CIS-24 Home http://www.c-jump.com/CIS24/CIS24syllabus.htm
Local Area Networks:
one or more switches linked to each other and connected to a router for Internet access.
Larger Networks:
MAN Metropolitan area network
WAN Wide Area Network, or Regional network
Internet global network of networks of networks...
Depending on how the connections are made and secured, and the distance involved, LANs become a MAN, a WAN, or a part of the internet.
Topologies - Devices - Cables - Software - Administration
Small geographic scope (< 5-10 km)
Most common today is Ethernet.
Interconnection devices:
Hub (Physical, broadcast)
Switch (Physical, hardware address)
Bridge (Connect LAN segments, hardware address)
Router (Connect networks, software address)
Communications software uses Protocol Stack.
A repeater device for connecting multiple twisted pair or fiber optic Ethernet cables together.
Connected devices become a single network segment.
Hubs work at the physical layer, i. e. layer 1 of the , which formally describes the layered network protocol design.
Hub device is a form of multiport repeater.
A network switch (or bridge) connects multiple network segments.
Switch routes data at the Data link layer, or layer 2 of the OSI model.
Switch and hub difference:
switches can have ports of different speed.
Bridges tend to be more complex than hubs or repeaters:
analyze incoming packets;
determine if packet can be sent to another segment of this network.
Routers connect two or more logical subnets, or LANs.
Router directs packets towards their destination.
The term layer 3 switch is often used interchangeably with router.
In comparison, network hubs
don't do any routing, instead
every data packet that hub receives on one network line is forwarded to all other network lines.
Common features:
Shared medium
Simultaneous broadcast
Most common forms of wired and wireless LANs today:
Ethernet (the Physical Layer of the OSI networking model using MAC addresses.)
IEEE 802.3 (CSMA/CD, Carrier sense multiple access with collision detection - a network control protocol.)
IEEE 802.11 (WLAN, or wireless LAN.)
Common features:
Closed set of point-to-point links
Serial broadcast
IBM Token Ring and IEEE 802.5
Rarely seen in LANs today.
Networks classified by geographic scope
Metropolitan area networks
Regional networks
Global networks
Often use physical ring topology for redundancy.
Usually switched or routed.
Local area network - LAN
Computers located relatively close to each other
Wide area network - WAN
Connects computers over a larger geographical area than a LAN
Wireless local area network - WLAN. Based on
standard that transmits data at fast speeds;
over a distance of up to 115 meters (375 feet.)
See also Wikipedia articles:
TCP/IP
Microsoft Server Message Block, SMB, is an application-level network protocol for to shared access to files, printers, serial ports, and miscellaneous communications between nodes on a network...
...SAMBA is open source implementation of networking protocols to share files between Linux and Windows computers.
Microsoft NetBEUI stands for NetBIOS Extended User Interface.
NetBIOS is Network Basic Input/Output System.
In modern networks, NetBIOS API normally runs over TCP/IP protocol.
AppleTalk
Novell NetWare is a network operating system developed by Novell, Inc.
Both network architectures have advantages and disadvantages.
Peer-to-peer is inexpensive and simple to set up and manage.
Client-server is preferable in environment where there is an expectation of growth.
The Internet is a network of networks.
Owned by everyone, owned by no one.
Well-organized "Anarchy" ?
All hosts use the TCP/IP protocol suite.
The Internet began in 1969 with 4 network nodes...
Since 1990, it has grown and gained acceptance faster than anything else in human history.
433.2M hosts are the DNS as of Jan 2007, of them
926.5K named www
547K named mail
Over two billion users exist worldwide...
Over 200M users in the US...
...As of Jan 2007, 95% of schools, >70% of classrooms, and 85% of households have Internet access in the U.S.
Internet Society, ISOC, an international organization that promotes Internet use and access.
Internet Engineering Task Force, IETF,
develops and promotes Internet standards
cooperates closely with the W3C and ISO/IEC standard bodies
deals with standards of the TCP/IP and Internet protocol suite.
Internet Assigned Numbers Authority, IANA, oversees IP address space and top-level domain names.
The Internet Corporation for Assigned Names and Numbers, ICANN.
Prior to September 1998 known as InterNIC.
California-based non-profit corporation overseeing a number of Internet-related tasks.
Helps preserve the operational stability of the Internet.
Overseeing:
country code, domain name, and IP address assignments
IANA, the technical part of ICANN
name registries such as
VeriSign Global Registry Services (.com, .net)
Public Interest Registry (.org)
and over 100 registrars (e.g., Domain Bank, Register.com, Tucows...)
Regional Number Registries:
ARIN American Registry for Internet Numbers
APNIC Asia-Pacific NIC
RIPE Reseaux IP Europeen
LACNIC Latin American and Caribbean NIC
AfriNIC African NIC
Policies, standards, protocols, humor, tutorials, and more...
