118 | SQL Services
| 119 | Newsgroup (NNTP)
| 137 | NetBIOS Name Service
| 139 | NetBIOS Datagram Service
| 150 | NetBIOS Session Service
| 156 | SQL Server
| 161 | SNMP
| 194 | Internet Relay Chat (IRC)
| 197 | Directory Location Service (DLS)
| 389 | Lightweight Directory Access Protocol (LDAP)
| 396 | Novell Netware over IP
| 443 | HTTPS
| 444 | Simple Network Paging Protocol (SNPP)
| 445 | Microsoft-DS
| 458 | Apple QuickTime
| 569 | MSN
| 1080 | Socks
| |
Scanning Ports
There are some ports on the computers that are open and are not known to the user. Such ports can be an invitation to the intruders and hackers. Some well-known ports that are used for such purposes are FTP (21), HTTP (80) and SMTP (25). Both legitimate users and attackers can connect to systems through these open ports with help of programs meant for monitoring certain ports that are often unused or unmonitored by. Larger the number of open ports, larger is the possibilities that someone can intrude in to the system. So, it's important to keep lesser number of open ports on a system necessary for it to function properly. With the help of port scanning one can detect the open ports and can close the unwanted ports.
Port scanning is a computer security technique that tests a system for open ports. As ports are the transition point of information in a system, port scanning identifies open doors to a computer. Typically, there are seven types of port scanning and they are:
Vanilla: the scanner attempts to connect to all 65,535 ports
Strobe: a more focused scan looking only for known services to exploit
Fragmented packets: the scanner sends packet fragments that get through simple packet filters in a firewall
UDP: the scanner looks for open UDP ports
Sweep: the scanner connects to the same port on more than one machine
FTP bounce: the scanner goes through an FTP server in order to disguise the source of the scan
Stealth scan: the scanner blocks the scanned computer from recording the port scan activities.
Port scanning can't be stopped while the system is connected to the Internet as accessing an Internet server opens a port, which opens a door to the computer. However, there is software that can stop a port scanner from doing any damage to the system.
For a home or SOHO network, there are several ways of connecting to the
Internet, from a simple dial-up using modem and a telephone line to faster and
always on connections using a leased line, ISDN, ADSL or cable. The type of
connection to use has a direct effect on the Internet speed. The capacity of an
Internet connection is referred to as its bandwidth, and is measured in bits of
data per second, that is kilobits per second (Kbps) or megabits per second
(Mbps). The higher the bandwidth, the higher the connection speed. A modem
supports bandwidth up to 56 Kbps, whereas leased lines such as a digital
subscriber line (DSL) support up to 8 Mbps.
Types of Connections
Modem/Dial-Up
A dial-up connection is an Internet access method that uses modem and a telephone line to connect to the Internet. It is the most common way to connect to the Internet by home computer users. To connect to the Internet using dial-up, the user needs to specify a username and a password to the local Internet Service Provider (ISP). As dial-up connection uses normal telephone lines, the quality of the connection is not always good and the data rate is limited to 56 Kbps (56,000 bits per second).
Connecting to the Internet
Broadband
Also known as high-speed Internet connection, Broadband is an always on and a faster method to connect the Internet. A broadband connection can be as much as 50 times faster than dial-up connection. Typically, a broadband connection allows data transmission at 512 Kbps or higher, compared to the 56 Kbps that is available using a dial-up modem. Cable modems, DSL, ADSL and Satellite connections can be classified under broadband.
Cable Modem
A cable modem connection is one in which a single computer or network of computers, is connected to the Internet via the cable TV network. The cable modem usually has an Ethernet LAN (Local Area Network) connection to the computer and is capable of speeds in excess of 5 Mbps. The same coaxial cable that delivers regular cable TV can be used for connection to the Internet. These cables are capable of delivering data, video, and voice signals that takes a higher bandwidth.
Digital Subscriber Line (DSL)
A DSL connection is one that provides a high speed Internet through the existing copper wires of the telephone network. Unlike a standard dial-up connection, a DSL connection is always on and is almost 30 times faster than dial-up modems. Multiple users can connect the Internet through a DSL connection at the same time, which means an increase in productivity and network flexibility in the office. DSL connections utilize a bandwidth of up to 1.2 MHz and enable data speed from 128 Kbps up to 6.144 Mbps.
