1.3.3 Networks

Subdecks (1)

Cards (51)

  • LAN is the name given to a network which is spread over a small geographical area or single site, for example: a school. All connections are operated by the organisation and on average it is more secure than a WAN.
  • A WAN is the name given to a network which is spread over a large geographical area. Large corporations with multiple offices may want a WAN. It uses third party connections and is less secure than a LAN. 
  • Advantages of using a LAN include: communication between devices, monitoring of user activity, can share peripherals and software, makes it easier to backup/edit/share/add files and software.
  • Disadvantages of using a LAN include: if hardware fails, the network may not function properly or even at all, networks are more prone to attacks than standalone computers, access to data and peripherals can be slow depending on network traffic when compared to locally stored data and locally connected peripherals and maintenance - LAN networks require maintenance to ensure that software is up to date. Upgrades and backups can be costly.
  • IP addressing
    IPV4 - 4 bytes, 2^32 combos but many are reserved for special use and the manner in which address space was chunked off the internet meant that they were not equally distributed.
    → dot separated decimal 231.197.0.45
    IPV6 - 16 bytes (128 bits) and written in hex (each 4 bits)
    2001:0db8:85a3:0000:0000:8a2e:0370:7334
  • Hub: joins computer together in a network, requires packets, broadcasts packets to all attached devices, fairly dumb
    → snooping: breaks privacy regulation
    → slows the network down: overloads it with unnecessary traffic, makes it harder for other devices to send and receive their packets, reducing available bandwidth.
    • Cheap and easy to implement. 
  • Switch: a switch is a device used to direct the flow of data across a network and joins computers together in a network.
    1. Receives packets
    2. Forwards packets to recipients using destination address
    3. More intelligent than a hub 
    • Minimising snooping
    • Minimising bandwidth used 
    • More expensive to put in place
  • Modem:
    Connects computer to phone network.
    • Stands for MODulator or DEModulator
    • Converts digital signals to an analogue format. 
    • Slowlow data transmission rates
  • WAP:
    • Hardware that allows wireless devices to access the network. 
    • WAP connects to the wired network.
    • Can be slower.
    • More convenient.
  • Routers: a router is used to connect two or more networks together. Routers allow private, home networks to connect to the internet. E.g Your LAN to your ISP. They use different protocols and the router deals with that. Passes data between two networks. The act of traversing between one router and another across a network is referred to as a hop.
    • The job of a router is to read the recipient’s IP address in each packet and forward it onto the recipient using the fastest route available, found through the routing algorithm.
  • Bridge: 
    • Connects 2 or 4 LANs together to make a larger network.
    • Controls flow of data between the network segments.
  • Gateway:
    • If protocols differ between networks, a gateway is used rather than a router to transfer data between them. All header data is stripped leaving only the raw data and new data will be formatted in the new format of the network.
  • Network interface card (NIC)
    • NIC, or network adaptor, connects computers to the network.
    • Houses the part of the network cable plugs into.
    • Can also be wireless.
    • MAC addresses used at lower level in NIC (assigned to the NIC)
  • Firewall
    • Sits between a LAN and the internet.
    • Uses rules to filter/block packets so that only allowed data gets through.
    • Can allow/deny based on IP address or port or content.
    • Can prevent attacks on the network.
    • Can limit data exfiltration (sneaking data out)
  • An IP address is an address assigned by protocol.
    A port is a service number which can receive data for a program, depending on type e.g new email to Outlook instead of Google Chrome. → number for each port/app.
  • Server
    A machine on a network with a specific responsibility. 
    • File server: stores all the user files on a network. 
    • Print server: in charge of spending jobs on printers.
    • Web server: stores web pages and serves them to clients.
    • Database server: stores multiple databases and processes database requests from users.
  • Proxy servers:
    • A proxy server on a LAN fulfils 3 functions:
    • Acts as a cache for web pages that have been requested by machines inside the LAN. This speeds up access to pages.
    • Acts as a gateway for external web requests. Machines on the LAN request web pages but the request appears to come from the proxy. This hides the structure of the LAN by restricting knowledge of IP addresses from inside the LAN.
  • Connections
    • Cables: coaxial, UTP cat 6, fibre optic (not susceptible to electromagnetic interference)
    • Wireless
    • Satelite
  • Packet vs circuit
    Circuit switching establishes a physical circuit between source and destination that exists for the duration of the data transmission. 
    Packet switched networks are fairer, more robust and more secure (it is impossible to intercept packets as they use different routes). Each channel is only used for a short amount of time using less overall bandwidth.