...are documented in papers called Request for Comments, RFC
RFCs are numbered, and most are published in ASCII format.
Almost all are available via anonymous FTP, WWW, or e-mail at
A backbone network interconnects various pieces of network, providing a path for the exchange of information between different LANs or subnetworks.
TCP/IP is the set of communications protocols used for the Internet and other similar networks.
Named from two most important protocols:
TCP, the Transmission Control Protocol, responsible for data delivery
IP, the Internet Protocol, responsible from breaking data into packets.
Wikipedia Links to Internet Protocol Suite -related articles:
| The | |
| · · · · · · · · · · · · · · · · · · · · · · · · · · | |
| · · · · · · | |
| IP (, ) · · · · · | |
| · · · · () · (, , , , ) · · |
Five classes: A, B, C, D, and E
A, B, and C had different lengths of network field
The rest of IP address identifies a host within the network:
Class A 0. 0. 0. 0 = 00000000.00000000.00000000.00000000 127.255.255.255 = 01111111.11111111.11111111.11111111 0nnnnnnn.HHHHHHHH.HHHHHHHH.HHHHHHHH Class B 128. 0. 0. 0 = 10000000.00000000.00000000.00000000 191.255.255.255 = 10111111.11111111.11111111.11111111 10nnnnnn.nnnnnnnn.HHHHHHHH.HHHHHHHH Class C 192. 0. 0. 0 = 11000000.00000000.00000000.00000000 223.255.255.255 = 11011111.11111111.11111111.11111111 110nnnnn.nnnnnnnn.nnnnnnnn.HHHHHHHH Class D (multicasting: one-to-many hosts, like video conferencing) 224. 0. 0. 0 = 11100000.00000000.00000000.00000000 239.255.255.255 = 11101111.11111111.11111111.11111111 1110XXXX.XXXXXXXX.XXXXXXXX.XXXXXXXX Class E (reserved for research) 240. 0. 0. 0 = 11110000.00000000.00000000.00000000 255.255.255.255 = 11111111.11111111.11111111.11111111 1111XXXX.XXXXXXXX.XXXXXXXX.XXXXXXXX
Private network uses private IP address space.
Private IP addresses are common inside local area networks.
Private IP addresses are not routable on the public Internet.
To connect to the Internet, Private network must use either
Network Address Translation (NAT) gateway, or
Proxy server.
See also:
Hides IP addresses of network devices from attackers when packets leave the network.
NAT
removes original IP address from sender's packet
replaces IP address with an alias
NAT software maintains table of original address and corresponding alias address.
Process is reversed when packet is returned to the NAT.
Proxy Server goals are:
Conceal identity of computers within protected network
Inspect data packets for viruses and other malicious content
Intercept requests sent to the Web server
Replace original IP address with Proxy's own IP address
Private network address spaces published in RFC 1918
____________________________________________________
RFC1918 name IP address range Number of addresses
____________________________________________________
24-bit block 10.0.0.0 16,777,216
10.255.255.255
20-bit block 172.16.0.0 1,048,576
172.31.255.255
16-bit block 192.168.0.0 65,536
192.168.255.255
If ethernet host cannot obtain IP via DHCP, an address range
169.254.0.0
169.254.255.255
is randomly assigned. The technique is known as Link-Local address assignment (RFC 3927), however, Microsoft refers to it as Automatic Private IP Addressing (APIPA).
Around 1993 Classless Inter-Domain Routing (CIDR) scheme was introduced.
CIDR allows re-division of class A, B and C networks.
CIDR allocates blocks of IP addresses to specific local area networks:
Internet service providers (larger blocks)
ISP customers and small businesses (smaller blocks)
Businesses and companies with presence on the internet, etc.
CIDR has hierarchical structure, overseen by the Internet Assigned Numbers Authority, IANA.
More:
see Wikipedia articles and
IPv4 uses 32 bits (about 4 billion addresses, 232)
IPv6 uses 128-bit address (about 252 addresses for every observable star in known universe.)
Host identifier portion of IPv6 address uses 64 bits
(Note: MAC address is 48-bit long.)
Most transport- and application-layer protocols need little or no change to operate over IPv6
Actual address space utilization rates will likely be small in IPv6, but network management and routing will be more efficient.
More: Wikipedia article
Simple Mail Transfer Protocol (SMTP)
Handles outgoing mail
SMTP server listens for requests on port 25
Post Office Protocol (POP3)
Responsible for incoming mail
POP3 server listens on port 110
IMAP (Internet Mail Access Protocol, or IMAP4)
Like POP3, is responsible for incoming mail.
More advanced mail protocol.
E-mail remains on e-mail server and is not sent to user's local computer.
