NETWORKING

NETWORKING

Wednesday, December 31, 2008

Ethernet Medium

Since a signal on the Ethernet medium reaches every attached node, the destination address is critical to identify the intended recipient of the frame.


For example, in the figure above, when computer B transmits to printer C, computers A and D will still receive and examine the frame. However, when a station first receives a frame, it checks the destination address to see if the frame is intended for itself. If it is not, the station discards the frame without even examining its contents.

One interesting thing about Ethernet addressing is the implementation of a broadcast address. A frame with a destination address equal to the broadcast address (simply called a broadcast, for short) is intended for every node on the network, and every node will both receive and process this type of frame.

Ethernet Terminology

Ethernet follows a simple set of rules that govern its basic operation. To better understand these rules, it is important to understand the basics of Ethernet terminology.

  • Medium - Ethernet devices attach to a common medium that provides a path along which the electronic signals will travel. Historically, this medium has been coaxial copper cable, but today it is more commonly a twisted pair or fiber optic cabling.

  • Segment - We refer to a single shared medium as an Ethernet segment.

  • Node - Devices that attach to that segment are stations or nodes.

  • Frame - The nodes communicate in short messages called frames, which are variably sized chunks of information.

Frames are analogous to sentences in human language. In English, we have rules for constructing our sentences: We know that each sentence must contain a subject and a predicate. The Ethernet protocol specifies a set of rules for constructing frames. There are explicit minimum and maximum lengths for frames, and a set of required pieces of information that must appear in the frame. Each frame must include, for example, both a destination address and a source address, which identify the recipient and the sender of the message. The address uniquely identifies the node, just as a name identifies a particular person. No two Ethernet devices should ever have the same address.

ETHERNET

Ethernet is a local area technology, with networks traditionally operating within a single building, connecting devices in close proximity. At most, Ethernet devices could have only a few hundred meters of cable between them, making it impractical to connect geographically dispersed locations. Modern advancements have increased these distances considerably, allowing Ethernet networks to span tens of kilometers.

Tuesday, December 30, 2008

Type of Viruses

There are various types of viruses :

Boot viruses place (some of) their code in the disk sector whose code the machine will automatically execute when booting. Thus, when an infected machine boots, the virus loads and runs. After boot viruses are finished loading, they usually load the original boot code, which they have previously moved to another location, or take other measures to ensure the machine appears to boot normally.
File viruses attach to 'program files' (files containing executable or interpretable code) in such a way that when you run the infected program, the virus code executes. Usually the virus code is added in such a way that it executes first, although this is not strictly necessary. After the virus code has finished loading and executing, it will normally load and execute the original program it has infected, or call the function it intercepted, so as to not arouse the user's suspicion.
Macro viruses are really just a type of file virus, but a particularly 'successful' type. They copy their macros to templates and/or other application document files. Although 'auto macros' were almost exclusively used by early macro viruses (often to ensure the virus' code is the first to execute when infected templates or documents were opened), several other mechanisms are also available - in fact, some of these, such as taking over standard internal functions of the host application (say the 'File Save' command) and installing default event handlers are probably more commonly used these days.
Script viruses also became quite successful around the beginning of this century. This was mainly due to the increase in machines running Windows Scripting Host, which was first installed by default in Windows 98 and 2000 and with Internet Explorer 5.0 and later versions. Representing new types of 'program file', but with icons more like that of 'safe' text files, standalone Visual Basic Script (VBS) and JavaScript (JS) programs became a popular target of the writers of mass mailing viruses.
Companion viruses take advantage of features of the operating system to be executed, rather than directly infecting programs or boot sectors. Under DOS and Windows, when you execute the command 'ABC', the rule is that ABC.COM executes before ABC.EXE (in the rare cases where both files exist). Thus, a companion virus could place its code in a COM file with its first name matching that of an existing EXE file. When the user next executed the 'ABC' command, the virus' ABC.COM program would be run (usually the virus would launch ABC.EXE once its code was finished so as not to arouse suspicion). This is known as the 'execution preference companion' method, but several other forms of companion infection are also possible.