Asymmetric Digital Subscriber Line (ADSL)
ADSL is a new form DSL technology, which allows very high bandwidth over standard copper telephone wires. ADSL supports a bandwidth up to 8 Mbps for downloading and up to 1 Mbps for uploading. The asymmetrical nature of ADSL technology makes it ideal for Internet/Intranet surfing, video-on-demand, and remote local area network (LAN) access. Users of ADSL typically download more information than they send. But there is a problem associated with the ADSL connections. The quality of the signals deteriorates as the distance between user network and the exchange (telecom service provider company's central office) increases. Ideally, ADSL connections are reliable in a distance up to 12,000 feet (about 2.0 miles) from the exchange.
Other Broadband Types
SDSL or Symmetric Digital Subscriber Line: SDSL provides high-speed Internet connection over a single pair of copper phone lines, at the same speed in both the upstream and downstream directions. Speed in a SDSL connection ranges from 160 Kbps up to 1.544 Mbps. SDSL is ideal for business applications that require identical downstream and upstream speeds such as video conferencing or collaborative computing.
VDSL or Very high bit-rate Digital Subscriber Line: VDSL is the fastest of the DSL technology, delivering download speed up to 13 Mbps to 52 Mbps and uploads at 1.5 Mbps to 2.3 Mbps over a single pair of copper wires. However, VDSL is limited to a maximum range of 1,000 to 4,500 feet (about .2-.9 miles) from the exchange depending upon the speed.
HDSL or High bit-rate Digital Subscriber Line: HDSL provides high-speed Internet connection with speed up to 1.544 Mbps over two copper pairs and up to 2.048 Mbps over three pairs at a maximum range of 20,000 feet (about 3.8 miles) from the exchange.
IDSL or ISDN Digital Subscriber Line: IDSL provides symmetric download and upload speeds from 64 Kbps to 144 Kbps on a single pair of copper wires. The maximum range of IDSL from the exchange is 39,600 feet (about 7.5 miles), but this can be doubled with a mid-span "U" loop repeater. IDSL uses 2B1Q line coding, the same kind of line-modulation technique employed in SDSL and ISDN.
Other Internet Connections
In an ISDN connection, a standard phone line (a copper wire pair) in a home or office is used and converts it from a single analog circuit into multiple high speed digital circuits capable of transmitting audio, still images, motion video, and text data simultaneously. ISDN provides services such as videoconferencing and other real time data-intensive applications at a price comparable to standard analog service. The data transfer speed in ISDN remains constant. With an ISDN connection, one can get the Internet speed up to 128 Kbps.
T-1 is a dedicated phone connection that supports data rates up to 1.544 Mbps. A T-1 line actually consists of 24 individual channels, each of which supports 64Kbps and each channel can be configured to carry voice or data traffic. T-1 lines are a popular leased line option for businesses connecting to the Internet and for ISPs connecting to the Internet backbone. The Internet backbone itself consists of faster T-3 connections.
T-3 is a dedicated phone connection that supports data rates of about 43 Mbps. A T-3 line actually consists of 672 individual channels, each of which supports 64 Kbps.
Integrated Services Digital Network (ISDN)
T-1 Carrier
T-3 Carrier
Broadband: Best Option for Home/SOHO
Home and SOHO networks generally require a faster Internet speed as the number of users is small. Dial-up connections as good in a single user environment and T-1/T-3 connections are ideal for networks with large number users requiring higher bandwidths. For SOHOs, a dial-up connection is not suitable mainly because of two reasons. Firstly, dial-up is not an "always on" connection and secondly, the dial-up speed is not appropriate to handle more than one user. Also, faster connections like T-1, etc are not feasible because of their very high costs. This means broadband is the best option to select for a small office networks.
In the recent times, many issues relating to the deployment of the broadband have been solved due to the accelerated deployment plans of the service providers. However, there are issues relating to the security that are becoming increasingly visible. The issues of intrusions and virus attacks on home and small office networks still escalate. These attacks are a more significant issue for networks with broadband connections because of two reasons. Firstly, these broadband connections are "always on" connections which means, the attempt to breach the security of such networks can be made at time of the day, even at the odd hours when it is unlikely to be caught. Secondly, these broadband connections use static IP address, hence are more susceptible to repeated intrusions and attacks. Hackers use tools that can trace the insecure networks and computers. On finding them, hackers can steal or destroy information from such computer or can use them to carry further attacks on other computers and networks. Fortunately, there are easy to use broadband security appliances available that can reduce or eliminate such attacks. Until recently, most home and small business networks were not aware of the security issues associated with connecting their network to the Internet. Due to the recent publicity of the hacker attacks launched on companies or launched from a company's PC has significantly increased the awareness of security issues among the SOHO users. SOHO networks using broadband connections to access Internet are using firewalls to ensure a safer access to the Internet by their employees.