    They can be faster, but bear in mind extra data overload of all header information and time to determine routing at each step. 
  • Packet switching
    1. Data is split into equal sized blocks (called packets)
    2. Each packet has a header (including destination address and packet sequence number) and a payload containing the information of the data itself.
    3. Each packet is placed on the network and may travel by a different route.
    4. The best route is found
    5. Packets may need to be reordered back into the correct sequence at the destination - they may not be received in the same order.
  • Packets
    A message is split into several smaller parts called packets, each of which is routed independently through the network.
    Each packet contains:
    • Payload (original data or part of it)
    • Header data (also known as metadata) such as:
    • Address information - source & destination 
    • Error checking
    • Sequence number (e.g 2 of 7)
  • Protocols
    A protocol is a set of rules that governs or communicates transmission of data on a network.
    Protocol stack:
    A series of protocols that work together to achieve a desired result.
    Each protocol:
    • Is responsible for one part of the process.
    • Interfaces with the protocols above and below it in the stack.
    Standards
    • Defacto: overtime some systems become popular and become the standard way of doing things.
    • Dejure: Standards that have actually been decided upon as being the official way to do something.
  • Protocol stack benefits
    • Each layer focuses on one particular element of the overall design and hence is limited in its scope and should be easy to program/maintain as a result.
    • Each layer can be debugged or even entirely replaced without affecting network functionality as long as the interfaces to neighbours are kept the same. 
    • A networked application can be programmed without having to know what network environment it’ll be operating.
  • TCP/IP Stack and protocol layering
    Stands for Transmission Control Protocol/Internet Protocol. A stack of networking protocols that work together passing packets during communication
  • At the receiving end, the MAC address is stripped off by the link layer which passes the packets onto the network layer, where the IP address is stripped off where the transport layer then re-assembles the packets and removes the port numbers and the application layer presents the data for the user.
  • Protocols
    • SMTP - Simple Mail Transfer Protocol
    • DHCP - Adding device to network
    • HTTP - HyperText Transfer Protocol (can also include +S for Secure)
    • POP - Post Office Protocol
    • TCP - Transmission Control Protocol
  • URL - Uniform Resource Locator
    3 parts: protocol://machine.subdomain.domain/path
    https://docs.google.com/document
    https://europarl.europa.eu/portal/bg
    https://careers.moorlandview.page/whats-next
  • DNS - Domain Name System
    • The domain name system converts domain names to IP addresses.
    • Words are easier to remember than numbers, everytime a domain is searched a number has to be looked up.
    • Needs to do this before contacting a web server to request a page, as machines on a network are always addressed numerically.
  • DNS Steps
    1. URL entered: e.g www.colchsfc.ac.uk
    2. Browser requests DNS lookup from DNS service on local computer.
    3. DNS service asks external DNS servers for IP addresses.
    4. Top level domain (TLD) authoritative name server (.eu, .page, .uk)
    5. Second level domain (ac.uk)
    6. Domain (colchsfc.ac.uk)
    7. Server returns IP address to DNS server.
    8. DNS service passes IP address to browser.
    9. Browser can use IP address to contact web server.
  • Network security & threats
    A firewall is a device designed to prevent unauthorised access to a network. A firewall consists of two network interface cards (NICs) between the user and the Internet. The firewall passes the packets between these two NICs and compares them against a set or rules set by the firewall software. The preconfigured rules are called packet filters. Packet/static filtering limits network access in accordance with administrator rules.
  • A proxy server acts as an intermediary, collecting and sending data on behalf of the user. There are several benefits of using proxies:
    • Privacy of the user remains anonymous.
    • The proxy server can cache frequently used website data making it faster to load.
    • Proxies can reduce overall web traffic.
    • Can be used by administrators to prevent access to sensitive or irrelevant information at work or at school.
  • Encryption converts data into an unreadable format, so it protects it if intercepted as a key is needed to decrypt it.
  • Threat sources
    • Natural
    • Man-made
  • Natural hazards
    • Can't be controlled
    • Can be controlled
  • Technological hazards
    • Can be planned for
    • Can be mitigated
  • How you deal with man-made threats will depend on the technology involved
  • Threat sources
    • Accidental
    • Deliberate
  • Accidental damage
    • Not targeted at weak points
    • Hopefully reported as soon as it happens
  • Company policies
    • Educate workforce in good practice
    • No-blame culture
    • Encourage early reporting
    • Enable prompt remedial action
  • Preventative measures aim to stop an attack having any impact.
    Detection measures aim to discover an attack/unwanted event.
    Recovery measures aim to minimise the effect an attack has and get the system working again as soon as possible.