Computer Viruses

About Viruses :

Some viruses display obvious symptoms, and some cause damage to files in a system they have infected. A non-damaging virus is still a virus, not a prank and, other things being equal, viruses without obvious symptoms are more likely to spread further and persist longer than those that rapidly draw attention to themselves.

There are no 'good' viruses, simply because a virus is code that was not intentionally installed by the user. Users must be able to control their computers, and that requires that they have the power to install and remove software; that no software is installed, modified, or removed without their knowledge and permission. A virus is surreptitiously self-installed. It may modify other software in the system without user awareness, and removal can be difficult and costly.

Many viruses cause intentional damage. But many more cause damage that may not have been intended by the virus writer. For instance, when a virus finds itself in a very different environment than that for which it was written, what was intended to be a non-destructive virus can prove very destructive. A good case in point is the boot virus. Few, if any, boot viruses contain code to damage computers running Windows NT however, with many boot viruses, when they infect an NT machine system recovery can be quite tricky.

Even if a virus causes no direct damage to your computer, your inexperience with viruses can mean that damage occurs during the removal process. Many organizations have shredded floppies, deleted files, and done low-level formats of hard disks in their efforts to remove viruses. Even when removal is done perfectly, with no damage to the infected system or files, it is not normally done when the machine is first infected, and the virus in that machine has had a few weeks to spread. The social costs of infection include a loss of reputation and good will. This last point is increasingly significant recently with the rapid increase in network-aware and data stealing viruses.

VIRUSES - About - Threats - Worms - Trojan Horses - Anti Virus

What is Computer Virus:

A computer virus is a program that explicitly copies itself. This may lead to it spreading from machine to machine and is typically done without the user's knowledge or permission. Viruses, by definition, add their code to your system in such a way that when the infected part of the system executes, the virus does also.

NETWORK SECURITY TOOLS

Network security tools include:
Antivirus software packages : These packages counter most virus threats if regularly updated and correctly maintained.
Secure network infrastructure : Switches and routers have hardware and software features that support secure connectivity, perimeter security, intrusion protection, identity services, and security management.
Dedicated network security hardware and software-Tools such as firewalls and intrusion detection systems provide protection for all areas of the network and enable secure connections.
Virtual private networks : These networks provide access control and data encryption between two different computers on a network. This allows remote workers to connect to the network without the risk of a hacker or thief intercepting data.
Identity services : These services help to identify users and control their activities and transactions on the network. Services include passwords, digital certificates, and digital authentication keys.
Encryption : Encryption ensures that messages cannot be intercepted or read by anyone other than the authorized recipient.
Security management : This is the glue that holds together the other building blocks of a strong security solution.

NETWORK SECURITY TREAT

Threats to network security include:

Viruses : Computer programs written by devious programmers and designed to replicate themselves and infect computers when triggered by a specific event
Trojan horse programs : Delivery vehicles for destructive code, which appear to be harmless or useful software programs such as games
Vandals : Software applications or applets that cause destruction
Attacks : Including reconnaissance attacks (information-gathering activities to collect data that is later used to compromise networks); access attacks (which exploit network vulnerabilities in order to gain entry to e-mail, databases, or the corporate network); and denial-of-service attacks (which prevent access to part or all of a computer system)
Data interception : Involves eavesdropping on communications or altering data packets being transmitted
Social engineering : Obtaining confidential network security information through nontechnical means, such as posing as a technical support person and asking for people's passwords

NETWORK SECURITY MANAGEMENT

What is network security all about

The networks are computer networks, both public and private, that are used every day to conduct transactions and communications among businesses, government agencies and individuals. The networks are comprised of "nodes", which are "client" terminals (individual user PCs) and one or more "servers" and/or "host" computers. They are linked by communication systems, some of which might be private, such as within a company, and others which might be open to public access. The obvious example of a network system that is open to public access is the Internet, but many private networks also utilize publicly-accessible communications. Today, most companies' host computers can be accessed by their employees whether in their offices over a private communications network, or from their homes or hotel rooms while on the road through normal telephone lines.