Windows Network Security
Networks are controlled by computers. In the past a common reason for network disruption was a failure in the computer system that controls the network and attacks on networks were mainly directed towards these computers. Nowadays, the most disrupting attacks tend to exploit the weaknesses and vulnerabilities of network components. Once an intruder is inside a network there are plenty of opportunities to disrupt the traffic. He could alter or delete web pages, damage database files, or even try to reformat the servers' hard disk drive. This has resulted in the formulation of several devices to prevent unauthorized access to the network.
Proxies
A proxy server is an interface between your browser and the destination server. When a web browser (like Internet Explorer and Netscape Navigator) is configured to use a proxy, instead of going directly to World Wide Web, the browser connects to the proxy server, and asks it to get the requested URL. Proxies can be used as a sort of firewall, because it isolates the user from connecting to the Internet.
On receiving an Internet service request (such as a web page request) from the user, proxy also being a cache server, first looks that page in its local cache of previously downloaded Web pages. If it finds the page, it returns it to the user without needing to forward the request to the Internet. If the page is not in the cache, the proxy server, acting as a client on behalf of the user, uses one of its own IP addresses to request the page from the server out on the Internet. When the page is returned, the proxy server relates it to the original request and forwards it on to the user.
Remote Access and VPN
Remote access is a set of technologies that transparently connects a computer. It is located in an off-site or remote location, to a network. Remote access is used by organizations to connect an employee's laptop or home computer to an organization's network to read email or access shared files and by Internet service providers (ISPs) to connect a customer to the Internet. Users run remote access client software and initiate a connection to a remote access server. The remote access server authenticates users and services sessions until terminated by the user or a network administrator. All services typically available to a LAN-connected user are enabled by means of the remote access connection.
Remote access clients use standard tools to access resources. For example, on a computer running Windows 2000, clients can use Windows Explorer to make drive connections and to connect to printers. Connections are persistent: Users do not need to reconnect to network resources during their remote sessions. Because drive letters and universal naming convention (UNC) names are fully supported by remote access, most commercial and custom applications work without modification. Windows 2000 remote access provides two different types of remote access connectivity:
Dial-up remote access. With dial-up remote access, a remote access client uses the telecommunications infrastructure to create a temporary physical circuit or a virtual circuit to a port on a remote access server. Once the physical or virtual circuit is created, the rest of the connection parameters can be negotiated.
Virtual private network (VPN) remote access. With virtual private network remote access, a VPN client uses an IP network to create a virtual point-to-point connection with a remote access server acting as the VPN server. Once the virtual point-to-point connection is created, the rest of the connection parameters can be negotiated.
Elements of a Dial-Up Remote Access Connection
A dial-up remote access connection consists of a remote access client, a remote access server, and a wide area network (WAN) infrastructure.
Remote access server
The Windows 2000 remote access server accepts dial-up connections and forwards packets between remote access clients and the network to which the remote access server is attached.
Dial-up equipment and WAN infrastructure
The physical or logical connection between the remote access server and the remote access client is facilitated by dial-up equipment installed at the remote access client, the remote access server, and the telecommunications infrastructure. The nature of the dial-up equipment and telecommunications infrastructure varies depending on the type of connection being made.
Remote access protocols
Remote access protocols control the connection establishment and transmission of data over wide area network (WAN) links. The operating system and LAN protocols used on remote access clients and servers dictate which remote access protocol to use. The primary remote access protocols supported by current Microsoft operating systems is the Point-to-Point Protocol (PPP).
LAN protocols
LAN protocols are the protocols used by the remote access client to access resources on the network connected to the remote access server. Microsoft remote access supports TCP/IP, IPX, and AppleTalk.
Virtual Private Network (VPN)
A VPN is a secure, private communication tunnel between two or more devices across a public network. These VPN devices can be either a computer running VPN software or a special device.
Even though a VPN's data travels across a public network like the Internet, it is secure because of very strong encryption. In addition, VPN's monitor their traffic in very sophisticated ways that ensure packets never get altered while traveling across the public network. Encryption and data verification is very CPU intensive.
A VPN server is a piece of hardware or software that acts as a gateway into a whole network or a single computer.
A VPN client is most often a piece of software but can be hardware too. A client initiates a call to the server and logs on. Then the client computer can server network can communicate. They are on the same virtual network. Many broadband routers can 'pass' one or more VPN sessions from LAN to the Internet. Each router handles this differently.
VPN Languages
There are two major protocols PPTP and IPSec. PPTP is used by Microsoft and others uses Internet Protocol Security. Point-to-Point Tunneling Protocol (PPTP) is a protocol that is used to extend the corporate network through private tunnels over the public Internet.