Mail can be organized into folders on the mail server and read from any computer.
Supports E-mail attachments -
Documents in a binary (nontext) format.
What happens to the mail message sent to/from
kumquat@sover.net ?
Return-Path: <kesslerg@champlain.edu>
Received: from mailgate0.sover.net (mailgate0.sover.net [209.198.87.43])
by mailhub1.sover.net (8.11.6/8.11.6) with ESMTP id g39FNQv14867
for <kumquat@mailhub1.sover.net>; Tue, 9 Apr 2002 11:23:26 -0400 (EDT)
Received: from networking.champlain.edu (34-67.champlain.edu [198.112.67.34])
by mailgate0.sover.net (8.11.6/8.11.6) with SMTP id g39FMO713863
for kumquat@sover.net; Tue, 9 Apr 2002 11:22:59 -0400 (EDT)
Date: Tue, 9 Apr 2002 11:22:59 -0400 (EDT)
From: kesslerg@champlain.edu
Message-Id: <200204091522.g39FMO713863@mailgate0.sover.net>
Status: RO
HI!
Reference: download pdf file by T. Colvin and J. Jolley.
Encoding allows any file format to be carried over the Internet, which was intended for ASCII text:
Unix-to-Unix Encode UUENCODE
Multipurpose Internet Mail Extensions MIME defines structure of a message by defining attachment types and allowing multiple types in a single message.
BASE 64 is used with MIME; it converts binary data to a printable character.
Quoted-Printable
BinHex is commonly used with Macs.
See by M. Santovec.
Utility to
Display current TCP/IP network configuration.
Refresh Dynamic Host Configuration Protocol DHCP.
Refresh Domain Name System, DNS settings.
C:\> ipconfig /all
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : Altamont
Primary DNS Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : sbtnvt.adelphia.net
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix. . : sbtnvt.adelphia.net
Description . . . . . . . . . . . : ORiNOCO PC Card (5 Volt)
Physical Address. . . . . . . . . : 00-02-2D-67-4F-44
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.1.101
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DNS Servers . . . . . . . . . . . : 68.168.96.162
68.168.96.165
Lease Obtained. . . . . . . . . . : Tuesday, July 27, 2004 15:33:08
Lease Expires . . . . . . . . . . : Thursday, July 29, 2004 15:33:08
C:\>
Host names are in form: host.domain.top-level-domain
Examples include:
www.cisco.com tick.usno.navy.mil www.itu.int www.isoc.org www.ed.gov clover.sover.net campus.champlain.edu mail.cc.duq.edu www.garykessler.net cnri.reston.va.us cms.csd.k12.vt.us dps.state.vt.us www.udg.mx www.iso.ch reduno.reduno.com.mx www.netvision.net.il www.yell.co.uk www.iss.u-tokyo.ac.jp
Note, that TLDs
ws is not a web site; it belongs to Samoa.
tv is not television; it belongs to Tuvalu.
See for details.
TLD, the top-level domain, is the last part of an Internet domain name.
ICANN approved the following new TLDs in November 2000:
aero - Aviation industry
biz - Businesses
coop - Business cooperatives
info - General use
museum - Museums
name - Individuals
pro - Professionals
mobi - Mobile Internet (July 2005)
The Domain Name System is a distributed database that is used to...
A Resolve host name to an IP address
PTR Resolve an IP address to a host name
MX Find the mail server(s) for a given domain
NS Find the name server(s) for a given domain
nslookup utility finds
IP address from host name (aka lookup)
host name from an IP address (aka reversed lookup)
whois
UNIX/Linux utility
Web service
Report on organization that "owns" a domain name or IP address block (license.)
Most critical information is the billing contact!
traceroute/tracert
Finds the path to a target host.
Command line tools are supplemented by Sam Spade, dnsstuff.com, and so on.
granite:~ $ nslookup Default Server: dnscache.sover.net Address: 209.198.87.24 > c3di.champlain.edu Server: dnscache.sover.net Address: 209.198.87.24 Non-authoritative answer: Name: poodle.champlain.edu Address: 216.93.159.180 Aliases: c3di.champlain.edu > set type=mx > champlain.edu Server: dnscache.sover.net Address: 209.198.87.24 Non-authoritative answer: champlain.edu preference = 20, mail exchanger = cc-email.champlain.edu champlain.edu preference = 30, mail exchanger = navgate.champlain.edu champlain.edu preference = 10, mail exchanger = navgate.champlain.edu Authoritative answers can be found from: champlain.edu nameserver = ns.champlain.edu champlain.edu nameserver = ns2.champlain.edu cc-email.champlain.edu internet address = 216.93.150.218 navgate.champlain.edu internet address = 216.93.150.11 ns.champlain.edu internet address = 216.93.145.253 ns2.champlain.edu internet address = 216.93.145.247
> set type=soa > champlain.edu Server: dnscache.sover.net Address: 209.198.87.24 Non-authoritative answer: champlain.edu origin = ns.champlain.edu mail addr = root.ns.champlain.edu serial = 120360 refresh = 10800 (3H) retry = 3600 (1H) expire = 3600000 (5w6d16h) minimum ttl = 86400 (1D) Authoritative answers can be found from: champlain.edu nameserver = ns.champlain.edu champlain.edu nameserver = ns2.champlain.edu ns.champlain.edu internet address = 216.93.145.253 ns2.champlain.edu internet address = 216.93.145.247 > exit granite:~ $
Sam Spade is the name of a Windows software tool designed to assist in tracking down sources of e-mail spam.