Network security involves all activities that organizations, enterprises, and institutions undertake to protect the value and ongoing usability of assets and the integrity and continuity of operations. An effective network security strategy requires identifying threats and then choosing the most effective set of tools to combat them.

Monday, December 29, 2008

ipv6 addresses

The rapid exhaustion of IPv4 address space, despite conservation techniques, prompted the Internet Engineering Task Force (IETF) to explore new technologies to expand the Internet's addressing capability. The permanent solution was deemed to be a redesign of the Internet Protocol itself. This next generation of the Internet Protocol, aimed to replace IPv4 on the Internet, was eventually named Internet Protocol Version 6 (IPv6)[3] The address size was increased from 32 to 128 bits (16 bytes), which, even with a generous assignment of network blocks, is deemed sufficient for the foreseeable future. Mathematically, the new address space provides the potential for a maximum of 2128, or about 3.403 × 1038 unique addresses.

ipv4

IPv4 uses 32-bit (4-byte) addresses, which limits the address space to 4,294,967,296 (232) possible unique addresses. However, IPv4 reserves some addresses for special purposes such as private networks (~18 million addresses) or multicast addresses (~270 million addresses). This reduces the number of addresses that can be allocated as public Internet addresses, and as the number of addresses available is consumed, an IPv4 address shortage appears to be inevitable in the long run. This limitation has helped stimulate the push towards IPv6, which is currently in the early stages of deployment and is currently the only offering to replace IPv4.

IPv4 addresses are usually represented in dot-decimal notation (four numbers, each ranging from 0 to 255, separated by dots, e.g. 208.77.188.166). Each part represents 8 bits of the address, and is therefore called an octet. It is possible, although less common, to write IPv4 addresses in binary or hexadecimal. When converting, each octet is treated as a separate number. (So 255.255.0.0 in dot-decimal would be FF.FF.00.00 in hexadecimal.)

ip address

An Internet Protocol (IP) address is a numerical identification (logical address) that is assigned to devices participating in a computer network utilizing the Internet Protocol for communication between its nodes.[1] Although IP addresses are stored as binary numbers, they are usually displayed in human-readable notations,such as 208.77.188.166 (for IPv4), and 2001:db8:0:1234:0:567:1:1 (for IPv6). The role of the IP address has been characterized as follows: "A name indicates what we seek. An address indicates where it is. A route indicates how to get there." [2]

The original designers of TCP/IP defined an IP address as a 32-bit number[1] and this system, now named Internet Protocol Version 4 (IPv4), is still in use today. However, due to the enormous growth of the Internet and the resulting depletion of the address space, a new addressing system (IPv6), using 128 bits for the address, was developed (RFC 1883).

IPV6 and IPV4

IPv6 is short for "Internet Protocol Version 6". IPv6 is the "next generation" protocol designed by the IETF to replace the current version Internet Protocol, IP Version 4 ("IPv4").

Most of today's internet uses IPv4, which is now nearly twenty years old. IPv4 has been remarkably resilient in spite of its age, but it is beginning to have problems. Most importantly, there is a growing shortage of IPv4 addresses, which are needed by all new machines added to the Internet.

IPv6 fixes a number of problems in IPv4, such as the limited number of available IPv4 addresses. It also adds many improvements to IPv4 in areas such as routing and network autoconfiguration. IPv6 is expected to gradually replace IPv4, with the two coexisting for a number of years during a transition period.

Sunday, December 28, 2008

NETWORK PROTOCOL

Network protocol analysis

A protocol is defined as a standard procedure for
regulating data communication between computers. Protocol analysis is the
process of examining those procedures. The way we go about this analysis is
with special tools called protocol analyzers. Protocol analyzers decode the
stream of bits flowing across a network and show you those bits in the structured
format of the protocol. Using protocol analysis techniques to understand
the networking procedure

Sunday, December 21, 2008

OSI Layer and TCP/IP Layer


Data Communication:

OSI layer and TCPIP layer Table.

All data communication occurred based on OSI Layer to ensure that all devices on the net could communicate with each others.

Network admin should familiar with this layer in order to understand the process of data communication network.