The PPTP protocol is designed to perform the following tasks:
Query the status of Comm. Servers
Provide In-Band management
Allocate channels and place outgoing calls
Notify Server on incoming calls
Transmit and Receive User Data with flow control in both directions
Notify Server on disconnected calls.
There is a third protocol also L2TP combines the best features of two tunneling protocols: PPTP from Microsoft and L2F from Cisco Systems. The two major constituents of L2TP are the L2TP Access Concentrator and L2TP Network Server. L2TP Access Concentrator physically terminates a call while L2TP Network Server terminates and authenticates the PPP stream.
VPN Design Fundamentals
A VPN allows the use of unsecured network like Internet, to provide end-to-end connection. This allows the user to design a cost effective solution for clients. The main issue will be Security and Encryption. VPNs use encryption and tunneling to establish secure connections. The three different uses of VPNs are remote access, intranet, extranet.
Remote Access VPN Design
Remote access refers to the ability to log onto a network and access the network from a distant location. Generally speaking, this implies connecting to the network through the use of a computer, a modem, and some remote access software. There are substantial differences between remote access and remote control. Remote control refers to taking control of another computer whereas remote access means that the remote computer actually becomes a full-fledged host on the network. Access VPNs enable mobile or remote users to access resources at company. Access VPNs encompass many technologies, including:
Analog
Dial up
ISDN
Digital subscriber line (DSL)
Mobile IP
Cable technologies
Point-to-Point Protocol (PPP)
The Point-to-Point Protocol or PPP originally emerged as an encapsulation protocol for transporting IP traffic over point-to-point links. It is a low-level communications protocol used between two connected hosts. PPP provides hooks for automatically configuring the network interfaces at each end. PPP establishes a standard for the assignment and management of IP addresses, asynchronous and bit-oriented synchronous encapsulation. It also defines a standard for network protocol multiplexing, link configuration, link quality testing and error detection.
Serial Line Internet Protocol (SLIP)
This is the first protocol used for transmitting IP packets over dial-up lines. It is a TCP/IP protocol used for communication between two machines that are previously configured for communication with each other. There is no support for dynamic address assignment, link testing, or multiplexing different protocols over a single link. SLIP has been largely supplanted by PPP.
Point-To-Point Tunneling Protocol (PPTP)
PPTP is a protocol that allows corporations to extend their network through private "tunnels" over the public Internet. It supports multi protocols. PPTP operates at Layer 2 of the OSI model.
PPTP packages data within packets then encapsulates the PPP packets within datagrams for transmission through an Internet-based VPN tunnel. PPTP supports data encryption and compression of these packets. PPTP-based Internet remote access VPNs are by far the most common form of PPTP VPN. PPTP also supports VPN connectivity via a LAN. VPN tunnel is established then PPTP supports two types of information flow:
Control messages for managing and in the end tearing down the VPN connection. Control messages pass directly between VPN client and server.
Data packets that pass through the tunnel, to and from the VPN client
PPTP authentication uses PPP-based protocols like EAP, CHAP, and PAP. PPTP supports packet filtering on VPN servers. Intermediate routers and other firewalls can also be configured to selectively filter PPTP traffic.
Internet Protocol Security (IPSec)
IPSec is a framework of open standards that is used for ensuring secure communications over Internet Protocol networks by using cryptographic security services. The basic idea of IPSec is to mark packets before being transmitted into the communications network and use this mark to authenticate the source at the receiving side. It also authenticates the content of the packet being same as that generated by the source without any modifications. It further checks if the packet is a duplicate of one of the previous packets, already received. IPsec also defines a framework for data encryption ensuring that eavesdropper in the network would not be able to understand the information carried in the packet.
Internet Protocol Security is a set of protocols used for secure private communications over the Internet. It is an emergent standard for security at the network or packet-processing level of network communication.
IPsec would be particularly helpful for employing virtual private networks. It would also find use in remote user access through dial-up connection to private networks. A major benefit of IPsec is that security measures can be taken care of without alterations to individual user computers.
IPsec provides two alternatives to security service:
Encapsulating Security Payload (ESP): This supports both authentication of the sender and encryption of data.
IPSec is a framework for security that operates at the Network Layer. This gives it the ability to encrypt any higher layer protocol including arbitrary TCP and UDP sessions. In particular, running Voice Over IP (VoIP) traffic through a TCP/PPP tunnel would largely defeat the RTP protocol used for VoIP; IPSec is better suited in this case.
Coaxial Cable
This is a type of cable that commonly used by cable TV and for data communications in computer networks, such as Ethernet. A coaxial cable consists of a center wire surrounded by insulation and then a grounded shield of braided wire. Data is transmitted through the center wire, while the outer braided layer serves as a line to ground.