Also provides a free web service with access to similar online tools.
NOTE:
traceroute is a Unix/Linux command
Windows equivalent is tracert
traceroute is a computer network tool to determine the route taken by packets across an IP network.
Works by sending successive batch of packets the specified destination address.
traceroute increases the time-to-live value of each successive batch of packets sent:
The first three packets sent have a time-to-live TTL=1.
The next three packets have a TTL=TTL+1, that is, 2, 3, 4, and so on.
When a packet passes through a host, normally the host decrements the TTL value by one and forwards the packet to the next host.
When a packet with a TTL of one reaches a host,
the host discards the packet
sends an ICMP time exceeded (type 11) packet to the sender.
The traceroute utility uses returning ICMP packets to produce a list of hosts that the packets have traversed en route to the destination.
[gck@networking gck]$ traceroute www.garykessler.net
traceroute to www.garykessler.net (209.198.111.31), 30 hops max, 38 byte packets
1 bbn-gw (198.112.67.2) 0.932 ms 1.497 ms 1.292 ms
2 s7-3-24-0.bstnma1-cr8.bbnplanet.net (4.0.182.221) 18.106 ms s7-5-1-0.bstnma1-
cr8.bbnplanet.net (4.24.94.97) 26.719 ms s7-3-20-0.bstnma1-cr8.bbnplanet.net
(4.0.182.205) 109.984 ms
3 so-3-1-0.bstnma1-nbr2.bbnplanet.net (4.24.5.125) 121.322 ms 92.532 ms 83.035 ms
4 p9-0.nycmny1-nbr2.bbnplanet.net (4.24.6.50) 25.477 ms 27.818 ms 18.076 ms
5 p15-0.nycmny1-nbr1.bbnplanet.net (4.24.10.209) 17.909 ms 24.485 ms 20.241 ms
6 p1-0.nycmny1-cr5.bbnplanet.net (4.24.11.129) 27.079 ms 28.111 ms 22.177 ms
7 genuity-gw.n54ny.ip.att.net (192.205.32.153) 81.017 ms 87.658 ms 101.221 ms
8 gbr2-p51.n54ny.ip.att.net (12.123.1.54) 19.191 ms 18.479 ms 30.993 ms
9 ar2-a300s3.n54ny.ip.att.net (12.127.5.149) 17.722 ms 35.689 ms 33.620 ms
10 gbr6-p55.n54ny.ip.att.net (12.123.1.142) 56.564 ms 31.583 ms 43.082 ms
11 ar17-p3110.n54ny.ip.att.net (12.123.1.197) 38.145 ms 23.914 ms 27.257 ms
12 12.124.184.18 (12.124.184.18) 70.922 ms 228.513 ms 205.070 ms
13 209.198.84.141 (209.198.84.141) 216.045 ms 318.474 ms 308.951 ms
14 cisco0fe1-0-2.burl.sover.net (207.136.226.109) 231.372 ms 186.025 ms 153.338 ms
15 cisco1h0-16.bf.sover.net (207.136.207.25) 27.740 ms 36.409 ms 27.888 ms
16 www.garykessler.net (209.198.111.31) 38.022 ms 28.613 ms 29.485 ms
[gck@networking gck]$
Web browsers are the application yielding a lot of information about computer users...
Site usernames and passwords
Cached and temporary files
Internet history
Bookmarks and Favorites
Cookies
Typed URLs
Autocomplete information
Most widely used browser today
Bound tightly to Windows OS and Windows Explorer Components.
Uses Registry keys and directories to store information
Supports favorites, cookies, history, temporary files, typed URLs, autocomplete.
C:\Documents and Settings\user\Favorites
C:\Documents and Settings\user\Cookies
C:\Documents and Settings\user\Local Settings
\Temporary Internet Files
URLs that have been typed in by user...
stored in RAM
written to Registry after normal termination of IE
http:// prefix is missing if the URL did not successfully resolve.
Stores 25 URLs
