Computer Network
A computer network is a system in which computers are connected to share information and resources. The connection can be done as peer-to-peer or client/server. This web site reviews the techniques you can use to set up and possibly manage a network for home or a small business.
What is a network can provide?
Logical interface function:
• sending messages
• receiving messages
• executing program
• obtaining status information
• obtaining status information on other network users and their status
• Node
Single computing system in a network.
• Host
A single computing system's processor.
• Link
A connection between two hosts.
• Topology
The pattern of links in a network.
Network Topology
Bus Topology
Bus networks (not to be confused with the system bus of a computer) use a common backbone to connect all devices. A single cable, the backbone functions as a shared communication medium that devices attach or tap into with an interface connector. A device wanting to communicate with another device on the network sends a broadcast message onto the wire that all other devices see, but only the intended recipient actually accepts and processes the message.
Ethernet bus topologies are relatively easy to install and don't require much cabling compared to the alternatives. 10Base-2 ("ThinNet") and 10Base-5 ("ThickNet") both were popular Ethernet cabling options many years ago for bus topologies. However, bus networks work best with a limited number of devices. If more than a few dozen computers are added to a network bus, performance problems will likely result. In addition, if the backbone cable fails, the entire network effectively becomes unusable.
Ring Topology
In a ring network, every device has exactly two neighbors for communication purposes. All messages travel through a ring in the same direction (either "clockwise" or "counterclockwise"). A failure in any cable or device breaks the loop and can take down the entire network.
To implement a ring network, one typically uses FDDI, SONET, or Token Ring technology. Ring topologies are found in some office buildings or school campuses.
Star Topology
Many home networks use the star topology. A star network features a central connection point called a "hub" that may be a hub, switch or router. Devices typically connect to the hub with Unshielded Twisted Pair (UTP) Ethernet.
Compared to the bus topology, a star network generally requires more cable, but a failure in any star network cable will only take down one computer's network access and not the entire LAN. (If the hub fails, however, the entire network also fails.)
Mesh Topology
Mesh topologies involve the concept of routes. Unlike each of the previous topologies, messages sent on a mesh network can take any of several possible paths from source to destination. (Recall that even in a ring, although two cable paths exist, messages can only travel in one direction.) Some WANs, most notably the Internet, employ mesh routing.
A mesh network in which every device connects to every other is called a full mesh. As shown in the illustration below, partial mesh networks also exist in which some devices connect only indirectly to others.
Open Systems Interconnection (OSI)
• Describes computer network communications.
• Developed by the International Standards Organization (ISO).
• Consists of Seven Layers.
• Model describes peer-to-peer correspondence, relationship between corresponding layers of sender and receiver.
• Each layer represents a different activity performed in the actual transmission of a message.
• Each layer serves a separate function.
• Equivalent layers perform similar functions for sender and receiver.
Who can cause security problem?
1. Hacker
2. Spy
3. Student
4. Businessman
5. Ex-employee
6. Stockbroker
7. Terrorist
Network security problem area:
1. Authentication - hacker want to be an autheriza user, so they am this first.
2. Secrecy - In the midle between sender and receiver.
3. Non- repudiation - deal with digital signature.
4. Integrity - Ensure that only authorize user allow to change the data.
Disadvantages of computing network
1. Sharing.
2. Complexity.
3. Unknown paramenter - alot of point on the network that possible to exploite to capture packet.
4. Ananomity - For a big network,we dont even know who at the other point. eg: some one may hack the DNS server before take over the website.
5. Sequrity exposure - Privacy, data integrity, authenticity, convert channel, impersonaty and evesdropping.
Threaten Network
1. Denial Of Service - DOS, DDOS
2. Packet replay - Capture packet that being sent to the AP that using WEP, but it use a lot of time so we use packet replay to dacoy the AP while sniffing the packet without change that packet's content.
3. Packet notification - capture and change the packet's content.
Firewall
A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all (in and out) computer traffic between different security domains based upon a set of rules and other criteria.
Firewalls can be implemented in either hardware or software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
There are several types of firewall techniques:
1. Packet filter: Packet filtering inspects each packet passing through the network and accepts or rejects it based on user-defined rules. Although difficult to configure, it is fairly effective and mostly transparent to its users. In addition, it is susceptible to IP spoofing.
2. Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
3. Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
4. Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.
Function
A firewall is a dedicated appliance, or software running on a computer, which inspects network traffic passing through it, and denies or permits passage based on a set of rules.
It is a software or hardware that is normally placed between a protected network and an unprotected network and acts like a gate to protect assets to ensure that nothing private goes out and nothing malicious comes in.
A firewall's basic task is to regulate some of the flow of traffic between computer networks of different trust levels. Typical examples are the Internet which is a zone with no trust and an internal network which is a zone of higher trust. A zone with an intermediate trust level, situated between the Internet and a trusted internal network, is often referred to as a "perimeter network" or Demilitarized zone (DMZ).
A firewall's function within a network is similar to physical firewalls with fire doors in building construction. In the former case, it is used to prevent network intrusion to the private network.
In the latter case, it is intended to contain and delay structural fire from spreading to adjacent structures.
Without proper configuration, a firewall can often become worthless. Standard security practices dictate a "default-deny" firewall ruleset, in which the only network connections which are allowed are the ones that have been explicitly allowed.
KERBEROS
Kerberos is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner. It is also a suite of free software published by Massachusetts Institute of Technology (MIT) that implements this protocol.
Its designers aimed primarily at a client-server model, and it provides mutual authentication both the user and the server verify each other's identity. Kerberos protocol messages are protected against eavesdropping and replay attacks.
Kerberos builds on symmetric key cryptography and requires a trusted third party. Extensions to Kerberos can provide for the use of public-key cryptography during certain phases of authentication.
DRAWBACK
Single point of failure: It requires continuous availability of a central server. When the Kerberos server is down, no one can log in. This can be mitigated by using multiple Kerberos servers and fallback authentication mechanisms.
Kerberos requires the clocks of the involved hosts to be synchronized. The tickets have a time availability period and if the host clock is not synchronized with the Kerberos server clock, the authentication will fail. The default configuration requires that clock times are no more than 10 minutes apart.
In practice Network Time Protocol daemons are usually used to keep the host clocks synchronized.
The administration protocol is not standardized and differs between server implementations. Password changes are described.
Since all authentications is controlled by a centralized KDC, compromise of this authentication infrastructure will allow an attacker to impersonate any user.