Also known as unshielded twisted pair (UTP), it is cable that is popularly used in computer networks and telephone connections. UTP consists of two unshielded wires twisted around each other.
Defense Advanced Research Projects Agency or DARPA, a US Department of Defense agency responsible for the development of new technology for use by the military, developed TCP/IP suite of networking protocols. This TCP/IP suite maps to a four-layer conceptual model known as the DARPA model. The four layers of the DARPA model are Application, Transport, Internet and Network Interface. Each of these layers roughly corresponds to one or more layers of the seven layer Open Systems Interconnection
(OSI) model.
A datagram is an independent, self-contained message sent over the network containing the destination address in addition to the message.
DOS attack is a type of attack on a network that occurs when a hacker or intruder floods a networked computer or device with traffic in order to make the computer or device unavailable.
A distributed denial-of-service (DDoS) attack is a variation of a DOS attack in which the attacker hijacks the bandwidth of multiple networks and uses them to mount a more powerful coordinated attack.
DLL (Dynamic Link Library) files are executable functions or data that can be used by a Windows application. DLL provides one or more functions and a program accesses the functions by creating either a static or dynamic link to the DLL. A static link remains constant during program execution while a dynamic link is created by the program as needed. DLL files usually end with the extension
.dll,.exe., drv, or .fon
Ethernet is a LAN architecture developed by Xerox Corp. (in cooperation with DEC and Intel in 1976) that uses a bus or star topology and supports data transfer rates of 10 Mbps.
An executable or exe file is a format in which computer can directly executes the file. Executable files cannot be read by humans and to convert then a compiler or assembler is required.
A protocol used to send files on the Internet.
IANA is an organization responsible for assigning new Internet-wide IP addresses.
IRC is a popular chat system developed by Jarkko Oikarinen (Finland) in the late 1980s.
Internet Service Provider (ISP)
An ISP is a company that provides access to the Internet and charges a monthly/yearly fees for providing Internet connection.
Kbps is a measure of data transfer speed. One Kbps is 1,000 bits per second, whereas a KB is 1,024 bytes.
LDAP is a set of protocols used for accessing information directories that supports TCP/IP, necessary for any type of Internet access.
MAC layer is one of the two sub-layers of the Data Link Layer of the OSI model. The MAC layer is responsible for moving data packets to and from one Network Interface Card
(NIC) to another across a shared channel.
NAT is an Internet standard that enables LAN to use one set of IP addresses for internal traffic and a second set of addresses for external traffic.
NIC is an expansion board that is inserted into a computer so the computer can be connected to a network. Generally, NICs are designed to serve a particular type of network, protocol or media, however some can serve multiple networks.
Also known as P2P network, is a type of network in which all machines are connected to each other and each workstation has equivalent capabilities and responsibilities.
POP or Post Office Protocol is a protocol used to retrieve email from a mail server. Almost all email applications use the POP protocol. There are two versions of POP, POP2 (requires SMTP to send messages) and POP3 (can be used with or without
SMTP).
SMTP or Simple Mail Transfer Protocol is a protocol for sending email messages between servers. Emails can further be retrieved from servers with an email client using either POP or
IMAP.
TFTP is a simpler form of FTP that uses UDP and provides no security features. It is often used by servers to boot diskless workstations, X-terminals, and routers.
Technique of conducting a conference between two or more participants at different sites using computer networks to transmit audio and video data.
Voice over IP (VoIP), also known as Internet telephony, is a technique that enables people to use the Internet as the transmission medium for telephone calls.
An ISO and ITU (International Telecommunication Union) standard for addressing and transporting email messages. It conforms to layer 7 of the OSI model and supports several types of transport mechanisms, including Ethernet, TCP/IP, and dial-up lines.
Copyright 2006 by DeepSearcher Inc. - All rights reserved
Glossary of Networking Terms
Copper Wire Pair
DARPA model
Datagram
Denial of Service (DOS) attack
Distributed Denial of Service (DDOS) attack
DLL files
Ethernet LAN
Executable file
File Transfer Protocol (FTP)
Internet Assigned Numbers Authority (IANA)
Internet Relay Chat (IRC)
kilobits per second (Kbps)
Lightweight Directory Access Protocol (LDAP)
Media Access Control (MAC) layer
Network address translation (NAT)
Network Interface Card (NICs)
Peer-to-peer network
POP
SMTP
Trivial File Transfer Protocol (TFTP)
Videoconferencing
Voice over IP
X.400 Standard